Hacker Releases Purported PS3 Root Key – UPDATED
When we wrote our initial post on the subject, we contacted Sony for a statement. After just over a day, we recieved the following terse statement from their Public Relations team:
“We are investigating the news and have nothing to comment at this point in time. “
We’ll concede that, sure, this non-statement could be an indication that they’re not going to really do anything. But do we really believe that they’re not going to be thoroughly exhausting all options? I don’t, especially since, and I know I’m a broken record on this, but especially seeing as how Microsoft almost destroyed Matthew Crippen’s entire life over this kind of thing. We’d have to believe Sony exists in some kind of magical fantasy world apart from the way business is practiced by every company on Earth to simply assume they don’t care.
Either way, we’ll obviously be keeping our eyes out for anything more substantial from Sony. And, of course, for proof that the Root Key is legit.
ORIGINAL Post, 12/03/2010.
Huge news for everyone who owns a PS3. Celebrated hacker George Hotz, AKA geohot (who was instrumental in cracking the iPhone and who, just to make you feel really old, was born in 1989) made Sony wince yesterday by posting what he claims is the metldr key for the PlayStation 3 on his personal site. Accompanying this potentially Sony-shattering news was the following message:
props to fail0verflow for the asymmetric half no donate link, just use this info wisely
i do not condone piracy
Smart kid to be sure, but it gets better:
if you want your next console to be secure, get in touch with me. any of you 3.
it’d be fun to be on the other side.
Click that link above to see the key for yourself.
Meanwhile, that’s pretty goddamned ballsy, as resume cover letters go. (In fact we can think of only one better, off the top of our heads). But before Sony considers his offer, they’re probably consulting their lawyers who, no doubt, are currently dropping like flies from strokes as I type this. Because the fact is, no matter how you spin this, if Geohot is correct and this actually is the PS3 root key, then as Kotaku points out, Sony’s kind of F’d with this.
Here’s why: to oversimplify things way too much, the metldr (root) key is a program that allows software to interact with specific hardware. Like knowing the password to get into the castle at night. It’s why you can’t play Wii, Xbox 360, even PS2 games on your PS3, or make your own PS3 compatible game. However, if you were to insert this key into the game (via that game’s source code), then burn that game to disc, assuming you do everything right, the hardware would recognize the game as authorized. Voila! Instantly feel like you work for Ubisoft!
Better still, since you didn’t actually mod the machine, there’s no way to detect if you’ve been making use of the key. And worst of all (for Sony), there’s very little that can be done. Sure, Sony could try releasing a firmware update to change the key on all current consoles, but assuming that would actually work, it would also instantly render all games currently using the old root key inaccessible. That would kill this particular kind of PS3 piracy deader than disco, but would also seriously inconvenience (to put it mildly) their millions of legitimate customers. Furthermore, it would likely impose a significant financial cost on them, one they probably wouldn’t be able to cope with for a long time.
While it’s doubtful they’d be willing to recompense Playstation 3 owners for the games they already have in their homes, you can bet your entire house that the lamestops and best lies and other places currently carrying their wares will be treating a root key change like the massive recall it most certainly would be, and subsequently shipping their now-useless copies back to their makers, and Sony (and their second party and subsidiary developers) would be taking the world’s largest bath on their current stock.
A possible solution would be to take this action and release DLC that would allow older copies of legitimate games to play, similar to Xbox games on the 360, though it might be time consuming and it’s likely they wouldn’t be ready for all games fast enough to make the effort matter. My guess is that their only option is to change the root key for the next version of PS3 console and suck it up until then. For all intents and purposes, Freak Geeks put it best: Playstation 3 ismight be hacked for good!
This doesn’t have to be a bad thing. There are plenty of legitimate, non-piratey things one can do with this information. For instance, authorized indie games, or even homebrew games. While GameFront (and myself) would never condone piracy in any form, the possibility that this information might spark the development of indie content for PS3 use is very, very exciting.
However, this definitely has staggering legal implications. As we’ve seen with Microsoft, Console makers are going to do everything they can to secure control over how their IP is used right up until the moment the Library of Congress finally realizes that console modding and other, similar uses of legitimately purchased Hardware are functionally equivalent to Jailbreaking. However that battle plays out, guaranteed that Sony now has a much bigger dog in the fight.
NOTE: Discussion with a programmer friend of mine, who insists he does NOT know anything about PS3 software, yields this: it might be easier than we think for Sony to get around this. In layman’s (I.E., me) terms, it depends on whether or not they planned for this contingency.