Ripples in the Pool: The Long-Term Implications of the PS3 Hack

By now, every single person on the internet is well aware of the release of the PlayStation 3′s root keys. The guy responsible, George Hotz (aka Geohot), is the same fellow who brought us the jail break for iPhone.

“What’s the big deal?” some people might ask. To answer that, it’s necessary for us to first explain what a root key is. At its most basic, a root key is a specific string of characters used to authenticate all PS3 software as being produced by Sony. If a piece of software doesn’t have the root key, your PS3 knows it isn’t legit. The release of this key, the very core of the PS3′s security, is a devastating blow to Sony, and one that could spell the end of the platform as a whole.

I can hear the supporters of this guy out there right now, screaming, “This doesn’t even let people run pirated games!” While that may or not be true (I certainly haven’t tested it), no one can argue that this places the tools for pirating, hacking, and all sorts of other nefarious activities into the hands of those who have been longing to do exactly that. As I have said before, it’s like giving a heroin addict a box of needles and a pound of smack and asking him not to use any. It just ain’t gonna happen. Every time a console has had its protection cracked, piracy has been the result.

Yeah, I see you waving your hand. You’re saying that this doesn’t hurt anything, it’s just allowing people to use their consoles however they want, which is part of ownership, right? Sony should never have removed OtherOS, right? Forget for a minute that the only reason it was removed was that people were attempting to use that functionality to bypass the console’s security, and riddle me this, Batman: Which right of ownership allows you to destroy the integrity of Sony’s online service?

Reports are pouring in that the PS3 version of Modern Warfare 2 is overrun with hackers and exploiters. Already we’ve seen Robert Bowling of Infinity Ward say that, “Games rely on the security of the encryption on the platforms they’re played on, therefore; updates to the game through patches will not resolve this problem, unless the security exploit itself is resolved on the platform.” Basically, he’s putting it on Sony’s head, and quite rightfully so. No matter what Infinity Ward might do, the PS3 sees these hacks as legitimate software (because they’ve got the proper root key), so it will continue to run them.

If you’re playing Modern Warfare 2, you can expect to see folks using aimbots and wallhacks out there. You will likely also see folks altering clan tags, unlocking content, and doing just about anything else they want to. Now, get this: It isn’t just MW2 that’s affected. It’s every single game on the console. Sony has pledged to fix this, but there seems to be general disagreement on whether or not they can close this hole through firmware upgrades.

Furthermore, it’s still up in the air whether or not Sony can permanently remove these lovely folks from PSN. There are hacks out there (we won’t be linking to them) that allow the console’s ID to be changed. While Sony appears to use a whitelist method to validate PSIDs, if an unscrupulous individual gained access to a list of valid PSIDs, he could be virtually unstoppable for Sony, unless they devise an additional check that will block the console’s access.

While all of these things are being discussed around the web, there’s one thing no one seems to have thought of yet: the future implications of this action. You see, consoles and videogame systems have been a fairly secure platform to play games on for a while. Sure, there are consoles floating around with mod chips in them, but those historically have been a fairly small number, and they don’t affect anyone other than the console owner. If you torrent an XBox 360 game and play it, you’re stealing from the game developer, but you’re not going online and ruining the game that everyone else actually paid for.

Now, Sony is looking at a situation where their flagship console could be rendered all but useless for online play. Speculation is that they would need to issue a recall to replace hardware in every single system. Not only is it a logistics nightmare, but the cost of it would be staggering. More importantly, it might not even be effective. After all, there is a ton of software already out there that is imprinted with the existing root key, and that all has to work, too. You can bet that they are already planning for their next console, and now the security on it is going to be more robust than anything we’ve ever seen.

We don’t pretend to have any knowledge of anything Sony is working on, but I wouldn’t be surprised to see copy protections requiring at least regular online authentications of software. Perhaps you’ll have to be connected to the internet to play your console games. Maybe something even worse that I can’t think of right now. Remember, once you get burned, you tend to overprotect against getting burned a second time.

So this little incident will have some far-reaching repercussions. Don’t think that Microsoft isn’t watching this closely while they scramble in their security department to make sure it doesn’t happen to them as well. It seems small, but this sort of incident could shape the next generation of consoles. Scary, huh?

Let’s hope it’s not as bad as all that. Let’s hope that Sony can close up the security holes generated by this devastating hack. If not, let’s at least agree that when the PlayStation 4 with Gestapo-like security is released, we won’t complain to Sony about it. Instead, we can send all the complaint emails to Mr. Hotz. After all, he worked hard to earn them.

Join the Conversation   

* required field

By submitting a comment here you grant GameFront a perpetual license to reproduce your words and name/web site in attribution. Inappropriate or irrelevant comments will be removed at an admin's discretion.

27 Comments on Ripples in the Pool: The Long-Term Implications of the PS3 Hack

Ross Lincoln

On January 18, 2011 at 2:37 pm

Scary stuff. The question is, will console camgers put up with being royally inconvenienced? Most people will probably resent having to be online to play. I know it would change my shopping habits considerably.

DeathStrikeVirus

On January 18, 2011 at 3:23 pm

Using Modern Warfare 2 as an example of being over run by hackers is a horrible mistake since MW2 was being hacked and exploited in an enormous way before the system was ever hacked.

I’m not saying I support the hacker, but I do NOT support Sony. To buy a product and then have features that were advertised taken away is illegal. I’m sorry, but Sony is equally in the wrong here and bringing this mayhem on themselves.

Wastelander89

On January 18, 2011 at 5:13 pm

I don’t play online anyway and I got a 360 so horray i don’t have to put up with this crap

Jake Morgeson

On January 18, 2011 at 5:22 pm

I, for one, am glad I don’t own a PS3 so I don’t care and it was about time for it to get hacked anyway… Also the xbox 360 has the same exact problem with JTAGs so…

Garyn Dakari

On January 18, 2011 at 6:17 pm

I never play online or on consoles.

D_K_night

On January 18, 2011 at 6:31 pm

Yes, I agree this will have astounding implications.

Why would I want to play online on a console that’s a haven for thieves, bandits and ninjas? MW2, aimbots and wallhacks are just the beginning. Who’s to say that, when I play SF4, someone wouldn’t be able to hack THAT game apart too? 1-button fireballs and uppercuts anyone? Throws that are instantly countered, maybe even 1 hit death moves?

It is a guarantee that the most popular games WILL be hacked into oblivion, with trainers, infinite lives/energy, all the cheats that were never possible before, completely and expectedly so. So this root key was discovered and found to be exactly one and the same across all Sony products? I hate to say this, but are Japanese designers simply not very good with Security?

This is not intended to be a racist remark. It is intended to how highlight how, in Japan’s work culture of “show up first, last to leave” to give the appearance of hard work and endless uncompensated overtime, that they simply don’t have the creativity and mindset to implement proper security on their consoles?

It’s going to go the way of online authentication for sure. Only single-player type games won’t require it, eg. RPG games. And it’s precisely those single player titles which will be pirated to hell and back, with scarcely a dime paid to the developers, who in turn will be laid off and out on the street, without a means to feed themselves or their families.

Guys let’s not be naive. Those of you who say “oh i won’t buy anything that requires online authentication” are being stingy and picky without realizing the true meaning behind the REASONS for why things are, the way they are. Stop thinking solely just about yourself. Think about others who develop games in order to put food on the table.

People stated that PC Gaming is dead. It is – except for the games that require online authentication and support online play.

Console gaming? It’s going to head this way too. All this talk about “it’s MY console, therefore MY business to do what I WANT” – you are truly digging your own selfish grave. Now lie in it.

People just need to realize that, defying something for it’s own sake, justifying and rationalizing why everything should be free…all corporations are evil profit-driven entities…the little man must stand up to them by cheating and stealing…this is what things have come to.

D_K_night

On January 18, 2011 at 6:31 pm

Yes, I agree this will have astounding implications.

Why would I want to play online on a console that’s a haven for thieves, bandits and ninjas? MW2, aimbots and wallhacks are just the beginning. Who’s to say that, when I play SF4, someone wouldn’t be able to hack THAT game apart too? 1-button fireballs and uppercuts anyone? Throws that are instantly countered, maybe even 1 hit death moves?

It is a guarantee that the most popular games WILL be hacked into oblivion, with trainers, infinite lives/energy, all the cheats that were never possible before, completely and expectedly so. So this root key was discovered and found to be exactly one and the same across all Sony products? I hate to say this, but are Japanese designers simply not very good with Security?

This is not intended to be a racist remark. It is intended to how highlight how, in Japan’s work culture of “show up first, last to leave” to give the appearance of hard work and endless uncompensated overtime, that they simply don’t have the creativity and mindset to implement proper security on their consoles?

It’s going to go the way of online authentication for sure. Only single-player type games won’t require it, eg. RPG games. And it’s precisely those single player titles which will be pirated to hell and back, with scarcely a dime paid to the developers, who in turn will be laid off and out on the street, without a means to feed themselves or their families.

Guys let’s not be naive. Those of you who say “oh i won’t buy anything that requires online authentication” are being stingy and picky without realizing the true meaning behind the REASONS for why things are, the way they are. Stop thinking solely just about yourself. Think about others who develop games in order to put food on the table.

People stated that PC Gaming is dead. It is – except for the games that require online authentication and support online play.

Console gaming? It’s going to head this way too. All this talk about “it’s MY console, therefore MY business to do what I WANT” – you are truly digging your own selfish grave. Now lie in it.

People just need to realize that, defying something for it’s own sake, justifying and rationalizing why everything should be free…all corporations are evil profit-driven entities…the little man must stand up to them by cheating and stealing…this is what things have come to.

Sherman

On January 18, 2011 at 7:01 pm

I like that consoles are being hacked. Hopefully they won’t be nearly as profitable in the future and gaming will go back to its roots where it belongs, on the PC. Game’s don’t get better on consoles, they just keep selling the same game over and over. COD for instance hasn’t actually made any gameplay improvements since COD4, and there’s two different developers making them ffs.

Garyn Dakari

On January 18, 2011 at 7:14 pm

@D_K_night
“Those of you who say “oh i won’t buy anything that requires online authentication” are being stingy and picky without realizing the true meaning behind the REASONS for why things are, the way they are.”

Then there are those of us who DON’T HAVE INTERNET on our gaming/modding computer. Like me.

What?

On January 18, 2011 at 7:55 pm

This article is just riddled with missinformation. The PS3 is not different to other gaming platforms and even though it’s cracked, developers — if they can justify the effort — can implement their own solutions to curb cheating.

This isn’t a deathnell for PS3, it just makes the PS3 more like the PC. The PC is not hardware locked and insecure and developers and communities have created many ways at preventing hacking and cheating.

Modern Warfare 2 is only so screwed because of it’s silly “listen server” multiplayer model. If they offered dedicated servers like Black Ops does, it would be much simpler to implement punkbuster style features. Basically MW2 is only so boned because IW wanted to have too much control over the players and it has now bit them in the ass.

Other games will be fine as long as the developers take the lack of hardware security into consideration. Look at yesterday’s Portal 2 announcement. Valve know what they’re doing. Hooking Portal 2 PS3 up with Steam will mean they can use their existing Anti-Cheat functionality.

Stupid article is stupid. The only long-term impact this will have is the rampant piracy — a factor that didn’t stop the Xbox 360 from outselling the PS3 in 2010.

Raan_Amano82

On January 18, 2011 at 8:59 pm

I just always think it’s funny how some of the diehard console gamers constantly proclaim, “PC gaming is dead,” when their beloved console is designed to mimic PCs in nearly every way.

TheMAXX

On January 18, 2011 at 9:38 pm

What? has it right. PCs aren’t locked down so it is up to the game to ensure it hasn’t been messed with. Updates for all the games that matter will fix this. I don’t think Sony will be able to fix the security hole outside of new machines (check out the presentation by the hacker group fail0verflow who discovered the PS3′s vulnerabilities. It is very funny and informative 45 minutes of epic fail on Sony’s part. find it on youtube.)

Maybe the PS4 will come sooner because of this and feature a similar architecture (cell CPUs are made to work together so scaling up should work great). This would also make it easier for developers to move to a new system since they wouldn’t have to learn an entirely new architecture. More likely Sony will have to push out new firmware updates as fast as possible and try to stay ahead of the hacked versions. Maybe they’ll come to require steam for all their on-line games 8-).

Orochi_Kyo

On January 18, 2011 at 9:49 pm

Sorry but problems with hacking a ps3 system and hackers running wild through online games have nothing to do with each other, then STARCRAFT BW and STARCRAFT 2 is full of cheaters cause the game doesnt run in a “encrypted” system like PS3? NOT, Actually Blizzard install systems to detect and kick hackers, all we know there is always a window that remain open but Blizzard is betting a lot on his new bnet system and they are checking every day for this possibles “windows”. But What makes most of the companies that makes games for this crappy console? “Well, this is the game, we hope you enjoy it” then let a small crew managing online servers so hackers and cheaters are all the day roaming through games. And about putting “food on the table” What about companies like Capcom that makes a game then make the same game one year later with 4 o 5 players else or one or two stages more but they sell it as a brand new game? That is and you know it, at last theres nothing I respect about PS3 except its linux based system.

Luther

On January 19, 2011 at 12:18 am

MW2 has always had hackers, maybe its a little more easy to get them working but look at what the pc owners had to deal with and will always deal with. I’m putting the makers of the game more at fault then anyone.

Chris

On January 19, 2011 at 1:55 am

Err, this happened because sony violated the basic operating rules of using encryption, using a static seed value when they signed stuff.

So all they have to do to make the PS4 secure is not be completely stupid, follow the correct encryption procedure and use a random seed value whenever they sign anything.

Mon

On January 19, 2011 at 2:40 am

Is Sony still loosing money with PS3 hardware?
Curious timming for the PS3 hack.

No

On January 19, 2011 at 4:50 am

you dont need a jailbroken ps3 to hack mw2. u need a save file

Stupid article is stupid.

Brandon

On January 19, 2011 at 7:55 am

All you morons who are arguing over which is better need to grow the up. Gaming is gaming. Get over yourselves. People like console gaming because it’s more affordable and you don’t have to sit in a computer chair hours on end hurting your back. And people like PC gaming because of the customization and because PCs can look really cool. So just shut the hell up and enjoy gaming.

name

On January 19, 2011 at 8:16 am

if sony had never decided to remove otheros this probably would never have happened. cudos to those corporate idiots for that decision!!!! good luck fixing this and if they somehow do our man geohotz will just crack whatever they throw in. face it sony – GAME OVER!!!

carlos

On January 19, 2011 at 8:52 am

What’s all the fuzz about ? PS3 is a waste of money, I do not care what SONY does with it, I love X[]O

KevinC

On January 19, 2011 at 9:09 am

Looks like my PS3 will be heading for the recycling bin if Sony dont sort out a V.360 Firmware Update for it soon.!! Hackers and Pirates are a pain in the arse!!

Ned

On January 19, 2011 at 2:16 pm

As a Sony fan since the original Playstation, I’m scared. I don’t play games online, so this won’t effect me personally unless Geohot personally brings down the company. I’m truly afraid that he might succeed.

Tom Ato

On January 19, 2011 at 3:50 pm

This article was obviously written by an uneducated moron. Claiming this will be the end of the PS3 is the most retarded thing anyone’s ever said, the 360 was hacked wide open just 2 weeks after it’s launch but was that the end for the 360???

Hackers on Xbox LIVE have been ruining games for years (Just look at Gears Of War 2) and giving themselves infinite Achievement points. then again, who cares? 360 is and a waste of money – bad graphics and no exclusive games so I don’t care WHAT they do with it. PS3 is for REAL gamers, 360 is for poor people.

Chris

On January 19, 2011 at 6:25 pm

Good article. I just got rid of my 360 because I owned a PS3 already and didn’t have time for both consoles. I chose PS3 for free online play (I don’t play Call Of Duty) the better exclusives, etc and now this happens. I really wanted to support the PS3 to further get more improvements and content in the future. Now I want to punch this evil computer genius in the face. Thanks GeoHot!

And let me get this straight – This guy and others like him, might cause companies to loose lots of money, could end up laying off workers in this difficult economic climate and his punishment is going on G4?

name

On January 20, 2011 at 10:02 pm

This article has some relevant points in it, but it is intermixed with fallacies (ie. you are not stealing when you torrent a game, you are infringing on the developer’s monopoly rights). Readers would do well to read up on all the relevant facts to be sure.

Sony had a good thing going for a while. OtherOS was the greatest anti-piracy measure ever devised. It actually made hackers like failoverflow not want to bother cracking the security. OtherOS was so good at preventing piracy that the laughably bad implementation of all the rest of the security went undetected for years. It’s like having a guard dog so good that no one even notices that there are man-sized holes in your fence. The only in the OtherOS armor was that the hypervisor limited access to some of the hardware. It was this in the armor that aroused GeoHot’s attention. Of course, Sony’s reaction was to strip off the armor altogether, and the rest of the security came crashing down.

The worst-case scenario will be as this article describes. Sony will adopt ever more draconian measures to try to close their systems, attracting ever more talented people to hack them open. The end result will be a diminishing community of legitimate users hampered and inconvenienced by the “security”, while pirates and hackers enjoy a superior experience because they simply bypass the security.

The best-case scenario will be that Sony learns its lesson and releases the PS4 with a real OtherOS feature that can access all the relevant hardware. Judging by how they handled this debacle, though, I doubt that this scenario will come to pass.

D_K_night

On January 21, 2011 at 10:17 am

@Garyn Dakari

“I don’t have Internet”

…then how did you post on these forums?

D_K_night

On January 21, 2011 at 10:27 am

Basically it’s very simple. The article is fearing that, because of what happened, we’re going to be ever more stringent controls and anti-hack measures, many of which would inconvience the consumer, such as requirements to login and authenticate online, even to play a single-player game.

Seriously let’s not be naive about this. But there are those of you people who stop at nothing to justify piracy, using awful reasons such as:

“it’s not my fault the system’s so easy to hack, so why shouldn’t I”
“it’s not my fault the free game is sitting on a torrent, why shouldn’t I download it”
“it’s not my fault I don’t have money, why should I buy when I can get for free”