VHBL for Motorstorm: how the release really happened, and why it happened that way
Many people have doubted my plans for the release of VHBL, and I’ve received a good share of insults when VHBL was not available exactly on February 22nd for public consumption. As a matter of fact, the release of VHBL had started on February 21st, but some people didn’t see what was happening…
When Teck4 announced he had a running hello world on the PSP Emulator of the Vita back in December, I quickly contacted him (thanks to the help of mamosuke) in order to offer my help porting HBL to this exploit. Quickly, it was obvious to all of us that as soon as the exploit would be made public, Sony would at least remove the game from the store, and possibly patch it before putting it back. Previous history with the mercury exploit showed us that when they have access to the exploit, Sony was extremely fast to remove the game from their store (approx. 1h between the release of the Mercury exploit files and the game being removed from the store). In addition to that, the possible spying through the CMA and the crash log on the vita made it dangerous to even share/run our work in progress.
Therefore came the question: how to make such an exploit useful to as many people as possible without Sony removing the vector of the attack super fast? Publicly announcing the exploit and giving away the files at the same time was a no go, we knew (or thought we knew) from experience with the Mercury exploit that sony would react quickly. In addition, assuming Sony monitors the sales of their games, revealing the game to thousands of people at once might have triggered alarms on their end, giving away the name of the game.
Our conclusion, and the release plan, therefore became the following: Give away the name of the game to people we trust, in a progressive way so that a “good amount of people” could buy the game on a daily basis without going above any threshold that might be in place for the monitoring systems. I of course don’t know this threshold (or if it ever exists), but went with a random number: let’s give away the name of the game to about 1000 people every day.
Of course, these people have to be people we trust with the secret, but where would one find thousands of people they trust? I decided to go with our /talk community. This was a bet, of course, but starting on February 21st, every day, 1000 additional people were made aware of the exploit. Of course, I started with the people I trust the most, and ended with the people I trust the less. I won’t give the exact algorithm, but I’m sure you can figure out the basics by yourself. (People who have been in the community a long time ago got the information before recent members, etc…). I will refine that algorithm if I ever do such a “ninja release” again.
This release plan was almost explained in “clear” on the vhbl page (the content of that page has changed since then), which was asking people to check their /talk account on a regular basis. And it seems lots of people understood the message, as we got a massive amount of subscriptions starting on February 22. As a matter of fact, most people who registered around that date got the information 1 day before it was really made public. By February the 29th, potentially 6000 people were aware of the name of the game, and were refraining from insulting the 3-4 guys who were still blindly complaining on my blog that I kept delaying the release to boost my ego or because it was actually a hoax…
That settled the announce for about 6000 people, which I think is a good number. Of course, in these 6000 people, not all of them own a vita, or had money to buy the game, or actually connected to their /talk account in time. But at least I had done my best to guarantee that the people who have been in the community with us for a while were the ones in the best position to get access to the hack, and hopefully hundreds of them got the game long before its name was made public. This was a win-win situation, as I managed to get the hack to people who matter “the most” to me (that’s of course an average, I’m sure some people have been reading this blog for months now, never created an account on /talk, and are *** to read that… this is nothing personal, I had to make such a choice at some point), while being quite sure that our oldest members, who had been with us since the early hbl days, would probably know better than to leak (and that more or less worked fine).
There still was the problem that even if these people would not leak intentionally, the crash log system of the Vita made it possible for people to unintentionally leak the name of the game. I’m sure if Sony started seeing hundreds of crashes in the same game, they would start looking closely into it. Again, I am not sure these crash logs are actually sent to Sony, but out of precaution the actual HBL files were only sent in advance to a handful of people, while most people would have to wait for the actual release.
Announcing secretly this exploit to thousands of people was already a good move IMO given the circumstances and how easily Sony could remove the game from under our feet. But then came the next challenge: how to get as many “other” people (people who are not registered on /talk) to know about the game, and give them enough time to grab the game? Well this one was quite impossible, but I made a bet: if Sony didn’t have any actual exploit to patch, any kind of proof that there was indeed a hack, they would probably not remove the game from the store. It turns out I was dead wrong on this one, which was (that and the fact that the game was not available in the US) the only real bump in that release. To be honest, anybody who managed to get the game while not having seen the info on their /talk account before is someone I consider as an extremely “lucky bonus”. Of course, I would have preferred if Sony hadn’t pulled the game out of the store, but I’m still happy with the way things turned out.
One thing I think I could have done much better is to announce the name of the game on the weekend, when Sony’s offices probably have less people monitoring all the stuff. That was my initial plan, but I stupidly changed my mind for several reasons, the main one being the cancellation of the PSN maintenance.
So tell me, would you have handled this release any better, had you been in my position? Does it now make sense why it took “so long” to announce the name of the game, or do people who insulted me on my blog still think I was trying to boost my ego? (seriously guys, that was really painful to read, given the efforts I was putting into making sure as many people as possible would get the exploit… after all, keep in mind that personally I could decide to keep the HBL port for myself, or for just a handful of hackers and friends… instead I came up with a plan to get as many people as possible to get access to the hack). In retrospect, I hope my posts from the past few weeks now make much more sense.
I don’t think my idea was perfect, but I still think it was pretty good given the many obstacles in our way, but I’m interested to get more ideas… I don’t think we can really beat Sony when an exploit involves a content hosted on their servers, but surely there are ways to make lots of people know about those somewhat secretly (and if you have an idea to make such releases that you really think is brilliant but needs to be kept secret, feel free to send it privately to me by email) 🙂
Hey wololo will motorstorm RC work with this exploit? Just curious…Thanks
No, why would it? It’s a different game made by a different company, for a different platform, with different programming tools. It has nothing in common with Motorstorm AE except its title.
Okay stank you…
I am not in your community previously, but I do managed to get the game in HK store when I checked teck4 twittering the name of the game 🙂 I double confirmed it on your blog that day and downloaded it IMMEDIATELY! thanks for all your great work on VHBL
next time, announce the name of the game AFTER first announcing 3-5 fake games 😀 sony will remove countless games and in the end just think that when the real game gets announced it another fake and not pull it from the store 🙂
although this would probably lead to massive amounts of money spent on fakes by your community 🙁
Yeah, that’s my concern, I’d love to play a prank on Sony, but I don’t want people to buy games they don’t actually want to play 😛
So you based the time on when you secretly announce the name of the game based on the date they register on /talk?? or by name and behavior record on the forums??
A mix of all that
Ok thanks!
I think you handled everything fine, I understand how *** off people would be if they bought the game and had it pulled before they could download it fully, some of that came back on you unfairly I think… Let’s all be glad if we got the hack and see where it goes from here
Question: you said that the game wasn’t available in the US, however it is (was?) available to purchase on the PS3 store. It was recently discovered that you could purchase non-compatible games on the US store, and then use the PS3 to transfer to your Vita.
Did they remove Motorstorm from the US-PS3 store as well? And if they didn’t, do you think we could take the chance of downloading it on the PS3 and transferring it to the Vita?
Thanks again Wololo!
Hey I have Motorstorm on my PSP Go. Anyway to transfer that game to my pc and from the PC to the Vita??? I deleted the file of my ps3 a few days ago and I had no idea about this exploit 🙁
Anyone know what I can do??? The game is on my PSP go!!
Wololo on a scale from one to ten how hard do u think the ps3s and vitassecurity is to crack?
I don’t know, systems security is not my professional field, and I never worked on anything else than the PSP and the Vita, so I don’t have much to compare it with.
Futé le plan, tout s’explique 🙂
Je suivais en spectateur (pas de vita, je ne suis pas non plus inscrit) et effectivement, je trouvais ça curieux que tu insistes lourdement sur les /talk mais je n’ai fait aucune conclusion. 🙁
Amazing good read. And a Great idea. Well thought out, as you said to help as many as you could.
That’s the respect that should be returned tenfold
People forget where these breakthroughs come from, we’re all excited but the people who do this on their own time should be thanked at the least or everyone will end up doing this on their own by the time the next console drops
the vita being hacked is in a sense like the psp being hacked all over, except waay more intense
we all are grateful for what you did and why u did it, pay no.mind for those select few that are in need of attention that they show no respect. Wololo, what do have to do to get on the mailing list for future opportunities?
why do even waste your time explaining to the trolls and leeches
Wololo I’ve been following your blog even before hbl I was there when you released the forums, and I honestly regret being only a lurker and not involved >.< anyways I wanted to give you kudos on your release plan and give thanks for everyone in the community that has put forth the effort over the past few years 🙂 I like how even after DA left, new determined faces stepped up to the plate and filled his shoes 🙂 great work on everything again!
hey wololo,
not sure if you’ll even read this, but ill do whatever it takes to get VHBL on my VITA..
i have 2 CFW PSPs a softmodded Wii and iv been modding and haking sense the days of PS1 gameshark disc swap lol
anyways, let me know the best way to get this info for sure.. i read where you sent whatnot to trusted users, but some of them not have a vita or even the money for the game at the time..
let me assure you, i have all tools nessesary to complete this task, sitting here with my psn card and refresh button on your page, just wishing i had the knowlage to exploit my own game so i could leave you alone lol..
all i need is the info from you bud 🙂
a good way to release secretly would be to have a site(with the info) where people can only register using a invite, this invite would be in the form of a serial code. Every member should get 2 invites to give out to 2 trusted friends.
So all you would need to do is give a invite to 2 well connected people to start of this chain.
the only way this can then get leaked is if someone snitches or if someone’s friend is a sony employee (unlikely)
This would also ensure only people who want the invite would get it, and it would only be shared among trusted people asuming people dont give out their invites to random people or try to sell them.
Wololo… You are a deity.
You’re insane man. I like the way you think. 🙂
it all makes since now
good job
Well… People at Sony is probably reading this. Is there any PSP indie games? If there is then why don’t you exploit those? Sony has to ask permission from the dev before removing the game….let alone patch it! Perhaps the dev could be someone you know.