VHBL for Motorstorm: how the release really happened, and why it happened that way

Many people have doubted my plans for the release of VHBL, and I’ve received a good share of insults when VHBL was not available exactly on February 22nd for public consumption. As a matter of fact, the release of VHBL had started on February 21st, but some people didn’t see what was happening…

When Teck4 announced he had a running hello world on the PSP Emulator of the Vita back in December, I quickly contacted him (thanks to the help of mamosuke) in order to offer my help porting HBL to this exploit. Quickly, it was obvious to all of us that as soon as the exploit would be made public, Sony would at least remove the game from the store, and possibly patch it before putting it back. Previous history with the mercury exploit showed us that when they have access to the exploit, Sony was extremely fast to remove the game from their store (approx. 1h between the release of the Mercury exploit files and the game being removed from the store). In addition to that, the possible spying through the CMA and the crash log on the vita made it dangerous to even share/run our work in progress.

Therefore came the question: how to make such an exploit useful to as many people as possible without Sony removing the vector of the attack super fast? Publicly announcing the exploit and giving away the files at the same time was a no go, we knew (or thought we knew) from experience with the Mercury exploit that sony would react quickly. In addition, assuming Sony monitors the sales of their games, revealing the game to thousands of people at once might have triggered alarms on their end, giving away the name of the game.

Our conclusion, and the release plan, therefore became the following: Give away the name of the game to people we trust, in a progressive way so that a “good amount of people” could buy the game on a daily basis without going above any threshold that might be in place for the monitoring systems. I of course don’t know this threshold (or if it ever exists), but went with a random number: let’s give away the name of the game to about 1000 people every day.

Of course, these people have to be people we trust with the secret, but where would one find thousands of people they trust? I decided to go with our /talk community. This was a bet, of course, but starting on February 21st, every day, 1000 additional people were made aware of the exploit. Of course, I started with the people I trust the most, and ended with the people I trust the less. I won’t give the exact algorithm, but I’m sure you can figure out the basics by yourself. (People who have been in the community a long time ago got the information before recent members, etc…). I will refine that algorithm if I ever do such a “ninja release” again.

This release plan was almost explained in “clear” on the vhbl page (the content of that page has changed since then), which was asking people to check their /talk account on a regular basis. And it seems lots of people understood the message, as we got a massive amount of subscriptions starting on February 22. As a matter of fact, most people who registered around that date got the information 1 day before it was really made public. By February the 29th, potentially 6000 people were aware of the name of the game, and were refraining from insulting the 3-4 guys who were still blindly complaining on my blog that I kept delaying the release to boost my ego or because it was actually a hoax…

That settled the announce for about 6000 people, which I think is a good number. Of course, in these 6000 people, not all of them own a vita, or had money to buy the game, or actually connected to their /talk account in time. But at least I had done my best to guarantee that the people who have been in the community with us for a while were the ones in the best position to get access to the hack, and hopefully hundreds of them got the game long before its name was made public. This was a win-win situation, as I managed to get the hack to people who matter “the most” to me (that’s of course an average, I’m sure some people have been reading this blog for months now, never created an account on /talk, and are pissed to read that… this is nothing personal, I had to make such a choice at some point), while being quite sure that our oldest members, who had been with us since the early hbl days, would probably know better than to leak (and that more or less worked fine).

There still was the problem that even if these people would not leak intentionally, the crash log system of the Vita made it possible for people to unintentionally leak the name of the game. I’m sure if Sony started seeing hundreds of crashes in the same game, they would start looking closely into it. Again, I am not sure these crash logs are actually sent to Sony, but out of precaution the actual HBL files were only sent in advance to a handful of people, while most people would have to wait for the actual release.

Announcing secretly this exploit to thousands of people was already a good move IMO given the circumstances and how easily Sony could remove the game from under our feet. But then came the next challenge: how to get as many “other” people (people who are not registered on /talk) to know about the game, and give them enough time to grab the game? Well this one was quite impossible, but I made a bet: if Sony didn’t have any actual exploit to patch, any kind of proof that there was indeed a hack, they would probably not remove the game from the store. It turns out I was dead wrong on this one, which was (that and the fact that the game was not available in the US) the only real bump in that release. To be honest, anybody who managed to get the game while not having seen the info on their /talk account before is someone I consider as an extremely “lucky bonus”. Of course, I would have preferred if Sony hadn’t pulled the game out of the store, but I’m still happy with the way things turned out.

One thing I think I could have done much better is to announce the name of the game on the weekend, when Sony’s offices probably have less people monitoring all the stuff. That was my initial plan, but I stupidly changed my mind for several reasons, the main one being the cancellation of the PSN maintenance.

So tell me, would you have handled this release any better, had you been in my position? Does it now make sense why it took “so long” to announce the name of the game, or do people who insulted me on my blog still think I was trying to boost my ego? (seriously guys, that was really painful to read, given the efforts I was putting into making sure as many people as possible would get the exploit… after all, keep in mind that personally I could decide to keep the HBL port for myself, or for just a handful of hackers and friends… instead I came up with a plan to get as many people as possible to get access to the hack). In retrospect, I hope my posts from the past few weeks now make much more sense.

I don’t think my idea was perfect, but I still think it was pretty good given the many obstacles in our way, but I’m interested to get more ideas… I don’t think we can really beat Sony when an exploit involves a content hosted on their servers, but surely there are ways to make lots of people know about those somewhat secretly (and if you have an idea to make such releases that you really think is brilliant but needs to be kept secret, feel free to send it privately to me by email) :)

  1. Psauce’s avatar

    Amazing good read. And a Great idea. Well thought out, as you said to help as many as you could.
    That’s the respect that should be returned tenfold
    People forget where these breakthroughs come from, we’re all excited but the people who do this on their own time should be thanked at the least or everyone will end up doing this on their own by the time the next console drops

    Reply

  2. DemonicElbow’s avatar

    the vita being hacked is in a sense like the psp being hacked all over, except waay more intense

    Reply

  3. whiteymcguee’s avatar

    we all are grateful for what you did and why u did it, pay no.mind for those select few that are in need of attention that they show no respect. Wololo, what do have to do to get on the mailing list for future opportunities?

    Reply

  4. 2die4’s avatar

    why do even waste your time explaining to the trolls and leeches

    Reply

  5. p5phXX0rz’s avatar

    Wololo I’ve been following your blog even before hbl I was there when you released the forums, and I honestly regret being only a lurker and not involved >.< anyways I wanted to give you kudos on your release plan and give thanks for everyone in the community that has put forth the effort over the past few years :) I like how even after DA left, new determined faces stepped up to the plate and filled his shoes :) great work on everything again!

    Reply

  6. sweet_leaf85’s avatar

    hey wololo,

    not sure if you’ll even read this, but ill do whatever it takes to get VHBL on my VITA..

    i have 2 CFW PSPs a softmodded Wii and iv been modding and haking sense the days of PS1 gameshark disc swap lol

    anyways, let me know the best way to get this info for sure.. i read where you sent whatnot to trusted users, but some of them not have a vita or even the money for the game at the time..
    let me assure you, i have all tools nessesary to complete this task, sitting here with my psn card and refresh button on your page, just wishing i had the knowlage to exploit my own game so i could leave you alone lol..
    all i need is the info from you bud :)

    Reply

  7. Zenin’s avatar

    a good way to release secretly would be to have a site(with the info) where people can only register using a invite, this invite would be in the form of a serial code. Every member should get 2 invites to give out to 2 trusted friends.
    So all you would need to do is give a invite to 2 well connected people to start of this chain.

    the only way this can then get leaked is if someone snitches or if someone’s friend is a sony employee (unlikely)

    This would also ensure only people who want the invite would get it, and it would only be shared among trusted people asuming people dont give out their invites to random people or try to sell them.

    Reply

  8. Deity’s avatar

    Wololo… You are a deity.

    Reply

  9. Masterbert’s avatar

    You’re insane man. I like the way you think. :)

    Reply

  10. HaHussle’s avatar

    it all makes since now

    Reply

  11. floyd1024’s avatar

    good job

    Reply

  12. Haze7’s avatar

    Well… People at Sony is probably reading this. Is there any PSP indie games? If there is then why don’t you exploit those? Sony has to ask permission from the dev before removing the game….let alone patch it! Perhaps the dev could be someone you know.

    Reply

· 1 · 2

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>