The Vita hacking scene, a community in need of fresh blood?
The Playstation Vita was out more than a year ago worldwide, and we have yet to see a native hack publicly released. I can see several reasons for that and will try to describe them here.
First, it is essential to understand that the Vita not being hacked “yet” is not an exception. Despite growing rumors, Nintendo’s 3DS has been so far following the same path (the NDS mode of the 3DS is hackable, just like the PSP emulator of the PS Vita is regularly hacked through game vulnerabilities); and it took hackers roughly 4 years to come up with what the general audience consider as the first PS3 jailbreak, back in 2010.
Technical issues
What this shows is that computer manufacturers in general, and Sony in particular with its playstation brand, have stepped up their game in terms of security. Modern programming languages make buffer overflow, if not entirely a vulnerability of the past, at least more difficult to achieve, while modern Operating Systems have increased counter-hack measures. In general these security measures are here for the good of the end-user (you!), to avoid being hacked and getting important information stolen or your computer used as a zombie in a massive Chinese DDoS against your own bank 🙂
In the case of the Vita this has the side benefit of allowing Sony to guarantee their hardware stays as locked as possible. As a matter of fact, I would claim that Sony has no interest in their customers’ security in general (did we mention some of your credentials on the PSP are stored in plain text?), and that their only motivation for keeping up to date with latest security measures is to guarantee their business doesn’t get threatened. After all, there only ever was one virus on the PSP in its 7 years of existence.
But I digress. Independently of the motives, the fact is that Sony’s consoles are much more secure than they used to be. The Vita is believed to run an OS based on FreeBSD, and has the security that comes with it, such as a better permissions system than the PSP used to have (which will avoid compromising the entire system if someone ever managed to take control of a specific app). Most likely, the CPU itself embeds security that would prevent our typical user/kernel psp exploits modus operandi. Loading binaries wherever we want in ram is prevented by things such as the NX bit (details here)
aethun and Davee’s comments in another blog entry are one of the things that triggered this article
As an additional security, the infamous Content Manager Assistant was made with the sole purpose of making it difficult to put any kind of file on the device. The Vita is made to play games, watch movies, and listen to MP3s, it won’t let you copy anything else there, and in particular won’t let you play as you want with the filesystem, unlike the PSP, which was recognized as a regular USB Drive when plugged in to a computer. If you remember how many TIFF exploits we had on the PSP, you’ll understand a tool such as the Content Manager Assistant is in general bad news for hackers.
I won’t go deeper in the details of the Vita security, mostly because we don’t know much about them yet, but also because we’ve talked about them several times on this blog. But to summarize, the information I’ve gathered from hackers and sources close to Sony all contribute to confirm that hacking the PSP (or the PSP emulator in the Vita) was Child’s Play compared to what the Vita is, and to what the PS4 will be.
Legal concerns
Technique is not the only way Sony is preventing hackers from joining the party. The legal action against Geohot 2 years ago has clearly impacted the motivation of several hackers, if not to look for vulnerabilities, at least to share them. A few hackers have contacted me with concerns of being the “first” to bring piracy to the Vita for legal reasons. For example legal concern was one of the things that delayed the release of project ARK, despite the code being ready more than half a year ago.
Additionally, with the release of Playstation Mobile (formerly Playstation suite), Sony have made it less “acceptable” to hack their device on the ground of interoperability and homebrews. After all, homebrewers can get a license for $100 a year and start playing with the SDK, so they don’t have a good excuse to hack anymore, do they?
And despite the exception for jailbreaking phones (and, keeping in mind that this exception was never there for consoles) revoked this year in the US (update: the jailbreak exception was not revoked, the unlock exception was), there is no sign of hope that the DMCA or non-US equivalents will let console jailbreaking out of it shades-of-gray-but-mostly-black legal area any time soon.
Not a hobby anymore?
But all things considered, the real challenge today with hacking modern consoles such as the Vita is the increased security of the OS and CPU, as mentioned above. The vita was built with security in mind from day 1, which was clearly not the case of the PSP. To a point where (and I think I’ve mentioned that before) spending time trying to hack the device is not worth it anymore for your typical “teenage hacker”. It has become too hard, too expensive, and requires knowledge that a single person would take years to learn. I am still impressed at the level of cryptanalysis knowledge that was required to hack the PS3. The guys at failOverfl0w may refer to their discovery as a huge mistake on Sony’s end, but the overall thing still required loads of work and knowledge.
When you think that the initial PSPs “simply” ran unsigned binaries out of the box, it puts things in perspective. Today, I believe that most console hacking cannot be led by enthusiasts anymore, but by companies, that have both the financial backup required to do the R&D, and reverse engineering work, while having ways to get their investment back, one way or another. Companies like Datel of course, but also more shady businesses like the people who were behind the initial PS3 jailbreak. Alternatively, a team of researchers looking for a great theme for their PHD… assuming their school is ready to face the legal risk (ok…never gonna happen? Well, the Xbox case was kind of like that…)
My argument above is that hacking the Vita today is an expensive and time consuming hobby, and it also has legal risks. I believe that the Vita is secure enough that only somebody with a goal of making money (a company) would be able to invest enough time and energy in hacking it fully. Additionally, given that the Vita sales are not so great, I’m thinking this means not only less hackers, but also less interest for potential “hacking” companies, which reduces even more the chances of seeing a Vita hack one day.
Where to look for new ideas?
Let’s zoom away from “businesses”, back to our regular community: the current Vita hacking scene is mostly made of people who came from the PSP scene, and a few from the PS3 scene. One thing that is sad and yet unsurprising is how much each “facet” of hacking pays almost no attention to the other “scenes”. How many PSP hackers know how an iPhone jailbreak works? Even more shockingly, while discussing with PS3 hackers I realized how little I know about the PS3 architecture, and how most of them know nothing about PSP hacking. It is then no surprise that the successful hackers nowadays are the ones with a broad knowledge of the other scenes. Mathieulh with his knowledge of the PS3 and the PSP comes to mind of course, or also Geohot who was famous for his work on the iPhone before coming to the PS3, but more recently YifanLU (his work on the Vita, despite not being public yet, is the closest the scene has to a native hack so far) who was initially known for his work on Amazon’s Kindle.
Well I’m probably stating the obvious here, with all electronic devices implementing similar security measures, relying on the same hardware and libraies, of course somebody who knows about one device will learn faster about the next one. But I guess what I’m saying is that the Vita scene, if it wants to make progress, needs to start looking outside of the world of the PSP. The iPhone and Android jailbreaking teams come to mind of course, but also people working on Nintendo or Xbox.
We are partially to blame here at wololo.net for the status quo on the vita side, and the emphasis on the PSP legacy. Clearly, by promoting hacking inside the psp emulator, we are probably steering lots of brilliant minds away from “actual” Vita hacking, but independently of that I still think few people actually have all the skill-set and free time required to be able to do something something Vita-wise. PSP hacking has the benefit of being well documented, and, in hindsight, quite easy compared to what we are facing today with the Vita. The legal pressure on a “previous generation” console feels also much lighter.
Always a pleasure to read your articles Wololo :). Thanks for sharing all that you have.
I agree about the XDA forum, lets get this started :-).
I agree I think we do need fresh blood hackers. iphone and all those other devices are hacked and tweaked like clock work. iphone 5 has been hacked within months. whereas the vita still in the same position as it was in a year ago. we need a strong vita hacking community. XDA i agree with. but anyone think the reason behind the lack of hacking is in terms of legal reasons?
We need coders!! Please help us with our PSP! I want to see the PSP and PS VITA running alternative OS.
Isos are cool but we need to mature sooner or later. Imagine a PS Vita running Windows 8 RT, Ubuntu, Android Jellybean. PSP running Windows CE..
Remember the time we got so excited with our PSP running Windows and Linux in DOSBOX?
That is why we need to hack our PSP and PS VITA. If we cant put a alternative OS, Then we will run our emulators.
Coders are staying away from the PSP scene only because they dont approve piracy. Not everything in the PSP scene is about piracy. We buy our games and want to play it anywhere. We buy our apps and want to run it anywhere too.
I’m quite surprise that after the homebrews getting signed, nothing really fruitful ever turned up.
We can run anything from XMB. Start from there. PSP go has bluetooth, can’t we make an app to run my gmate other than my ipod touch? I want to turn my PSP Go into a phone. Nobody even bothered to make a signed youtube, facebook or twitter app. Nobody bothered to make a more useful Web Browser app. Coders should see these opportunities other than just the piracy side.
dont think the vita will run Windows 8 RT to good.google os maybe.
Great Great >>>>
@capcomlegend
Well, Of Course I don’t.
However the example of “End Users” supporting devs (either with donations like you say or like SKFU with Hardware) would align with Wololo and his “Making Money” statement.
To sum up.
Wololo states that only a company or other parties that look to make a financial gain will put forth the time and effort to unlock a device (Vita, 3DS..n)
And you (@capcomlegend) are more than willing to donate and convince others to donate, So it seems to follow that the community should support the community.
“Save our money, Do like the mob.”
By the way, the amounts I am talking about are very different. In my experience, donations that were driven through the hacking community on sites like here would drive a few hundred bucks if the dev is lucky. When a company is involved, I am talking of a regular revenue stream of several thousands of dollars a month, for at least a year or two.
Think of the manufacturing price of the True Blue dongle (about $5, probably less), and the price they sold it ($70). Now imagine that 0.1% of PS3 owners bought that device (I don’t have the real numbers), that’s 70’000 people, which is a very realistic number if you think of the traffic underground sites like ps3hax or psx-scene are getting.
Yeah, somewhere in the chain, a group of people made about 5 million dollars with True Blue. Now of course, you’ll have to remove the cut from resellers, the price of developing the exploits in the first place (they probably paid a few thousand bucks for it) etc… but overall we’re still talking of millions of dollars here. So it’s not really the same world as a dev asking for donations 🙂
int getRandomNumber()
{
return 4;
//chosen by fair dice roll.
//guaranteed to be random
}
^hahaha oh boy did i laugh at this.
It did to, but I have to say that for most non-elite hackers this part was about the only thing understandable from the entire presentation. These guys where not the lets show-how-cool-we-are-youtube guys. But experts in security, math and statics.
I fear Wololo is right, the hobby hacker is out far on the VITA, mainly cause Sony has allot more juice to protect, and compared what cpu juice they got now, they don’t have to save on security layers.
I think that the ways of PSP-hacking is over, there is not going to be a easy way of getting a kernel hack and from there out be open and free to do whatever you want.
And in a way Sony has made homebrew possible, using there dev kit. Its just to expensive and VITA customers are small, if even paying. Its the same way Android would have failed if it was closed source and locked to 1 type of mobile device.
Apple can pull it of cause of there guts to marketing methods.
This is from xkcd by the way. Highly recommended if you didn’t know it already
Its not sony that wants all this locking down and super tight security ya im sure they want to protect there source code and IP but the main reason for all this lockdown is the GAME DEVS
they are the ones who pretty much force Sony to lock down there system or they just wont make game for that platform…. in there mind why would we spend 100,000$+ to make a video game on your system just to see it pirated and having no one buy the game yet just get the game for free….
Games need to be cheaper 60$ is to much for a game but with shareholders and board of directors and greedy *** CEOS it will never change unless people take a stand and just stop buying there *** then maybe they will wake up….
Im happy with my vita right now because i can play PSO2 so ill be busy with that for awhile but i do hope more games come out for it would be great
so dont always put the blame on sony the game devs need to take the blame too
haahah i was thinking in the old day u needed a hacked psp to hack a psp or atleast the battery n memory card wy not the same rule with the vita jus use a hacked ps3 heard it was tweak out wen the vita first came out that it was showing up as a phone or sumthing…
wen u think that ps vita work cross game play with the ps3 it would make sense
I wish I could get my money back, Vita has a worse game collection than dreamcast.
Speaking of the legal side, I had to appear as an expert witness for the Defence in a DS/Wii hacking trial late last year. What struck me was the inherent bias in Prosecution evidence concerning technical statements from Nintendo experts littered with (deliberate?) inconsistencies and inaccuracies. However, the problem is proving your legitimacy to comment; my own CV, expert witness statements and personal/professional life were raked over the coals just to get me to Court. If hackers would open themselves up (just a bit) to those researchers who are interested in the field – we do exist! – it might help them if/when they are threatened with legal action. As it was, my work prevented this person going to jail. That was a good day!
I think PS Vita is dead alright. And with the upcoming PS4, no way hackers are going to waste their time hacking a dead platform, when PS4 is new and has a bright future ahead.
Wish we could just stop with these PSP emus for PS Vita. I mean they are nice but really? if you are a gamer and havent already bought a PSP (it’s out since 2004!!) then be aware that there’s a PSP emulator for PC too.
This PSP emu for Vita has become the beating of a dead horse. Someone should make a meme btw.
***, didn’t realise that ps4 was portable
um i dont think it can well not till won make like a ps4 laptop anyway but thought battery life would be hard with a 86×64 cpu but ur lucky the ps4 will use the vita for remote play….
i had hard time run the emulater but my computer was old..
It needs time, be patient =)
I think we should try on hardware.
Maybe an audio file with some special audio frequency can effect the hardware , show us some amazing.
I’m so sorry with my poor English.
You said “The Vita is made to play games, watch movies, and listen to MP3s”
Why not do make a trick on movies files or MP3s?
Also we can try on Background program switching?
But try on Background Program Switching is just wasting time!
I think the Vita community in general is worried it will hurt the games that get released on it. If it was doing fantastic in the market place then it would be less of a tradeoff for homebrew. Some games are selling decently despite the small user base which is making it a more inviting platform for developers but it depends on a high attach rate from a more hard core audience who would buy fewer games if there was an opportunity to pirate. I don’t know about you buy I’d rather have some new games than better emulators. Maybe someone out there wants to make a nice 3d game using the full Vita functionality but it’s still throwing the baby out with the bathwater.
I think the hackers would become more interested when the upcoming cross-play games come out.