Alleged first Vita flashcart

[yifanlu]

http://cobra-blackfin.com/index.html

"Vita has a very secure card authentication mechanism, which to date has not been penetrated and is based on secure cryptography. It is unlikely that a direct authentication method which avoids having to use a peer to peer system will appear any time soon. As a result Cobra has designed a unique and cutting edge peer to peer sharing device which allows users to share their favourite games with friends over an internet network."

- No confirmation it's real although what they claim is possible technically, the real innovation is marketing this
- The pc reader allows pirates to host up to 7 games on their (likely) P2P network
- You will be limited to what games are shared by people at the time you're playing it. For example, if you want to play a less popular game, you have to wait until someone who owns it comes online and need to do this every time you power off the system.
- There currently does not seem to be any incentive for people to actually share. Pirates who purchase this likely don't want to buy new games. The company themselves will likely seed the pool with tons of games in the beginning but of course that won't last long (either by lawsuit or the failure of sales will force them to quit).
- If the system is indeed P2P, get ready to be sued by Sony because just like torrenting, if you don't take steps to hide yourself, it is easy to see who's sharing what games. Considering there won't be too many people in this network, it would be easy for sony to sue everyone in one swoop. Then people will be scared to share their games and this device is useless.
- Even if you cloak yourself, using this device will send identifying information across the network. Although it would be hard for strangers to decrypt such information, it's likely that sony can and will see what console/psn account is using this device.
- This device does not use ANY exploits on the system and does not even crack the cart security (as they said on the site). It will not enable homebrew or help it in any way. It's like sky3ds but worse because you can't even use it offline. If people think Rejuvenate is hard to use because you need an internet connection, well this is like the piracy version of rejuvenate
- It will also likely cost a lot. Although if they are "smart", they would make an incentive system for people to share games. Perhaps a rebate for people who are active on the network for a period of time?

Advertising

[aos10]

I find not good at all

The Vita is suppose to be portable, i love to Cary it every where, this is going to restrict you at home, and it look ridiculous and very stupid

I think they are doing their own drm to prevent coping it and make cheap version of it.

Kinda like power save for 3ds , they keep it drm only.

Advertising

[darklinkpower]

What you are saying is scary but true. The result of using this (if it's real) can be really, really ugly, I just hope that at least the company and re-sellers tell people all of this. There will be a lot of people with not enough knowledge of how this works and the problems that could arise from using this.

Also, I know that this has almost nothing confirmed, but is this supossedly from the same "cobra" team from ps3? There can be different opinions about them, but it's true that they achieved great things, with their propietary dongle and their ODE system. They even open sourced the Cobra FW. If this is from the same cobra team, at least this would be a quality device.

[aos10]

BTW, the release of this device and Vita memory dumper is a bit suspicious .

[TakuyaZZ]

IMO, this is ridiculously stupid.
Hope it will not take off

[DS_Marine]

Well, while I'm not a real expert on cryptography, I do enjoy reverse-engineering stuff.
After reading the news, a system like the authenticators used for banks and battle.net comes to mind. So maybe there's a system call that resolves if your system is allowed to run certain content, and it's finally resolved by the cartridge's hardware. And the response is only valid for a limitead amount of time (maybe among other restrictions) so you cannot do replay attacks.
Looks like they figured out how to intercept the auth request (directly hooking the cartridge i/o pins), locate a cartridge plugged in somewhere, relay the request to it and bring back the valid response. And they need to do it everytime because the call might use random data, data tied to your psv, your psn acc, system time, or all of the above.
So this group knows the command sequence for this but maybe not how to assemble a proper request (they use the one created by the psv), but maybe if this is discovered, then the cart auth might be emulated, the same way it has been already done with these enterprise-level r ainbow dongles.

[need2burn]

Is this really piracy, at least in the current sense of the word? From what I gather, this device needs a legit game per instance of play. Sure, it allows people to play games for free, assuming there are enough copies floating around.

I see it more like a form of networked library, you can't check out the media if someone else already borrowed it. It's definitely closer to a library model than it is a "rip and play whenever you want" model where a single copy could potentially be downloaded and used by thousands of people, at any given time. In every instance, the copy being used had to have been purchased. It's more of a debatable area, like with that antennae rebroadcast company (Aereo) or that company that streamed DVDs on demand that literally had a physical DVD for each person viewing (Zediva), albeit both were shut down.

It's like a free used game library than it is a piracy enabler. It's no different than swapping games with my friends for a weekend.

I could be wrong if it allows you to authenticate multiple instances per cartridge, but if this were the case, why list how many copies are online and why does it need 7 slots on the device?

[GonnaGetPSVita]

It's straight up piracy device and inconvenient one at that, without homebrew capability. Wow.. i don't even know how to respond. i

[hyausv67]

@yifanlu - i don't understand why the 'magic authentication data' (which surely is static for each unique card right) why that cannot be combined with the .iso on the micro sd card.
what could the problem be, how would have sony stopped something like that?
the blackfin gamecard must have some wireless function, if it connects to the dongle to get the auth data... so why can that data not be on the micro sd?
it's all quite complicated

[yifanlu]

@yifanlu - i don't understand why the 'magic authentication data' (which surely is static for each unique card right) why that cannot be combined with the .iso on the micro sd card.
what could the problem be, how would have sony stopped something like that?
the blackfin gamecard must have some wireless function, if it connects to the dongle to get the auth data... so why can that data not be on the micro sd?
it's all quite complicated

The gamecart is not just a storage device. There's a computer chip inside of it too that can respond to requests. Cobra has not figured out how to fake this computer chip (typically flashcarts do this; see: sky3ds). Likely they never will because sony is actually good at these sorts of things.