Let's All Jailbreak the Sony PS3
As a computer scientist, I am interested in how Sony PS3 protection
works, how it was broken by Fail0verflow, the further contributions of
George Hotz, and the steps needed to make the PS3 able to run Linux
once again. Since I am actually a computer science professor, I am
particularly interested in how this information can best be taught to
others who desire to learn it. I do not believe there is anything
improper, much less illegal, in teaching people computer science.
Request for materials: I would like to receive tutorial
information on: Sony PS3 access protection mechanisms, the Elliptical
Curve Digital Signature Algorithm (ECDSA), the
structure of the PS3 hypervisor, METLDR, signing tools, and any other
topics necessary for a person reasonably skilled in computer science
to be able to gain full access to the PS3. It is my intention to make
this information publicly available on my web site here at Carnegie
What not to send: Please don't send me encryption keys (I
already have them), cracking tool executables (my goal is to teach
people, not provide convenient tools for piracy), or information that
has been obtained illegally through theft or fraud. Keep in mind that
reverse engineering is a legally protected activity under the Digital
Millennium Copyright Act (DMCA).
Why I am doing this: Sony is attempting to use the DMCA to deny
computer scientists the right to speak about technical details of
certain Sony products. This assault on free speech is intolerable and
must not go unanswered.
David S. Touretzky
Research Professor of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
Educational Resources for PS3 Hackers:
Sony suing Playbackups.com in the UK
- Console Hacking
2010, Fail0verflow's slide presentation from the 27th Chaos
Communications Congress (134 page PDF).
- PS3 modchip vendor Playbackups.com
is being sued by Sony for selling a PS3 Jailbreak tool (PS3Key).
- Learn more about the device at ps3key.com.
2/9/2011 Update: Sony
sinks its own battleship by retweeting the PS3 master key:
Mirror of GeoHot's PS3 Jailbreak
1/27/2011 Update: Judge Illston has granted the TRO against
George Hotz despite the venue issue still being contested by Hotz's
attorney. And I'm out of town. Since CMU has a west coast campus in
California and is therefore potentially subject to Judge Illston's
jurisdiction, I have disabled my mirror until I can get back to
Pittsburgh and look more closely at the current state of things.
1/19/2011 Update: We finally hear from EFF, which today blasted
Sony for "sending a dangerous message" to computer researchers as
well as to Sony's own customers. And at Salon.com, Dan Gilmor says
that Sony has shown a
deeper disrespect for its customers than other technology vendors.
Gilmor vows to boycott Sony products until they stop treating people
"like chattel instead of customers".
1/16/2011 Update: Sony is facing a consolidated class
action lawsuit due to its disabling of the OtherOS feature. The
case is Ventura v. Sony Computer Entertainment America Inc., in the
United States District Court for the Northern District of California,
case no. 3:10-CV-01811. There is a motion hearing on the calendar of
the Hon. Richard Seeborg for February 9, 2011, so it appears Sony's
earlier efforts to have the suit dismissed were unsuccessful. Here
are links to a case
summary and online
A reader points out that Sony was denied an injunction by a Spanish
court in December 2010; Sony had sought to prevent distribution of the
PS3-Jailbreak product. Details on that decision (in Spanish) are
Google translation here. The
court found that the PS3 is a general purpose computer whose
functionality had been impaired by Sony's actions, and it refused to
enjoin distribution of the jailbreak product even though prevention of
piracy was a legitimate aim, because "there must be limits to public
intervention in the protection of cultural works [Sony games]" (my
paraphrase from Google translation).
Also in December 2010, Sony lost a criminal case initiated in 2007
against a Spanish vendor of PS2 modchips. The court determined such
chips to be legal in Spain. The court's decision (in Spanish) is here; Google
1/14/2011 Update: This eurogamer.net
article explains the crucial mistake Sony made that allowed the
recovery of their encryption keys. And a quote from the fail0verflow
Twitter page explains the relationship between what the fail0verflow
team did and what GeoHot did: "We [fail0verflow] discovered
how to get keys. We exploited lv2ldr, then got its keys. Geohot
exploited metldr, then used our trick to get its keys."
1/13/2011 Update: My light-hearted use of the editorial "we" above should
not mislead anyone into thinking that I an speaking on behalf of
Carnegie Mellon. On all my personal web pages hosted by CMU,
including this page, I speak only for myself, as does every other
faculty member. We have a PR department whose job is to speak for the
Two relevant quotes:
You hacked the console, now
The purpose of the suit is to harass and discourage rather than
win. The law can be used very easily to harass, and enough harassment
on somebody who is simply on the thin edge anyway, well knowing that
he is not authorized, will generally be sufficient to cause
professional decease. If possible, of course, ruin him utterly.|
-- L. Ron Hubbard (Scientology cult founder), 1955
Those who would give up Essential Liberty to purchase a little
Temporary Safety, deserve neither Liberty nor Safety.
-- Benjamin Franklin, 1759
make a t-shirt or
make a mug, or
design your own product using this free image containing the decryption
keys (click to enlarge).
January 11, 2011:
Our friends at Sony are having another bad day: i.e., doing something
breathtakingly stupid, presumably because they don't know any better.
This time they're suing George Hotz and
publishing PS3 jailbreak information, as reported by EnGadget, Attack
of the Fan Boy, and inevitably, Slashdot.
The PS3 jailbreak allows PS3 owners to run the software of their choice
on a machine they have legally purchased. Hotz's site is geohot.com.
Free speech (and free computing) rights exist only for those
determined to exercise them. Trying to suppress those rights in the
Internet age is like spitting in the wind.
We will help our friends at Sony understand this by
mirroring the geohot jailbreak files at Carnegie
Click here for
Note to Sony lawyers: no doubt you're eager to rack up another billable
hour by sending legal threats to me and my university. Before you go
down that unhappy road, check out what happened the last time a large
corporation tried to stop the mirroring of technical information here:
The Gallery of CSS
Descramblers. Have you learned anything in ten years?
A reader points out that jailbreaking
the iPhone is legal in the US thanks to the efforts of the
Electronic Frontier Foundation. What bearing this has on the PS3
controversy remains to be seen.