12-28-2011 #41Banned User
- Join Date
- Jul 2008
I'm doubt. Mate do you know how they have blocked the redirection on the ps3 ? They use a kind of authentication between the ps3 and the sce servers to be sure they are sony servers. There for we need to spoof the FW version with a hack.
Well i would bet that the vita and his new kind of "Chains of Trust" will do the same like the ps3 for the fw check.
I'll bet 1000 virtual € that it can't be redirected with just setting up a DNS server.
But why not ask the dev of the HBL for vita to try this for us?
A person by the username: silw.. managed this: "Now let’s show the good news as you can see, i can finally connect to my local server , i’m trying to execute some scripts.
i hope i can talk more about it later"
12-28-2011 #43Banned User
- Join Date
- Jul 2008
Uhmmm... thats just a gateway but no redirect
A redirect would be when you set up a new DNS server that redirect's the address call of the psv to the sce servers to your DSN server and a folder on your hdd.
Like this? ... if you want to see how work the PS Vita Web Browser redirection
Video: PS Vita Content Manager and Security Concerns of Wololo
Following up on the PS Vita HBL Demo, today PlayStation Vita hacker wololo has shared details on the PS Vita Content Manager and the related security concerns as outlined below.
To quote: A few days ago I posted my concerns about the “Content Manager” tool, a tool that is compulsory to install and use if you want to copy files from and to your vita. Some people said I was paranoid (see my answer to that at the end of the article), and others shared my concerns and started digging. Interestingly enough, that article gathered almost as much attention as my much more spectacular (in my opinion) video of a Megadrive emulator running on the vita.
Some sites took my words out of context and said that I had proof Sony is spying on us when we copy files. This is not true, I don’t have any proof, just lots of concerns. Because of that I decided to call Sony’s customer service in order to get more information. Read along.
First of all, a piece of relatively good news: some users on French site psvitagen mentioned that it is possible to copy Movies and Music without being connected to the internet, through the dedicated “Music” and “Movie” sections of the vita.
I confirmed this is true, so movies, music and pictures can still be copied to the vita even without an internet connection. The internet connection is however, as far as I can tell, required to copy anything else, which, given the limited possibilities of the vita, basically means PSP/Vita games and/or savedata.
In theory and from what I saw so far, the internet connection is probably used for two things: check for new versions of the firmware (an update was enforced on me if I wanted to keep using the content manager 2 days ago), and possibly do some DRM verifications. That’s the theory, and is somewhat confirmed by some early investigations of the binary by dev Hykem.
So, when you copy it to your vita, Sony checks that your Vita game or your Sony-purchased movie is actually “ok” to play on your vita, to make sure you didn’t steal it or copied it from a friend’s computer. Fair enough (although I would question why this check needs to be done there, rather than directly on the vita). But what happens for content that does not require any Sony drm check is my concern.
Even though it’s possible to copy them without an internet connection, does Sony gather any information on my music, my pictures, or my movies (and how about my games savedata, which do require the internet connection while being transferred) ? Do they collect filenames, id3 tag, or exif information? Probably not, but more transparency on the subject would definitely be welcome. This is not about hacking here, this is about sending private information to a company that has proven regularly that they cannot be trusted with our data.
So, full of concerns, I decided to call Sony’s customer service today (actually my wife did it for me...). The person we talked to, as expected, wasn’t a technical person and therefore had close to no information on this. She was aware that an internet connection is required, and mentioned to us that this is written on the manual.
We explained that we knew that, and that we have an Internet connection (it usually takes time when calling a customer service to explain that you don’t have a technical problem using the software, but an ethical one) , but we’d like to disconnect it when it is not necessary, because we don’t see the point in being connected to Sony’s server when we transfer files between two pieces of hardware we own (at which point my wife added: “especially given what happened to your company recently, we’re a bit concerned about our private information“. Hehe, that’s why I love her ).
Understanding our concern the person at the customer service contacted somebody more technical to get more information on the subject. She then came back to us and told us this was in place to make sure that the computer running the content manager is correctly “associated” to the Vita. She didn’t have any technical details to share about the firmware upgrade or the DRM verifications, but she guaranteed us that no personal data was being transferred. She also gave us her name (which I won’t share here) in case we have more questions on the subject (but don’t ask me to call them more, first it’s not a free call, and second I already felt super bad to have my wife spend 30 boring minutes on the phone for me because of my new toy)
(one thing I’d like to say is that every time I contacted Sony’s customer service, their answers were fairly fast and accurate. They usually give me bad news, but they’re doing their best to help. The only time they were completely wrong was when my PSP 1000 stopped accepting connecting to Media Go. They told me it was because the PSP was a Japanese PSP, and I was trying to connect to the European store. I knew this wasn’t true since I had no problem doing the exact same thing with two other PSPs. The real cause was probably that Sony had banned my console for some reason. Anwyays overall thumbs up for the efficiency of the customer service)
So, that’s the official answer, but I’m sure some of us will pass the PC parts of the Content Manager through their microscopes to confirm if this is true. But at least now I have some official information from Sony, which is, in a way, positive. Nevertheless, it does not statisfy my curiosity on some of the files found by Hykem, (such as Mp3Promoter.suprx, png_promoter.suprx, etc…) so I’m sure many people will want to learn more about this thing.
Oh, Before I go...
Note: don’t read the section below if you don’t like me when I rant, I know some of you don’t like me when I do that (Spare me the “why do you buy Sony products in the first place?” types of comments if possible, as that’s not the point)
A personal note about why I’m doing all of this, and a message to haters. There’s something interesting about fanboys, no matter how much you show them the truth and give them verifiable proof about it, they’ll always find excuses to justify the illegal behavior of their favorite company. A few days ago I started investigating the insides of the PS Vita. I got HBL to run on it, and was able to run PSP homebrews on the vita. Fanboys told me I would kill the vita because of piracy.
I also raised privacy concerns about the vita “content manager”, a tool that is compulsory to use if you want to transfer some files from and to your vita, and requires you to be constantly connected to the internet while doing so. Again, Sony fanboys told me Sony would never spy on their users, or went Eric Shmidt on me, telling me that Sony probably has good reasons to spy on me in the first place.
Well guess what, champions: my work on the PSP was never used in any way to pirate Sony’s content, because it is not technically doable to do such a thing with HBL. And telling me that Sony would never do something illegal to their users is completely forgetting that they intentionally did so a few years ago with their infamous rootkit.
There’s no historical record of me being a bad guy, I was never sued or sent to jail in my life, while Sony has proven several times to engage in illegal or barely legal activities (see the rootkit case, or the Sony VS Universal studios case), but yet in Sony fanboys’ heads, I am the one with a suspicious behavior. Next time you comment on my work, just get your facts straight, not all hackers are promoting piracy, and my work (HBL) cannot be used to pirate games.
I won’t pretend I’m a fighter of freedom or anything, I do this mostly for fun, but I take extra care to do things that are legal, or at least not ethically questionable. The same cannot be said for Sony, so it is perfectly legit to have doubts about the tools they make me install on my machine, even if in the end the suspicions were wrong.
Sony lost their “presumption of innocence” rights years ago, I’d rather assume they’re guilty first, than feel sorry for myself later when the contents of my hard drives get leaked from Sony’s servers by some black hat hacker.
More PlayStation 3 News...
12-29-2011 #47Banned User
- Join Date
- Jul 2008
WOOOOODS ^^ thats so funny to read:
There for i'll say we have to fight back and hack and pirate what we can. Otherwise we will end up some days with a camera sticked up in our backsite and even if you only think on something that the big concern don't want you get a electrical shock.
I don't think pirating their stuff is a good thing. I have my concerns, but to deny the developers of their hardwork is not fair at all.
12-29-2011 #49Banned User
- Join Date
- Jul 2008
Please what you talking about ? (no offence meant mate)
This isn't up to us. It's up to the concerns. They milk the developers not the scene with hacking and pirating. I always buy new tech and support all kind of that cause i buy it anyways of the costs. I have buyed one of the first ps3's for 600€ (and not only one i 've buyed more then 3 for 600€) and the first years i have buyed such a lot of games you cant imaging. Even if it was hacked from day one i would have buyed a lot of games.
For me you sonds like a fanboy. (again no offence meant)
Cause if you buy games or not you dont support the dev's you support the big concern. They for the hacking scene exist's !! You know? If i want to support a game then i will buy it anyways if i have before downlaoded it and played it so that the new buyed disk never get touched.
Look on the android scene. You can official downlaod Hack apps from the official android market and they still make money. Why? Cause you have to buy the device before you can hack it.
If the concern's in the console scene wouldn't milk dev's and leaf the price to them the games would be much cheaper, developers would make more money and we wouldn't need to pirate them cause i game would be charged with 20-30€ max
In the android scene the dev's get the full money of the app they sell. There is no middle man milking them. Also you can get free versions of every app.
You see the deep scener's like me and others aren't that bad pirates like all others or child's of the scene will be. We do that FOR the dev's and FOR all that kind of's. And we do that FOR the right of every one so that all have the same rights.
Do you even know that some of the grand master hacker's ARE game DEV's ? And that they do all this for the exact same reason i told you ? Cause they get milked from the big concerns ?
CMA is not the only way, you can use the same way PS3 as well and some file can be normally "downloaded" to Vita via web browser, also pictures could be sent and received via messages plus also sent via Twitter app.
CMA doesn't need to be connected all the time, just during the initial "handshaking" between Vita and PC, just for a second or two, after that you can again cut off the internet connection. This is usefull when you're planning to transfer a large amount of data and while out and about don't want to spend money or bandwith on 3G etc.
And finally - all this Sony's fail with CMA and DRM "spying" has one BIG benefit - PC is much less protected against hacking and poking around than PS3 or Vita which allows us to have a good look in the inners of CMA and it's communication with both Vita as well as Sony servers. We can analyze the app itself, capture and monitor (and hopefully later on amend or emulate) both IP as well as USB communications which can lead to various benefits like unoficial CMAs or CMAs running on alternative platforms (MAC, Linux etc.) and much MUCH more ...
There is always light at the end of the tunnel!