PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

177w ago - Following up on the PS Vita HBL Demo, today PlayStation Vita hacker wololo has shared details on the PS Vita Content Manager and the related security concerns as outlined below.

To quote: A few days ago I posted my concerns about the “Content Manager” tool, a tool that is compulsory to install and use if you want to copy files from and to your vita. Some people said I was paranoid (see my answer to that at the end of the article), and others shared my concerns and started digging. Interestingly enough, that article gathered almost as much attention as my much more spectacular (in my opinion) video of a Megadrive emulator running on the vita.

Some sites took my words out of context and said that I had proof Sony is spying on us when we copy files. This is not true, I don’t have any proof, just lots of concerns. Because of that I decided to call Sony’s customer service in order to get more information. Read along.

First of all, a piece of relatively good news: some users on French site psvitagen mentioned that it is possible to copy Movies and Music without being connected to the internet, through the dedicated “Music” and “Movie” sections of the vita.

I confirmed this is true, so movies, music and pictures can still be copied to the vita even without an internet connection. The internet connection is however, as far as I can tell, required to copy anything else, which, given the limited possibilities of the vita, basically means PSP/Vita games and/or savedata.

In theory and from what I saw so far, the internet connection is probably used for two things: check for new versions of the firmware (an update was enforced on me if I wanted to keep using the content manager 2 days ago), and possibly do some DRM verifications. That’s the theory, and is somewhat confirmed by some early investigations of the binary by dev Hykem.

So, when you copy it to your vita, Sony checks that your Vita game or your Sony-purchased movie is actually “ok” to play on your vita, to make sure you didn’t steal it or copied it from a friend’s computer. Fair enough (although I would question why this check needs to be done there, rather than directly on the vita). But what happens for content that does not require any Sony drm check is my concern.

Even though it’s possible to copy them without an internet connection, does Sony gather any information on my music, my pictures, or my movies (and how about my games savedata, which do require the internet connection while being transferred) ? Do they collect filenames, id3 tag, or exif information? Probably not, but more transparency on the subject would definitely be welcome. This is not about hacking here, this is about sending private information to a company that has proven regularly that they cannot be trusted with our data.

So, full of concerns, I decided to call Sony’s customer service today (actually my wife did it for me...). The person we talked to, as expected, wasn’t a technical person and therefore had close to no information on this. She was aware that an internet connection is required, and mentioned to us that this is written on the manual.

We explained that we knew that, and that we have an Internet connection (it usually takes time when calling a customer service to explain that you don’t have a technical problem using the software, but an ethical one) , but we’d like to disconnect it when it is not necessary, because we don’t see the point in being connected to Sony’s server when we transfer files between two pieces of hardware we own (at which point my wife added: “especially given what happened to your company recently, we’re a bit concerned about our private information“. Hehe, that’s why I love her ).

Understanding our concern the person at the customer service contacted somebody more technical to get more information on the subject. She then came back to us and told us this was in place to make sure that the computer running the content manager is correctly “associated” to the Vita. She didn’t have any technical details to share about the firmware upgrade or the DRM verifications, but she guaranteed us that no personal data was being transferred. She also gave us her name (which I won’t share here) in case we have more questions on the subject (but don’t ask me to call them more, first it’s not a free call, and second I already felt super bad to have my wife spend 30 boring minutes on the phone for me because of my new toy)

(one thing I’d like to say is that every time I contacted Sony’s customer service, their answers were fairly fast and accurate. They usually give me bad news, but they’re doing their best to help. The only time they were completely wrong was when my PSP 1000 stopped accepting connecting to Media Go. They told me it was because the PSP was a Japanese PSP, and I was trying to connect to the European store. I knew this wasn’t true since I had no problem doing the exact same thing with two other PSPs. The real cause was probably that Sony had banned my console for some reason. Anwyays overall thumbs up for the efficiency of the customer service)

So, that’s the official answer, but I’m sure some of us will pass the PC parts of the Content Manager through their microscopes to confirm if this is true. But at least now I have some official information from Sony, which is, in a way, positive. Nevertheless, it does not statisfy my curiosity on some of the files found by Hykem, (such as Mp3Promoter.suprx, png_promoter.suprx, etc… so I’m sure many people will want to learn more about this thing.

Oh, Before I go...

Note: don’t read the section below if you don’t like me when I rant, I know some of you don’t like me when I do that (Spare me the “why do you buy Sony products in the first place?” types of comments if possible, as that’s not the point)

A personal note about why I’m doing all of this, and a message to haters. There’s something interesting about fanboys, no matter how much you show them the truth and give them verifiable proof about it, they’ll always find excuses to justify the illegal behavior of their favorite company. A few days ago I started investigating the insides of the PS Vita. I got HBL to run on it, and was able to run PSP homebrews on the vita. Fanboys told me I would kill the vita because of piracy.

I also raised privacy concerns about the vita “content manager”, a tool that is compulsory to use if you want to transfer some files from and to your vita, and requires you to be constantly connected to the internet while doing so. Again, Sony fanboys told me Sony would never spy on their users, or went Eric Shmidt on me, telling me that Sony probably has good reasons to spy on me in the first place.

Well guess what, champions: my work on the PSP was never used in any way to pirate Sony’s content, because it is not technically doable to do such a thing with HBL. And telling me that Sony would never do something illegal to their users is completely forgetting that they intentionally did so a few years ago with their infamous rootkit.

There’s no historical record of me being a bad guy, I was never sued or sent to jail in my life, while Sony has proven several times to engage in illegal or barely legal activities (see the rootkit case, or the Sony VS Universal studios case), but yet in Sony fanboys’ heads, I am the one with a suspicious behavior. Next time you comment on my work, just get your facts straight, not all hackers are promoting piracy, and my work (HBL) cannot be used to pirate games.

I won’t pretend I’m a fighter of freedom or anything, I do this mostly for fun, but I take extra care to do things that are legal, or at least not ethically questionable. The same cannot be said for Sony, so it is perfectly legit to have doubts about the tools they make me install on my machine, even if in the end the suspicions were wrong.

Sony lost their “presumption of innocence” rights years ago, I’d rather assume they’re guilty first, than feel sorry for myself later when the contents of my hard drives get leaked from Sony’s servers by some black hat hacker.




Video: PS Vita Content Manager and Security Concerns of Wololo

Video: PS Vita Content Manager and Security Concerns of Wololo

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew PS4 Downloads.




#141 - A2theC - 175w ago
A2theC's Avatar
New system, same routine.

#140 - valid93 - 175w ago
valid93's Avatar
Thanks

#139 - PS4 News - 175w ago
PS4 News's Avatar
Cheers for the news GrandpaHomer, I have now promoted it to the main page and +Rep for submitting it!

#138 - GrandpaHomer - 175w ago
GrandpaHomer's Avatar
Following up on the previous PlayStation Vita System Software updates, today Sony of Japan has released PS Vita version 1.52 Firmware update.

Download: PS Vita 1.52 Firmware Update (JPN)

As usual, the Sony PlayStation Vita 1.52 Firmware update is a mandatory install. According to Andriasang.com the PS Vita update is simply another small bug fix.

To quote: "A number of Vita owners are saying via Twitter and blogs and so-forth that the update fixes a version 1.51 bug where the 3G system would not recognize your SIM card."

So far I'm unaware of any visible changes in the system or settings, however, this article will be updated as a change log becomes available on Sony's official PS Vita Web site.

System software version 1.52 for PlayStation Vita Update:

  • From January 16, 2012, began to update the system software version 1.52.

To become available and some features of the PlayStation Network features, updates the system software of PS Vita (Update) is required. PS Vita also system software, by updating, adding and security can be enhanced many features. Please use the update to the latest version.

The main features in system software update version 1.52:

  • The software system has improved the operational stability.

Finally, wololo reports (wololo.net/wagic/2012/01/16/forced-firmware-update-1-52-for-the-ps-vita/#more-3875), to quote: "Mamosuke confirmed to me today that Teck4's exploit for the PSP Emulator in the vita is still working on 1.52.

Note that it doesn't guarantee 100% that some of the techniques used to get HBL to work on top of this exploit haven't been patched, as I haven't tested myself. But for now I'm confident. I might update to test that, at some point."

More PlayStation 3 News...

#137 - PS4 News - 176w ago
PS4 News's Avatar
Today PS Vita hacker wololo has made available a Half Byte Loader (HBL) development FAQ for those interested in progress thus far on Sony's PlayStation Vita handheld console.

Also below he states that he has ported HBL for Teck4's exploit successfully and updated to EU/US versions.

To quote: I managed to port HBL to the US version of Teck4′s exploit in exactly 45 minutes (including writing the savedata exploit and the binary loader), which is a new personal record, thanks to the scripts included in HBL's repository, and also to the fact that the different versions of the game are internally fairly similar (which is to be expected because technically the game is supposed to be the same, just translated, but I seem to recall it wasn't that easy for the Hotshots golf exploit)

I also updated the EU/US versions of this HBL port to get the tweaks I worked on for the past weeks in order to get a fair amount of homebrews to work.

The next step for me is to write a bit of documentation on how to use all this, and then patiently wait. As far as a release is concerned... well check the FAQ I wrote yesterday.

I could spend time polishing this port of HBL for the Vita, improve compatibility, and I might do it, but since there's a high risk this gets used by only a small amount of people before it gets patched, I'll probably leave it in its current state for now. It's probably not worth working too much on the details if nobody ends up using it. Of course if by some sort of miracle this doesn't get patched immediately by Sony, I'll update it accordingly.

Now let's all wait (I'm probably more excited than anybody else about this release, really...)

A FAQ for HBL on the Vita

We've seen through Teck4′s exploit that PSP exploits run flawlessly on the PSP emulator of the Vita. I've spent the past 3 weeks working on leveraging Teck4′s exploit and port HBL to it. I've been receiving lots of questions (probably from people who haven't used HBL back when it was the only possible way to play homebrews on the PSP Go) and will try to answer them here.

What is HBL?

HBL stands for "Half Byte Loader". This is a homebrew loader for the PSP, which was written initially by m0skit0, then improved and maintained by a bunch of devs including myself (those two links are good old memories, when HBL wasn't loading a single homebrew properly). It basically allows to run fanmade games, emulators, etc on the PSP. We've found that it can run on the PS Vita through the PSP emulator.

Will this allow to run PSP backups (isos)?

Although in theory that would be possible, HBL only has access to the PSP "user mode" which is fairly limited. Practically, all teams who have tried to create an iso loader in user mode on the PSP have failed so far.

Will this allow to run PS Vita game backups?

No

Does this give us access to the Vita hardware (touch screen, etc)?

No. HBL accesses the hardware through the PSP emulator, and therefore only has access to what is mapped to the PSP controls. It also only has access to 32MB of ram, etc

Does this give us possibilities to hack the vita further?

Most likely, not. HBL is stuck in user mode, in a sandboxed emulator. To get access to Vita information, we would need first to get kernel access in the emulator (through a psp kernel exploit), and then find other exploits in the emulator/OS itself to break away from the sandbox (which, if the Vita OS is as secure as I think it is, is close to impossible)

But will it give us more horsepower than the psp? Can we expect emulators to run faster, etc?

This still needs to be investigated deeper, but from what I've seen, not really. Memory stick access is definitely faster on the vita (Wagic loads between 5 and 10 times faster on the vita than on a psp go), but the rest seems to follow the psp limitations (as one would expect from an emulator)

Will this be made public?

Yes. Teck4 (who found the exploit) and I agreed to making this public at some point.

When will this be made public?

Some time after the Vita is released worldwide.

I heard Sony can patch this very easily as soon as it's made public?

Yes. Since this uses a vulnerability in a PSP game, as soon as they know which game it is, Sony can remove the game from the PS Store. Once they do that, they can patch the Vita firmware to reject the "malicious" files (either by preventing them from being copied through the content manager assistant, or by patching the PSP emulator, or by patching the PSP game, etc). At that point, people who don't already have the game on their console won't be able to use HBL. Also, people who do have HBL will need to never upgrade their firmware, will have to use some tools such as OpenCMA in order to copy files to the vita, and will be locked out of the PS Store as long as they want to use homebrews.

So shouldn't you keep this under wraps instead?

Meh, it's not like anything is really secret here besides the name of the game. It's already pretty sure this is not useful for hacking the vita further, so even if it gets patched I don't think we will lose "too much".

No iso, no access to the vita internals, and Sony will patch it as soon as it's out, so basically it's useless?

Yes and No. Technically, a hacked PSP is way cheaper and will allow you to do more than that. But this is, as I write these lines, the only way to run unsigned code on the Vita, which in itself makes it a great achievement (and it's always cool to show your friends that your Vita can run Mario, and theirs can't). Also, it didn't take too much time to adapt since most of the code was already available from our past work in the psp scene. It would have been even more useless to say "oh yeah, interesting, we can run psp exploits on the vita" and not do anything with it.

How do you copy/install homebrews to the ps vita, since it cannot be mounted as a regular usb drive?

This will be explained when HBL is released.

More PlayStation 3 News...

#136 - Bartholomy - 176w ago
Bartholomy's Avatar
Awesome, thanks

#135 - smokyyuwe - 176w ago
smokyyuwe's Avatar
Virtuous Flame released an update to his Open CMA tool a few days ago. Open CMA allows you to connect your playstation Vita to your PC through the Content Manager without needing to be connected to the internet. This is useful if you need to transfer some files while away from your network, or simply if like me you don’t see why it should be required to be connected to the internet when you transfer files between two pieces of hardware you own.

This update (revision 3) patches the PC side of the content manager further, preventing it from auto updating. Without this patch, Sony’s driver is silently updating itself whenever it’s connected to the internet even if you were using open CMA so far, which makes this r3 an important update.

Download source: wololo.net/downloads/index.php/download/1252

Source: wololo.net/wagic/2012/01/10/virtuous-flames-open-cma-r3-released/

#134 - Bartholomy - 176w ago
Bartholomy's Avatar
Superb. I hope to see more and more about PSVITA hacking

#133 - NTA - 176w ago
NTA's Avatar
>_> at 0:41 I usually die of don't jump or duck. I don't see how that's possible.

Sucks that gpsp doesn't work yet. Really looking forward to that

#132 - PS4 News - 176w ago
PS4 News's Avatar
Today PlayStation Vita hacker wololo has shared a video (below) demonstrating several PSP homebrew applications and emulators running on PS Vita using their Half-Byte Loader (HBL).

To quote: In the past days I stabilized HBL for Teck4's exploit and got some major homebrews to work.

In the video below I'm showing a few homebrews running on the PS Vita. I also included Picodrive again to show that fixing the sound issue is relatively easy as it is just a setting in the emulator. Check the video below.

You can see in this video snes9xTYL (super nes emulator), Bookr (pdf reader), CSPSP, T.O.M.E. (text mode rpg), EmuMaster (game boy emulator), Zombie Crisis (FPS), Wagic (which loads about 10 times faster than on a real PSP, this talks for the improved access speed of this new memory stick format), cavestory (platform/adventure), Picodrive (sega genesis emulator), Spider solitaire, ScummVM (point-and-click adventure), Daedalus (N64 emulator, this is not DaedalusX64), FCEU-PSP (Nes emulator). Those are more or less the homebrews I recommended to HBL users back when HBL was big.

Missing from this video is (unfortunately) gpsp which I couldn't get to run on the Vita, while it ran fine on the PSP. What I could see is that the emulator is more sensitive than the PSP when a thread that's currently not running crashes. I think (not sure) that gpsp somehow crashes HBL.

On the PSP it usually means that once you quit gpsp, HBL crashes. On the vita it seems to crash as soon as gpsp does “something wrong” to hbl, which is roughly as soon as it loads.

I got major homebrews to work, and now I'll focus on reporting this to the EU and US version, which both need to be brought up to speed with these latest changes.

From what I could see, syscall estimation basically doesn't work (which is what JJS discovered a while ago when porting HBL to 6.60), which will limit the amount of homebrews that can be played with this exploit, but as you can see on the video, I got a few good ones to run already

A message to haters who say I'm reusing other people's work from the PSP scene and not contributing anything new: ask yourself who made it so easy to port HBL to new game exploits in the first place.



More PlayStation 3 News...