Wednesday, December 29, 2010

Hackers vs Gamers

Today's 27c3 PS3 Fail keynote revealed that fail0verflow (marcan, bushing, and svpe) have acquired SONY's private key they use to sign games through a mathematical calculation. This essentially means that the PS3 has been hacked forever, something that not even Wii hackers like myself can boast. The only way SONY can fix this problem is to change their private key. If they do that, all games and software signed with it (ie: everything) stops working. SONY is not going to change their private key obviously.

This has flamed up some interesting discussion among people. What it boils down to is fans of SONY and fans of homebrew and Linux unethically fighting a debate of ethics. I'm going to generalize it even more and call it a philosophical war of gamers versus hackers. This article is an editorial on which I am going to express my opinion on the debate. If you have no interest in listening to me blow off steam and bellow out hot air, don't skip past the break for more.

Hey you made it to the other side! As a reward, you now know I'm somewhat involved in a piece of PS3 homebrew I hope is coming out very soon (like within a week ;-) ). So I'll try to ignore my obvious bias to the best of my ability as I continue.

I'm going to use a bold typeface to show you the arguments thrown by gamers and then provide my response to them. Afterward, I'll use a red bold typeface to give you my argument against gamers. Finally, I'll give you nice little conclusion on what I think it all boils down to and where this will eventually lead.

Homebrew and Linux is only a disguise for the motivation of piracy

I'm going to point you to take a peek at these slides from the PS3 Fail keynote:

As you can clearly see, no real hacks were made for the PS3 because you could run Linux on it with OtherOS and thus your own homebrew code. After SONY removed OtherOS from PS3 Slim models, geohot investigated the PS3 and used a voltage glitching tactic to dump interesting bits of information. SONY overreacted and removed OtherOS. Barely after this was done the USB "jailbreak" devices surfaced as literally hundreds of hackers from around the world attacked the PS3. Emulators, FTP clients, ports, and all other homebrew goodies sprung up overnight. And now, finally, the PS3 has been compromised for good with the discovery of it's private key.

The total time it took to hack the PS3 after OtherOS was announced as not being put on Slim models was 12 months. This is about the same time it took for the XBOX 360 to be truly hacked (though it's fixed itself with newer hardware models and firmware updates whereas SONY can't doesn't have this luxury). If the PS3 was being hacked for piracy, which was never available, it would've been hacked a long time ago.

Piracy will inevitably spring up as a side effect of the effort of honest hackers unfortunately. But the hackers who open the doors, the truly honest and actually talented hackers, never do it for piracy.

Hacking is easy so people should be responsible to not do it

Hacking is not easy and hacking is not irresponsible. On the first point, I implore you to watch the PS3 Fail keynote. As someone who's written games, Android apps, and homebrew software I promise you that hacking and writing homebrew software is the most difficult. On the second point, the argument is invalid. If I buy a game console I can do whatever I want with it. If I'm interested in learning from it and furthering my knowledge, I'm going to try to write and run software on it. If I can already run Linux on it or there's a freely available SDK I'm happy. If not, I'll try to hack it so I can write and run software on it. To not hack, would be doing myself a disservice. To hack and not share my findings would be doing a world of other people like me a disservice. That would be the true irresponsibility.

Hackers are losers

This one makes me giggle. It's usually what I see true gamers write after being beaten in argument on my previous points. The best software developers identify themselves as hackers and associate with the hacking the community regularly. Chances are, all of you gamers worth your salt look up to these people. Look at Johnathan Carmack who built hacking communities around DOOM WADs and Quake PAK files. Or look at Markus Persson who did the same thing with his indie game Minecraft. The crazier the hack or the mod, the better. The truth is, you learn more from hacking something and being forced to be creative than you do from drawing on a blank piece of paper (ie: coding a game).

Let's look at me (since I can never refuse an opportunity to gloat). I'm 17 and I've written emulation software and system utilities for the Wii that's far above the heads of people who are strictly software developers and probably even most of Nintendo and SONY's engineering staff. I jumped onto Wii homebrew because I was 15 year old kid who was bored of writing games in ALLEGRO and wanted to try writing one on the Wii. I didn't know what an emulator was. I didn't know what IDA was, and I didn't think assembler, hex, or cryptography was something I should ever have to worry about. Almost three years later, I'm respected as being one o the top Wii homebrew developers. I've learned so much that I can't even begin to tell you how grateful I am to Wii homebrew. My work has even landed me a job (though the pay sucks because I'm still a student and it barely pays for my weekly gas bill, but hey!) and will probably land me many more.


Gamers are all hypocritical

This is my shot against gamers. You say you hate all hacking yet you'll jump all over the chance to illegally download games like Mother 3 and apply an English translation patch to it. You can't resist the opportunity to use emulators to play your games in HD and use savestates. You also love to see modifications and things like texture hacks made to your favorite games (eduke engine, any PC game like Fallout: New Vegas).

Yet somehow, opening up a console for Linux and homebrew is wrong to you. I assume it's because it only interests software developers more than average users; Because you didn't buy a PS3 to play ports and emulators, you bought it to play new games; Because you can't stand thinking that the good of opening a console outweighs the potential for piracy; But above all because you think everyone else should do as you do and only use your console as you use it. Gamers are as close minded as Jodi Daughtry. Well, okay, thats a bit of an exaggeration my part. Sorry.

You can try to make distinctions, but either you as a gamer support hackers or you don't. Hackers support all forms of hacking (except for piracy usually because piracy is piracy, not hacking) and don't make distinctions.

My Conclusion

Gamers are a dieing breed. Sorry, but you are. Already you support hackers and hacking but you just don't know it yet. As this continues, I predict seeing game console manufacturers opening up their consoles to more people in the future.

I would argue that XNA on the XBOX 360 has prevented much more hacking from being done on it. Apple and iOS were not so lucky because they still limited their SDK and kept their hardware locked down too much. On the contrary, Google's Android Platform is completely open and encourages experienced users to root their Android devices to play with them even more. There's piracy in the market only because Android has no real app security system so you can just give your purchased content to all your friends with a ctrl-c and a ctrl-v. Piracy in the Android market is done out of greed, not because of hackers.

It's plain as day to see: Open up your consoles from the start and they won't get hacked which won't lead to piracy. Or close them as tightly as you can and they will inevitably get hacked which will spur piracy as a side effect from it. Hackers are harmless, pirates are a real threatening problem.


Now since you read through this and you made it to the end (at least I'm hoping you didn't skim) you get an extension to your first reward for bearing with me. A video is on youtube and getting quite a bit of buzz on the PS3 software I'm working on and hope to initially release very soon. As a disclaimer though I should mention that I'm not the main dev, nor am I particularly heavily involved in the development, but it would certainly not exist without me. Furthermore, I've been helping out the dev of it on IRC for awhile and I believe I've impacted it's development quite a bit ;-) Stay tuned.

39 comments:

  1. Great find! Now I need to get a PS3

    ReplyDelete
  2. Now that the PS3 has been fully hacked, I may just be buying one.

    Strange how that works eh?

    ReplyDelete
  3. most of the people are only interessed on piracy. The 1 millon homebrew channels installed around the world is because in the new wiis, modchips are useless. It's good for homebrewers because it help their develop expand easily like wiimc or emulators. It's easy for new users to just copy homebrew to sd and enjoy. So, hacking is good for homebrew but has the risk of the piracy.

    ReplyDelete
  4. I prefer the term "side effect" as the people who originally open consoles dont approve piracy, its the people who follow in their footsteps who open up piracy.

    Another point I neglected to mention, if SONY makes the PS4 backwards compatible with PS3 games we'll have some form of homebrew available from the get-go. So it will be interesting to see what they do.

    And I also dont have a PS3 yet, unfortunately.

    ReplyDelete
  5. I almost feel bad for Sony. Almost.

    I agree with a lot of your points, but I do have a slight problem with your reasoning. You say that creating an already open console will prevent pirating and encourage homebrew, but I can't honestly see this being the case. It's true that pirating may just be the ugly biproduct of hacking, but it's so popular because people want free stuff. Just because it's made easier from the start doesn't mean it will be reduced. In fact to me it suggests the opposite.

    Not that I disagree with you. I think it would be great if the gaming companies would make their consoles accessible from the start.

    ReplyDelete
  6. I dont believe I ever said it would prevent piracy. My overarching point I was trying to stress was that it wasn't hacked for piracy, it was hacked for homebrew. Piracy will be an inevitable side effect once people re-perform fail0verflows work. Of course, it already existed long before this.

    ReplyDelete
  7. Yeah, Sony went about it all wrong. First they appeased the hackers with OtherOS but then the slim came out and hackers were skeptical about the removal of OtherOS. When it was removed from all PS3s then the hackers were pissed off, so basically they screwed themselves on that one. Having the system open to homebrew (or linux) definitely prevented the PS3 from being hacked 4 years ago. Since there weren't really any hackers trying to crack the PS3, there was no piracy as the side-effect.

    ReplyDelete
  8. Please try harder to resist the urge to gloat in the future, especially since you don't much to gloat about. Most of your "work" consists of recompiling other people's apps then slapping your name on as author and spamming your chip-in account. The only people who respect you are the noobs who see your name everywhere but aren't smart enough to see that you're just taking credit for other people's work.

    ReplyDelete
  9. I'd love to see you provide examples. If you're referring to that I tend to port code than I guess writing libogcs balance board driver, DOP-Mii, having some of my work on DeSmuME committed to its SVN, and writing a large chunk of libwiisprite isn't original work. Furthermore, every port needs an original front end and in the case of things like ALLEGRO and DeSmuME a ton of original PowerPC code to strengthen the backend drivers. Even though it works like ALLEGRO/DeSmuME/etc. it ends up being about 40% your own by the time you're done. If you think it's so easy, then do it yourself. But I don't believe you were calling me out for doing ports, you seem to be calling me out for stealing other people's Wii work which I've never done.

    ReplyDelete
  10. My lengthy reply (using wiidoom as an example) seems to have mysteriously disappeared and I don't feel like typing it all out again using my cellphone. The TL;DR version: get over yourself, you're just an average programmer rather than a hacker. If you disagree show me a single exploit or even a piece of assembly code in anything you've written.

    ReplyDelete
  11. I never got a reply although I monitored these comments closely. It must not have gone through?

    For WiiDOOM though I've done a _ton_ of work on it. I've fixed it's WAD loading code so it doesnt crash running the shareware WAD, added support for Classic and GC controllers, written a custom USB driver for it, and with Mr. Peanut got background music working on it. Putting the link to my ChipIn was done so with permission. If you look at my projects like ALLEGRO for Wii the link isn't there because not all of the developers on the project have agreed to let it be there.

    If you want to see my assembly look in DeSmuME Wii where I've worked on implementing single paired instructions for floating point calculations and optimizing the ARM to PowerPC interpreter for Wii; Read the PowerPC backend for ALLEGRO I worked on optimizing; Read libogc's implementation of the balance board which I originally wrote (though you won't find too much assembler in this one), or if you want to go on an even lower level than assembler read through my endianness calculations on any port I've done (Hexen, Heretic, Strife, RealityBoy, etc.).

    Oh, and it might interest you that I've written tons of shit on exploiting game software if you peek through the WiiBrew Forums. I'd like to write a comprehensive guide to doing it that goes through disassembling an ISO, disassembling the main.dol in IDA, running megazigs tools on the disassembly, reversing the checksum using the information returned from them, and then finally decrypting and exploiting the save file which ends with the release of a new exploit. I've even got the game picked out that I'd like to do this to. But unfortunately I'd need to finish off more of my projects first so that I have the time and so that I don't look anymore like a slacking dev than I already do.

    ReplyDelete
  12. Hexen/Heretic: Was it a huge coincidence that you managed to make these games work a day after Hermes released his own port with source code?

    Exploits: WHERE? Give me one link to an example of a game you've exploited using an original hole discovered by yourself. Anyone with minimal skill can look at disassembly and make an ocarina code or memory patch, try doing that with no existing loaders/launchers to help you, similar to how the twilight hack or indiana pwns get executed.

    ReplyDelete
  13. Fuck it, blog fails. Full comment: http://pastie.org/1424055

    ReplyDelete
  14. Hexen/Heretic: Coincidence? Nope. I'd been working on these games for over a month publicly. You can check my blog or the WiiBrew Forums. Hermes actually mentioned me in his release of Hexen as being his inspiration (on eltorado) to beat me to finishing it. That kind of pissed me off so I got myself in gear and did Heretic before he could and then finished Hexen I was working on. Regarding Hexen, I also got the expansion packs working on the first release which he still has not done. Both of the ports are entirely original, check the source. The only similarity is that we use a GX wrapper called screenlib for rendering but I was doing this before his release.

    I have links on information I've written about how exploits are found and work. I havent release any exploits publicly myself but I could. megazig and I worked together on exploiting Metroid Prime Trilogy. The savedata is full of strings begging to be overflown. megazig really taught me everything I know. I also worked on Silent Hill Shattered Memories which also has an exploitable save file. But I've never mentioned this publicly before for obvious reasons. As said before, one day, I would like to write a full guide culminating with the release of a new exploit. It's not a matter of talent, its a matter of time.

    ReplyDelete
  15. I responded before I saw the pastie. I'll read it and comment again.

    ReplyDelete
  16. Alright here we go: DeSmuME Wii: I'm glad you think highly enough of me to think that I'm online 24/7 and always able to talk to dancingninja at every moment. Dancingninja is allowed to ask other people for help. I dont why you have such a problem with it. I'm not wasting my time barrelling through SVN revisions. We're not even working in the SVN anymore because we're mutually sick of getting in the news everytime we commit.

    ALLEGRO Wii: My work is in the initial import. Also, replacing the original authors name was done because it shouldnt have been there. The original author has none of his code in the files clearly marked as only having Wii specific code in them. Copying over his name was something I forgot to change when copying over the licensing information used elsewhere. Obviously Im not as obsessed with myself as you think I am.

    libogc: I'm not allowed to commit to the SVN but that doesnt mean I didnt write it. You're welcome to confirm this with anyone you wish, I don't care. Regarding the LED bug it only stumped me becasue 1) I didnt expereince it myself and 2)I dont pour over each line changed in every libogc release. I dont have the time for that.

    enddianness is a applied on a level lower than assembly. I agree it's trivial but hey, since you're being so ambiguous to me and fighting over the littlest stupidest things, then why shouldn't I do the same?

    Lastly who are you? You sound like someone I burned a long time ago who's had a chip on his shoulder ever since. Linkinworm maybe?

    ReplyDelete
  17. A few extra points worth aknowledging:

    1)You were right about "paired single" as opposed to "single paired" theres no comment editing and I dont have enough time to proofread.

    2)Just because someone else commits to an SVN doesnt mean my work isnt included in the commit. We all collaborate on IRC and swap pasties and zips between us. Often, I'll send people things, they'll review, finish if necessary, and then commit by the time I wake up. I'm not a credit whore and really dont care who commits what, obviously. But I can promise you that only very rarely does anyone ever make a commit they did by themselves.

    3)You're the most obsessed with me of any person I've ever seen before. Thanks.

    4)More PowerPC work from yours truly: http://www.youtube.com/watch?v=TS5grrue2-U It's a port of desmume wii I've spent working on the last week with the author. The PS3's 64 bit powerpc is an interesting beast that can become pretty powerful when used correctly. I wasnt going to reveal my involvement in this until the release in a week or two because I hate having too much publicity and doubt I'll put much time into this after its out, but you kind of annoy me and no one else reads these comments except you :3

    ReplyDelete
  18. I checked the "initial import" code in your allegro-wii under src/ppc (you did say the powerpc backend), it's the same as the code in allegro's SVN on sourceforge which hasn't changed in 5 years. Great work.
    Doesn't surprise me at all that your "exploits" were a combined work with Megazig. Is he aware of you taking credit for them when I specifically asked for an example of something you'd created yourself?
    Who I am isn't important. I've been watching your ego swell to something akin to geohot's level of self-importance for a while and decided maybe you could use a reality check. Looks like I've failed though.
    2) Not a credit whore, lolol. Don't let the "news" people hear you.
    3) I just check your claims rather than blindly believing them. You're not scoring well so far.
    4) Oh look, more work that I can't review the source code of to see if you're just bullshitting. You weren't going to reveal your involvement, yet you did anyway - nah, that's not credit whore behaviour at all.

    ReplyDelete
  19. ALLEGRO: Uhm, you must have been looking in the wrong place? I had to change a fair bit to get it to work. The Wii doesn't support altivec for instance.

    Exploits: My second one is original and sure megazig and I talk all the time we're good friends. I'm not attempting to take credit for anything. My point in bringing it up is simply that I actually do know what I'm talking about.

    Thanks for the geohot bashing and I always appreciate criticism. If I didnt want it I would just be deleting comments or ignoring it (like geohot).

    2) I try my best.

    3) I'm not sure how you're checking claims but I'd say I've got a perfect score if ALLEGRO is the best you got (And I still say you're wrong on with it)

    4) Well it'll be out soon and then you can. And I think it's worth revealing to further discussion.

    I think it is important who you are as someone with your free time and surveillance of me is someone I know. I'd like to know who because I'm sure I can pick on you even worse than you're attempting to pick on me.

    I'm also wondering why you're still bothering? If your point was just to give me a "reality check" and you truly cared you wouldn't be acting like such an asshole by attacking my comments and you would probably be doing a far better job at it than using baseless claims based around selfish notions of credit. I'm anything but selfish or a credit whore kiddo, if I was I wouldn't have done even half the things I have done.

    ReplyDelete
  20. I think you should both know that it's impossible to steal or take credit for something that's open source. Once it's out there, it's out there to be improved and studied by anyone who wishes. I've tipped Arikado a few bucks in the past because with WiiDOOM he improved it a lot a long time after the original developers gave up on it and he continues to do so. I've also gave him money because he works hard, shares his knowledge with others, and strikes me as a nice kid going to college who could use it. I don't know what you're problem is with him but I'd say I agree with most of what he's said. He may like to gloat a little bit but he deserves to. It's not like he does it all the time. Just my two cents to ya both. Take it or leave it.

    ReplyDelete
  21. I'm just butthurt jelly faggot. Sorry for btohering you (:

    ReplyDelete
  22. Anon dude, I have no problem seeing Arikados chipin on what he works on. He does good work and improves things a lot. He picked up doom after over almost of year of it being dead and really cleaned it up a lot he deserves to be able to put it there. Hexen heretic allegro desmume everything else he does is original and he always gives credit where its due to people he works on it with. Even if he didnt I wouldnt care because he does good work and i enjoy his work. Your only valid argument is that hes not as good as someone in twiizers like marcan but raelly who cares?? marcan and them just do exploits and i think arikados software takes a different kind of talent. So Arikado dont waste any more time on this guy and get back to desmume. Im still waiting for the next big speedup from you ;)

    ReplyDelete
  23. I think the anonymous guy has some points. I am kinda casually interested in the Allegro thing. But really it doesnt matter. As said before Arikado does do great work and has contributed a lot to the homebrew scene. Sure Twiizers and them opened up and started Wii homebrew but Arikado filled the open platform with a lot of great software and I'm sure there's much more to come. Maybe he is a little edgey and credity, but what 17 year old kid isn't? I think a lot more of it is excitement and thrill of success than ego. I think geohot, comex, and chpwn are all far worse. chpwn especially has far less talent than Arikado and makes thousands of dollars a month for selling his work. I'm not saying you dont have valid points anonymous, but I am saying you're a serious extremist. I look forward to seeing what you come up with next Arikado

    ReplyDelete
  24. Btw, you probably shouldnt have put the NDS3 thing out there. Kind of a rookie mistake but I see why you did it. Might want to consider pulling that comment since we all know how much you hate press ;-)

    ReplyDelete
  25. You guys are both stupid and fighting over nothing. Get off the comments and into the IDE. Keep up the good work Arikado.

    ReplyDelete
  26. Why are bitchin at Kado over stupid little shit? Who are you and what the fuck have you done for Wii homebrew? Whats that, nothing? Exactly. Eat shit mother fucker. And get back to work Arikado :D

    ReplyDelete
  27. Arikado, let me provide you with a litte advise.
    You don't have to argue with someone who is hiding his identity to criticize you. Dont you think that you deserve to know who your critic is?

    Anyone who hide their identiy is a coward and dont deserve to have a conversation with you.

    Keep up your good work.

    ReplyDelete
  28. I checked out the PowerPC side of Allegro myself and Arikado's changes are in fact quite significant as he claims. Obvious troll is obvious.

    ReplyDelete
  29. Earlier in the comments you said if the PS4 was backwards compatible with the PS3, we'd have homebrew as soon as its released: Not necessarily. Didn't work like that with the DSi and DS flashcarts. I see no reason Sony couldn't add a PS3 whitelist to the PS4, perhaps even later firmwares for the PS3, to prevent unauthorised code running sadly :(

    ReplyDelete
  30. Not really SifJar. The DS flashcarts didn't work do to changes in the DSi's hardware. Later DSi were beaten by firmware updates for awhile but afaik the flashcarts are on top now. The PS3 exploit is solely a software one. I don't know what you mean by "white list" but if SONY changes their private key then games stop working. Granted, if we did achieve PS4 homebrew through this we might have limited PS4 hardware access since it would probably be running in a "PS3 Mode" but I don't see any reason why it couldn't happen.

    And thanks to everyone else who wrote in :)

    ReplyDelete
  31. Kojito: Can you point out the PPC source files that were modified, since Arikado won't oblige?

    ReplyDelete
  32. Arikado: By a "white list" I meant a list of all software officially allowed to run in a PS3 mode of the PS4. Exact game IDs, hashes, checksums, filesizes etc. so that ONLY those games could run. Then it wouldn't matter if you did sign a homebrew, it wouldn't be on the list, so it wouldn't run.

    ReplyDelete
  33. Oh, I understand. Yes, a very good point. I guess we'll have to see how it plays out but you could very well be right.

    ReplyDelete
  34. A blacklist would be more efficient and easier to update however. White lists bloat real quick.

    ReplyDelete
  35. Also Arikado, I've seen your work, and I have to say I'm impressed with what you've done.

    ReplyDelete
  36. Antidote: maybe you can point me to some of the alleged assembly code or exploits that Arikado has written that everyone is so impressed with? Everyone seems eager to defend him, but nobody is willing to link a single shred of evidence to back up his claims of being a 1337 h4xx0r.

    ReplyDelete
  37. Anonymous please stop trolling or I'm bound to just close comments here. You've already been given your answer. First, as pointed out by many people, I'm clearly not marcan/bushing/sven. No one else is either so who cares?

    Having said that it's absolutely ridiculous to suggest that someone who's worked on low level libraries and emulators knows nothing about assembly (btw, I never brought up that I do PIC projects in assembly as a hobby; I'm even taking a class on it for the second semester which should be a breeze). Your insistence for proof in source code is something I'm going to ignore because I don't have time nor do I think you're important enough to spend the time on going through hundreds of revisions and sending you diffs. Furthermore as I pointed out before I'm not always the one who commits all the work I've done so there would be a lot of work that I've done that I can't prove and I'm not going to bother going after written consent from other devs either. I have better things to do.

    It's equally ridiculous to suggest that someone who's spent the last three years working in Wii homebrew and with DOP-Mii reverse engineering system files wouldn't know how an exploit works. If you've read anything I've written on the subject I clearly do and have even reversed checksums to decrypt savedata to find vulnerabilities. As stated before I have never gone public with any releases of this because a)I have better things to do then finish exploits (others I've passed the vulnerabilities and checksums onto others like Treeki can finish this if they like) and b)There are already many exploits and new ones should be saved incase Ninty starts patchin' away.

    I really couldn't care less if you don't believe my claims nor do I care to spend anymore time responding to you. I already know you're going to whine "yeah but you didnt give me even one link so you must be lieing!!!!!12" and again I just don't care. I'm sorry my popularity upsets you so much but I'm sure that if you spent a little over a thousand combined hours over the last three years working on Wii homebrew and releasing and maintaining over twenty different projects and responding to each and every e-mail and message you get that people would probably care about and send you money too. This isn't my alleged "ego" talking it's my watch. I'm sure you have one too and that you also have better things you should be doing.

    ReplyDelete
  38. Anon, I'm not going to provide a sample of his code that impressed me because it simply because it's not important, whats important is that you stop being such a troll and leave this poor kid alone.

    ReplyDelete