Tag Archives: DRM

[PS3] GeoHot Opens All HV’s SPUs / XorLoser Preps Manual

Obviously notorious George Hotz has managed to get all 7 SPUs of the Playstation 3’s CPU under his control. This means although he cannot access the CPU’s root key, he now can decrypt everything that’s going thru these SPUs like datastreams of (encrypted) commercial games.

The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

In the meantime another hacker going under the nick XorLoser has released a more detailed manual of how to use GeoHot’s exploitation files and how to do the glitching.

Besides that XorLoser maintains a plugin for reverser’s beloved Interactive Disassembler (IDA) that contains special PPC instructions for Xbox360 and PS3.

Congratulations to GeoHot. Kudos fly out to XorLoser.


» GeoHot: On Isolated SPUs
» XorLoser: PS3 Exploit – Software
» XorLoser: PS3 Exploit – Hardware
» XorLoser: PS3 and Xbox360 IDA PlugIn
» Hex-Rays.com: IDA Pro

[PS3] GeoHot Hacks PS3’s Hypervisor Protection

Notorious iPhone hacker GeoHot has succesfully circumvented the Playstation’s security system. According to his latest blog entry, he has dumped LV0 and LV1 code, thus allowing him to (theoretically) run code on the processor, bypassing the hypervisor.

The Playstation’s hypervisor is intended to run third party software (like Yellow Dog Linux) on a virtualized level, thus maintaining system integrity and protection of the host system. Within this virtualized environment arbitrary access to certain hardware devices has been disabled, thus allowing only basic access to the graphic processing unit (GPU) for example.

GeoHot seems to have broken the chain of trust. This means he can bypass the hypervisor to directly access hardware like the GPU with his custom code. Anyway he has not released any further information or proof of his work. But hey, it is not anyone, it is GeoHot, so it seems solid.

We compiled some links for people being interested in the hypervisor protection topic.

» GeoHot: Hello hypervisor, I’m GeoHot
» WeboPedia.com: Virtualization – All About Hypervisors
» PS3News: Overview on Security architecture of the PS3
» PS2Dev Wiki: Details about hypervisor functions of the PS3 and Toshiba’s CellEB
» PS3News: A PS3 Game’s Flow of Execution; PS3’s base AIX

Massive Attack: Protection (1995)…

[e-Biz] Wallmart also Shutting down DRM Servers

The next DRM Server’s Shutdown to come

The transition is coming silenty, for Walmart it began in August 2007, when they began selling digital music free of DRM. Prior Walmart has been using the proprietary implementation WMA by Microsoft to protect music from copying. With the open letter by Steve Jobs (February 2007), that dealt with the DRM topic, the music marketing model began to shift from DRM protected music to pure MP3’s. In February 2008 Walmart ceased to offer digital music with DRM in favor of only offering pure MP3’s.

Now the transition seems almost over. Walmart now sent emails informing their DRM customers, that the DRM servers will be shut down soon – thus turning all legally bought WMA audio tracks worthless. Walmart strongly recommends to back up the protected music to normal audio CD’s:

“By backing up your songs, you will be able to access them from any personal computer. This change does not impact songs or albums purchased after Feb 2008, as those are DRM-free.”

The hassle-freeness of Legality?

Like the customers of Microsoft Music, who forced them to have the DRM servers running for the next three years and the customers of Yahoo Music, who will shut down their servers tomorrow, also Walmart’s digital music customers from the earliest days will most likely consider this the end of an argy-bargy story. We can’t imagine they would really feel pleased for having to manually convert all their legally bought audio tracks to tons of audio CDs and having to re-rip them with loss of quality.

Now what exactly was the advantage of buying music legally online vs. illegally downloading vs. buying the CD in the first place? The evolution of digital consciousness has obviously just begun to start in the heads of the music industry’s leaders.

[Games] EA Game “Spore” Ranks 1st on Pirate Bay


The new game “Spore” by Electronic Arts hasn’t got much positive news since its release. In the first place potential customers would not buy it, because of its copy protection. Electronic Arts decided to combat potential piracy by applying a new version of the SecuRom copy protection.

Technical Details of the Protection

This new version requires to activate your legally purchased copy online. That’s nothing new. Many games and software applications nowadays require online activation. The point with this SecuRom protection is: it forces the players to re-validate their activation every 10 days. Thus meaning the stand alone game would not be playable for users being not connected to the internet.

The Reaction of the (potential) Customers

In the eyes of the customers this was unacceptable. Thousands of customers reviewed “Spore” with a single star on Amazon.com:

Anyway, by investigating this “Spore” issue a little bit deeper the german Golem.de (original article here, german only) found: people really like “Spore”, but they don’t like the copy protection. Within a week “Spore” has been transferred to 500,000 computers worldwide via the well known Pirate Bay Bittorrent Tracker. “Spore” currently ranks first on Pirate Bay downloads:

EA managers must feel this is real irony. Instead of protecting their investment into a very good game, potential customers are now downloading the already cracked copy without any protection from the internet for free.

Our Comment

Although we can’t tell from reality, we expect more people would have bought this game, if the protection wouldn’t have been so annoying to the masses. Anyway the “Spore” issue is one of the best case studies for the question how DRM is recognized by potential customers. In our opinion, media industry should begin to face four basic facts:

  1. DRM only deters potential customers from buying
  2. Protections only limit legal customers, thus punishing only them!
  3. Protections will always become cracked and
  4. Every digital good is available for free on the internet

Otherwise the problem of the music industry will repeat itself for the movie industry and the gaming industry aswell. Protections will never stop people from cracking and distributing digital goods on the net, but that’s not the point here. Everything here with DRM in general is about a feeling.

If customers feel like they are taken seriously as partners of the industry and consumers of their products, it’s more likely that they buy something they feel it’s worth it. People will never feel something worth buying if the limitations are so big that getting it the illegal way is much more stressless

[e-Biz] Sony to offer Copy Protected DivX Movies online

Sony – one of the leading companies in nowadays media world – announced to offer movies for direct download. Sony Pictures and Television International (SPTI) will use the DivX codec in combination with a copy protected container. Currently it is not known in which countries this service will be established.

Wait a sec… can this really be true?

It is 2008 and movies are getting (illegally) copied thru the internet using p2p technology for the last 10 years. No copy protection, no laywer and no law suit ever stopped the majority of people from copying content.

It seems like the movie companies did not really learn their lessons by heart. We really like Sony (Pictures) a lot. Sony is the leading company behind the Bluray disc and the Playstation 3 is a console of its own kind.

But using copy protections on movies in this situation may be very risky. Consumers are willing to pay for content but we would not expect the mass of consumers to be tolerant of copy protected content that cannot be played on home DVD players but on PC only.

iTunes for example is only tolerated by the masses because it has the well known loophole that allows to create unprotected audio CDs. These audio CDs can then be re-ripped hassle free and converted to any unprotected format.

The guys behind the music portal Bleep (http://www.bleep.com) for example got that imponderability in their heads from the very beginning and therefore they are offering music as unprotected mp3’s and in lossless FLAC. There is no other music portal that we are aware of that got such a huge catalogue and offers lossless compressed music.

Concepts containing DRM (Digital Rights Management) are the past, wake up ol’ boys, kick the lawyers and invest into your company’s future.