stating the obvious

[imk]

i upgraded my psp to 1.51 awhile ago and now i'm kinda pissed... but it got me thinking for the exploits... they upgraded from 1.0 to 1.5 to fix the exploits in 1.0... then they upgraded to 1.51 for "security fixes"... which fixed the use of the homebrew on 1.50 with the new release... but now they have 1.52 with more "security fixes"... so that must mean that sony themselves have possibly discovered a hole in 1.51 and patched it... so im going to assume that there is still a way to exploit 1.51... its just not been found yet...

as i said, just stating the obvious... and hoping :)

[Guest]

There is a more obvious thing to state:

Every release still has bugs. Some of them may even be security related. A future firmware will be released to fix some or all of the known bugs. Some bugs may have to wait for even later firmware releases due to time, cost, and priority.

There is the potential for bugs in any release that are exploitable. There may even be bugs that might even never be able to be fixed, though that is unlikely.

The beauty of an updatable firmware, and an architecture that encourages or strongarms updates, is that many things can be fixed, and inconvenient problems can be made to disappear over time. Finally, notice how Sony is now well ahead of the curve on new updates vs. hacked updates. If each one is fixing internally known or probable security problems, Sony may well maintain a healthy lead with respect to the exploit hackers.

[adresd]

One more reason to have grabbed a first release of sony kit and NEVER upgrade it..

you want to play games, buy another PSP :)

[djboo]

a simple way to find the differences would be to dif the updates, see whats different, so u can see what fixes have been implimented.

ok, so the updates are gonna be encrypted, and youve got all the UMD music stuff in the way too, so really, until 1.52 is cracked too (so we can get a firmware dump) thats kind of a dead end.

really as more and more updates come along from sony, the later versions are looking like bios downgrades will be required...and nothing pretty like software hacks, we're talking down and dirty opening the beast up and bios replacements/mod chip installs.

[Klendathu]

even more obvious than that is the fact that even after 10 years sony is still vulnerable by swapping something really fast. I wonder if this is some result from faulty securtity-check preconceptions.

[Polymira]

The only way I see a "bug" or hole in the software for an exploit to never be able to be fixed, would be if it were found in a game... I don't see them re-releasing a game because a buffer underun was found or something...

[sq377]

I don't see them re-releasing a game because a buffer underun was found or something...

Depends on WHO released the game. If it's sony, i could easily see them do it.

[jimparis]

The only way I see a "bug" or hole in the software for an exploit to never be able to be fixed, would be if it were found in a game... I don't see them re-releasing a game because a buffer underun was found or something...

If you exploit a bug in a game via a corrupted save, they could always modify the PSP firmware to check the savegames more strictly before loading the game.

[Agoln]

Every release still has bugs. Some of them may even be security related. A future firmware will be released to fix some or all of the known bugs. Some bugs may have to wait for even later firmware releases due to time, cost, and priority.

Don't forget the bugs that companies introduce with firmware upgrades. Maybe there is a hack in 1.51 that is not in 1.5, which got patched with 1.52. Or is that only M$ that doesn't test their patches? I dont know......

[greycellgreen]

The exploitable Xbox games, Splinter Cell, Mech Assault, and whatever 007 game it was, were all re-released with the savegame buffer overrun exploit closed. (Usually as new `greatest hits' editions, or whatever the Xbox equivilent is.)

[Drakonite]

I don't see them re-releasing a game because a buffer underun was found or something...

Games are re-released all the time, they just don't make a big show about it.

For example, Zelda: OoT had 3 version IIRC, and I'm not talking about the "limited edition" gold cart -- they were modified versions of the game to fix bugs and/or remove certain things from the game.

[Polymira]

Actually, the xbox titles found to have buffer overflows never were patched....

I own the greatest hits ver of 007 that I use for softmodding, and if you look around on forums.xbox-scene.com you will see that any release of all these games still are exploitable...

And I do realize that some games were re-released, but not to prevent exploits, but more like lockups when doing so and so and some certain place, graphic glitches, etc. Things that affect the masses, not a small scene.

Besides, if a game is written by a 3rd party company, does Sony have the right to either modify the code and re-release it? Or force the 3rd party company / publisher to do so?

I doubt it. If you were some 3rd part company, and someone found a hole, would you comply?

And the funny thing is, the ONE "exploitable" game for the Cube (Phantasy Stat Online 1 & 2) wasn't fixed, they just quit selling it. lol

[Guest]

Besides, if a game is written by a 3rd party company, does Sony have the right to either modify the code and re-release it? Or force the 3rd party company / publisher to do so?

It was my understanding that Sony has stringent quality checklists that games must follow in order to be published by anyone. I am sure, also, that they can prevent a game from being published, no matter who is the publisher.

I doubt it. If you were some 3rd part company, and someone found a hole, would you comply?

Yes, if I cared to have my game published.

[cheriff]

Hmm, it actually seems that these kind of mistakes are good for buisness.
How many people bought 007 purely for softmodding?
How many here bought puzzlebobble (or whatever) only for debug info?

Whilst i don't believe it's done intentionally, provided sony (or MS...) doesn't come down too hard on the company, the side effects could be quite nice.

[Nick Fury]

Yes, if I cared to have my game published.

From a business standpoint Sony can't really stop them from publishing a game. But thats beside the point and I really dont give a shit. I'm not trying to start shit with my first post on this board.

I, like imk (who posted first in this thread), upgraded my psp to 1.51 so it is important to me that an exploit be found. Not to play with goofy emulators. I'm in this for the sake of tinkering with the machine.

I would like to know what tools are and can be used for working out an exploit for the 1.51 firmware since it is available on the internet. What tools do the experts and developers reccomend for comparing the 1.51 code to the 1.52 code?

I've played with PBP Unpacker and frhed to just look at the hex but most of it seems to be gibberish to me.

[mrbrown]

It was my understanding that Sony has stringent quality checklists that games must follow in order to be published by anyone. I am sure, also, that they can prevent a game from being published, no matter who is the publisher.

Not necessarily. Without going into specifics, let's just say that Sony will pass games that break TRCs, sometimes critical TRCs. I would guess it depends on the amount of influence the publisher has. It could have something to do with projected sales of the title also.

[mrbrown]

Or it could just be sloppiness :). Even Sony has shipped titles with full debug symbols, after they made a TRC prohibiting symbols.

[byg]

From a business standpoint Sony can't really stop them from publishing a game.

Er, I thought every game has to be licensed and approved by Sony and submitted for review before _Sony_ go gold with the UMDs? If there is something they don't like they won't approve it for release.

[Arjan]

Er, I thought every game has to be licensed and approved by Sony and submitted for review before _Sony_ go gold with the UMDs? If there is something they don't like they won't approve it for release.

That's how it *usually* works, but it seems Sony doesn't have full control over what's being published on UMD's (certain pr0n movies being released without Sony's approval), at least, that's what they're saying. I don't know who's responsible for creating those UMD's though.. small chance those publishers are creating them by themselves.

Oh yeah, if you *really* want to, you can publish games for PS2. Remember stuff like HDLoader and Action Replay, not approved by Sony. HDLoader folks were forced to stop selling though. Would be cool to see a publisher actually releasing a non-licensed game, just to know how Sony would react and who'll win in court :)

[Drakonite]

Sony announced they were licensing out the technology for producing Video UMDs, which means there are other companies capable of making Video UMDs, which by extension means Sony can't stop a porn UMD from being released.

That being said, I doubt Sony has any desire to stop the sale of a porn UMD if they could. If you are developing a media distribution format you want to be nice with the porn industry since historically they've had a huge impact on emerging media distribution technology being accepted or not.

But I'm digressing... Sony did not license out the Game UMD, which means they do have full control over what is being published as a Game UMD, not to mention the licensing required for games to run on their system (unlicensed media has nothing to do with this subject). If Sony wanted to they could come down on publishers/developers and require changes to fix TRC violations, whether or not they will is another question.

[Guest]

And with respect to the pr0n UMD's, there is one overriding issue: Japan.

Quite simply, it is so much a non-issue in Japan. Heck, its quite likely people will buy them and watch them on the subways next to the guys reading the pr0n magazines in full view of everyone else.

Only in the US would any of that raise eyebrows.

[Guest]

Not necessarily. Without going into specifics, let's just say that Sony will pass games that break TRCs, sometimes critical TRCs. I would guess it depends on the amount of influence the publisher has. It could have something to do with projected sales of the title also.

Ahh, I figured and hoped someone would present the practical reality side of the situation. Makes sense really. I could even probably think of a few possible games. ;)

[rinco]

Only in the US would any of that raise eyebrows.

The last time I saw someone 'reading' porn in public I was at LAX. But
yeah, it raised my eyebrow (and only my eyebrow).

[Polymira]

"It was my understanding that Sony has stringent quality checklists that games must follow in order to be published by anyone. I am sure, also, that they can prevent a game from being published, no matter who is the publisher."

Yeah, but once the game is gold, public, and on store shelves in 27 countries, do you believe that sony would have the right for a recall or re-release? No.

[byg]

Yeah, but once the game is gold, public, and on store shelves in 27 countries, do you believe that sony would have the right for a recall or re-release? No.

The game is not recalled (unless the situation is serious enough). What happens is that the issue will be fixed on the next printing of UMDs. This has happened for many games in the past for various reasons. A couple of high-profile cases off the top of my head are Hitman 2 (changed for religious reasons I believe), and also I think there was something about The Guy Game being recalled due to a lawsuit.

This is like flogging a dead horse....