Maybe Sony are doing us a favour
- StrontiumDog
- Posts: 55
- Joined: Wed Jun 01, 2005 1:41 pm
- Location: Somewhere in the South Pacific
Maybe Sony are doing us a favour
Maybe Sony are doing us (Def: Majority of PSP users) a favour by preventing (at least easily) Homebrew development on the Majority of PSPs. (Forget V1.0 it doesnt count, they are in the vast minority, and growing).
We see in these forums a number of people telling sad stories about PSP's that are now "bricks" because the internal flash has been corrupted.
What would stop someone writing a program that for the most part did something neat, but hidden in it, at a time or after a certain amount of execution just silently went and corrupted your flash. What could you trust?
Dead PSP.
Its not like there is a "flash protect" switch you can flip to ensure this cant happen. No way to recover known to us mortals. Im sure Sony wouldnt be at all sympathetic to a homebrew developer that "bricked" their PSP.
Maybe the insecurity of the flash in the PSP, and the ability to crucify the device with malicious code is a major reason why apps are signed and encrypted. (Hey good luck cracking the RSA Private/Public key BTW.)
Sony wouldnt like lots of "bricks" in the hands of unsuspecting end users, it would be very very bad for business.
From the "controversial" and sometimes "dogmatic" mind of StrontiumDog
We see in these forums a number of people telling sad stories about PSP's that are now "bricks" because the internal flash has been corrupted.
What would stop someone writing a program that for the most part did something neat, but hidden in it, at a time or after a certain amount of execution just silently went and corrupted your flash. What could you trust?
Dead PSP.
Its not like there is a "flash protect" switch you can flip to ensure this cant happen. No way to recover known to us mortals. Im sure Sony wouldnt be at all sympathetic to a homebrew developer that "bricked" their PSP.
Maybe the insecurity of the flash in the PSP, and the ability to crucify the device with malicious code is a major reason why apps are signed and encrypted. (Hey good luck cracking the RSA Private/Public key BTW.)
Sony wouldnt like lots of "bricks" in the hands of unsuspecting end users, it would be very very bad for business.
From the "controversial" and sometimes "dogmatic" mind of StrontiumDog
Amazing. I agree completely with you on this. ;) I imagine this is one of many reasons why Sony is doing it this way.
But IMHO people who do homebrew must accept the consequences.
I consciously accept the possibility of making a brick when I flashed my PSP way back. It bricked. I cast the dice, took my chances, and accepted the result.
Every regular on this site I am quite certain approached it the same way. They knew what could happen and accepted it.
But IMHO people who do homebrew must accept the consequences.
I consciously accept the possibility of making a brick when I flashed my PSP way back. It bricked. I cast the dice, took my chances, and accepted the result.
Every regular on this site I am quite certain approached it the same way. They knew what could happen and accepted it.
- StrontiumDog
- Posts: 55
- Joined: Wed Jun 01, 2005 1:41 pm
- Location: Somewhere in the South Pacific
See im not a complete Ass. :)
I was thinking of "Joe i wanna run my GBA emu on my PSP" who unknowingly bricks his PSP running the latest cool app, cause the Homebrew community have worked out how to run it on V1.5+ and a malicious prick has made an exe to brick your PSP. I think most "serious" homebrewers would be warry of this, but for everyone else....
Maybe we could call those exe's "Brickware". :)
Maybe Sony would be best served by releasing a Homebrew Version of the Bios, wont run Signed code at all, and wont access the UMD. Then people who want to Homebrew can do so fully knowing the risks, piracy is diminished, because it wont run the signed code off of a ripped UMD anyway, and no homebrew developer need worry about trying to crack the RSA signature. Something like the old Net Yarozee. It could also be a one way street, once you go Homebrew, no going back. So if you want to play retail games, you need two PSP's. It could even possibly prevent writes to the internal flash (i just bet that sucker has a software write protect). [Sony if your listening, this is good ideas here, you could even charge for it.]
In fact if i was Sony it occurs to me writing this i would have multiple signitures for multiple purposes. Code signed for use on the UMD, code signed for use on the Stick, code signed for use over WiFi, code signed for use from internal flash. So one cant exist in a place it isnt supposed to. That would really cramp the style of UMD rippers, cause the homebrew community arent really that interested in running code from the UMD, but from the stick. (Correct me if im wrong, but whats the point of running homebrew code from a UMD?)
It would also prevent a lot of "hacking" into things Sony probably want left alone, like their RSA signatures, etc. Whats the point if you can get down and code for the thing and develop what you want, without hinderance? The only reason people are interested, is because it is a roadblock.
I was thinking of "Joe i wanna run my GBA emu on my PSP" who unknowingly bricks his PSP running the latest cool app, cause the Homebrew community have worked out how to run it on V1.5+ and a malicious prick has made an exe to brick your PSP. I think most "serious" homebrewers would be warry of this, but for everyone else....
Maybe we could call those exe's "Brickware". :)
Maybe Sony would be best served by releasing a Homebrew Version of the Bios, wont run Signed code at all, and wont access the UMD. Then people who want to Homebrew can do so fully knowing the risks, piracy is diminished, because it wont run the signed code off of a ripped UMD anyway, and no homebrew developer need worry about trying to crack the RSA signature. Something like the old Net Yarozee. It could also be a one way street, once you go Homebrew, no going back. So if you want to play retail games, you need two PSP's. It could even possibly prevent writes to the internal flash (i just bet that sucker has a software write protect). [Sony if your listening, this is good ideas here, you could even charge for it.]
In fact if i was Sony it occurs to me writing this i would have multiple signitures for multiple purposes. Code signed for use on the UMD, code signed for use on the Stick, code signed for use over WiFi, code signed for use from internal flash. So one cant exist in a place it isnt supposed to. That would really cramp the style of UMD rippers, cause the homebrew community arent really that interested in running code from the UMD, but from the stick. (Correct me if im wrong, but whats the point of running homebrew code from a UMD?)
It would also prevent a lot of "hacking" into things Sony probably want left alone, like their RSA signatures, etc. Whats the point if you can get down and code for the thing and develop what you want, without hinderance? The only reason people are interested, is because it is a roadblock.
Nice idea, except for one thing - what's in it for Sony? I assume that, like many other recent consoles, Sony lose money on the hardware but make it back from the games, so why would they want to create something which would persuade people to buy a PSP but not buy any games for it? You say that people would buy two PSPs, which is fair enough, but Sony is presumably expecting every PSP to have games bought for it, not just every second PSP.StrontiumDog wrote:Maybe Sony would be best served by releasing a Homebrew Version of the Bios, wont run Signed code at all, and wont access the UMD. Then people who want to Homebrew can do so fully knowing the risks, piracy is diminished, because it wont run the signed code off of a ripped UMD anyway, and no homebrew developer need worry about trying to crack the RSA signature. Something like the old Net Yarozee. It could also be a one way street, once you go Homebrew, no going back. So if you want to play retail games, you need two PSP's. It could even possibly prevent writes to the internal flash (i just bet that sucker has a software write protect).
Dan Jackson
Thats why PSPE would be usefull.
Hi everybody,
I dont think Sony care about homebrew... Bios 1.0 with a flaw? Good for us ! I bet somebody was fired or had bad time over there... :-)
Find another hole in the 1.5 ? May happen.
To come back to the subject,
nem warned people about such possibility of running "untrusted" code on
its on his web site quite a long time ago I think (middle of may ?)
Now, yes there is people that deliberatly want to modify their PSP for the sake of knowledge and the one who just run stuff they downloaded on the net 5 mn ago and the bad guys happy to post a code that will kill your psp.
1/ This dangerous issue is not enough well known I think.
2/ I personnally believe in running only homebrewed app where the source code is available.
3/ May be a tool like PSPE could also do some "verifier" job.
(Yeah its very tricky at static time, and you cant run/emulate a program for days to make sure the PSP will have no issue with it)
One other idea would be that all homebrew rely on an intermediate I/O PRX module that does the checking.
If PSPE/the check tool cant find this PRX but find that dangerous IO function are directly mapped, then a warning occurs.
I dont know enough about the PSP now, but would it be possible to release the main exe and a module inside the same package ?
I dont think Sony care about homebrew... Bios 1.0 with a flaw? Good for us ! I bet somebody was fired or had bad time over there... :-)
Find another hole in the 1.5 ? May happen.
To come back to the subject,
nem warned people about such possibility of running "untrusted" code on
its on his web site quite a long time ago I think (middle of may ?)
Now, yes there is people that deliberatly want to modify their PSP for the sake of knowledge and the one who just run stuff they downloaded on the net 5 mn ago and the bad guys happy to post a code that will kill your psp.
1/ This dangerous issue is not enough well known I think.
2/ I personnally believe in running only homebrewed app where the source code is available.
3/ May be a tool like PSPE could also do some "verifier" job.
(Yeah its very tricky at static time, and you cant run/emulate a program for days to make sure the PSP will have no issue with it)
One other idea would be that all homebrew rely on an intermediate I/O PRX module that does the checking.
If PSPE/the check tool cant find this PRX but find that dangerous IO function are directly mapped, then a warning occurs.
I dont know enough about the PSP now, but would it be possible to release the main exe and a module inside the same package ?
- StrontiumDog
- Posts: 55
- Joined: Wed Jun 01, 2005 1:41 pm
- Location: Somewhere in the South Pacific
at least 2 things are in it for sony
1. Stops the majority of homebrew developers worrying about trying to crack their security measures. Which if (big IF BTW) cracked would lead to massive piracy of UMD games. Guaranteed.
If people are ever able to rip games to MS, then [EDIT, Sorry about that]. How will that affect software sales for Sony? Just look at the XBox HDD Game copying Fiasco, im sure Sony wont want to see a PSP version of that scenario. (Yes i know you can do it with the PS2 as well, but the XBox is renowned for it)
I can even see how you would do it with hacked firmware. [EDIT, Sorry about that] I would place money on the fact that if the RSA signature is cracked it will take about 4 weeks for the first ripped game to MS appear in the torrents. The PSP is very vulnerable in this respect, it all rests on the quality of their signature.
2. They can sell a home brew dev kit to make up for the software sales loss. And bring out regular updates (at a fee). So they trade Game sales for "homebrew dev kit sales". Gotta buy at least one dev kit to "legally" convert your PSP to homebrew mode.
Agreed, Homebrew dev kit sales would be lower than game sales, but the price could be structured so that no actual loss is made by Sony. They could even sell a "homebrew" PSP, at full price (no hardware discount for non game playing version), which is basically the same as the retail version, but with the "homebrew" bios pre-loaded. And it wont run homebrew bios updates on regular retail PSP's. Now that would be a lot more like the Net Yarozee.
Of course this part of the thread is all speculation, and Sony wouldnt even consider anything like this until supply exceeded demand, which aint going to happen any time soon, but a media release saying its coming would make a lot of people (i think) say "what the hell, we'll stick with our V1.0's till then and not worry about the tedium of cracking the RSA stuff, and focus on somehting more personally satisfying, like writing some code."
I think the bigger question is what do they have to loose if they dont defuse the desire to crack their signature from the homebrew community.
1. Stops the majority of homebrew developers worrying about trying to crack their security measures. Which if (big IF BTW) cracked would lead to massive piracy of UMD games. Guaranteed.
If people are ever able to rip games to MS, then [EDIT, Sorry about that]. How will that affect software sales for Sony? Just look at the XBox HDD Game copying Fiasco, im sure Sony wont want to see a PSP version of that scenario. (Yes i know you can do it with the PS2 as well, but the XBox is renowned for it)
I can even see how you would do it with hacked firmware. [EDIT, Sorry about that] I would place money on the fact that if the RSA signature is cracked it will take about 4 weeks for the first ripped game to MS appear in the torrents. The PSP is very vulnerable in this respect, it all rests on the quality of their signature.
2. They can sell a home brew dev kit to make up for the software sales loss. And bring out regular updates (at a fee). So they trade Game sales for "homebrew dev kit sales". Gotta buy at least one dev kit to "legally" convert your PSP to homebrew mode.
Agreed, Homebrew dev kit sales would be lower than game sales, but the price could be structured so that no actual loss is made by Sony. They could even sell a "homebrew" PSP, at full price (no hardware discount for non game playing version), which is basically the same as the retail version, but with the "homebrew" bios pre-loaded. And it wont run homebrew bios updates on regular retail PSP's. Now that would be a lot more like the Net Yarozee.
Of course this part of the thread is all speculation, and Sony wouldnt even consider anything like this until supply exceeded demand, which aint going to happen any time soon, but a media release saying its coming would make a lot of people (i think) say "what the hell, we'll stick with our V1.0's till then and not worry about the tedium of cracking the RSA stuff, and focus on somehting more personally satisfying, like writing some code."
I think the bigger question is what do they have to loose if they dont defuse the desire to crack their signature from the homebrew community.
Last edited by StrontiumDog on Wed Jun 01, 2005 11:52 pm, edited 1 time in total.
Stront,
Look, the rules of the forums say that discussing ideas of how to rip/copy games is against the rules. Part of your last post made speculation of such. This isn't a flame, its a reminder. Please mind the rules, whether you agree with them or not.
Personally, though we had major disagreements, I have been inclined to not impede your posting. I would like to continue that.
Look, the rules of the forums say that discussing ideas of how to rip/copy games is against the rules. Part of your last post made speculation of such. This isn't a flame, its a reminder. Please mind the rules, whether you agree with them or not.
Personally, though we had major disagreements, I have been inclined to not impede your posting. I would like to continue that.
*cough* BS *cough*Danj wrote: Nice idea, except for one thing - what's in it for Sony? I assume that, like many other recent consoles, Sony lose money on the hardware
Sorry, had something in my throat.
Shoot Pixels Not People!
Makeshift Development
Makeshift Development
-
- Posts: 5
- Joined: Sun Jun 05, 2005 12:58 pm
- Contact:
homebrewing
Actually, homebrews help Sony do one thing, those who find flaws in the PSP software that make homebrewing possible make the security holes public, and thus allow Sony to patch them. Because the PSP has internet connectivity as a feature, I think its much better for Sony to have an honest homebrewing community that identifies such flaws than others who might have a malicious intent.
Anyway, so this is another reason for Sony not to release a dev version. If such a thing existed, many honest people may stop trying to identify flaws in the PSP.
A side from that though, a person really has to prove to a company that there is money in it before they'll look into marketing a product. Marketing studies need to be done, etc. Just the studies cost quite a bit of money on their own.
All that said, wouldn't it be cool if it were possible? Though I think a person has a better chance of getting a game onto the PSP as an independent developer by creating content for the PC, and then hope that it's popular enough so that a publishing company wants to put it on the PSP. But I'm no industry expert, so take my opinion for what its worth.
Aaron
Anyway, so this is another reason for Sony not to release a dev version. If such a thing existed, many honest people may stop trying to identify flaws in the PSP.
A side from that though, a person really has to prove to a company that there is money in it before they'll look into marketing a product. Marketing studies need to be done, etc. Just the studies cost quite a bit of money on their own.
All that said, wouldn't it be cool if it were possible? Though I think a person has a better chance of getting a game onto the PSP as an independent developer by creating content for the PC, and then hope that it's popular enough so that a publishing company wants to put it on the PSP. But I'm no industry expert, so take my opinion for what its worth.
Aaron
Come to think of it, has anyone tried to analyse the game-sharing function on the PSP? I was thinking, what if you could load up say the SNES emulator on a v1.00 PSP and then use game-sharing to get it running on a 1.5x PSP? Does it use the same signature check or will it "trust" the other PSP and the BSAFE trusted networking to assume the app is OK to run? Would it be possible to trick your WRT54G into taking the position of the 1.00PSP in saying Here's a nice app (SNES Emu) I want to share?StrontiumDog wrote: (...)
In fact if i was Sony it occurs to me writing this i would have multiple signitures for multiple purposes. Code signed for use on the UMD, code signed for use on the Stick, code signed for use over WiFi, (...)
I never claimed that it was TRUE, I just said that I assumed that it was. I don't think it's a bad assumption, it's been done many times in the past. If you have some solid information to the contrary then I'm sure I would stand corrected.Drakonite wrote:*cough* BS *cough*Danj wrote: Nice idea, except for one thing - what's in it for Sony? I assume that, like many other recent consoles, Sony lose money on the hardware
Sorry, had something in my throat.
Dan Jackson
Well, it is commonly accepted that the business model is predicated on losing money on the hardware, initially.Drakonite wrote:*cough* BS *cough*Danj wrote: Nice idea, except for one thing - what's in it for Sony? I assume that, like many other recent consoles, Sony lose money on the hardware
Sorry, had something in my throat.
Advances in manufacturing techniques over time would reduce the cost to manufacture the console. This can include things such as:
1. Shrinking of the chips and cleaner environment in the semiconductor manufacturing process
(more chips per wafer, less contaminants, == higher yields of chips that test "good").
2. Integrating multiple chips/functions, or removing underused ones entirely, to reduce mainboard component count.
4. Economies of scale, the more something is produced, the cheaper it can become to produce it per unit over time.
One only needs to compare the most recent generations of the ps2 (V11 and V12) with the earliest ones to see the obvious impact of this.
Then it becomes a choice for Sony, keep retail prices the same, or reduce the price to attact more buyers ? It is probably a combination of both - keep prices somewhat the same for a time to get some profit, and then as soon as competitive pressures indicate time for a change (say, Microsoft dropping the price of the xbox) then follow suit on the PS2.
Of course they will try to make profit anywhere they can. At least they should. But my understanding is that the core of the business model is still centered around reaping profits from selling the games.
And I personally don't begrudge them the right to this business model. I daresay Sony has profited a great deal off me and I have received much entertainment in return. Especially, legal homebrewing has paid great dividends in terms of knowledge as well.
I would go MAD if Sony went along the "must upgrade" route for GTA. I would be well pissed off, but to be honest, I can truly that happening.
If it does, then I wouldn't comply. I would simply stick my two fingers up at them and buy another PSP.
This way I could have the best of both worlds.
And I think the way to go for homebrew without risk is to compile everything yourself. That way I could look at the source and if anything fishy popped up, I could search here.
If it does, then I wouldn't comply. I would simply stick my two fingers up at them and buy another PSP.
This way I could have the best of both worlds.
And I think the way to go for homebrew without risk is to compile everything yourself. That way I could look at the source and if anything fishy popped up, I could search here.