Language Selection

English French German Italian Portuguese Spanish

Sony battles hackers over hijacked games

Filed under
Gaming

Hackers have cracked piracy protections on Sony Corp.'s PlayStation Portable in the United States, the latest chapter in the company's battle to block unauthorized game use on its new hand-held device.

The world's top maker of video game consoles rolled out a downloadable fix for the software flaw that opened the door for the latest attack by hackers, who quickly cracked the original version of the PSP shortly after its release in Japan late last year.

In their latest move, hackers have enabled PSP users to download some games from pirate Web sites onto removable memory sticks and then to insert the games to run on the PSP.

Currently available titles include "Mercury," Ubisoft's "Lumines," "Coded Arms" from Konami, Taito Corp.'s "Puzzle Bobble" and Sony's own "Intelligent License," according to gaming Web sites.

The new game duplicating trick works on the PSP's 1.5 version firmware, which serves as the PSP operating system. The PSP was released in the U.S. in March with the 1.5 version firmware.

Sony released firmware version 1.51 in May, patching the hole that made room for the hack. Upcoming game titles will require PSP users run updated firmware, a move aimed at preventing users from copying games.

Sony Computer Entertainment America said in an e-mailed statement that hacking or the operation of "homebrew" software programs may damage the PSP, and void the warranty.

The PSP boasts a high-resolution viewing screen and has been in the sights of technology enthusiasts and software programmers, who want to use it to run copies of everything from games and music to e-books to movies.

Groups of hackers are close to releasing new technology that would allow any copied game -- rather than the current, limited set -- to be played on the PSP, an editor at gaming site PS2NFO.com, who identified himself as "CJ," said in an e-mail on Tuesday.

The PSP European launch is set for September.

The world's top maker of video game consoles rolled out a downloadable fix for the software flaw that opened the door for the latest attack by hackers, who quickly cracked the original version of the PSP shortly after its release in Japan late last year.

Source.

More in Tux Machines

Australian Securities Exchange completes Red Hat migration

The Australian Securities Exchange (ASX) has completed the migration of "mission-critical" legacy applications to the Red Hat JBoss Enterprise Application Platform (JBoss EAP). ASX first deployed JBoss EAP in 2011 to modernise its legacy technologies and to facilitate the introduction of new web applications after it realised its legacy application server platform was becoming increasingly inconsistent, unstable, and expensive. After the initial ASX Online Company migration was complete in 2012, ASX used JBoss EAP to build the ASX.com API, as well as its Sharemarket Game, which gives players the opportunity to learn how the share market works. Read more

Programming/Development: GAPID 1.0 and Atom 1.23

  • Diagnose and understand your app's GPU behavior with GAPID
  • GAPID 1.0 Released As Google's Cross-Platform Vulkan Debugger
    Back in March we wrote about GAPID as a new Google-developed Vulkan debugger in its early stages. Fast forward to today, GAPID 1.0 has been released for debugging Vulkan apps/games on Linux/Windows/Android as well as OpenGL ES on Android. GAPID is short for the Graphics API Debugger and allows for analyzing rendering and performance issues with ease using its GUI interface. GAPID also allows for easily experimenting with code changes to see their rendering impact and allows for offline debugging. GAPID has its own format and capturetrace utility for capturing traces of Vulkan (or GLES on Android too) programs for replaying later on with GAPID.
  • Hackable Text Editor Atom 1.23 Adds Better Compatibility for External Git Tools
    GitHub released Atom 1.23, the monthly update of the open-source and cross-platform hackable text editor application loved by numerous developers all over the world. Including a month's worth of enhancements, Atom 1.23 comes with the ability for packages to register URI handler functions, which can be invoked whenever the user visits a URI that starts with "atom://package-name/," and a new option to hide certain commands in the command palette when registering them via "atom.commands.add." Atom 1.23 also improves the compatibility with external Git tools, as well as the performance of the editor by modifying the behavior of several APIs to no longer make callbacks more than once in a text buffer transaction. Along with Atom 1.23, GitHub also released Teletype 0.4.0, a tool that allows developers to collaborate simultaneously on multiple files.

Red Hat GNU/Linux and More

Security: VLC Bug Bounty, Avast Tools, Intel ME

  • European Commission Kicks Off Open-Source Bug Bounty
    The European Commission has announced its first-ever bug bounty program, and is calling on hackers to find vulnerabilities in VLC, a popular open-source multimedia player loaded on every workstation at the Commission. The program has kicked off with a three-week, invitation-only session, after which it will be open to the public. Rewards include a minimum of $2,000 for critical severity bugs, especially remote code execution. High severity bugs such as code execution without user intervention, will start at $750. Medium severity bugs will start at a minimum of $300; these include code execution with user intervention, high-impact crashes and infinite loops. Low-severity bugs, like information leaks, crashes and the like, will pay out starting at $100.
  • Avast launches open-source decompiler for machine code
    Keeping up with the latest malware and virus threats is a daunting task, even for industry professionals. Any device connected to the Internet is a target for being infected and abused. In order to stop attacks from happening, there needs to be an understanding of how they work so that a prevention method can be developed. To help with the reverse engineering of malware, Avast has released an open-source version of its machine-code decompiler, RetDec, that has been under development for over seven years. RetDec supports a variety of architectures aside from those used on traditional desktops including ARM, PIC32, PowerPC and MIPS.
  • Avast makes 'RetDec' machine-code decompiler open source on GitHub
    Today, popular anti-virus and security company, Avast, announces that it too is contributing to the open source community. You see, it is releasing the code for its machine-code decompiler on GitHub. Called "RetDec," the decompiler had been under development since 2011, originally by AVG -- a company Avast bought in 2016.
  • The Intel ME vulnerabilities are a big deal for some people, harmless for most
    (Note: all discussion here is based on publicly disclosed information, and I am not speaking on behalf of my employers) I wrote about the potential impact of the most recent Intel ME vulnerabilities a couple of weeks ago. The details of the vulnerability were released last week, and it's not absolutely the worst case scenario but it's still pretty bad. The short version is that one of the (signed) pieces of early bringup code for the ME reads an unsigned file from flash and parses it. Providing a malformed file could result in a buffer overflow, and a moderately complicated exploit chain could be built that allowed the ME's exploit mitigation features to be bypassed, resulting in arbitrary code execution on the ME. Getting this file into flash in the first place is the difficult bit. The ME region shouldn't be writable at OS runtime, so the most practical way for an attacker to achieve this is to physically disassemble the machine and directly reprogram it. The AMT management interface may provide a vector for a remote attacker to achieve this - for this to be possible, AMT must be enabled and provisioned and the attacker must have valid credentials[1]. Most systems don't have provisioned AMT, so most users don't have to worry about this.