Sony Asks for Restraining Order Over PS3 Hack

Sony Computer Entertainment has launched legal action against five hackers who recently released a set of tools that allows illegally copied games to run on the PlayStation 3 game console.

The group, called fail0verflow, gave a presentation at a hacker conference in Berlin in late December, saying they had figured out a way to bypass Sony's "technical protection measures" (TPMs) that stop unauthorized code from running on the system, included pirated games.

On Tuesday, Sony filed a lawsuit against the group and asked for temporary restraining order to block distribution of the tools. The company filed suit in U.S. District Court for the Northern District of California, naming defendants George Hotz of Cambridge, Massachusetts; Hector Martin Cantero of Samano, Spain; Sven Peter of Hungary and two others, one identified as "Segher," who resides in the Netherlands, and "Bushing" who lives in San Francisco.

Fail0ver has written on Twitter that its aim was to "be able to run Linux with dual-boot into GameOS, without 3D restrictions, on every PS3 currently out there" rather than encourage the piracy of games.

But Sony says the tools are in violation of U.S. copyright law, including the Digital Millennium Copyright Act and the Computer Fraud and Abuse Act. Already, "pirated games are being packaged and distributed with these circumvention devices," Sony wrote in its filing for a temporary restraining order, which Hotz posted on his website.

Fail0ver's programs -- called Metldr Keys, dePKG Firmware Decrypter, 3.55 6 Firmware Jailbreak code and Signing Tool -- compromise access control, encryption and digital signature protections that are enabled in the PS3, Sony wrote.

Files that are authorized to run on the PS3 have a unique digital signature, which is generated from a pair of electronic keys. The PS3 verifies the signature -- which is not present on pirated games -- using one of the keys, which is encrypted and embedded the system. The other key is held by Sony.

Hotz compromised the root keys, also called the Metldr Keys, which are used to authenticate code, according to Sony. "With access to this particular level, one can control crucial functions and operations of the PS3 system and execute code that will enable pirated games to run," Sony wrote.

Using the tools, a hacker could simply burn a game to a Blu-Ray disc and then run it on the PS3 successfully.

Efforts to reach Hotz through an e-mail address listed on his website were unsuccessful Wednesday morning.

Fail0ver's hack is reprisal against Sony for removing a much-loved feature in former versions of the PS3 that allowed users to install a different operating system, including Linux distributions such as Debian, Fedora, OpenSUSE and Ubuntu.

Sony issued a firmware update in April that removed that ability, saying the change was needed to enhance the security of the PS3. Users complained that the feature was one of the reasons why they purchased a PS3.

Sony has sold more than 41 million PS3 gaming systems since its release in November 2006.

Send news tips and comments to jeremy_kirk@idg.com

Subscribe to the Security Watch Newsletter

Comments