Among hackers and modders, Sony’s PSP is a favourite for its hack-ability. Depending on one’s knowledge, the portable console can be altered to play custom games and programs (homebrews) as well as pirated games. Taking all it’s learned from the weaknesses of the PSP, Sony developed the PS Vita with safeguards against such hacks and mods. But recently, a hacker in Japan has utilized a security hole to hack into the Vita and successfully run his own custom program, much to Sony’s chagrin. The hacker known as “Wololo” recently talked with Kotaku about the Vita’s security.
A software programmer in Japan and four-year veteran hacker, Wololo is in fact not Japanese, but French. Beginning in 2007 with the PSP, Wololo created his homebrew card game “Wagic” that ran utilising a security exploit in the console. He described his reasons for hacking as the enjoyment of exploring and experimenting.
“Mostly, it’s for the excitement of making the device do something it wasn’t supposed to do initially,” Wololo told Kotaku via email. “The rush of adrenaline you get when the screen finally displays a “hello world”, especially after hundreds of hours of failed attempts or experiments.”
In regards to the recent developments with the PS Vita security hole and his work on the homebrew program, Wololo elaborated that the weakness was not in the Vita’s system, but rather, in the PSP emulator. This exploit was discovered by another hacker, “Teck4” who worked with Wololo in testing the exploit and homebrew programs. The hacking process utilises a common “buffer overflow” vulnerability found in many PSP games that allows them to run programs inside the emulator, but is not “a real Vita exploit.”
According to Wololo, “The Vita exploit, in essence, is nothing more than the same recipe applied to the PSP emulator, this is why it was so ‘easy’ to put in place.”
Shortly after the exploit was announced, the downloadable game with the security hole was removed from the PlayStation Store. This course of action was seen as both understandable, and perhaps paranoid on Sony’s part. Wololo explained that he had only announced on his blog what the title of the game was, and not the details, and yet Sony had acted almost immediately.
“I didn’t realise I have a reputation high enough that Sony is ready to remove a full game and lose money on this,” he said. “It was a dangerous move on their side, I could have been bluffing the entire time.”
Wololo stated that Sony’s immediate removal of the game, as well as the counter-piracy measures that were implemented in the development of the Vita seemed a little “over the top” and restrictive, especially for legitimate users. “In particular,” Wololo explained, “the PC specific software (CMA) required to copy content from and to the vita is way too restrictive and intrusive — it requires people to be constantly connected to the internet when the copy files.”
Most of the measures put in place by Sony, are to counteract piracy. Wololo made the distinction between hacking and piracy and stated that much like Sony, he does not agree with piracy, and even showed empathy to Sony for wanting to protect their product. But he reiterated his disappointment in the fact that Sony’s anti-piracy measures could dishearten honest customers more that pirates.
“The best example I can give is my constant issues with DVDs on the PS3,” he said. “The Japanese version of the PS3 does not support PAL playback.
“The DVDs I bought in France do not work on the PS3, not because of a hardware limitation, but because of software locks,” he continued. “That kind of thing really annoys me because Sony makes it easier for me to pirate a movie than to watch one I legally purchased. Lots of those DVDs are cartoons for my son. I would love him to learn a bit of French by watching French cartoons, but he can’t, because the PS3 refuses to play them.”
Despite his disapproval of Sony’s security tactics, Wololo expressed genuine enthusiasm for the Vita as a product, and stated that he looks forward to continue tinkering with it. As for fear of repercussions from Sony, Wololo stated, “Sony never contacted me about my work, so for now I’m not worried. I really believe I’m a small fish for Sony.
“Of course if I ever felt what I am doing is illegal, I would probably stop,” he added. “Although sometimes what ‘feels fair’ and ‘what’s legal’ seem so disconnected.”