By Paul Rubens





Hackers break into Sony's PSP to install their own "homebrew" apps

Sony sells its PSP with built-in software, known as firmware, which controls how the console operates.

The firmware locks many of the PSP's capabilities, preventing enthusiasts from writing their own programs, known as homebrew, and running them on the machine.

It also limits its ability to play some films which are not bought on special Sony PSP disks.

But last month three hacker teams - Noobz, Team C+D, and a group led by PSP hacker Dark Alex - co-ordinating their efforts over the internet, found a flaw in the most recently released version of the firmware - version 3.03.

Unlocking PSPs

Using this flaw they devised a way to unlock all PSPs, regardless of their age or the firmware running on it.

This development has been a cause for celebration in the PSP homebrew community, but caused alarm at Sony because unlocked PSPs can be used to play pirated PSP games.

"The problem experienced here is not with homebrew applications, but with hackers who pirate commercial titles," a Sony spokesperson said.

Sony have never been in touch with me, so I am confident that what we are doing is legal

Fanjita (David Court)

PSP Hacker

"Piracy is illegal and we strongly oppose any acts which either aide or profit from it."

But the hackers say piracy is not what motivates their teams to unlock the PSP.

"My aim is to enable as many people as possible to run homebrew programs," said Fanjita, a member of the Noobz team.

He added: "Everyone has the right to do what they want with their own hardware. Piracy does upset me, and because what we are doing opens the way to piracy it's harder to justify it morally.

"But our stance on piracy is clear, and we hope to be role models. Sony have never been in touch with me, so I am confident that what we are doing is legal."

Hackers unveiled

Fanjita - real name David Court - is very different from the popular hacker stereotype of the socially inept teenaged geek working all night in his bedroom.

A married man of 34, he is an accomplished professional programmer who writes server software for large telecommunications companies for a living. He spends an hour or two a night hacking PSP software in his Edinburgh home, and is also a martial arts enthusiast.

Dark Alex fits much more comfortably into the hacker mould.

A student from Spain, his hacker moniker derives from his real name, Alejandro, and a liking for all things gothic, he says. His interests are Japanese Manga comics and cats, but PSP hacking is his main hobby.

I think it is up to users to make the correct decisions about how to use my software

Dark Alex

PSP Hacker

"It takes up a good part of my spare time, more or less what some other people may spend watching TV," he said.

"I mainly do it because it is fun to research the internals of the operating system of a machine made by a big company. I am also against DRM (digital rights management - a type of electronic copy protection) in any of its forms, and against restrictions that make a device unable to show its true potential."

Not just pirates

Dark Alex said that although his work makes piracy easier because it enabled PSP owners to play copied games, this was not his responsibility.

"I think it is up to users to make the correct decisions about how to use my software," he said.

"I believe in the presumption of innocence, unlike the media companies."

There were many quite legitimate reasons why you might want to copy a game you own from its original disk, Dark Alex said.

"You can transport a number of games on a single memory stick, which is very convenient, and the games actually load faster. And most important for me, these games can actually be modified, allowing users to customise their games," he said.

"I've seen great things done in this area, like people changing the music of games, or making full translations into their own language."

Breaking the code

Whenever Sony releases a new version of its PSP firmware, the three hacker teams compete to see who can decode and examine it first.

They then collaborate to see if they can find any way of unlocking it.

This task has been made harder in recent months as Sony has introduced a new and more secure motherboard in the latest PSPs, and because Sony's firmware has become increasingly sophisticated in response to the hackers' efforts.

"When each new version of the PSP firmware comes out we can see that Sony are putting in countermeasures against the things we have been doing," Court said.

In this case it turned out that a well known mistake in the way a PSP game called Grand Theft Auto: Liberty City Stories was written provided the hackers with a suitable "exploit".

By loading the game it was possible to get access to a restricted part of the firmware called the kernel, and an oversight on the part of Sony's firmware writers then allowed the hackers to run a special program of their own devising.

An upgraded 'downgrade'

This "downgraded" the PSP to an earlier version of the firmware which allows homebrew to be used.

PSP FIRMWARE HISTORY 2.00 Added a web browser, 4:3 video playback, MP4/AAC playback, and photo transfer support 2.50 Added Locationfree streaming, copyright-protected video playback, and WPA wi-fi security 2.60 Added RSS support and WMA playback 2.70 Added support for Adobe Flash in the web browser 3.00 Added Playstation network/Playstation 3 support and camera support

Return to top

The drawback of this early firmware is that it won't run the latest games, but this problem was quickly overcome by Dark Alex, who wrote his own firmware, called Dark Alex's Open Edition, with the help of a fellow hacker known as Booster.

With this firmware installed, the PSP is completely unlocked, but also has all the features of the latest firmware.

Within days of the release of the Noobz team's downgrader and Dark Alex's Open Edition firmware, Sony updated its firmware, fixing the flaw which makes unlocking possible.

Anyone buying a new PSP with this firmware installed will be therefore be unable to unlock their console - at least until Noobz, Team C+D and Dark Alex and his crew find another exploit and the whole cat-and-mouse game played by Sony and the hacker teams repeats itself.