New piracy technique on PS4 in Brazil confirmed real, Sony might take legal action

Hans.Gruber said:
The situation there must be terrible if prices are like that. As a German I think USA is pretty cheap if you buy Apple stuff, Tommy Hilfiger or other American stuff, but Hugo Boss, BMW or Braun is cheaper in Germany so that equals out. But Brazil prices SMH...
Click to expand...
Talking about Apple, here's a fun little anecdote.

Last month they've opened their second official store, first in the largest city. Obviously it was crowded as hell, about a thousand people waiting and a really long line to get in there.

The first guy on the line had been there for 18h. People cheered him as the store opened. He got in there, received the "first customer" token (a numbered tshirt), and... left without buying anything. On an interview he said that he was just there for the event, and that although wanted some Apple stuff he couldn't afford it - not surprising considering a current iPhone goes for almost twice the average monthly wage.

Bonus irony: he's an authorized Apple technician.
 
Yeah I read the article and yes you can go online and play normally, they use a Raspberry Pi to do the hacking and it function normally, playing both online and offline. And they give 12 games and let 50GB free, and to get new games all you need is to return to the place you pirated your console and pay 30 reais (10 dolares).
 
This is an interesting way to hack.
Now, while I don't want to justify it, I can begin to comprehend why they do this.
I live in Mexico, so I don't know the whole situation, but I can relate in a sense:

Let's make a random, but real life example:

Gameplanet is an equivalent to Gamestop in Mexico. Most of the time, you can get new games there for a (relatively) good price. There are, of course, several other ways to get them, sometimes cheaper, but for the sake of this, let's use it for our example, as they are an established business with little to no varying prices.

http://gameplanet.com/bloodborne-ps4-17243.html

Bloodborne (PS4) is worth 850 MXN (without shipping). Which is about 55 USD, in a good day. The price is equivalent, if not cheaper, to a PS4 title in the US. In this case, there's not really a problem, right?

I make 1250 MXN a week, which is about 80 USD. I have a half-time job, so my pay is about half what I should earn, but still, it's a relatively high pay for what I do.

And there's the problem.

A new game costs two thirds of my weekly salary. Of course, a game is a commodity, not a necessity and, like most, I have other things I need to take care of with my money.

Now, here in Mexico videogame piracy is widespread and often accepted and encouraged (not by distributors and authorities, mind you). PS2 was the winner of the console wars at their time because of how easy was to pirate games for it (You could buy 3 pirated games for it for 3 USD), and the X360 was the winner of the past generation for the same reason. People find way, way cheaper to buy the console, pay 30 USD to "chip it" and then buy 2-3 USD games when they want instead of paying 30-50 USD per game, especially in middle to lower class households (keep in mind that Mexico's lower class' earnings are way lower than US lower class')

There are lots of other factors in the comparison, too. I'm not completely aware of the economic situation of Brasil compared to Mexico or other countries, but what I'm aware of is that the videogame prices situation in Latin America, especially in Brasil, is way worse than what it is in some other parts of the world.
 
Wow this is nuts, I had no clue people were anywhere near this type of piracy on the PS4 or Xbox One yet. Kind of amazing if you just consider the complex solution the pirates came up with for the problem of not being able to copy games.

rllzgdd.gif
 
I don't know how's the situation in other Latin American countries, but speaking of Brazil, yes, piracy is a problem indeed, but caused not because people are a bunch of immoral thieves. There are a few things to consider before calling everyone a thief.

First: things will never be cheap here as they are in places as the United States. There are costs to send products to a remote place like South America.

Second: there's a thing called "Custo Brasil" (Brazilian Cost), which is an added cost to a product due economic, bureaucratic and structural difficulties that companies face here. Mind the fact that Brazilian's main land is bigger the US's, with a very poor logistical network linking all these regions. Add bigger profit margins above all that.

Third: taxes are usually very high, while the worker's wages are not. More than 40% of peoples wages goes to the government in the form of taxes. Meanwhile, people don't trust the public services, so who can pay for it usually use expensive private health insurances, and equip their houses with thick walls, security cameras, etc. So, basically people pay twice for basic stuff, and even though, these services are crap due historically corrupt governments. I'm not trying to legitimate it, but when people are being fucked on a daily basis, it's not unusual for them to take the chances to get something for cheaper or for free when they have the opportunity. It's kind of a cultural thing, actually.

Forth (and for me it's the most important): people see stuff on the TV and on the Internet. Now they want it. Where can they find it? Well, it's not a normal thing to find original games for sale. It got better since Microsoft started selling their games here, so it brought other companies along with it, but when you find games for sale, they're usually hidden in some dark corner of a store. There are no booths for people to see the games, and they're usually very pricey for the average Brazilian person, specially because games are not considered a hobby for grownups. Kids don't have that money. So, before anything, I believe that the companies need to provide a better offering. It's easier to find pirated games and consoles on small shops than it is to find it at a big chain. Steam showed that if you make things easier to the consumer, they'll buy your stuff. So, want to sell? Make it easy to find your games!
 
Simply Sami said:
A bit of both, I am presuming.

Can understand why Brazilians are frustrated about game prices. But this isn't the right way to go about it as this will increase cost most likely.
Click to expand...

I can't say I'm sympathetic toward Sony then. Publishers should try to copy Valve's method of tackling high piracy markets.
 
Nemesis121 said:
Even if it's patch out, the door has been open, it's only a matter of time before they crack it..
Click to expand...

No, this is a clone hack, not a vulnerability hack. It has nothing to do with a 'normal' hack, that is, running unsigned code.

And Vita is still uncracked, while 3DS partially so.

williamracine said:
this method make senses ! Do you think Sony can ban all those people sharing the same ActivatedDMP ?
Click to expand...

Of course they can, but is that a good idea?
What do you bind as 'multiple'? More than one active connection? Depending on their architecture, weeding out false positives could be more work than the benefit of banning the abusers.
 
StalkerUKCG said:
This is really naughty, with a NAND exploit to boot unsigned code the ps4 could get in a really bad situation.

How we this overlooked in development
Click to expand...

No exploit...

Just copying the nor and flashing it back again (its still all encrypted and we dont have the keys)

Just something sony didnt think users would dare to do... so its very easy to patch
 
Pacotera said:
No exploit...

Just copying the nor and flashing it back again (its still all encrypted and we dont have the keys)

Just something sony didnt think users would dare to do... so its very easy to patch
Click to expand...

Lets play battleship with sony and see if we can have them retweet the keys
kevin-butler-ps3-code-rmeng.jpg
 
StalkerUKCG said:
This is really naughty, with a NAND exploit to boot unsigned code the ps4 could get in a really bad situation.

How we this overlooked in development
Click to expand...
That's not possible with this method.
Also, about "overlooking in development": it's really easy, with so damn many ways they have to secure the console, that sometimes something slips through the crack. Hell, PS3 was thought uncrackable for a long time, with some amazing security and it turns out it got hacked because of a rookie's mistake of Sony at programming the keys to the system.
Nemesis121 said:
Even if it's patch out, the door has been open, it's only a matter of time before they crack it..
Click to expand...

Not really, no. This doesn't actually introduces any vulnerabilities of that kind. If PS4 gets cracked it will have nothing to do with this.
 
Pacotera said:
No exploit...

Just copying the nor and flashing it back again (its still all encrypted and we dont have the keys)

Just something sony didnt think users would dare to do... so its very easy to patch
Click to expand...

Either that, or it's impossible.

I mean, seriously. If they have a secure area with some unit-specific data somewhere on the PS4, then why the heck they didn't already check it?

Of course it is theoretically possible, but that's one huge architectural error. Do that trick with 3DS and it won't know how to boot.
 
I dont understand how a simple copy of the NAND data to another console is possible?

The OrbisOS hash checks are made (known as LV2 CORE OS Hash) on the PlayStation 3. The PlayStation 4 runs a hash check on the FLASH file system to ensure all firmware files are not modified. Some have found that unlike PlayStation 3, the PlayStation 4 encrypts and decrypts the FLASH files with the public and private key pair.
Click to expand...

http://www.psdevwiki.com/ps4/Bootprocess

Soo same keypair for all PS4s?

The PS3 used AES witha unique key for every PS3 in the HDD. Thats why you cannot just swap the HDD. Why not do the same for low level flash?
 
This will make the sales of PS4 explode, it did for all previous consoles in the past.

Sony would be best of being not too heavy handed in cracking down on it, especially if it is at the expense of legal users. Like others have said those that can afford the games won't go down this route anyway since you can't play multiplayer or go online
 
I'm guessing one of the solutions to this is for Sony to change the process for console activation/deactivation and licensing.

If they do will this have other ramifications for the other less complex versions of account sharing?
 
Erasus said:
Soo same keypair for all PS4s?
Click to expand...
It could be, as long as you're talking about the keys used to encrypt/decrypt the flash memory content.
But if it's the case, the common keys are certainly buried deep into the auxiliary processor and won't ever leave it (ARM TrustZone, and all that jazz).

Erasus said:
The PS3 used AES witha unique key for every PS3 in the HDD. Thats why you cannot just swap the HDD. Why not do the same for low level flash?
Click to expand...
You cannot take the drive out from a PS4 and put it into another PS4, so these console unique keys are still a thing.
They obviously need to be stored somewhere, though, and the flash memory seems like a good place to do so (as long as they're still encrypted using the common keys, I mean).

This trick only works because they're replicating the flash memory from a legitimate system.
All the checksums are valid and the flash memory content can be properly decrypted using the common keys, so the security layer has no reason to not trust the informations found there, and accept the (cloned) HDD that's been encrypted with the matching console keys.

Now, if that's well the case, I'm not sure how Sony could prevent it at the console level.
But I'm pretty confident they'll find a way.

I'm simply guessing here, just to be clear.
 
In latin america people gets around 600 dollars per month for their work. And a game cost around 100 dollars...So yeah, piracy is pretty bad.
 
elcuervo75 said:
Nothing but thieves in central and south America with no concern about the people who actually have to produce games and movies. Don't believe me and think I'm generalizing? Spend some time down there. Even the entertainers down there miss out on a lot of sales of CDs and such, which is why they do so many concerts and live shows.
Click to expand...

My big stack of legitimately purchased games must have been robbed then.
 
I honestly don't think they need to do anything, its really to the benefit of Sony if they get more sales. Their consoles are selling at a loss anymore and it increases the install base greatly(though largely not a purchasing user base, but that is fairly irrelevant unless it causes stock shortages)

But in the eyes of publishers and developers they have to be seen to be doing something.

From what I understand this method isn't really anything new, it was used plenty for past consoles too
 
Jazzy Geoff said:
So if you already have a PS4 stuffed with content, you'll lose all that? And no online. I can't see that taking off.
Click to expand...
You can play any content from your account fine and play everything online.

There is no down side for while... you have console with the games you choose from the cloned one and everything else you added with your account (retail or digital).

Full online with your plus account too.


The fear is if Sony do something that makes all cloned PS4 useless.
 
Sony's obviously not going to let this continue. I just hope they don't use this method, and any other existing method, to justify harsher anti-pirating methods. I read through some of the posts and I'm instatnly reminded about talk of the anti-pirating measures the big three were going to take with their current generation consoles. Blaming the secondary used game market didn't help matters eithe.
 
Console piracy died with the PS2 and the Wii.

All the other consoles have too much online content, and benefit too much for online play for someone to stay offline to play pirated games. It's just not worth it.

And you can't pirate and play online because of the frequent firmware updates patching everything and banning consoles. Piracy wasn't a real problem for the 360/PS4, and it won't be for their successors either.

I can see the WiiU being pirated for people who don't want to play MK8/Smash online, but that's about it.
 
Cerny pls...


The fucking Xbox 360 uses a set of irreversible fuses as a per-box encryption key... This method would be impossible on the 360. Whyyyy did Sony not start with something as basic as that??
 
jester_ said:
Cerny pls...


The fucking Xbox 360 uses a set of irreversible fuses as a per-box encryption key... This method would be impossible on the 360. Whyyyy did Sony not start with something as basic as that??
Click to expand...

I guess security is not really Sony's strong suit
 
jester_ said:
Cerny pls...


The fucking Xbox 360 uses a set of irreversible fuses as a per-box encryption key... This method would be impossible on the 360. Whyyyy did Sony not start with something as basic as that??
Click to expand...

You know the 360 was running pirated games pretty early in it's life right? It was under a year if I remember correctly
 
Many people forget how pirated the Xbox 360s were.

It meant for many that they couldn't go online, or that they'd just mod a new 360 or exchange them when banned, since the ban was on the console, not the account.

Going online for many was a luxury.
 
Dazza said:
You know the 360 was running pirated games pretty early in it's life right? It was under a year if I remember correctly
Click to expand...

To this day, you can NOT flash an encrypted NAND dump to a different Xbox 360. They did that part of the security right. The key used to encrypt that dump, also would be impossible to find had it not been for the KK/SMC exploits allowing Xenon Linux Loader to run.

Basically, the 360's "less-than-a-year till piracy" was due to outsourced DVD drives (Microsoft never made one themselves) getting their firmwares reverse engineered and patched, and if Sony had at least used some form of per-box NAND encryption (like the 360 10 years ago...), they would not have this issue on their hands and piracy probably would have taken MUCH longer.

Truly it seems like a matter of production laziness. I was a huge fan of Mark Cerny's direction for the PS4, and it is my main console, but the design clearly overlooked some key security areas, most likely because it was too time-consuming/costly to implement into manufacturing.
 
Dr. Kaos said:
Console piracy died with the PS2 and the Wii.

All the other consoles have too much online content, and benefit too much for online play for someone to stay offline to play pirated games. It's just not worth it.

And you can't pirate and play online because of the frequent firmware updates patching everything and banning consoles. Piracy wasn't a real problem for the 360/PS4, and it won't be for their successors either.

I can see the WiiU being pirated for people who don't want to play MK8/Smash online, but that's about it.
Click to expand...

You should see my local game shops here in Phnom Penh, bootleg 360 games are a buck each, and yes you can go online, the hacked version of a ps3 is only 60 bucks cheaper than a ps4 ($320 v $380) because you can then buy the games for next to nothing.

I'm wondering how long it'll take this exploit to become a thing here too.
 
There are some retailers on the grey market in Brazil already selling the unlocked console with 10-12 games for about $500-550.

A legit PS4 can be bought for as low as $667 on some regular stores (no games included) with 1 year warranty from Sony.

So yes, a lot of people are getting into piracy after the confirmation that it really works. I guess Sony will have to launch a new firmware to try to address this issue.
 
Ally of Justice said:
This is an interesting way to hack.
Now, while I don't want to justify it, I can begin to comprehend why they do this.
I live in Mexico, so I don't know the whole situation, but I can relate in a sense:

Let's make a random, but real life example:

Gameplanet is an equivalent to Gamestop in Mexico. Most of the time, you can get new games there for a (relatively) good price. There are, of course, several other ways to get them, sometimes cheaper, but for the sake of this, let's use it for our example, as they are an established business with little to no varying prices.

http://gameplanet.com/bloodborne-ps4-17243.html

Bloodborne (PS4) is worth 850 MXN (without shipping). Which is about 55 USD, in a good day. The price is equivalent, if not cheaper, to a PS4 title in the US. In this case, there's not really a problem, right?

I make 1250 MXN a week, which is about 80 USD. I have a half-time job, so my pay is about half what I should earn, but still, it's a relatively high pay for what I do.

And there's the problem.

A new game costs two thirds of my weekly salary. Of course, a game is a commodity, not a necessity and, like most, I have other things I need to take care of with my money.

Now, here in Mexico videogame piracy is widespread and often accepted and encouraged (not by distributors and authorities, mind you). PS2 was the winner of the console wars at their time because of how easy was to pirate games for it (You could buy 3 pirated games for it for 3 USD), and the X360 was the winner of the past generation for the same reason. People find way, way cheaper to buy the console, pay 30 USD to "chip it" and then buy 2-3 USD games when they want instead of paying 30-50 USD per game, especially in middle to lower class households (keep in mind that Mexico's lower class' earnings are way lower than US lower class')

There are lots of other factors in the comparison, too. I'm not completely aware of the economic situation of Brasil compared to Mexico or other countries, but what I'm aware of is that the videogame prices situation in Latin America, especially in Brasil, is way worse than what it is in some other parts of the world.
Click to expand...

Is not as bad as it was 5 - 10years ago (were you could buy pirate games in any street corner). And as I heard, Brazil situation is way worse than ours (hint:search for how much they were selling the PS4 in dollars equivalent).
 
Dr. Kaos said:
Console piracy died with the PS2 and the Wii.

All the other consoles have too much online content, and benefit too much for online play for someone to stay offline to play pirated games. It's just not worth it.

And you can't pirate and play online because of the frequent firmware updates patching everything and banning consoles. Piracy wasn't a real problem for the 360/PS4, and it won't be for their successors either.

I can see the WiiU being pirated for people who don't want to play MK8/Smash online, but that's about it.
Click to expand...

The Wii was a piraters paradise. Hook up a usb hard drive and have 100's of games and emulators. The 360 was pretty hackable as well. I knew people that pirated and played online. Though I wouldn't even risk getting my profile and achievement points banned.
 
Chakan said:
So yes, a lot of people are getting into piracy after the confirmation that it really works. I guess Sony will have to launch a new firmware to try to address this issue.
Click to expand...

What exactly can they do to stop this? How do you distinguish a cloned NAND from a genuine one, and how do you make this unique through software?

The 360 kept NAND flashes impossible with physical fuses, you can't download a physical repository or key unless its already built into the system... but then why wasn't it being queried already? I'd be curious for the more informed to educate me if this can be patched and how one goes about patching a cloned NAND without some sort of physical reference-key.

GoonerTRON said:
The Wii was a piraters paradise. Hook up a usb hard drive and have 100's of games and emulators. The 360 was pretty hackable as well. I knew people that pirated and played online. Though I wouldn't even risk getting my profile and achievement points banned.
Click to expand...

Same with the DS, and that had some serious consequences.
 
Vena said:
What exactly can they do to stop this? How do you distinguish a cloned NAND from a genuine one, and how do you make this unique through software?

The 360 kept NAND flashes impossible with physical fuses, you can't download a physical repository or key unless its already built into the system... but then why wasn't it being queried already? I'd be curious for the more informed to educate me if this can be patched and how one goes about patching a cloned NAND without some sort of physical reference-key.



Same with the DS, and that had some serious consequences.
Click to expand...

Should be pretty easy you just need to tie the NAND to the MAC with a hash assuming the MAC isn't stored in the NAND itself of course.
 
Durante said:
I find it interesting how closed platforms are getting better and better at completely preventing homebrew, but still fail to prevent piracy.
Click to expand...

Well, both 3DS and PS4 hacks came off commercial enterprises, not hobbyism like all the consoles before them.

Vena said:
What exactly can they do to stop this? How do you distinguish a cloned NAND from a genuine one, and how do you make this unique through software?

The 360 kept NAND flashes impossible with physical fuses, you can't download a physical repository or key unless its already built into the system... but then why wasn't it being queried already? I'd be curious for the more informed to educate me if this can be patched and how one goes about patching a cloned NAND without some sort of physical reference-key.



Same with the DS, and that had some serious consequences.
Click to expand...

There's many easy ways, the first one is to check the PSID - Mac or whatever, one of the IDs stored in the NAND - against a hwid outside the NAND, like the disc reader's. The x360 did that.
 
I hope there's someone secretly backing up PSN games to ensure they still exist 20 years from now. Its disappointing that whoever figured this out went for a cheap profit instead.
 
Meaty said:
We are talking about a country where a game costs a third of minimum wage, the people who cant afford it dont really care if this will increase cost, theyd never buy non-pirated games either way.

Not really defending it, but I can totally understand why a person would go that route.
Click to expand...

Brazil has no one to blame but Brazil itself. There is a reason almost every single thing that is imported into the country costs a fortune. I know you're not defending it, but high cost should just mean you can't afford it, not that you are entitled to then look for illegal means to play games you can't afford. If you can't buy something, you can't buy it.

I don't have a PS4, but the way the industry is, the last thing we need is piracy this early in the gen, especially as AAA games have become few and far and with greater restrictions. I bet MS is looking at this and thinking, see how good always online could have been enjoying Sony.
 
Madness said:
Brazil has no one to blame but Brazil itself. There is a reason almost every single thing that is imported into the country costs a fortune. I know you're not defending it, but high cost should just mean you can't afford it, not that you are entitled to then look for illegal means to play games you can't afford. If you can't buy something, you can't buy it.

I don't have a PS4, but the way the industry is, the last thing we need is piracy this early in the gen, especially as AAA games have become few and far and with greater restrictions. I bet MS is looking at this and thinking, see how good always online could have been enjoying Sony.
Click to expand...
I know, if you dont got the money, you aint entitled to play the games. My viewpoint however is that when someone who is unable to buy a game pirates it, its not a lost sale. Its a crime. Its wrong. I agree. Its not money the developer is losing however. I know its not a popular point of view in international forums,
Since most people are looking from a different viewpoint.


I even find it to be benefical in the run, a lot of the people who were too poor to buy games here in the past became legitimate costumers years later when our economical situation improved.

Ask any brazilian. The market here would not be as big as it if if the adults who now have the income to purchase games didnt pirate when they were children, people here would just not be as invested in gaming as we are.


If someone got the money to buy a ps4 and they are pirating games for it then they are douchebags an should be punished.

I agree with you. This is way too early.
 
Madness said:
Brazil has no one to blame but Brazil itself. There is a reason almost every single thing that is imported into the country costs a fortune. I know you're not defending it, but high cost should just mean you can't afford it, not that you are entitled to then look for illegal means to play games you can't afford. If you can't buy something, you can't buy it.

I don't have a PS4, but the way the industry is, the last thing we need is piracy this early in the gen, especially as AAA games have become few and far and with greater restrictions. I bet MS is looking at this and thinking, see how good always online could have been enjoying Sony.
Click to expand...

This remind me how gaming was 20 years ago in Brazil.

People often used to buy pirated SNES games at a high price because games costed so much, that no one could bear. Half of a minimum wage, in the best scenario.

Now even with the high prices the situation is somehow alleviated.
 
You must log in or register to reply here.

Similar threads

Square Enix will take legal action against slander of their employees and executives
2
51
3K
CLW replied
Sony is working on allowing PlayStation players to smell in-game scents in real life
News  2 3
113
6K
ShadyAcshuns replied
Assassins Creed Shadows: Real-life Japanese shrine officials are “taking action” over Ubisoft’s portrayal of religious site
2 3 4 5
203
10K
Strategize replied
PlayStation game prices to increase in Brazil starting October
Social Hardware Platform 
16
96
deriks replied
The YouTube DIYer Restore Technique builds his own PS4 handheld console, the "PS4T"
14
1K
SlimySnake replied
Top Bottom