Sony Sues Hackers Over PS3 Jailbreak
Geohot, also known as George Hotz, and others are accused of distributing code to circumvent PlayStation 3's copyright protection technology to run pirated software.
Sony has sued 3 hackers and 100 others whose names the company doesn't know for developing and releasing over the Web code that makes it possible to run homegrown or pirated software on the PlayStation 3 videogame console.
The consumer electronics company filed the complaint Monday in U.S. District Court in San Francisco, naming as defendants well-known hacker George Hotz of Cambridge, Mass.; Hector Martin Cantero of Spain, Sven Peter of Hungary, and 100 other unnamed hackers. Sony claims Cantero and Peter are members of FailOverFlow, a hacker group the company says is dedicated to circumventing the TPM, or technology protection measure, in the PS3 to prevent the use of pirated games and unauthorized software.
More Security Insights
- How Attackers Identify and Exploit Software and Network Vulnerabilities
- Getting a Grip on Mobile Malware
- The 451 Group Impact Report: Skybox Enters Vulnerability Management Space
- Skybox Security Vulnerability Management Survey
The 24-page complaint accuses the defendants of violating the Digital Millennium Copyright Act and the Computer Fraud and Abuse Act. Sony is asking the court to bar the defendants from developing and distributing technology for hacking the PS3, to turn over everything developed so far to Sony and to order the defendants to pay unspecified monetary damages. Sony claims it has suffered "irreparable injury and damage" as a result of the defendants' work, which has already been widely distributed over the Web.
The lawsuit claims that in late December 2010, FailOverFlow discovered a way to circumvent the PS3's TPMs, written into the console's firmware to prevent software pirates from running unauthorized software. The group then provided other hackers with the tools it developed.
Hotz, aka "Geohot," allegedly built on FailOverFlow's work and publicly distributed over the Internet software code to run pirated or unauthorized software on the PS3. A demonstration of the software allegedly developed by Holtz was posted last week to the Geohot channel on YouTube. Sony claims Hotz made his code available for download five days earlier on his Web site, where he left a message for the company: "If you want your next console to be secure, get in touch with me," the note said, according to the complaint.
"Unless the court enjoins defendants' unlawful conduct, hackers will succeed in their attempts to ensure that pirated software can be run on the PS3 system, resulting in the destruction of SCEA's business," the complaint says. SCEA stands for Sony Computer Entertainment America, the unit responsible for the PS3.
Hotz on Monday had taken down his Web site, leaving up a page that said he had been served with court papers. He also supplied a link to the complaint.
Sony claims the defendants have violated the DCMA by circumventing the PS3's copyright protection mechanisms to run pirated software. They also allegedly violated the Computer Fraud and Abuse Act by breaking into the workings of the PS3 beyond what is allowed in the user agreement and accessing proprietary technology.
Hotz first gained notoriety in 2007 when he hacked his Apple iPhone in order to use the smartphone on multiple carriers' networks. Apple at the time had an exclusive deal with AT&T. In late 2009, he turned his attention to the PS3 and documented his attempt to hack the system on his Web site. Hotz's work prompted Sony to make changes to the system in order to boost security.
InformationWeek has published an in-depth report on hardening next-gen Web applications. Download it now (free registration required).