The Engineer Behind Vita's First Big Exploit

Yifan Lu is a Texas-based student, one who resents the term “hacker.” He’d prefer to be called a reverse engineer, and he’s claiming to be responsible for a breakthrough that may open up the Vita. Eventually.

Lu disclosed his progress last Saturday on the Wololo.net message boards. He was seeking developers to help him out, which prompted a news post on the front page of Wololo.net. As more people started paying attention, this quickly lead to apocalyptic speculation that Lu had “cracked” the Vita, and would open the floodgates to piracy.

None of this is true, Lu told me over email this week.

“I did not expect this to be news,” said Lu. “Naive, I know. The announcement was basically ‘hey, we're at the point where we can actually write a loader now, so if anyone wants to jump on board and help, that'll be cool.’”

Lu has previous experience exploiting hardware, a task he takes on for the sheer challenge of it.

Lu is known for previous exploits, including the first jailbreak for the Kindle Touch and PSXperia, which converts any PlayStation game into something playable on the Xperia Play. In short, he’s legit.

Lu claimed that piracy on a Vita would not be possible with the exploit he’s discovered.

This assumes Sony doesn’t patch Lu’s exploit, the details of which are being kept private. Lu described himself as “very anti-piracy” and said he will not code anything to support the practice.

That said, Lu acknowledged there’s not much preventing someone else from taking the baton, and using his work for nefarious means.

“My work could be used as a stepping stone for others,” he said. “Personally, I am not talented enough to find exploits that could be used for piracy, and I am in contact with those who do have the skills, but they are also against piracy.”

“We can't stop it, but I can promise that I will never help it,” he said. “I made this metaphor before, but it's like the invention of airplanes. They're good for transportation, but somebody decided it can be used to drop bombs. But to prevent bombing cities, would it have been better if airplanes were never invented?”

The subtext of Lu’s comments is that homebrew is a good thing for the Vita community, and encourages more people to purchase a Vita and use it for a variety of reasons, including some that Sony never intended. It’s an argument fans of the rather impressive PSP homebrew community might agree with, but Sony? Yeah, probably not.

"I'm convinced and we're convinced that piracy has taken out a big chunk of our software sales on PSP," said senior VP of marketing at Sony Computer Entertainment America Peter Dille in a 2009 interview with Gamasutra. "It's been a problem that the industry has to address together; it's one that I think the industry takes very seriously, but we need to do something to address this because it's criminal what's going on, quite frankly."

I asked Lu to try and break down what he’s accomplished thus far in laymen terms. Let’s try.

Lu’s first breakthrough was getting a RAM dump. On 3DS, exploiters accomplished this by creating a physical RAM dumper. Since RAM is on the same chip as the CPU on a Vita, that’s not possible. Lu wouldn’t explain how he solved that issue on Vita, “but it wasn't as creative as engineering a hardware dumper.” Once the RAM dump was successful, he was able to analyze the code running in memory, and puzzle over how to get their own code going.

They’ve figured that part out.

In a best case scenario, homebrew is used for emulation. In a worst case, it's games for free.

Lu worked with a team to accomplish his feat, but didn’t feel comfortable naming other people.

Now, it’s a matter of recruiting developers to program a loader that can actually run unsigned (read: unauthorized) code. Lu doesn’t expect the loader to be ready for at least a couple of months, and it could take much longer for anything interesting to come out of the homebrew community after that. Those folks work fast, though.

I asked Lu for verifiable proof of his success. Sure, he’s proven his exploitation chops with previous pieces of hardware, but why not more? For now, it’s just his word.

“There is no proof I can offer, and as of right now, it would be wiser to not believe me and go on with life as usual,” he said. “Don't hold off updating, don't go and stockpile on Vitas, etc. Because between now and when it's released, anything could happen.”

Given the speculation created by Lu’s discovery, that wouldn’t be a huge surprise.

Sony has not yet contacted Lu, and Sony has not responded to my request for comment.

“If they tell me to stop, I will,” he said. “I don't have the time or resources to fight them. This is only a hobby.”

Until Sony steps in, he'll keep at it. It's exciting.

"Like some people do crossword or sudoku, it's mainly the intellectual challenge and the euphoria of success," he said. "I'd be lying if I didn't say there's also a bit of pride involved for being the 'first' to do something."

107 Comments

Blitzer

431

Forum Posts

408

Wiki Points

Followers

Reviews: 1

User Lists: 4

Edited By Blitzer

I wouldn't even buy a Vita to pirate games. That's how much I don't care about it.

11 years ago

GunnyHath

Reviews: 0

User Lists: 1

Edited By GunnyHath

Homebrew ftw

Ax23000

User Lists: 0

Edited By Ax23000

Man, most of the comments on this article depress me. Can people really not make a distinction between what this man is doing and piracy? You can poke holes in his analogy all you want, but the fact remains that he has a point. Hacking the console does not make him responsible for what people choose to do with the freedom he has granted them.

Freedom comes with personal responsibility and yes, PEOPLE WILL ABUSE THAT FREEDOM, but does that instantly make the freedom a bad thing? I live in the US where I, and pretty much every other citizen, have the freedom to say more or less whatever they want. People abuse this freedom constantly. They say mean, awful things. They lie and spread half-truths. Is the solution to this problem to do away with freedom of speech?

If you make every choice about granting freedom to people based on the worst people will do with that freedom, you might as well give up on the idea of giving anyone any kind of freedom ever.

What you have to remember about freedom, is that while some will abuse it, there will be others who will do amazing and interesting things with it. THINGS THAT WOULD NOT BE POSSIBLE WITHOUT IT.

No company, in my opinion, should have the right to tell you what you can and can not do with something you have purchased. They should not be allowed to tell you what software you can and can not run. They should not be allowed to control what OS you have to use. They should not have that power. To my mind this is a fundamental right.

GooieGreen

469

User Lists: 2

Edited By GooieGreen

@Ax23000: A company has a right to protect itself within reason just like anyone else. Hacking a device on a closed community like PSN, XBL, or iOS will lead to abuse and greater problems within the community. You begin to impact the experience of other users. These companies are, in effect, operating as a government body would to protect the interests of the many as they outweigh the thievery and curiosity of the few.

yukoasho

2247

6076

Reviews: 6

User Lists: 7

Edited By yukoasho

Unfortunately, his airplane analogy is unsound. The potential for misuse of this or any exploit far outweighs any possible benefit, to the point where any non-piracy use will likely be little more than an excuse to garner sympathy, whereas airplanes serve a very real legitimate purpose.