Giant Bomb News

107 Comments

The Engineer Behind Vita's First Big Exploit

Known exploiter Yifan Lu explains why this doesn't necessarily mean the floodgates are open for Vita, and whether someone could use it for piracy.

Yifan Lu is a Texas-based student, one who resents the term “hacker.” He’d prefer to be called a reverse engineer, and he’s claiming to be responsible for a breakthrough that may open up the Vita. Eventually.

Lu disclosed his progress last Saturday on the Wololo.net message boards. He was seeking developers to help him out, which prompted a news post on the front page of Wololo.net. As more people started paying attention, this quickly lead to apocalyptic speculation that Lu had “cracked” the Vita, and would open the floodgates to piracy.

None of this is true, Lu told me over email this week.

“I did not expect this to be news,” said Lu. “Naive, I know. The announcement was basically ‘hey, we're at the point where we can actually write a loader now, so if anyone wants to jump on board and help, that'll be cool.’”

Lu has previous experience exploiting hardware, a task he takes on for the sheer challenge of it.

Lu is known for previous exploits, including the first jailbreak for the Kindle Touch and PSXperia, which converts any PlayStation game into something playable on the Xperia Play. In short, he’s legit.

Lu claimed that piracy on a Vita would not be possible with the exploit he’s discovered.

This assumes Sony doesn’t patch Lu’s exploit, the details of which are being kept private. Lu described himself as “very anti-piracy” and said he will not code anything to support the practice.

That said, Lu acknowledged there’s not much preventing someone else from taking the baton, and using his work for nefarious means.

“My work could be used as a stepping stone for others,” he said. “Personally, I am not talented enough to find exploits that could be used for piracy, and I am in contact with those who do have the skills, but they are also against piracy.”

“We can't stop it, but I can promise that I will never help it,” he said. “I made this metaphor before, but it's like the invention of airplanes. They're good for transportation, but somebody decided it can be used to drop bombs. But to prevent bombing cities, would it have been better if airplanes were never invented?”

The subtext of Lu’s comments is that homebrew is a good thing for the Vita community, and encourages more people to purchase a Vita and use it for a variety of reasons, including some that Sony never intended. It’s an argument fans of the rather impressive PSP homebrew community might agree with, but Sony? Yeah, probably not.

"I'm convinced and we're convinced that piracy has taken out a big chunk of our software sales on PSP," said senior VP of marketing at Sony Computer Entertainment America Peter Dille in a 2009 interview with Gamasutra. "It's been a problem that the industry has to address together; it's one that I think the industry takes very seriously, but we need to do something to address this because it's criminal what's going on, quite frankly."

I asked Lu to try and break down what he’s accomplished thus far in laymen terms. Let’s try.

Lu’s first breakthrough was getting a RAM dump. On 3DS, exploiters accomplished this by creating a physical RAM dumper. Since RAM is on the same chip as the CPU on a Vita, that’s not possible. Lu wouldn’t explain how he solved that issue on Vita, “but it wasn't as creative as engineering a hardware dumper.” Once the RAM dump was successful, he was able to analyze the code running in memory, and puzzle over how to get their own code going.

They’ve figured that part out.

In a best case scenario, homebrew is used for emulation. In a worst case, it's games for free.

Lu worked with a team to accomplish his feat, but didn’t feel comfortable naming other people.

Now, it’s a matter of recruiting developers to program a loader that can actually run unsigned (read: unauthorized) code. Lu doesn’t expect the loader to be ready for at least a couple of months, and it could take much longer for anything interesting to come out of the homebrew community after that. Those folks work fast, though.

I asked Lu for verifiable proof of his success. Sure, he’s proven his exploitation chops with previous pieces of hardware, but why not more? For now, it’s just his word.

“There is no proof I can offer, and as of right now, it would be wiser to not believe me and go on with life as usual,” he said. “Don't hold off updating, don't go and stockpile on Vitas, etc. Because between now and when it's released, anything could happen.”

Given the speculation created by Lu’s discovery, that wouldn’t be a huge surprise.

Sony has not yet contacted Lu, and Sony has not responded to my request for comment.

“If they tell me to stop, I will,” he said. “I don't have the time or resources to fight them. This is only a hobby.”

Until Sony steps in, he'll keep at it. It's exciting.

"Like some people do crossword or sudoku, it's mainly the intellectual challenge and the euphoria of success," he said. "I'd be lying if I didn't say there's also a bit of pride involved for being the 'first' to do something."

107 Comments
  • 107 results
  • 1
  • 2
  • 3
Posted by patrickklepek

Yifan Lu is a Texas-based student, one who resents the term “hacker.” He’d prefer to be called a reverse engineer, and he’s claiming to be responsible for a breakthrough that may open up the Vita. Eventually.

Lu disclosed his progress last Saturday on the Wololo.net message boards. He was seeking developers to help him out, which prompted a news post on the front page of Wololo.net. As more people started paying attention, this quickly lead to apocalyptic speculation that Lu had “cracked” the Vita, and would open the floodgates to piracy.

None of this is true, Lu told me over email this week.

“I did not expect this to be news,” said Lu. “Naive, I know. The announcement was basically ‘hey, we're at the point where we can actually write a loader now, so if anyone wants to jump on board and help, that'll be cool.’”

Lu has previous experience exploiting hardware, a task he takes on for the sheer challenge of it.

Lu is known for previous exploits, including the first jailbreak for the Kindle Touch and PSXperia, which converts any PlayStation game into something playable on the Xperia Play. In short, he’s legit.

Lu claimed that piracy on a Vita would not be possible with the exploit he’s discovered.

This assumes Sony doesn’t patch Lu’s exploit, the details of which are being kept private. Lu described himself as “very anti-piracy” and said he will not code anything to support the practice.

That said, Lu acknowledged there’s not much preventing someone else from taking the baton, and using his work for nefarious means.

“My work could be used as a stepping stone for others,” he said. “Personally, I am not talented enough to find exploits that could be used for piracy, and I am in contact with those who do have the skills, but they are also against piracy.”

“We can't stop it, but I can promise that I will never help it,” he said. “I made this metaphor before, but it's like the invention of airplanes. They're good for transportation, but somebody decided it can be used to drop bombs. But to prevent bombing cities, would it have been better if airplanes were never invented?”

The subtext of Lu’s comments is that homebrew is a good thing for the Vita community, and encourages more people to purchase a Vita and use it for a variety of reasons, including some that Sony never intended. It’s an argument fans of the rather impressive PSP homebrew community might agree with, but Sony? Yeah, probably not.

"I'm convinced and we're convinced that piracy has taken out a big chunk of our software sales on PSP," said senior VP of marketing at Sony Computer Entertainment America Peter Dille in a 2009 interview with Gamasutra. "It's been a problem that the industry has to address together; it's one that I think the industry takes very seriously, but we need to do something to address this because it's criminal what's going on, quite frankly."

I asked Lu to try and break down what he’s accomplished thus far in laymen terms. Let’s try.

Lu’s first breakthrough was getting a RAM dump. On 3DS, exploiters accomplished this by creating a physical RAM dumper. Since RAM is on the same chip as the CPU on a Vita, that’s not possible. Lu wouldn’t explain how he solved that issue on Vita, “but it wasn't as creative as engineering a hardware dumper.” Once the RAM dump was successful, he was able to analyze the code running in memory, and puzzle over how to get their own code going.

They’ve figured that part out.

In a best case scenario, homebrew is used for emulation. In a worst case, it's games for free.

Lu worked with a team to accomplish his feat, but didn’t feel comfortable naming other people.

Now, it’s a matter of recruiting developers to program a loader that can actually run unsigned (read: unauthorized) code. Lu doesn’t expect the loader to be ready for at least a couple of months, and it could take much longer for anything interesting to come out of the homebrew community after that. Those folks work fast, though.

I asked Lu for verifiable proof of his success. Sure, he’s proven his exploitation chops with previous pieces of hardware, but why not more? For now, it’s just his word.

“There is no proof I can offer, and as of right now, it would be wiser to not believe me and go on with life as usual,” he said. “Don't hold off updating, don't go and stockpile on Vitas, etc. Because between now and when it's released, anything could happen.”

Given the speculation created by Lu’s discovery, that wouldn’t be a huge surprise.

Sony has not yet contacted Lu, and Sony has not responded to my request for comment.

“If they tell me to stop, I will,” he said. “I don't have the time or resources to fight them. This is only a hobby.”

Until Sony steps in, he'll keep at it. It's exciting.

"Like some people do crossword or sudoku, it's mainly the intellectual challenge and the euphoria of success," he said. "I'd be lying if I didn't say there's also a bit of pride involved for being the 'first' to do something."

Posted by Zelyre

Firmware update incoming in 3...2...1...

Posted by thaijedi

Interesting read

Posted by HT101

Sounds pretty cool.

Posted by paisan13

I'll buy a Vita if I can use it to run Emu's, that would be sweet ^_^

Edited by stalefishies

I'm no expert, far from it, but running unsigned code seems like it's but a small jump to just running dumped roms of the cartridges. So while the guy's anti-piracy slant is noble, it seems pretty naïve to me.

Posted by langdonx

It seems like a lot of companies (Sony included) have matured to a point where Sony's response to this could be really interesting. I would love to see them fly this guy out and have him show them what he did and how he did it so that they could head it off at the pass (if possible). That seems like the smartest thing they could do... it's essentially crowd sourcing.

Aside from piracy, I don't see much value in a hacked Vita. The SDK seems to offer developers an outlet for getting anything within reason running on the device.

Posted by btakasper

Hey Sony, just think, if an exploit is made, you will see an increase in units sold. On the other hand, you might not, since there's nothing to play on it. I have a vita, but i only own 1 game. I'm not even sure why i bought the vita to begin with. It's more of a paperweight than anything else. I pick it up once and awhile and play that free Treasures of Montezuma Blitz game. I for one hope it leads to an exploit, i would love to run random junk on it from emulators to who knows what else. Piracy is inevitable, doesn't matter if i agree with it or not, it will happen.

Just my two cents.

Posted by Jon93

Great article Patrick.

Edited by Kosayn

Ideally, we'll reach an equilibrium where game consoles tend to get completely hacked right around the time that the next generation machines come out. That way, gaming history still gets preserved through the internet, and the industry takes less of a hit from piracy.

Eventually, there will be no working NES's, Commodores, Spectrums, and Ataris, for example. And I suspect many in the industry do gain insight from beign able to examine how early game designers did things. Without piracy that software record would be fragmentary at best.

Posted by langdonx
Posted by Ehker

@langdonx said:

It seems like a lot of companies (Sony included) have matured to a point where Sony's response to this could be really interesting. I would love to see them fly this guy out and have him show them what he did and how he did it so that they could head it off at the pass (if possible). That seems like the smartest thing they could do... it's essentially crowd sourcing.

That's what they did with Hotz. They invited him and he walked into the Sony HQ eating from a box of Lucky Charms, dropping marshmallows across the lobby.

http://www.newyorker.com/reporting/2012/05/07/120507fa_fact_kushner#ixzz25ob3V0vU

Posted by chickdigger802

@stalefishies said:

I'm no expert, far from it, but running unsigned code seems like it's but a small jump to just running dumped roms of the cartridges. So while the guy's anti-piracy slant is noble, it seems pretty naïve to me.

which is why you aren't an expert. Let's just say, it's about as apples and oranges as it gets.

Posted by Rincewind

And so the cat and mouse game on the vita begins.

Online
Posted by beepmachine

At this point, any news is good news for the vita.

Posted by algertman

If anyone thinks this will cause people to buy a Vita you are crazy. The same line was used for PSP in the western market. In reality people bought a PSP with a game or two and never messed with it again and that why the software sales were horrible. The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

Posted by believer258

@algertman said:

If anyone thinks this will cause people to buy a Vita you are crazy. The same line was used for PSP in the western market. In reality people bought a PSP with a game or two and never messed with it again and that why the software sales were horrible. The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

As someone with a modified PSP who spent a lot of time looking into what I could get out of that scene?

You're horribly wrong. Certainly I bought my PSP for games a long time ago, but if I had not had one and still found out about the things on it, I'd have bought one quick. And many people did, in fact, pick one up soon after figuring all of that out. This is also why Sony sold PSP's a good bit but not a whole lot of games.

Posted by Cybexx

Umm, why? Why do you need to do a bunch of work to hack homebrew applications (while claiming to not be assisting piracy) when Playstation Mobile Developer Program exists? You can already run homebrew applications with that and its Sony developed. I don't trust this man's anti-piracy claims, maybe I'm missing something.

Online
Posted by WJist

I'm curious what this means for Vita owners (and those thinking about purchasing one) down the road. I don't doubt someone will come up eventually with something to break into the back door with Lu's exploit, but Sony's response could impact whether devs will continue to be interested in making games for it. I liked the PSP, but when the homebrew community came in, I noticed a lot more brick-and-mortar stores stopped selling PSP games.

Posted by jakob187

I've always appreciated guys like this: he's doing it because of the challenge, not because he wants to be malicious and pirate shit. He's a tinkerer, the guy that took everything apart when he was a kid to see what makes it tick and understand the complexities behind it all. He's not the guy that smashes something, glues it back together, and then tries to sell it for a profit because he's a dick.

I hope Sony DOESN'T stop him, but instead decides to give him a job.

Posted by GrantHeaslip

I don't doubt that there are people who jailbreak/root their systems and continue to buy games, but they're the extreme minority. Most people who are doing this are doing it to play games without paying for them (I'd say steal, but I don't even want to get into that piracy:stealing argument).

I agree in theory that people should have the right to do what they want with their hardware, but the unfortunate reality is that most people are selfish dicks who will steal stuff if they don't think they'll get caught. If this leads to PSP-style widespread piracy, it will be a real shame. Obviously the lack of PSP game sales wasn't just a result of piracy, but it probably played a big part.

Online
Posted by Krakn3Dfx
Posted by Enigma777

I sure as hell hope the Vita isn't hacked. Piracy killed the PSP and it will kill the Vita, especially when you consider that the Vita isn't dong so hot right now.

Posted by mrEkli

Emulation is Piracy. Furthered by the fact that old games (most of the ones people want to play too) are being sold on modern systems.

Posted by OllyOxenFree
@Krakn3Dfx said:

Posted by BlackLagoon

@algertman said:

The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

The PS3 is currently the best selling console (month to month) world wide, the 360 really only beat it in North America and the UK. And Hatsune Miku would like to have a word with you about the Vita's viability - the best selling game in Japan right now by quite a margin is Project Diva F for the Vita.

Posted by Xer0Signal

“We can't stop it, but I can promise that I will never help it,” he said. “I made this metaphor before, but it's like the invention of airplanes. They're good for transportation, but somebody decided it can be used to drop bombs. But to prevent bombing cities, would it have been better if airplanes were never invented?”

I'm not entirely sure that hacking the Vita is just as important of a discovery in science as was MASTERING THE ABILITY OF FLIGHT.

I get the analogy he's trying to make, but, it rings false to me.

Posted by ChrisTaran

Very impressive stuff. Looking forward to what the homebrew community can deliver!

Posted by WMWA

Nice grab. First article I've seen naming him, much less getting an interview

Posted by ValiantGoat

Sony has it under control, don't release anything worthwhile on the system and nobody will pirate the software.

Posted by Rayeth

@mrEkli:

Except that isn't true. Emulation is legal if you own copies of the physical game involved. So my legally owned copies of Legend of Zelda, SMB 3, Final Fantasy 3, 6, 7, whatever, are fair game for ME to emulate. Assuming I am doing all the rom dumping myself (which is actually a pretty fun process, I think). I should be able to create backup copies of software I own, I can and I do when available.

The fact that some of these games are available for modern systems is irrelevant.

Posted by Deusoma

It's weird, I've never seen a hacker in denial about being a hacker before. :P

Posted by FMinus

@Krakn3Dfx said:

This is what people call, "admit defeat".

Posted by algertman

@BlackLagoon said:

@algertman said:

The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

The PS3 is currently the best selling console (month to month) world wide, the 360 really only beat it in North America and the UK. And Hatsune Miku would like to have a word with you about the Vita's viability - the best selling game in Japan right now by quite a margin is Project Diva F for the Vita.

PS3 is running on fumes at this point. The vita has bombed HARD. You are going off of sales for ONE WEEK. One week, in Japan, Vita has been been dragged up the from abyss when it has been having a hard time busting 10k a week in Japan. On top of that Miku was the ONLY Vita game in the top thirty this week. Vita is dead. Quit living in a dream world.

Posted by Patman99

@FMinus said:

@Krakn3Dfx said:

This is what people call, "admit defeat".

While the tweet is pretty funny, that is a parody account.

Posted by Ravenlight

He may resent the widely-believed public misconception of what "hacker" means, but by the traditional definition is apropos in Lu's case.

Posted by tourgen

@langdonx said:

It seems like a lot of companies (Sony included) have matured to a point where Sony's response to this could be really interesting. I would love to see them fly this guy out and have him show them what he did and how he did it so that they could head it off at the pass (if possible). That seems like the smartest thing they could do... it's essentially crowd sourcing.

Aside from piracy, I don't see much value in a hacked Vita. The SDK seems to offer developers an outlet for getting anything within reason running on the device.

noooooo! The SDK is kind of terrible. It's mono (C#), a managed language. The SDK is pretty limited in terms of actual direct access to hardware to do interesting things. Sure you can write a shitty sprite platformer pretty easily... Running compiled C or raw ASM with direct hardware access would be GREAT. Too bad we'll never see published hardware specs.

Closed, proprietary system SUCK. I miss fun hardware like the C64, Amiga, and Atari ST with full published hardware specs and no DRM, signed code bullshit.

Edited by Terramagi

@langdonx said:

It seems like a lot of companies (Sony included) have matured to a point where Sony's response to this could be really interesting. I would love to see them fly this guy out and have him show them what he did and how he did it so that they could head it off at the pass (if possible). That seems like the smartest thing they could do... it's essentially crowd sourcing.

Aside from piracy, I don't see much value in a hacked Vita. The SDK seems to offer developers an outlet for getting anything within reason running on the device.

Yeah, not a goddamn chance. They nailed the guy who hacked the PS3 to a fucking wall. This guy will be no different.

Posted by Phat2

stop posting gay porn in comments, thanks

Posted by Krakn3Dfx

@FMinus said:

@Krakn3Dfx said:

This is what people call, "admit defeat".

It's not really his account, I thought it was hilarious though.

Posted by Solh0und

I think it's safe to say that we all know that piracy will EVENTUALLY happen on the Vita and 3DS at some point.

Posted by Napalm

@algertman said:

@BlackLagoon said:

@algertman said:

The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

The PS3 is currently the best selling console (month to month) world wide, the 360 really only beat it in North America and the UK. And Hatsune Miku would like to have a word with you about the Vita's viability - the best selling game in Japan right now by quite a margin is Project Diva F for the Vita.

PS3 is running on fumes at this point. The vita has bombed HARD. You are going off of sales for ONE WEEK. One week, in Japan, Vita has been been dragged up the from abyss when it has been having a hard time busting 10k a week in Japan. On top of that Miku was the ONLY Vita game in the top thirty this week. Vita is dead. Quit living in a dream world.

Hi, get out. We're not about console wars. Go back to wherever you came from.

Posted by GrantHeaslip

@algertman said:

@BlackLagoon said:

@algertman said:

The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

The PS3 is currently the best selling console (month to month) world wide, the 360 really only beat it in North America and the UK. And Hatsune Miku would like to have a word with you about the Vita's viability - the best selling game in Japan right now by quite a margin is Project Diva F for the Vita.

PS3 is running on fumes at this point. The vita has bombed HARD. You are going off of sales for ONE WEEK. One week, in Japan, Vita has been been dragged up the from abyss when it has been having a hard time busting 10k a week in Japan. On top of that Miku was the ONLY Vita game in the top thirty this week. Vita is dead. Quit living in a dream world.

Why are you so invested in Sony failing? You seem to like the Xbox, and that's fine, but if you're looking for a console war, do us all a favour and leave.

Online
Posted by Brodehouse

I really want to get behind the homebrew stuff, the idea of making your console work for you... but then on the other hand, the piracy stuff just always runs along with it. I want people to be freely developing and innovating with the platforms, but at the same time, it just makes doing any kind of business on them impossible. And I'd rather game developers had actual 9-to-5 jobs making games than work at Kinko's and draw game art or write stories on their lunch break. That's my life. I wouldn't wish it on professionals.

Posted by Brodehouse

@Xer0Signal said:

“We can't stop it, but I can promise that I will never help it,” he said. “I made this metaphor before, but it's like the invention of airplanes. They're good for transportation, but somebody decided it can be used to drop bombs. But to prevent bombing cities, would it have been better if airplanes were never invented?”

I'm not entirely sure that hacking the Vita is just as important of a discovery in science as was MASTERING THE ABILITY OF FLIGHT.

I get the analogy he's trying to make, but, it rings false to me.

Yeah, his comparison is more akin to looking at an airplane that someone developed privately, and then reverse engineering the blueprints and sending them to every corporation and country in the world. Great for everyone else, probably really bad for the person who actually built the plane.

Posted by Boopie

sounds good if I don't have to pay for games on the Vita it's more interesting

Posted by ripelivejam

@Boopie said:

sounds good if I don't have to pay for games on the Vita it's more interesting

so people nowadays freely and wantonly admit to being pirates?

Edited by nickux

I can appreciate Lu's efforts in the sense of a technical achievement but as a Vita owner it's a bummer to see people had to hack it. Small developers lose, consumers lose, pirates win. I understand this exploit does not allow piracy but it's just a matter of time. Hopefully Sony can squash it with updates.

Posted by algertman

@GrantHeaslip said:

@algertman said:

@BlackLagoon said:

@algertman said:

The Vita is a failure. Wake up Sony fanboys, the dream is over. $599 was the downfall of the Playstation brand.

The PS3 is currently the best selling console (month to month) world wide, the 360 really only beat it in North America and the UK. And Hatsune Miku would like to have a word with you about the Vita's viability - the best selling game in Japan right now by quite a margin is Project Diva F for the Vita.

PS3 is running on fumes at this point. The vita has bombed HARD. You are going off of sales for ONE WEEK. One week, in Japan, Vita has been been dragged up the from abyss when it has been having a hard time busting 10k a week in Japan. On top of that Miku was the ONLY Vita game in the top thirty this week. Vita is dead. Quit living in a dream world.

Why are you so invested in Sony failing? You seem to like the Xbox, and that's fine, but if you're looking for a console war, do us all a favour and leave.

I own a PS3 and love it. It's Sony fanboys who are the problem. Quit buying shitty JRPGs.

Posted by das9000

It begins...

Time to get a vita

  • 107 results
  • 1
  • 2
  • 3