Feeds

Court orders seizure of PS3 hacker's computers

Sony 1; Geohot 0

Application security programs and practises

A federal judge ordered prolific hacker Geohot to turn over his computers and hard drives and to stop publishing the tools used to root Sony's PlayStation 3 after finding his hack was likely a violation of US copyright law.

The temporary restraining order was issued on Thursday by US District Judge Susan Illston of San Francisco. It's a major victory for Sony and a setback for hacker hobbyists who believe they should be permitted to modify hardware they legally own. It comes in a lawsuit Sony filed two weeks ago against New Jersey-based Geohot shortly after he deduced the security key Sony used to lock down the PS3.

The ruling also comes as a defeat to 21-year-old Hotz, who two weeks ago, argued he wasn't subject to the suit because he doesn't have sufficient ties to Northern California, where the action was brought. Shortly after release of the order, his attorney vowed to fight on.

“Needless to say, we're disappointed about the issuance of the TRO, but this doesn't end the question of personal personal jurisdiction of Mr. Hotz, and we still intend to go forward with that motion,” San Francisco-based lawyer Stewart Kellar told The Register. “Suffice it to say it is burdensome to my client for him to give up his computers and hard drives for the order.”

Sony's complaint claimed that by publishing the means to bypass the protection measures built into the console, Hotz violated provisions of the Digital Millennium Copyright Act. Illston said Sony had “submitted substantial evidence” showing the hack constituted a DMCA violation and that Sony was likely to “suffer irreparable harm” if it wasn't curtailed.

Sony's suit names some 100 other people from a hacking collective known as fail0verflow, who in late December revealed the key used to sign PS3 games and demonstrated how to use it to run homebrew apps on the console. A few weeks later, Hotz independently deduced the “metldr” key, which allowed him to root the PS3. Sony's complaint also alleges the hackers violated the Computer Fraud and Abuse Act.

The PS3's use of IBM's Cell processor makes the console ideal for tackling brute-force cryptography attacks and other parallel computing operations. Once upon a time, Sony included a modified version of Linux with the PS3. Sony eventually disabled the so-called OtherOS after Hotz devised a way to use it to gain full memory access to the console.

Hotz was among the first to jailbreak Apple's iPhone so it would work on carrier networks other than AT&T's. Last year, the US Copyright Office exempted iPhone jailbreaking from the DMCA so that they can run apps not officially sanctioned by Apple.

At the hearing for Sony's requested TRO, Illston said she was inclined to reject Sony's arguments that her court had jurisdiction over Hotz because he used services provided by Twitter and PayPal, which are both located nearby. Her ruling didn't explain the change of heart. Kellar said it was based on a legal doctrine known as purposeful direction.

“We're confident once the merits of the case get heard, wherever that may be, that our client will prevail,” Kellar said. ®

The Power of One Infographic

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.