Feeds

Sony buries hatchet with GeoHot in PS3 modding case

Jailbreaker promises no more console hacks

Providing a secure and efficient Helpdesk

Sony has agreed to drop a lawsuit against a hacker who published the secret key used to jailbreak the PlayStation 3, in exchange for promises he will drop all future attempts to unlock the game console.

The agreement ending Sony's controversial legal attack on George Hotz, aka GeoHot, was laid out in a permanent injunction filed in federal court on Monday. In it, Sony agreed to dismiss the lawsuit, and the New Jersey-based hacker promised to permanently cease any “unauthorized access to any Sony product”. That means Hotz may never reverse engineer, or disassemble any portion of the product, use any tools to bypass its encryption or security, or design or distribute unauthorized software or hardware for use with a Sony product.

US District Judge Susan Illston, who is presiding over the case, must still approve the settlement for it to be final.

"I am not able to speak on this matter without breaching my settlement agreement,” the 21-year-old Hotz wrote in an email to The Register. “Therefore, I have no comment other than this one. With that said, I do not like censorship, and I do not like censoring myself. Rest assured I am still fighting the good fight, in the best way I know how."

Riley Russell, General Counsel for Sony Computer Entertainment America said in a blog post that the company was satisfied with the agreement.

“Our motivation for bringing this litigation was to protect our intellectual property and our customers, Russell said. “We believe this settlement and the permanent injunction achieve this goal.”

Sony filed the lawsuit in US District Court in San Francisco in January that targeted Hotz and 100 other hackers who independently published technical details used to run PlayStation games and applications not authorized by the Japan-based console maker. Sony accused Hotz of violating provisions of the Digital Millennium Copyright Act that prohibit the trafficking of “circumvention devices” that bypass technology designed to prevent access to copyrighted material.

Sony filed the complaint after Hotz deduced and published the secret “metldr” key that allows the rooting of the PS3. Ironically, it was the secret related key that was tweeted a month later on an official Sony Twitter account reserved for public relations.

The lawsuit represented a major PR problem for Sony because it enraged some of the PS3's most loyal fans, who said they wanted to restore Linux functionality to the console after Sony abruptly removed it.

The critics argued they should be free to modify hardware they legally purchased without running afoul of the DMCA, which carries stiff criminal and civil penalties for violations. Indeed, the US Copyright Office has exempted the jailbreaking of iPhones from the statute, but that move had no bearing at all on the unlocking of game consoles.

During the lawsuit, Sony gained access to Hotz's PayPal, YouTube and Twitter accounts, and also won the right to view the IP addresses of anyone who visited his website for more than two years. Sony also won an order requiring Hotz to turn over his computer and hard drives and remove all online postings about his PS3 hack.

While the settlement is likely to end the most controversial battle in Sony's campaign to control how customers use the console, other skirmishes continue. One pending lawsuit brought by PS3 customers challenges Sony's removal of the “otherOS” feature that allows it to run Linux applications. While a judge recently gutted most of that suit, plaintiffs' attorneys have since amended their complaint, giving them another shot. In February, a German PS3 hacker published a jailbreaking “bible” after Police raided his home.

What's more, Sony has yet to announce any settlement with members of a hacking collective known as fail0verflow, which spoke about hacking the PS3 in December at the Chaos Communication Congress in late December. The fail0verflow members were named as DOES in the same suit that targeted GeoHot.

So while Sony's campaign against PS3 hackers is likely to become much lower profile, don't expect it to end anytime soon. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.