Feeds

Sony buries hatchet with GeoHot in PS3 modding case

Jailbreaker promises no more console hacks

Protecting against web application threats using SSL

Sony has agreed to drop a lawsuit against a hacker who published the secret key used to jailbreak the PlayStation 3, in exchange for promises he will drop all future attempts to unlock the game console.

The agreement ending Sony's controversial legal attack on George Hotz, aka GeoHot, was laid out in a permanent injunction filed in federal court on Monday. In it, Sony agreed to dismiss the lawsuit, and the New Jersey-based hacker promised to permanently cease any “unauthorized access to any Sony product”. That means Hotz may never reverse engineer, or disassemble any portion of the product, use any tools to bypass its encryption or security, or design or distribute unauthorized software or hardware for use with a Sony product.

US District Judge Susan Illston, who is presiding over the case, must still approve the settlement for it to be final.

"I am not able to speak on this matter without breaching my settlement agreement,” the 21-year-old Hotz wrote in an email to The Register. “Therefore, I have no comment other than this one. With that said, I do not like censorship, and I do not like censoring myself. Rest assured I am still fighting the good fight, in the best way I know how."

Riley Russell, General Counsel for Sony Computer Entertainment America said in a blog post that the company was satisfied with the agreement.

“Our motivation for bringing this litigation was to protect our intellectual property and our customers, Russell said. “We believe this settlement and the permanent injunction achieve this goal.”

Sony filed the lawsuit in US District Court in San Francisco in January that targeted Hotz and 100 other hackers who independently published technical details used to run PlayStation games and applications not authorized by the Japan-based console maker. Sony accused Hotz of violating provisions of the Digital Millennium Copyright Act that prohibit the trafficking of “circumvention devices” that bypass technology designed to prevent access to copyrighted material.

Sony filed the complaint after Hotz deduced and published the secret “metldr” key that allows the rooting of the PS3. Ironically, it was the secret related key that was tweeted a month later on an official Sony Twitter account reserved for public relations.

The lawsuit represented a major PR problem for Sony because it enraged some of the PS3's most loyal fans, who said they wanted to restore Linux functionality to the console after Sony abruptly removed it.

The critics argued they should be free to modify hardware they legally purchased without running afoul of the DMCA, which carries stiff criminal and civil penalties for violations. Indeed, the US Copyright Office has exempted the jailbreaking of iPhones from the statute, but that move had no bearing at all on the unlocking of game consoles.

During the lawsuit, Sony gained access to Hotz's PayPal, YouTube and Twitter accounts, and also won the right to view the IP addresses of anyone who visited his website for more than two years. Sony also won an order requiring Hotz to turn over his computer and hard drives and remove all online postings about his PS3 hack.

While the settlement is likely to end the most controversial battle in Sony's campaign to control how customers use the console, other skirmishes continue. One pending lawsuit brought by PS3 customers challenges Sony's removal of the “otherOS” feature that allows it to run Linux applications. While a judge recently gutted most of that suit, plaintiffs' attorneys have since amended their complaint, giving them another shot. In February, a German PS3 hacker published a jailbreaking “bible” after Police raided his home.

What's more, Sony has yet to announce any settlement with members of a hacking collective known as fail0verflow, which spoke about hacking the PS3 in December at the Chaos Communication Congress in late December. The fail0verflow members were named as DOES in the same suit that targeted GeoHot.

So while Sony's campaign against PS3 hackers is likely to become much lower profile, don't expect it to end anytime soon. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.