Sony Files Complaint Against fail0verflow Group Over Latest PS3 Hacks
Sony has decided to take a legal action against hacking group
"fail0verflow," which have managed to gain access to the PS3's innards
allowing it to run Linux software.
Sony Computer Entertainment America LLC filled a complaint against
George Hotz, Hector Martin Cantero, Sven Peter - the fail0verflow
team - claiming that they have circumvented effective technological
protection measures (TPMs) employed by SCEA to protect against
unauthorized access to and/or copying of SCEA's proprietary
PlayStation 3 computer entertainment systems, and other
copyrighted works; and trafficked in circumvention technology,
products, services, methods, codes, software tools, devices,
component or part thereof, including but not limited to the Elliptic
Curve Digital Signature Algorithm ("ECDSA") Keys, encryption
and/or decryption keys, dePKG firmware decrypter program, Signing
Tools, 3.55 Firmware Jailbreak, and/or any other technologies that
enable unauthorized access to and/or copying of PS3 Systems and other
copyrighted works.
SCEA has alleged that Defendants have violated the Digital Millennium Copyright Act (DMCA); the Computer Fraud and Abuse Act (CFAA), as well as related state and common law claims for violation of the California Comprehensive Computer Data Access and Fraud Act.
On January 11, 2011, SCEA moved ex parte on its claims for violation of the DMCA and CFAA against Defendant Hotz for a Temporary Restraining Order (TRO).
Since the release of the PS3 System in 2006, software hackers have attempted to write code to run unauthorized software on SCEA's gaming system. Until a few days ago, the efforts of these hackers were largely thwarted by the TPMs that secure the various levels of the PS3 System. In late December 2010, a hacking group called FAIL0VERFLOW discovered a way to access certain levels of the PS3 System by circumventing the corresponding TPMs. At that point, hackers were given the tools to run unauthorized software on the PS3 System. Building on FAIL0VERFLOW's work, Hotz gained access to a critical level of the PS3 System by circumventing the corresponding TPMs. In early January 2011, Hotz publicly distributed the circumvention devices necessary to access that level, providing them to the public via the Internet and releasing software code that will allow users to run unauthorized software on the PS3 System.
On December 29, 2010, the FAIL0VERFLOW Defendants appeared at the Chaos Communication Conference (the "Chaos Conference"), a hacker event in Berlin. Boasting that they had circumvented TPMs for certain levels of the PS3 System, the FAIL0VERFLOW Defendants broadcast detailed instructions for their circumvention method and promised to divulge information and proprietary code they obtained by unlawfully accessing the PS3 System.
Within two days, the group began publishing the code, software tools and scrambled or encryted keys derived from their circumvention of the TPMs on Twitter and other websites.
Devices, Hotz circumvented certain other TPMs in the PS3 System, intentionally accessed the PS3 System without authorization, and misappropriated critical SCEA Keys ("Metldr Keys" or the "Root Keys").These keys are part of a TPM in the PS3 System, and are necessary to authenticate code that runs on a critical level of that System. With access to this particular level, one can control crucial functions and operations of the PS3 System and execute code that will enable pirated video games to run on the PS3 System. Knowing that the Keys can defeat TPMs in the PS3 System, Hotz began using these proprietary Keys as a component of a Circumvention Device that applies SCEA signatures to any file, effectively "tricking" the PS3 System into running unauthorized programs. On January 2, 2011, Hotz published the Metldr Keys on his website under the banner "keys open doors." By doing so, "Hotz compromised the confidentiality of those Keys and invited other software pirates to incorporate the Keys into their own circumvention technology," DSCEA claims. Hotz?s distribution of the Metldr Keys enabled software pirates to create and run unauthorized copies of video games.
SCEA has alleged that Defendants have violated the Digital Millennium Copyright Act (DMCA); the Computer Fraud and Abuse Act (CFAA), as well as related state and common law claims for violation of the California Comprehensive Computer Data Access and Fraud Act.
On January 11, 2011, SCEA moved ex parte on its claims for violation of the DMCA and CFAA against Defendant Hotz for a Temporary Restraining Order (TRO).
Since the release of the PS3 System in 2006, software hackers have attempted to write code to run unauthorized software on SCEA's gaming system. Until a few days ago, the efforts of these hackers were largely thwarted by the TPMs that secure the various levels of the PS3 System. In late December 2010, a hacking group called FAIL0VERFLOW discovered a way to access certain levels of the PS3 System by circumventing the corresponding TPMs. At that point, hackers were given the tools to run unauthorized software on the PS3 System. Building on FAIL0VERFLOW's work, Hotz gained access to a critical level of the PS3 System by circumventing the corresponding TPMs. In early January 2011, Hotz publicly distributed the circumvention devices necessary to access that level, providing them to the public via the Internet and releasing software code that will allow users to run unauthorized software on the PS3 System.
On December 29, 2010, the FAIL0VERFLOW Defendants appeared at the Chaos Communication Conference (the "Chaos Conference"), a hacker event in Berlin. Boasting that they had circumvented TPMs for certain levels of the PS3 System, the FAIL0VERFLOW Defendants broadcast detailed instructions for their circumvention method and promised to divulge information and proprietary code they obtained by unlawfully accessing the PS3 System.
Within two days, the group began publishing the code, software tools and scrambled or encryted keys derived from their circumvention of the TPMs on Twitter and other websites.
Devices, Hotz circumvented certain other TPMs in the PS3 System, intentionally accessed the PS3 System without authorization, and misappropriated critical SCEA Keys ("Metldr Keys" or the "Root Keys").These keys are part of a TPM in the PS3 System, and are necessary to authenticate code that runs on a critical level of that System. With access to this particular level, one can control crucial functions and operations of the PS3 System and execute code that will enable pirated video games to run on the PS3 System. Knowing that the Keys can defeat TPMs in the PS3 System, Hotz began using these proprietary Keys as a component of a Circumvention Device that applies SCEA signatures to any file, effectively "tricking" the PS3 System into running unauthorized programs. On January 2, 2011, Hotz published the Metldr Keys on his website under the banner "keys open doors." By doing so, "Hotz compromised the confidentiality of those Keys and invited other software pirates to incorporate the Keys into their own circumvention technology," DSCEA claims. Hotz?s distribution of the Metldr Keys enabled software pirates to create and run unauthorized copies of video games.
