Sunday, February 20, 2011

The best defense of GeoHot I've ever read.


This comes from a forumer on the Penny Arcade boards, and it's the first one I've read that came across as reasoned, free from the self-righteous crap that tends to lace most arguments with similar aims.
"...Your error in this argument is that you assume that hacking and homebrew are the only two arguments. You see, as someone who participates in the console "hacking" community. I don't give two poos about the software. Here's what I get out of it.

Did you know that the Wii has a CPU inside it's graphics chip, and Nintendo didn't tell anybody? Even the actual, official, licensed Wii developers had no idea there was an ARM chip embedded in Hollywood. ARM, by the way, is the same CPU found in the GBA and most Android phones. Heck we don't even have a name for the thing. "Starlet" is just what the hackers call it. Nintendo, NEC, and ATI *still* deny it's existence even though we've seen the stupid thing. Why is this significant? Well, no one has ever done this before. This might have all kinds of benefits to GPU processing, or programming theory in general. Well, not here though. Here, starlet is used as a hardened bootloader. Who would of thought of booting a system though it's graphics chip? That's interesting to me.

Why is Sony's master key significant? Well, first of all Elliptic curve cryptography (ECC) is still technically "experimental". It was only developed in 1985. Sony saw it as the best new thing, which is not how you approach encryption. You have to use tried and true. (Actually, you don't use public key encryption when you have to give a private key the the entity trying to compromise the system, but that's another argument). The fact is, Sony botched it. Haha lolsony, but wait! What about other companies and governments out there that use ECC too? This seems like such a trivial error. How easy is it to trip up on this function? Is it trivial? Is it a common mistake? Can this compromise the ECC algorithm as a whole?

There are people out there who study this. They are scientists. Many of them don't wear lab coats and have to publish to stay active in the community and collect a paycheck. Now we have a company saying that simply telling how something works can land you in jail.

Don't think this is relevant? Tell that to Dmitry Sklyarov who was arrested by the feds by telling how secure PDFs worked at a security conference. Even after Adobe dropped the charges, the feds didn't drop the case. In the end he was found not guilty. How about Ed Felton who was threatened with litigation after the RIAA said that he was no allowed to tell how digital watermarking worked. It was only after the Justice Department promised that the DMCA was invalid for his line of work did he start to publish his findings. My favorite is David Touretzky, professor of artificial intelligence and computational neuroscience. In the U.S it's was ruled that the publishing of the code to decrypt a DVD was distribution of an illegal "circumvention device". So where does that stop? Can teach a class on how DVDs are decrypted? Can I tell my friend? Can I tattoo the code on my arm? Professor Touretzky pushed this to the extreme and put up a web site showing how the code worked though t-shirts, haikius, songs, and dramatic readings. He also issued a declaration of his intent to the MPAA. He has yet to be sued, but really, where does it stop.

Like I said before, a console is not made out of pixie dust and fairy farts. It's just a computer you plug into your TV set. I'm sorry that Sony decided to subsidize the cost of their game system relying on broken encryption. Don't punish others because you screwed up your business model. Subsiding costs is a dumb route to go because it makes you look stupid when the revenues don't work in your favor. Ever wonder why the PSGo cost more? Well, they didn't have the UMD movie subsidy to make up for the cost anymore, therefore they had to raise the price. Economics 101 here Sony, if you make a product that is too expensive for the market to bear, either change the target market, bring down COGS, or get out with sunk costs.

On the flip side. GeoHot must of had a wake up call shortly after the rap video. That was quite a change of tune. When I was in the Connectix case they were throwing around millions of dollars back and forth. He has only been in litigation for just shy of a month and has lost $10,000 to it already. It's pretty easy to see how Bleem imploded.

tl;dr

It's not about games, Sony needs to chill and Geohot got a reality check recently."
-halkan, Penny Arcade forums member
* * *

First and foremost, let me say - he's right. Or at least, I have a hard time finding much that he's wrong about - but I'm viewing this as someone who doesn't muck about with the innards of my console. I'm purely a PS3 consumer - I bought it to play PS3 games - and this whole thing just makes me pissed at Hotz. My priority is to seamlessly enjoy my PS3 library, and I anticipate the result of the rootkey publication will be a series of hassles, on my end.

I don't give a shit about Hotz and whether or not he has the moral or legal high ground - I just want to be able to play my PS3 library without getting griefed by modders online, or being forced to log in to the PSN during every play session of an offline, single-player game.

My position is a purely selfish one, I admit, but I feel that Hotz has essentially fucked with my shit - and the shit of millions of gamers - just to prove to himself and other hackers that he could. At the same time, I feel halkun's right - but I really hate what Hotz and fail0verflow have done because the quality of online gaming is suffering, and I anticipate the previously nonexistent DRM on the PS3 may become very, very troublesome for all of us who merely bought PS3s to play PS3 games on.
"There are people out there who study this. They are scientists. Many of them don't wear lab coats and have to publish to stay active in the community and collect a paycheck. Now we have a company saying that simply telling how something works can land you in jail."
And I find nothing to disagree with here. I absolutely feel that folks who want to muck about in their PS3s or whathaveyou should be allowed and even encouraged to do so- but...
"It's not about games."
For me and, I have to think millions of other, it totally is. And he has fucked with our shit.

At the same time, the PS2, Wii, DS, PSP, 360 and PC gaming scenes have survived similar crap - the PS3 will too. I just don't like that it's now obliged to, and that it will impact my experience.

No comments:

Post a Comment