With the news that infamous iPhone hacker George Hotz has enabled homebrew via a custom firmware patch, speculation is now moving on to what Sony will do to stop unauthorised code running on the PlayStation Network. What exactly can the platform holder monitor from your machine and what steps can Sony take in banning you from the PlayStation Network?
First of all there's an important distinction in the unofficial hacker's "code of conduct" to be aware of: these guys believe that once you buy a machine, you own it and you have the right to run your own programs on it, even if the inevitable consequence of this (by their own admission) is that piracy becomes possible on what was previously a "backup"-proof system. However, hackers are equally adamant that the PlayStation Network, or Xbox Live for that matter, is a service that users subscribe to and for which they have no ownership rights at all. In short, if you do decide to run your own code on a system connected to such a service, you're on your own and should be prepared for the consequences.
Thus far, educated estimates put the amount of Xbox Live bans at well over one million consoles, accounting mostly for users who modified their DVD drive firmwares to run games burned onto DVD. However, Sony has been remarkably restrained in its response to the Jailbreak even though PSN has been vulnerable for some weeks over the last few months. Does the company have the tools to track Jailbroken consoles and if so, why haven't we seen the banhammer fall already?
First up, what does Sony know about what's going on with your console? It is true that when the PS3 boots up - whether you have a PSN account or now - the machine itself communicates with a string of Sony servers, as recently posted on NeoGAF, and a log of applications run on the system is almost certainly transmitted. Similarly, the game you're running at any given point also shows up on your PSN profile, and the chances are that if you run a game from within a "backup manager", then the manager - not the game - will be displayed attached to your PSN account.
According to the terms and conditions of the PlayStation Network, this effectively makes you fair game for a PSN ban of which many variations exist - a timed suspension or even a lifelong ban. The amount of access Sony has to your machine is greater than you probably suspect: the company even has the means to irrevocably disable your console should it so wish, and if that happens, it will remain non-functional whether you're online or offline.
However, despite the options Sony has available, to date there have been no ban waves that we've been aware of, despite Jailbroken consoles being easily detectable. Sony's approach has been very responsible - issuing security updates via new firmwares that automatically lock Jailbreakers out of the PlayStation Network as opposed to issuing outright bans. Sony effectively offers PS3 jailbreakers the opportunity to "go legit" in order to preserve their PSN access.
It was the right solution for its time: a system update is inconvenient for the end-user but for Sony it would be far more of an issue in dealing with the unwelcome publicity of a ban wave. Just the logistics of the customer relations element also makes this the most reasonable approach: why deal with thousands of emails, requests for info from the press and - yes - potentially banning a small amount of innocent users when a new firmware prevents any of this from happening?
Microsoft went the nuclear option with its various ban waves of course, but there is a difference between modifying DVD firmware and running a PS3 jailbreak: opening up your 360, re-flashing the drive and reassembling the machine demonstrates a singular purpose in running burned games. With the USB jailbreaks, all machines were vulnerable and any one could run the dongle on any machine whether they owned it or not. Sony may well have a list of "suspect" consoles, but arbitrarily suspending PSN access without a proof of sustained usage would be an over-reaction. As a knock-on effect, it would obviously stop these people spending money in the PlayStation Store. Updating new firmware and locking out the compromised systems while offering offenders the chance to "go legit" has clearly been the platform holder's MO thus far.
In the short term, expect to see Sony do exactly the same thing. Firmwares 3.42 and 3.5 worked in locking out Jailbroken consoles with the minimum of fuss. Hacks to get compromised consoles onto PSN were neutralised relatively quickly and you can expect the current access Jailbreakers have to PSN with Geohot's hacked software to be revoked imminently with a new system update.
In future firmwares, expect internal checks to be carried out during run-time and on boot to ensure the integrity of GameOS - these are trivial for Sony to code, invisible to the legitimate end-user and much more difficult to reverse-engineer. However, the long term challenge facing the platform holder is a lot stiffer now - the collapse of the security set-up means that any kind of code can be installed on any PS3.
Where Sony is going to face real difficulties is in preventing determined PSN cheaters from adjusting and patching their games. The latest hack isn't just about patching GameOS any more: jailbreakers can change map data, roll back patches and even adjust the game code and re-encrypt it to look like an official update. Determined cheaters could probably use DNS hacks to install suspect code on their console even without the requirement of a custom firmware in the first place. Over and above this, leaving GameOS to the mercies of the hackers could see them reverse-engineer the ways in which PSN games are purchased and activated on the console, opening up another wave of piracy Sony would rather not have to deal with.
The chances are that threats like this are just too big to ignore, and it's surely just a matter of time before Sony's current "soft touch" approach to dealing with Jailbroken PS3s on PSN becomes a thing of the past. If the situation escalates, expect that ban hammer to hit without warning: at the end of the day, running unapproved homebrew code of any description while connected to the PlayStation Network is just a really bad idea...