The latest PlayStation Portal update has supposedly addressed an exploit that allowed PlayStation Portable (PSP) games to be emulated natively on the streaming handheld.

This is according to a recent X / Twitter post by Andy Nguyen that was first spotted by VGC. An employee at Google, Nguyen previously claimedthat they were part of a small team that was able to get PSP games running offline on the PlayStation 5 peripheral via some hacking and the open-source emulator PPSSPP.

Now, however, Nguyen says that the exploit they used to get the software installed and running has been patched after they “responsibly reported the issues to PlayStation.” This alleged change comes as part of the latest PS Portal software update, version 2.0.6.

  • wizardbeard@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    52
    arrow-down
    1
    ·
    7 months ago

    This is normal MO for Alex, and follows computer ethics guidelines for someone attaching this stuff to his real identity. He’s very active in this scene, especially in recent years with Sony hardware.

    Also, keeping gaming devices on old firmware to wait is an incredibly normal requirement for cracks and homebrew stuff.

    Sony has a pretty good bug bounty program. He’ll usually report it to Sony, post something on social media telling people to hold off on updating firmware past the vulnerable level, and then it’s up to Sony to fix what is a legitimate security issue. You wouldn’t want a rogue developer hiding something in a game and turning your device into part of their botnet. Once Sony confirms it’s a legitimate vulnerability, he gets paid the bounty, Sony patches the exploit, and the details of the vuln are released and homebrew tools follow shortly after.


    Everyone is acting like if he didn’t report it to Sony, and instead released it directly to the open internet, they’d somehow magically never know. That’s complete and utter delusion.

    The only time stuff like this hits the open net and doesn’t get patched anyway is when devices are past the end of support, or if the vulnerability is so deep into the design or hardware that it can’t be patched.

    Wii exploits rely on issues with the physical chips themselves that can’t be patched in software. Same with 3DS. PSPs rely on exploits in the recovery/factory mode/menu functionality, some of which was intentionally held back from release until after Sony stopped caring. I’m pretty sure the exploits with first gen Switches rely on a hardware flaw as well.

    Point being, if you released this as a hacking tool first, Sony still patches it. The only thing you do is maybe delay their patch by a short few weeks, ruin any professional reputation connected to the identity used to release it, put yourself in the crosshairs of potentially life ruining legal trouble as they try to unmask your real identity, and miss out on a cool payout.

    There’s people who have been arrested for this shit for years and fined such crazy amounts of money that they will never pay it off. Stupid, but not worth the fucking risk when you can just do it this way.

    • starman2112@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      7
      ·
      7 months ago

      Are you suggesting that the majority of the comments in this thread are from people who have no idea what they’re talking about? On Lemmy? Unheard of!