Vita hacking: the exploits devs won’t talk about

October 28, 2013

Nearly 2 years after its release, the PS Vita, just like the PS3 years ago, has proven a tough nut to crack for hackers. Although this site provides the community with regular exploits within the PSP emulator of the PS Vita, only a handful of people have had their hand on a native hack (such as YifanLu’s UVL, for which the exploit vector was, apparently, patched later on by Sony).

This has left may of us with the feeling that hackers are not interested in the Vita at all. and there’s a truth to that, which was expressed not so long ago by YifanLu, and even earlier by Fail0verflow (the guys behind the big PS3 hack in 2011) themselves (read: Fail0verflow: the end of Homebrews?).

Many hackers from the PSP and PS3 scenes have given Vita hack a try. And if what they told me is to be trusted, many of them have given up: “too hard”, “no point in hacking a portable console when we can do everything we want on smartphones”, etc… . In many aspects, most hackers I’ve talked to echo what YifanLu, Fail0verflow, or myself have said in the past.

Nevertheless, several of those hackers who have given up made it reasonably to a point where “things” could be possible. I cannot give proof for most of the following, either because I promised not to name names, or because those are rumors I didn’t get directly from the mouth of the horse, but here are the things I’ve been told by trusted sources, or witnessed myself. When necessary, I am being intentionally fuzzy to protect some of the critical information.

  • Several groups of hardware reverse engineers are actively looking at the Vita’s memory cards. However no significant progress has been made from the groups I am in contact with.
  • The Vita retail devices ship with internal software that is necessary for the device to work properly, but intentionally hidden from the end customer, either because the customer does not need to use that software, or for security reasons. Generally both. That software can be accessed reasonably easily by hackers, and could potentially be leveraged for exploits, such as the Package Installer.

psvita_package_installer

  • Some hackers have been as far as reverse engineering communication protocols between the Vita and its psp emulator (also known as Kermit). This is not news, it was revealed by Davee a while ago, but trusted people have told me they gained access to some of the Vita’s protected memory with knowledge acquired in the process. (Only to be later on blocked by security such as ASLR and NX bits)
  • Some leaked/stolen content from some of Sony’s partners allegedly contains information that has helped some hackers to actually run unsigned content and native homebrews on a retail Vita
  • Several groups, other than YifanLu’s UVL, have managed to run native unsigned content on the Vita through exploits (a different way than the signing technique described above)
  • Other approaches, which I would not even consider as “hacking”, but a bit more “out of the box” thinking, have allowed some people to play commercial games for free on the Vita. One of such techniques was allowed by a glitch in the Brazilian PSN store, and gave people free lifetime membership to PS+. Although it was quickly patched by Sony, the simplicity of the technique is a strong reminder that a system is as secure as its weakest component.

All of these are many leads that keep being investigated for Vita hacking. Nevertheless, most of these attempts have one thing in common: a single firmware update from Sony would block these hacks. That, and/or the insane amount of work required to turn most of those into anything useful, convinced many hackers to not talk about their discoveries at all.

As far as I’m concerned, and I’ve said that before, I think there is no financial incentive for companies/teams like Datel or PS3′s Cobra, to try and hack a device with poor sales like the Vita. Maybe the PS4 release will change something here. Until then, we can still enjoy our VHBL and the upcoming TN-V release.

What do you think? Is the possibility of a native vita hack out of reach?

Tweet this!Tweet this!

Previous post:

Next post: