Sponsored Links

Sponsored Links

Sony Sues Graf Chokolo for 1 Million Euros, He's Still PS3 Hacking!


Sponsored Links
183w ago - Shortly following Sony's raid on his house, Dukio have now confirmed while posting a legal notice that Sony is suing Alexander Egorenkov known in the PS3 scene as Graf Chokolo for 1 million Euros and he [Register or Login to view links] that he still wants to continue hacking the PlayStation 3 console with [Register or Login to view links] reporting he has received over $28k in donations already!

To quote: I received a legal notice from SCEE lawyers requesting me to remove the coolstuff links that graf_chokolo has distributed on grafchokolo.com as well as the links at this blog. What i found interesting in the legal notice is that the lawyers are suing graf_chokolo for 1 million euros. That is quite a number, but graf_chokolo doesn't seem to care.

He still want to hack the PS3, where he said he cannot sleep knowing that he cannot touch the hypervisor of the PS3. Man, i never see someone like graf, he is an extraordinary genius hacker that Sony wasting it by making a lawsuit against him.

Back I don't have a PC at home now guys, so i will post here only when i'm able. I will try to answer all your questions about HV and installing Linux. But expect some delays because as i said i don't have access to the Internet all the time.

You know guys, you will say i'm totally crazy now, but i never slept better than in the last 2 days I don't know how to explain this feeling but i don't care about those threats with jail and high money penalties, btw, SONY wants about 750.000 euros from me if i don't cooperate They don't know me at all I don't care about it and they might double it

The higher is the sum the higher gets my motivation They don't understand what makes me tick. Money and even my life doesn't mean to me very much without knowledge. I have a scientific mind and the knowledge is food to my brain. Without HV, Linux and FreeBSD kernel hacking my life is meaningless.

I miss my HV terribly In the last 2 days i got so “hungry” for more knowledge that i cannot control it anymore. I need knowledge and research, it has a huge meaning in my life. Jail or even death cannot hold it back anymore.

The SONY's laywer asked me why i'm doing what i'm doing, because of my hatred for SONY ? He cannot understand why i'm doing it, because he is paid for what he does. I'm not. I don't hold a grudge against SONY even now Hatred clouds your mind, keeps you from more important things. I have a better use for my mind and knowledge

So, SONY you failed again, you took my equipment but my mind is still free and you canot control it. You failed again. They are just tools, i can get new ones and will continue my HV reversing and bringing back PS3 Linux which you took from us. If you want me to stop then you should just kill me because i cannot live without programming, HV and Linux kernel hacking You know who am i and where i live, so come and get me !!!

And to prove it, i will reopen right now my HV reverse engineering page And i will post my latest findings about Update Manager and BD drive here. Most of you know already that i was able to update CORE OS from Linux. And on the last weekend i tries to hel some PS3 devs with BD drive authentication and discovered some interesting stuff about it which i will post here.

And please guys, could someone post here a link to the latest version of my cloned Linux kernel. I need it. The last week i implemnted a updater for Linux and it was finished but the police got first before i could upload it. But do not fear, i have everything in my head I can write it down again and show you how it works.

So, about BD drive authentication The most importnat HV process is 6. It contains Update Manager and Storage Manager e.g. Update manager flashes e.g. new CORE OS, BD firmware or SYSCON firmware. Storage Manager sets ATA keys, authenticates HDD and BD drives.

Storage Manager

I looked at VSH closer in the last week. And found out that VSH uses the following Storage Manager services: 05004 – to authenticate PS3 discs, 05007 – to authenticate PS3 discs.

Bothe these services can be used by GameOS through VUART 10 and Dispatcher Manager (is also in a HV process), I already implemented a driver for VUART 10 and DM on Linux and uploaded it, so guys who has my latest Linux version could use it on Linux And get access to PS3 discs and PS2 discs but i didn't have time to test it.

Both these services accept one parameter: 32 bit integer. Look at the funtion stor_mgr_packetid_0x5004 in my IDA database for HV 3.15. Everything is still the same on 3.41 and 3.55, so my HV 3.15 bible is the key to HV 3.41 and 3.55. They changed almost nothing in new HV versions And look also at function stor_mgr_packetid_0x5007. I could write down a simple Linux program which uses my DM driver to communicate with Storage Manager and show you how it works It's very easy. I will upload it maybe next week.

To authenticate PS2 discs, VSH uses parameter 052 and service 05004. To authenticate PS3 discs, VSH uses parameter 053 and service 05007. But i didn't test it on my own unfortunately.

PS3′s BD support different profiles for different media, e.g. for PS3 discs, for DVD, for PS2 discs. And storage manager can tell BD drive which profile it should use.

All the communication between Storage Manager and BD drive goes through ATAPI/SCSI interface.

To read the current profile of BD drive, the Storage Manager uses the storage device command 011, look at storage_device_RBD_do_device_command in my HV 3.15 IDA database (lv1_storage_Send_device_command) and ATAPI_GetConfiguration. But HV procs do not use HV calls, they use HV syscall, and Storage Manager sends ATAPI commands to BD drive through device file /dev/rbd0. With lv1_storage_Send_device_command(011) you could read the current BD profile.

Also very interesting ATAPI commands used by Storage Manager are Report Key/Send Key commands. Look at functions HW_report_key and HW_send_key in my HV proc 6 IDA database. HW_report_key function is e.g. used by Storage Manager to read BD drive policy. Storage Manager checks the policy of BD drive.

Storage Manager uses sv_iso_spu_module.self isolated module to authenticate BD drive. sv_iso_spu_module.self gives Storage Manager data which is sent to BD drive and back.

And look closer at function HW_disc_auth_emu in HV process 6. It’s for BD emu stor_mgr_check_drive_policy in HV prcoess 6 checks BD drive policy.

Functions storage_mgr_set_ata_key/storage_mgr_delete_ata_key sets/deletes ATA keys. These functions are used in Storage Manager service 05002. This service is used by System Manager in HV process 9 during LPAR boot.

Update Manager

The name of this service explains already the purpouse of it. The GameOS updater communicates with this service and sends encrypted packages to it. The GameOS updater stores a pkg in memory and passes the LPAR memory address of the pkg to Update Manager. Look at function update_package. This functions can update/inspect and extract packages. UM services 06001(update), 06002(inspect) and 06005 (extract) use it. Inspect just checks if a pkg is valid, Update service installs it and Extract service extracts it and you can get it back extracted from UM.

I implemnted an updater for Linux which uses all these services and it worked like a charm I could extract and inspect packages. Allocate a huge page on Linux with mmap, lock it with mlock, store there a pkg and send LPAR address to one of this service through DM. I will upload soon my PS3 Linux updater and show you how we can update firmware without GameOS even noticing it

Updater Manager object in HV process 6 has a member variable which checked during package update, and if it contains a magic valu then you can install just any package version Look at function update_manager_is_valid_access in my IDa database for HV proc 6.






Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 75 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

barrybarryk's Avatar
#60 - barrybarryk - 183w ago
yeah but they aren't suing him for his hypervisor work or his linux kernel modules, they're suing him for his work on NPDRM decryption and for encouraging others to distribute copy-protected files (remember he asked others to upload their files for decryption testing).

tworok's Avatar
#59 - tworok - 183w ago
Power isn't everything. A free mind like graf's is.

Graf has just hit Sony right in the nuts, this guy is a real genius. I'll take my hat off for him.

PS3 News's Avatar
#58 - PS3 News - 183w ago
Another update from graf_chokolo: grafchokolo.com/ps3-development-page.html/comment-page-6/#comment-994
Back Still not in a jail SONY's lawyer sent me a letter with another threats They still do not get how my mind works. They just know me as a hacker, programmer. It's the one side of medal, the other side, my personality, the person who stands behind graf_chokolo, they have no clue about him. They want to make an example of me, to show the other hackers what will happen to you if they mess with SONY, but they chose the wrong person. I'm not a spineless sheep they thought me to be. Take care SONY, because i could make an example of you.

I have to ask my lawyers first Yeah, i got now lawyers and i intend to give a hell of a fight to SONY.

I was sued by the state for spreading copyrighted SONY's and PS3′s stuff (criminal procedure) and by SONY for example for Sonic and games i asked from others to upload and other things (civil pocedure). So, sued twice. Police confiscated my PC and all my PS3s

Ecniv's Avatar
#57 - Ecniv - 183w ago
Wow graf put this guy in your legal team ASAP!!

RexVF5's Avatar
#56 - RexVF5 - 183w ago
The case is judicially quite clear if you take a look at the stuff the graf is writing about and what he is spreading right now.
I am not a lawyer but I tend to strongly disagree with your conclusions. Generally what you cited is not relevant - see below. Also at the end read about EU legislation that applies in my opinion.


1. The graf has been writing all over the place that he has been reverse-engineering the HV and lv2 dump of the PS3.
The HV and the lv2 are both (without doubt) coyprighted material. Sony claims to be the copyright holder which seems to me very likely.
Copyright is a set of exclusive rights granted to the author or creator of an original work, including the right to copy, distribute and adapt the work. AFAIK graf_chokolo did not do or try any of these.

2. According to german law abreviated "UrhG" 69c Nr. 1 "the copyright holder is the only person allowed to enduringly or temporarily replicate, fully or in part, a computerprogram by any means or form"
That fits with general copyright definition. AFAIK graf_cholo did NOT distribute/replicate the program.

3. According to german law abreviated "UrhG" 69c Nr. 2 "the copyright holder is the only person allowed to translate, revise, either arrangement or other revisions of a computerprogramm or it's copys or the derived results."
Nor did he do any of these things.

4. According to german law abreviated "UrhG" 69c Nr. 3 "the copyright holder is the only person allowed to spread or rent the originals of a computerprogramm or it's replication"
None of these apply to graf_chokolo AFAICS.

5. According to german law abreviated "UrhG" 69c Nr. 4 "the copyright holder is the only person allowed to replay the computerprogram by means of wired or wireless distribution in a way that the public is able to have free access at their will"
I don't remember him distributing firmware or any part of it. So doesn't apply either.

6. Besides the riich civil opertunities which the german copyright law offers to the copyright holder (namely the right to get damages (but no punitive ones) or to applicate for a restrictive injunction) the german copyrigh law also includes criminal ariticles.

According to german law abreviated "UrhG" 106 section 1 anyone who reproduces, spreads or replays publically a protected
work or a revision or a or a transformation of it in contrast to the rules of this law or without permission of the
copyright holder can be convicted to a prison sentence of up to 3 years or with punished to pay a fine. Even the trial is punishable.
None of it happened (nor did he try) so not applicable.

7. In german criminal laws the proscutor is allowed to order the police for a search of the home of the prosecuted person to
get clues for the crime. In harsh contrast to a US-TV series like "law & order" the german public prosecutor's office and the german crominal courts are *very* generous in giving the police search orders. In most cases the german police executes a raid even without a search order from the court or the public prosecutor's office. The defendent has to appeal such actions after they have been executed. In most cases such an appeal will be refused.

What he did was reverse engineering which is covered by EU laws - following is copied from Woodmann's copy of Fravia pages (see [Register or Login to view links] ). Also see [Register or Login to view links] for complete text of the directive.

Article 6: Decompilation

1. The authorization of the rightholder shall not be required where reproduction of the code and translation of its form within the meaning of Article 4 (a) and (b) are indispensable to obtain the information necessary to achieve the interoperability of an independently created computer program with other programs, provided that the following conditions are met:...
This, translated, means that you do not need "the authorization of the rightholder" like you would for 4a (temporary reproduction of a program) or 4b (translation, adaption, arrangement and any other alteration of a program) if this is necessary to debug and/or run the crap you have bought. The "following conditions" are that you do it yourself and only insofern as you deem to need it really.

Note -what's even MORE important for reverse engineering- that at article 5 there are some EXCEPTIONS to the restricted acts:

Article 5: Exceptions to the restricted acts

1. In the absence of specific contractual provisions, the acts referred to in Article 4 (a) and (b) shall not require authorization by the rightholder where they are necessary for the use of the computer program by the lawful acquirer in accordance with its intended purpose, including for error correction.

2. The making of a back-up copy by a person having a right to use the computer program may not be prevented by contract insofar as it is necessary for that use.

3. The person having a right to use a copy of a computer program shall be entitled, without the authorization of the rightholder, to observe, study or test the functioning of the program in order to determine the ideas and principles which underlie any element of the program if he does so while performing any of the acts of loading, displaying, running, transmitting or storing the program which he is entitled to do.

Quite right! Obviously there cannot be a "looking under the cover is forbidden" policy, which would lame all technical development (it's already lamed enough like it is now), therefore you may observe, study or test the functioning of any program you fancy (the reason is that they could not have forbidden it anyway :-) sipping your favourite Martini.

There is another point at art.7.1.(c) that refers to "technical devices which may have been applied to protect a computer program", which could be of interest for us:


...Member States shall provide, in accordance with their national legislation, appropriate remedies against a person committing...

(c) any act of putting into circulation, or the possession for commercial purposes of, any means the sole intended purpose of which is to facilitate the removal or circumvention of any technical device which may have been applied to protect a computer program.
All-in-all I do not think there is any strong evidence against him. All he did was in accordance to EU law AFAICS. Please also note that last paragraph states that removal or circumvention of any technical device which may have been applied to protect a computer program is only punishable if it was circulated or possessed for commercial purposes!

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News