The State of PS3 Jailbreak
It’s been just over a month since the sudden debut of the world’s first PS3 mod device. The original release was purely commercial and overpriced (around 150 USD for what is essentially a simple USB development board in a casing), and as a result it was quickly made obsolete by cheaper (and free) alternatives). Still, its spirit lives on in the countless clones that have since flooded the market and we owe the original creators for the breakthrough. If only they weren’t such greedy bastards.
Since the breakthrough, a PS3 homebrew community has blossomed overnight and, though it still has a long way to go, significant progress has been made. It’s really like the early days of PSP’s 1.5 firmware. Here’s a quick summary of the current state of PS3 homebrew.
Jailbreak Method
The method of jailbreaking itself has not fundamentally changed since the original PS Jailbreak was unveiled a month ago. The essential steps are:
- Have a PS3 (slim or original) with firmware 3.41.
- Switch off and on the PS3′s main power.
- Plug in the jailbreak USB device (this comes in many possible forms).
- Press the PS3′s power button followed immediately by the eject button.
- Jailbreak device does its magic.
- PS3 starts up in debug mode, allowing you to install and run all unsigned code.
The general idea is that Sony uses a proprietary dongle to repair and reflash bricked PS3s at their service centres, much like the Pandora battery for PSPs. The PS3 looks for such a dongle when the eject button is pressed immediately after powering on. The role of the jailbreak device is to emulate a USB hub with a USB device plugged into it that shares the same device ID as Sony’s service dongle. It doesn’t actually work as a service dongle, but it uses this access to execute some exploits that put the PS3 into debug mode. The exact payload used is described here for those who can understand it.
The jailbreak device itself has grown to include a whole variety of reprogrammable USB devices thanks to the PSGroove and PSFreedom projects. The list of compatible devices include:
- Nokia N900
- Palm Pre
- Archos 5 IMT
- Dingoo
- TI-84+ calculator
- iPhone 2G and 3G and iPod touch 1G
- MP3 players running Rockbox
- Various Android phones, including the major ones like Droid, Hero, Desire, Legend, Dream, Nexus One
- Various USB development boards, including Teensy, AT90USBKEY, Minimus AVR USB
This is of course not an exhaustive list. In addition to homemade solutions, there are various dedicated jailbreak devices, some of which are reprogrammable with a PC, such as PS3 Key and X3 Jailbreak.
Running the Jailbreak (TI-84 Plus)
I am using a TI-84 Plus because it’s the only compatible device I have on hand. I’ll probably be getting a dedicated dongle (PS3 Key in my case) soon because it’s somewhat troublesome to run the corresponding programme on the calculator each time I start up my PS3, plus the calculator requires four AAA batteries… Here’s how the process looks like:
Backup Manager
Let’s face it: most people who jailbreak their PS3 are going to play pirated (“backup”) games. The Backup Manager is the tool that lets you do that. Indeed, it was the very first homebrew released for the PS3 and it was made by the original creators of the PS Jailbreak.
That said, there are some very compelling legitimate reasons to use the Backup Manager over Blu-ray. Loading games off the HDD is many times faster than loading games off Blu-ray. The reduced load-time is especially noticeable in games like Bayonetta which suffer from extremely long loading screens. Loading a stage in Bayonetta from the internal HDD takes less than 10 seconds. Using the Backup Manager also reduces wear and tear of the Blu-ray drive. Given that DVD drive failure was the number one cause of PS2 mortality, this is an attractive advantage.
The Manager works by ripping wholesale the entire folder structure on the game Blu-ray disc onto either the internal HDD or an external USB HDD. This means that it will not produce an ISO image, but rather a folder of files and subfolders. There is currently no way to run a game off a Blu-ray ISO image, which is encrypted.
The PS3 does not support NTFS for external media and only accepts FAT. Since FAT only supports files up to 4GB in size, this may be problematic. However, since the Manager rips games into folders instead of a single ISO image, this is only a problem if the size of a single file in a game exceeds 4GB (usually a movie file) and it is not as common as you may imagine.
The PS3′s proprietary internal file system supports files of any size (at least for current-day purposes) and therefore has better compatibility with games. This serves as an incentive to upgrade your internal 2.5″ HDD. Furthermore, loading games off the internal HDD is significantly faster than loading games through the USB interface. The internal HDD also has better games compatibility, no doubt as a result of the difference in load time. A comprehensive list of compatible games can be found on Google Docs.
The first release of the Backup Manager requires any legitimate Blu-ray disc to be in the drive in order for backups to work, much like the first-generation PSP UMD loaders. A new release removes this requirement but appears to have poorer game compatibility.
Homebrew
Currently, the PS3 homebrew scene is still in its infancy. There are no comprehensive development environments or programming guides available and development is largely carried out by dedicated long-time veterans in the console homebrew community. The use of Sony’s official development kit to compile homebrew programmes also brings legality into question.
But still, impressive progress has been made in the span of one month. There are various proofs of concept such as Pong, a port of SNES9X SNES emulator, a port of NullDC Dreamcast emulator, a port of Yabause Saturn Emulator, a file manager, an FTP server, and various tools for PS3 development such as a registry editor.
The FTP server in particular is a god-sent because it allows direct access to the PS3′s internal HDD.
I suspect the next homebrew breakthrough will be a full Linux distro. Sony previously removed the PS3′s OtherOS Linux support in firmware 3.21 due to concerns over Linux being used as a potential vector for exploiting PS3′s anti-piracy protection. This pissed off a lot of people who actually used the OtherOS for things like distributed computing. I am sure a successful Linux port would be too delicious an “up yours” for the dedicated hackers out there to ignore.
The Future of PS3 Jailbreak
Current jailbreak solutions offer no fundamental improvement over the original PS Jailbreak. The exploit used only works in PS3 firmware version 3.41 and older and no new exploit has yet been uncovered for firmwares 3.42 (which was released with the sole purpose of blocking the exploit) and 3.50 (which went one step further by blocking all unauthorized USB devices, including unlicensed third-party controllers).
Much like the early PSP homebrew scene’s reliance on PSP firmware 1.5, current PS3 homebrew development appears to be confined to 3.41. This problem was solved for the PSP with the discovery of new buffer overflow exploits in later firmware revisions and eventually by the Pandora battery hardware solution and the development of custom firmwares capable of spoofing official firmware versions. There is no guarantee that the same will happen with the PS3 due to the complexity of its hardware, but there is no indication that it is impossible either. We can only wait and see.
For now, using the Backup Manager and homebrew solutions requires that you do not update your firmware beyond 3.41. This means that you will not be able to log on to PSN, but your PS3 can remain connected to the Internet as long as you disable auto-updating. Games released after September will also start to require firmware 3.42 or newer, which will pose a problem if no solution is found in the long run.
The Xbox 360 and Wii were successfully modded a long time ago and both have now developed more sophisticated jailbreak solutions than the initial exploits. If the same applies for the PS3, future developments will likely see the release of firmware loaders that allow the user to switch between different firmware revisions or custom firmwares that are capable of fooling the PSN and version-checkers that come with games.
However, there is no guarantee for this due to the PS3′s notoriously complex Cell architecture and the fact that it took three years to even produce one viable exploit. On the bright side, should such a solution come to be, most current jailbreak devices are easily re-programmable using a PC and you won’t have to pay for new mods.
Conclusion
I’ve been following the development of the PS3 jailbreak since the first batch of working samples was quietly mailed out to modchip vendors by the secretive people behind PS Jailbreak and subsequently reverse engineered by the community. This article serves as a summary of all the important milestones that have transpired so far.
If you are looking for a more instructional article, please look through PS3 Hacks or PSFreedom.
Trackback from
The State of PS3 Jailbreak – Ramblings of DarkMirage - freyrtSeptember 26th, 2010 at 9:22 pm
[...] the rest here: The State of PS3 Jailbreak – Ramblings of DarkMirage PS3 posted, PS3, september-, [...]
September 26th, 2010 at 11:09 pm
Well, so it IS real. My nephew’s going to have a field day with this one.
I’m beyond help at this point (got “upgraded” to 3.42 when I got onto the PSN to buy Agarest War), but it’s nice to see a homebrew scene popping up. Plus in this case it’s unlikely to effectively “kill” the PS3 as it did with the PSP (within North America at least).
After all, at current affordable internet speeds, it’s way easier to download a single 800 mb iso image than 5-8 Gb of assorted files (just that small amount since most multiplatform games are designed to work within the Xbox 360′s DVD storage limits).
A quick questions though:
1. I haven’t been kicked up to 3.50 yet (I imagine the latest releases will eventually force me to do so, and I have no intention of delaying my game consumption on the wait for a cracked version), but does killing ALL unauthorized USB devices include flash drives, which I use to watch shows on the PS3?
September 26th, 2010 at 11:59 pm
No, USB storage devices work. The intention is to kill bootlegged Dualshock controllers and, probably, jailbreak devices.
September 27th, 2010 at 12:11 am
Very complete article. I have been testing this exploit with PS3Key for a couple of days now but I am a bit disappointed with the number of games I actually managed to use. Only one “Top Spin” out of ten. I am copying the games to the internal hdd but common problem is wrong eboot message. Google a lot but no luck up to now. Any help were to further look?
September 27th, 2010 at 12:13 am
That is strange. I tested 8 games so far and have not had any problems loading any off the internal HDD.
Are those games listed on the compatibility list?
https://spreadsheets.google.com/lv?key=tqjzdwQGOhsHl_KH0KiEC3w&toomany=true
If they are supposed to be compatible, perhaps there’s something wrong with your setup or PS3 Key. I have no idea though because I’ve never read about such a problem in the community forum threads.
Compatibility issues are usually caused by the game requiring installation to the HDD and simultaneously attempting to read from both the HDD and Blu-ray drive, I believe. But even MGS4, which requires HDD installation, worked for me.
September 27th, 2010 at 12:49 am
Woah. You know one effective anti-piracy measure nowadays is just the fact that it’s a hella lot easier to buy a game and play it straight. As gaming demographics get older and have more disposable income, most people will think 80$ is worth less than the time and effort required for this.
September 27th, 2010 at 9:21 am
Lol, I was wondering when this it happen. The only thing I’ve ever heard of is that geohot douche. :/
Man he was a douche :|
September 27th, 2010 at 12:24 pm
You know, after buying so many PS3 games and thinking that the PS3 will never get broken, I’ve reached a point where I can’t be assed to research and go through the whole psp 1.5 blood vomit breaking + fear of bricking. I’m probably gonna sit this one out and just go legit all the way.
Unless it’s as easy as jailbreaking an iphone.
September 27th, 2010 at 7:48 pm
Well on the basic level, it’s sticking a USB thumb drive into a USB port.
September 28th, 2010 at 11:29 am
oh wow, jailbroken ti-84… hoyl shit…. never heard of that one. O.o
October 1st, 2010 at 11:16 am
Yeah, I jailbroke my PS3 a couple weeks back with my Android phone. I didn’t bother with the backup manager as I just wanted to see if run the exploit. I’m not so interested in pirating games ^^; I’m hoping more for some good video playback homebrew. Something that will allow me to play anime (and fancy subs) on my PS3 without messing with transcoding. I just hope something like that isn’t near impossible on cell ;)
October 19th, 2010 at 12:07 pm
Wow, this is the most complete article I’ve come across on the developments of the PS3 Jailbreak. I appreciate the info, considering all the other sites I’ve visited give you a tutorial on how to initiate the jailbreak, and not an explanation of why it works.
Thank you.
November 18th, 2010 at 8:03 pm
wrong eboot message Means the game was Extracted from a ISO Made with swiss army knife OR that you need the fix permissions pkg to set all you folders so that the Back up managers can see the eboots inside the folder. That error does not mean it dont work, I Dont know if that game does though:-)