Console Hacking History #3: Sony PlayStation

Hello everyone!

Welcome once again to this series of blogs where I talk about how some of my favorite consoles were hacked for the first time. This is entry number three, you can check out the previous ones here and here.

It’s been REALLY long since the last one where I talked about the Dreamcast (8 months now…) and I’ve been meaning to get back into writing these entries since it’s a topic I’m really passionate about but I never got around to picking it back up until now. 

So let’s talk about what you’re all actually here for: This is, more or less, how the original Sony PlayStation got hacked.

A bit of context

We can’t talk about this console without remarking how insanely revolutionary it was for both the market and piracy.

What’s different about the PlayStation one opposed to consoles released before it is the implementation of CDs as a game format instead of cartridges. This format was chosen by Sony due to the really low cost of producing discs. It’s also important to clarify that piracy as we know it today wasn’t really an issue in the videogame market due to the game format; cartridges are insanely expensive to produce and no piracy market really existed for them. You could argue that pirated versions of cartridge-based consoles do exist (I even own one myself!) but these didn’t really get popular until at least a decade after the console’s launch. As an example, let’s take the Famicom: Huge hit in Japan and the USA, but in south american countries like Argentina where Nintendo didn't export their products to it didn’t really hit the shelves until a pirated version of it known as the Family Game got insanely popular in here due to its low price.

Kind of rambled there… point is: Piracy wasn’t really that big of a problem until the Sony PlayStation came around. But this doesn’t mean that the PSone was the first console ever to be CD-based, not at all, we had consoles like the SEGA CD, the 3DO, the Panasonic M2, and many others. The difference between these and the PSone is success. Those who may not be as familiar with videogame consoles or even casual gamers have probably not heard of any of these before and they’re definitely not to blame, none of these were popular or successful enough to really make a difference. What the fuck is a 3DO anyway

But even then, CD-based consoles never really implemented or took anti-piracy methods very seriously due to how inaccessible a CD reader was during the early 90s. Sony, however, predicted that in the future these may become cheaper and easier to obtain to the average person, so they decided to implement anti-piracy methods. Just in case, really, since what they didn’t really predict is how quickly CD readers were going to become easier to come by.

You may or may not have heard that the method they used to prevent piracy on the PSone was related to the back of the CDs, which was completely black. This, however, has been debunked for a while now. The backs of the CDs were purely for the aesthetic. I feel the need to clarify this because in my research I kept seeing it come up over and over again but it isn’t true! Just a really wide-spread rumor.

This doesn’t mean the anti-piracy methods weren’t related to the CDs at all though. Here’s how it worked:

The actual anti-piracy methods and how they were defeated

Let’s put it in simple terms. The PS1 discs weren’t encrypted at all, in fact if you want to dump the contents into a computer and make a backup copy you could do so with no restrictions at all. However, Sony used the table of contents on the discs to store the region information of the game and the copy protection of the disk. Whenever you put a disc into the console, the system reads this info. If it verifies both the region and authentication are correct, the game boots up. Otherwise, it doesn’t. It’s a simple technique really, but even if it sounds infallible at first… there’s definitely some ways around it. 

The first method that popped up and undeniably the easiest one is what we all know as Disc-swapping. See, the biggest mistake this security system has is that the console only asks for the authentication data once, right before the game boots up. This method of “bypassing” the security check is really simple; you pop an original PS1 disc in, when the game is about to boot up you switch it up and boom: The PlayStation keeps reading your pirated disc and effectively boots up the game.

Although it’s quite simple, this method can be a little bit… rudimentary. You need to keep the console open and swap discs quickly while they’re spinning, which can easily lead to hardware or disc damage if you aren’t careful enough. There’s also quite a big chance it won’t even work if you don’t do it properly. Simple, but too hard to pull off without damaging your stuff and there’s a big chance it won’t even work. 

Clearly we need a different approach. Replicating the pattern in which the authentication data was burned was straight up impossible, so instead of trying to burn the necessary data into the discs themselves, people began trying to fool the console into thinking every disc you inserted was an original PS1 disc.

One would think this was an extensive process full of complications… but it really wasn’t. Extracting the authentication information from the console was quite simple, actually. This information was then programmed into a chip that, effectively, bypassed the console’s security check and the region lock as well.

Sony, of course, tries to fire back via hardware revisions. Their workaround the issue was really simple as well; instead of only running the security check once right before the game boots, the system would now ask the console to check the disc at random points in the game. However, the console’s disc reader wasn’t designed to be able to actually send this information in random points during the game, so if the system actually received the information it asked for, that meant that the console had an illegal modchip that was actually responding to the check, and therefore the game stopped running. 

Once again, the solution to this issue was insanely easy. New modchips started coming out that immediately shut off after the first security check was done, and therefore the console didn’t recognize it as piracy.

Surprisingly, Sony didn’t really try to combat piracy anymore from this point. It was game developers instead who implemented anti-piracy measures into their games. Most of the time patches for the games that got rid of these measures came out quickly, though.

Conclusion

Aaaand that’s about it, more or less. Let’s summarize: The PS1 brought with itself a revolution in the gaming market with its cost-effective game format, as opposed to cartridges. With this huge change also came challenges though, and it prompted both Sony and every other CD-based console to rethink their approach to anti-piracy methods.

Even though we can say that Sony practically failed to combat pirates and hackers, these didn’t really affect their sales negatively, and they did insanely well for a first console as well. This also served as a lesson for Sony and later on, with the launch of the PS2, many of these mistakes and challenges they faced with their first were fixed with their second… but that’s a story for another time :) 

Thank you SO much for reading! I hope you enjoyed it just as much as I enjoyed writing it. Hopefully the next entry won’t take as long as this one took… I’m thinking of writing about a XBOX console next, since I’ve already covered Nintendo, SEGA and now PlayStation. We’ll see. 

See you next time! :D 

Sources:

• Facu Peralta: "HACKEAR la Playstation 1 fue DEMASIADO FACIL" on youtube (spanish).
• Modern Vintage Gamer: "How the Sony PlayStation PS1 Security was defeated" on youtube.
• ACID_SNAKE: "How PS1 security works" on wololo.net.

All of these are super worth checking out if you're interested! You can see more of how the PS1 security worked on greater detail in any of these sources.