Archive for December, 2006

Fragmented usernames, gamertags and profiles

I love online gaming.

I don’t get enough time to participate these days, nor do I own any of the “next gen” consoles, which is where I am led to believe the most enjoyable online experience can be found, particularly if you are like me and use your PC for work and your consoles for fun.

Earlier this week Sony opened up a service that allowed you to pre-book your online username/gamertag/persona (call it what you will) if the Playstation 3 hasn’t reached your country yet or you just don’t fancy paying the eBay prices for their latest toy.
I’m all for these services and decided to see if such a service was offered by Xbox Live. Apparently it is, so I duly entered my details only to find that my gamertag was already taken…

I’ve been using the online persona gothi since the 90’s, I’m pretty fortunate in that it’s an usual word (although at the time I was not aware of it’s religious connotations). I’ve made a name for myself by posting, and administrating, on many forums, creating websites, I’ve released hundreds of Xbox & PS2 saves, played in online tournaments, beta tested online PS2 games, written several widely used software programs and it’s even got to the point where some people think entering my username into a game makes you invincible. It doesn’t by the way, however using the cheat save I made for the Xbox version of XIII, which features my profile name, does.

I like to think I made myself known, I even own and the fact I cannot use my username, the one I have used for about a decade, on Xbox Live frustrates me.
I like how Xbox Live operates, one username for all games, but what do you do when your username is taken? Do I have any right to ask that the user of this name gives it up? I appear twice in the top 10 google results for gothi (not bad considering my username is a religous term), does all that give me enough leverage to say that “this is my online persona”?

As it stands both Microsoft’s and now Sony’s approach is reasonable but limited. You choose one name, but it is only unique to that system, and when a new system is released it can be mad scramble to get your name registered. In this case I clearly lost out on Xbox Live. To make matters worse, some games companies, seeing that users want one name across the systems, have created their own private database of usernames that allow you to have one name across their collection of games. Rather than improving matters this makes them worse as now there are even more private areas to register for and more chances to lose possession of your name. Without your name, and the reputation that follows it, who are you?

What I propose is a universal system where users can choose one name for all systems and games, regardless of publisher, designer or manufacturer.
By use of an open API games designers can verify ownership of a gamertag and other information, such as game specific data, can be stored on their own databases.

Is it too late for such a system? Maybe. I truly hope it isn’t and that some order can be brought to the chaos that is forming.

I’d like to know what others think of the fragmentation issue we’re in and how you see it in 5 years time…

Tags: , , , ,

Google snippets snipped away with filter

A recent Google search for view headers was a little suprising, not one page had any of the familiar snippets.

But if you repeat the search with the omitted results included all the snippets return…

(Your mileage may vary depending on browser, whether you are logged into a Google account or not and which data center you get)

Looks like things have updated at Google as trying this again a few hours later I get the correct results complete with snippets and the logo of the day (Evard Munch birthday logo)


The end of save hacking?

Save hacking is exactly what the name implies, the manipulation of the raw data of the file a game uses to store such things as ammo counts, collected items, unlocked levels and more. It’s been a solid and reliable way to alter many games, be it the number of lives you have all the way up to unlocking removed levels and cheats that the game designers never wanted you to see.

I’ve been interested in save hacking for many years, I was once employed to do this very task, but a worrying trend has appeared recently, particularly in console saves.

Let’s take a (short) trip into the past.

Over the years developers and even the console makers have been finding different ways to make save hacking as difficult as possible. Saves started to use checksums to verify data integrity but these were easily bypassed. Next saves were encrypted by the game, although this too was bypassed by skilled people able to determine the methods used by the game and reverse the procedure. All was still good in the land of save hacking.

Fast forward to 2001 and the advent of the original Xbox console. Saves for this system used a digital signature as standard as well as other methods such as checksums and encryption, altering even one byte rendered the save invalid and the game would not load it.

After some serious hacking of the console and its operating system a method to resign the digital signature on the saves was discovered but the details of how to do this were shrouded in secrecy. A few people, myself included, were able to (re)discover the methods used and create our own tools to assist in save hacking. The most useful of these was a tool that the public could use to resign saves, but only those allowed by those with the knowledge. This secrecy, usually a burden to endeavours like these was a necessary evil; Xbox Live had taken off a storm and, due to the information to resign the saves for Live compatible games being released, the cheaters started to appear. This wasn’t the only way to cheat on Xbox Live but it was one that could be hampered and almost stamped out, so an unofficial and unagreed stance was taken by the few; no-one was to provide information on the resigning process nor provide keys that could affect online play.

Now in 2006 we have the next generation of consoles and save hacking faces new challenges.

The Xbox360 saves contain a digital signature, the methods and keys to resign this signature are still not known, at least publicly. I’ve yet to see hard evidence of a save for this system being hacked, at least in the traditional method.
The PS3, Sony’s latest games console, uses a system based on its work with the PSP.
The virtual PS2 saves it uses, the format of which I have mapped over at PS2 Save Tools, uses a digital signature so again, even changing one byte makes the save useless.
As for the saves generated by PS3 games, these are similar to PSP saves and as such are a totally encrypted file. The only save tools available for the PSP must be run on the PSP to unencrypt the data, at this time it is not possible to unencrypt the PS3 save data on a PC.

Where does this leave us?

I had hoped that the Xbox360 would have been laid bare by now but the DVD drive firmware modification has meant that many of the people with the technical knowledge are focusing on breaking new protections Microsoft put in place. This appears to have slowed down, if not stopped completely, efforts to run unofficial software on the Xbox360, a definite step towards editing and resigning save files.
At this time we are unable to run unsigned code on either the Xbox360 or the PS3 (Linux does not come into this) and in the PS3’s case, this may be exactly what is needed as it is with the PSP.

It’s a grim future for save hacking, the security systems on both the Xbox and the PSP have been bypassed by clever manipulation of certain save files which has resulted in tighter and more complicated methods for protecting the data integrity and ensuring we cannot alter save files.
Will I still be save hacking in 3 years time? I hope so but the future’s very uncertain at this time and not looking good…

Tags: , , , ,