Anonymous Engages in Sony DDoS Attacks Over GeoHot PS3 Lawsuit

Even as 21-year-old iPhone hacker George “GeoHot” Hotz’s legal troubles with Sony Computer Entertainment America LLC (SCEA) continue, a collective of online hackers and internet lovers has banded together to try to deliver a more pointed response.

I. Anonymous Strikes Back at Sony

Anonymous, the loosely organized (or some would argue completely unorganized) group of hackers derived from the image message board site 4Chan, has called out  for its lawsuit of GeoHot.  They have posted an online threat “warning” Sony that there would be consequences.  

Writes the group:

Dear Greedy Motherf*ckers (sic) SONY,

Congratulations! You are now receiving the attention of Anonymous. Your recent legal actions against fellow internet citizens, GeoHot and Graf_Chokolo have been deemed an unforgivable offense against free speech and internet freedom, primary sources of free lulz (and you know how we feel about lulz.)

You have abused the judicial system in an attempt to censor information about how your products work. You have victimized your own customers merely for possessing and sharing information, and continue to target those who seek this information. In doing so you have violated the privacy of thousands of innocent people who only sought the free distribution of information. Your suppression of this information is motivated by corporate greed and the desire for complete control over the actions of individuals who purchase and use your products, at least when those actions threaten to undermine the corrupt stranglehold you seek to maintain over copywrong, oops, “copyright”.

Your corrupt business practices are indicative of a corporate philosophy that would deny consumers the right to use products they have paid for, and rightfully own, in the manner of their choosing. Perhaps you should alert your customers to the fact that they are apparently only renting your products? In light of this assault on both rights and free expression, Anonymous, the notoriously handsome rulers of the internet, would like to inform you that you have only been “renting” your web domains. Having trodden upon Anonymous’ rights, you must now be trodden on.

If you disagree with the disciplinary actions against your private parts domains, then we trust you can also understand our motivations for these actions. You own your domains. You paid for them with your own money. Now Anonymous is attacking your private property because we disagree with your actions. And that seems, dare we say it, “wrong.” Sound familiar?

Let Anonymous teach you a few important lessons that your mother forgot:
1. Don’t do it to someone else if you don’t want it to be done to you.
2. Information is free.
3. We own this. Forever.

As for the “judges” and complicit legal entities who have enabled these cowards: You are no better than SONY itself in our eyes and remain guilty of undermining the well-being of the populace and subverting your judicial mandate.

We are Anonymous.
We are Legion.
We do not Forgive.
We do not Forget.
Expect us.

Based on the group’s description and IRC chatter, it appears that members are engaging in impromptu denial of service raids against Sony’s online properties.  Many Anonymous members champion distributed denial of service tools like Low Orbit Ion Cannon (LOIC) that allow individuals to easily spam websites with requests.  If enough members participate in the attack, even a small group can overwhelm a major site.

That said, some members reportedly use “dirtier” tactics, such as employing attacks from botnets of infected machines.  Anonymous members also are rumored to have occasionally engaged in and/or threatened personal attacks on members of organizations they are targeting.

DDoS attacks using a user’s own machine are of questionable legality.  While not explicitly mentioned under U.S. computer crime legislation, they likely fall under the auspice of an attack on a business, something the Computer Fraud and Abuse Act of 1984.

Anonymous had previously called on a boycott of SCEA products, though many questioned how much effect the boycott by the relatively small ~10,000 member collective would have.

II.  Why the Fuss?

Sony sued GeoHot back in January 2011 for posting keys that would defeat Sony’s copy protection scheme.  GeoHot had been brought onboard the onlocking project by fail0verflow, a group of German hackers, as the jailbreak used a smart phone for part of the process.

The effort to jailbreak the PS3 was born out of Sony’s decision to ditch Linux support with the release of the PS3 Slim in August 2009.  It is unclear why Sony made that decision given that the PS3 Slim was more than capable of supporting a Linux install.  Sony has since locked “Fat” PS3s out of new installs of Linux, as well, via a system update.

GeoHot has offered to stop distributing the keys if Sony provides a means to install home brew and third party software on the PlayStation 3.  He has also offered to work as a consultant for Sony or the other major console makers (Microsoft and Nintendo) in safeguarding their next-generation consoles from jailbreaks.

Sony hasn’t exactly responded warmly.  Thanks an overly permissive judge, it managed to subpoena Mr. Hotz’s Paypal [PDF]; Twitter; YouTube and Google [PDF]; and the IP addresses of visitors [PDF].  

Sony claims that it needs access to all of Mr. Hotz’s personal accounts to try to monitor if he profited off the release of the hack, some Mr. Hotz denies having done.

Mr. Hotz’s German colleagues seemingly have it even worse.  According to Mr. Hotz, at least one of them had their home trashed by German police executing a search warrant at the behest of Sony.

While the full jailbreak offers a route to legitimate/semi-legitimate uses like homebrew and third party operating systems, it also opens the door to darker pastures like piracy and in-game cheating.  GeoHot has stated that he does not support such actions and that he exclusively executed the jailbreak in support of the homebrew movement.

GeoHot is most famous for perpetually defeating the carrier and application restrictions on Apple’s iPhone.

The term “jailbreak” is a term that refers to removing protections against running unauthorized software on an electronic device.  This is not to be confused with “unlocking” which refers to removing carrier restrictions on smartphones (something GeoHot also participates in).

As we pointed out in our previous coverage, while, smartphones recently received official endorsement to be jailbroken, the Digital Millenium Copyright Act [PDF] seems to still outlaw jailbreaks on other devices, such as the PS3.  Ultimately, these seemingly contradictory stances may offer the legal team of GeoHot grounds to challenge the legality of enforcing some jailbreaking provisions, but not others.