This is my first blog post (ooh) and I thought I'd share the story of my "IOSU exploit" that had a few people excited lately. In case you weren't aware:
Just to preserve this pic.twitter.com/isFmAruP8r— EpicLPer (Stefan Kern) (@EpicLPer) September 18, 2016
Is that a HBL icon? How'd I do that? This is the story of how a bit of fun turned into a screenshot and one of my favourite reactions to anything, ever.
As some of you know, developers like me enjoy hanging out on IRC channels, and I'm no different (#wiiubru on freenode, we have fun!) Aside from the usual debugging by committee and code golf competitions (almost had OurLoader under 200 bytes, but it turned out to not actually work... Maschell takes the win for now ) there's also a lot of tests, betas and PoC apps passed around. One such occasion is where we begin.
The developer of this particular app was passing around a rather curious ELF when I came online - they claimed it could change icons on the Home Menu without IOSU! Well, I couldn't resist that one. I downloaded the app and included .tga icon and transferred it over. I opened it up, and was greeted with this monstrosity:
Hrm. I don't think that's what it's meant to do... (that's Mii Maker btw)
After a quick panic chat on IRC, I found out that the app makes use of the USB temporary storage system available on the Wii U, where code can quickly throw stuff on a connected USB drive as part of some operation. Up until that point, I ran my Wii U driveless (I'm broke [no eShop stuff], it's a 32GB console and I never hacked my vWii) so I found some random USB key, formatted it and tried again. It worked! Mii Maker's icon had been replaced with a neat little HBL logo. After a quick rearranging of the menu, it was perfect:
You see, by this point I had formed a bit of a plan. Every now and again I like to screw around a bit. It rarely ends well, but I still have fun getting there and crafting a convincing setup. I've done it before with WiFi passwords, GBATemp cookies and had several other plans that never went anywhere. Thus, we got to the tweet:
The game was on! The whole thing was noticed almost immediately by eagle-eyed Twitter followers with questions about the HBL icon in the image. After taking the above screenshot (just in case) I set myself a deadline - 45 minutes and the tweet's deleted. Which is exactly what I did.
shit can we pretend you didn't see that— Ash (@quarktheawesome) September 18, 2016
Don't be a Smeahole lol— EpicLPer (Stefan Kern) (@EpicLPer) September 18, 2016
I do my best. With that, I went to bed and woke up to find GBATemp involved; and some rather interesting conversation.
Surprisingly, that's not really what happened. This was all on the 18th of September and beyond the posts I quote here this has kinda been ignored over that span of time. I do like the point about everyone waiting regardless, looks like all you lot are finally starting to harden up towards this sort of thing ;D
That's my folder of "built-in apps I never use"; named "Randoms". It's an excellent organisation strategy.
IMHO the opposite is true - we need to archive evidence of stuff like this (when it's serious, of course) so we can hold people accountable. Ignoring an issue normalises it; if left unchecked it'll be "no big deal" to take the whole community for a Hykem-style ride.
Obligatory anti-flamewar stuff: When I say "hykem-style", I'm taking about the experience delivered to the community. Whether or not he actually had an exploit is irrelevant, as is his intentions. This is not the place to discuss it.
Gotcha! I left a like on this post to give the hint; apparently it did. All was silent until Thursday, when quite literally out of the blue:
Woah! I was talking about PowerPC Assembly in a thread centred around playing Xbox games on the Wii U when all of a sudden, nearly 2 weeks later, this happens! I was asleep at the time, so I saw all this and the following at once:
By the way, the reason I didn't publicise any of this is because the original developer was very specific that this was to stay private. I'm probably pushing it with this blog post - sorry. I know you're reading this, but I can't let posts like that one slide indefinitely, esp. when it's edited to just "nevermind". Again, I'm sorry.
Me being me, I then responded in the stupidest, most aggressive way possible:
In case you were wondering, the re-released iPhone is the SE, which is a direction (south-east) and south-east of Patrick there's an invisible link to the post I liked (about changing the icon being a known thing). I was really proud of the whole thing at the time, eagerly explaining the riddle on IRC. Now I'm not so sure.
I was originally planning on keeping this entry all light-hearted and "haha" but looking at that post I think an apology is in order. I'm sorry, guys. I don't have an IOSU exploit. It was silly of me to deceive you all like that, especially after what the community's been through with developers who were completely serious. Again, I'm sorry.
I'm not really sure where to take this post now; so I suppose I'll just end it off here. There you have it - the story of the mystery HBL icon and what followed. I hope you enjoyed reading about it!
You need to be logged in to comment