Hacking Will a Custom Firmware eventually be possible?

[Elliander]

I purchased a Wii U, and a few Eii U games,and I have to say the user interface is horrendous. The Gamepad is required for just about every system menu when on screen controls with a pro controller would be enoigh, most of the games don't utilize the pro controller, yet require it's use, and even games that do use it Like Mario Bros Wii U disable it's functionality in single player mode yet maintain it as a screen that can't be turned off.

I think it would be amazing if the user interface could be redesigned to be able to utilize without requiring gamepad use

The idea of using a gamepad as a TV screen for Wii games is great, but WiiWare games that only use a Pro Conttoller still require it when playing on the Gamepad would be better (again, wanting to be able to use alternate controllers while increasing utilization of a gamepad) and even though I paid for WiiWare games on transfer to the WiiU it's not like they will give me a WiiU version to use even if identical.

Also, I am aware that the Gamepad was hacked to stream from a PC with android plans as well. Might it similarly be possible to set it up so that the console can work entirely from a gamepad (some menus require TV input, like going into the vWii even when wanting to use the Gamepad only) and to use some kind of NFC repeater - possibly in the form of an Android App - to extend the range from the console, or even to stream over the internet to access the Wii U away from home?

.......

I know these are big ideas, and I know that it wouldn't be possible with the current progress of the Wii U, but as a basic question a possibility and feasibility in the future of the consoles life, what is the likelihood of this being a potential reality?

And are there any resources out there to help people who are interested in expanding into console programming to learn what they would have to do to do this right? Or to even contribute in some small way to help progress along?

 

[Marionumber1]

(Disclaimer: I'm not fail0verflow, so this may be wrong, but this is my understanding of things)

Even if the Wii U is hacked, it's most likely impossible to replace the System Menu (or other system components). Not only is the System Menu encrypted (using a common key we don't have), it's also signed using RSA, with signatures checked at launch time. Even if we decrypted, modified, and reencrypted the System Menu, we'd also need to sign it correctly. It's impossible to fake an RSA signature without Nintendo's private key, and unless they failed like Sony (see PS3 Epic Fail at 27c3), we won't be able to get it. Because of this, modifying the System Menu is probably out of the question.

 

[Elliander]

(Disclaimer: I'm not fail0verflow, so this may be wrong, but this is my understanding of things)

Even if the Wii U is hacked, it's most likely impossible to replace the System Menu (or other system components). Not only is the System Menu encrypted (using a common key we don't have), it's also signed using RSA, with signatures checked at launch time. Even if we decrypted, modified, and reencrypted the System Menu, we'd also need to sign it correctly. It's impossible to fake an RSA signature without Nintendo's private key, and unless they failed like Sony (see PS3 Epic Fail at 27c3), we won't be able to get it. Because of this, modifying the System Menu is probably out of the question.

I see what you mean, So, specifically, what did Sony do that made a CWF possible on the PS3? It would be amazing if we could see complete changes to the user interface, but I understood even when I posted how complicated that would be. If it isn't possible to change the user interface, would it be possible to have an app that, within itself, looks like a modified user interface? Like, a "Switch" of sorts that just loads into memory (or sends something else to the memory before the Wii U system menu loads) that would allow a user to effectively feel like they are in a different environment without actually truly changing the environment? Again, I know that none of this is feasible now, I just want to get an idea of what could potentially be possible and what it would take to get there.

 

[trumpet-205]

I see what you mean, So, specifically, what did Sony do that made a CWF possible on the PS3?

Sony made an obvious stupid mistake in ECDSA implementation.

ECDSA is a digital signature algorithm. The algorithm calls for many value in addition to private key during calculation. One of the value, k, is supposed to be a random value in order to make ECDSA effective.

Sony made the mistake of using the same value for k (constant) for each ECDSA calculation. This makes the entire algorithm useless and possible to solve the private key. Sony fixed it starting with 3.56 and implemented a new private key. Till this day there has been no CFW past 3.56 OFW.

Unless Nintendo screwed up big like what Sony did, I don't expect CFW at all for Wii U.

 

[Marionumber1]

Sony used ECDSA to sign their executables. One important part of ECDSA is picking a random integer for each signature, which adds an unknown into the calculation to prevent the private key from being derived. Sony ended up completely failing at their ECDSA implementation, using the same "random number" for all signatures. Thanks to this, given two signatures, Sony's private key could be mathematically derived. This allowed for people to sign executables as if Sony had done so themselves, enabling custom firmware.

Nintendo will most likely not repeat this mistake (I don't expect anyone ever will again), so we can't derive their private keys. In fact, changing any step of the boot process would be impossible as well, since it's all signed. Unlike on the Wii, Nintendo seems to have actually established a decent chain of trust. This same thing also makes a Homebrew Channel impossible, since all applications launched by the System Menu have to be signed.

EDIT: Ninja'd by trumpet-205 about Sony's epic fail, but the Wii U stuff still applies.

 

[trumpet-205]

If you want to know more about ECDSA and detail explanation on why it was broken on pre-3.55 PS3 read this,

http://kakaroto.homelinux.net/2012/01/how-the-ecdsa-algorithm-works/

 

[chrisrlink]

correction trumpet there are CFW higher than 3.55 we can decrypt higher fw with the lv 0 keys but we cannot re encrypt/sign the firmware with nothing else but the 3.55 keys (meaning you have to be on ofw 3.55 or pre existing cfw on your system) to update to higher cfw

 

[trumpet-205]

correction trumpet there are CFW higher than 3.55 we can decrypt higher fw with the lv 0 keys but we cannot re encrypt/sign the firmware with nothing else but the 3.55 keys (meaning you have to be on ofw 3.55 or pre existing cfw on your system) to update to higher cfw

Which is why I said CFW is not possible on 3.56+ OFW.

You cannot install CFW on top of newer OFW without downgrade.

 

[tbgtbg]

(some menus require TV input, like going into the vWii even when wanting to use the Gamepad only)

FYI, if you hold B while the WiiU is booting it should take you into vWii without needing to do anything on the TV. At least it works for me, some people have claimed otherwise, maybe they have older firmware or something..

 

[the_randomizer]

FYI, if you hold B while the WiiU is booting it should take you into vWii without needing to do anything on the TV. At least it works for me, some people have claimed otherwise, maybe they have older firmware or something..

Only on version 4.00 and above can you hold B to bypass the Wii U menu, no reason for anyone with a hacked Wii U to stay on an old FW.

 

[nonameboy]

what I get from reading so far is that actually wii u mode is still not hacked, nor by f0f? am I right?

 

[Kargaroc]

f0f hacked it, but publicly it's not hacked because they didn't release anything.

 

[nonameboy]

they should at least show a hello world for demonstration

 

[Jayro]

Custom firmware is already possible, but certain hacking groups won't set their pride and egos aside for the greater good.

We need backup loaders, we need Wii U homebrew, and we need it NOW!!! I don't see Nintendo reviving the system any time soon, even with a shitty Zelda-meets-Destiny-Warriors mashup, Super Smash Brothers Universe, and Mario Kart 8 in the near future.

 

[Marionumber1]

Custom firmware is already possible, but certain hacking groups won't set their pride and egos aside for the greater good.

No, if you had read my post, you would know why it's not possible even if the Wii U is hacked.

 

[Oxybelis]

PS3 CFW for 3.56+ is not possible with the way it was done. But it is possible if there are some kernel exploits and we already have user space access with ODE for example. People just are not interested enough.

 

[nonameboy]

we, the people who care should build a Team and continue the work from f0f

 

[the_randomizer]

we, the people who care should build a Team and continue the work from f0f

I'm afraid it's not that simple

 

[uyjulian]

Fof got the (public) keys.
We don't.

It might be possible if the keys are leaked.... we'll see

 

[the_randomizer]

Fof got the (public) keys.
We don't.

It might be possible if the keys are leaked.... we'll see

T'would be a shame if the keys were accidentally leaked.