I think it is possible during install, the unpacker can check the dest of the files and block it.What's truly sad here is the fact that it won't be possible to safely install a vpk without verification.
And no one wants to be the first verifier...
The Vita doesn't allow this to happen. We specifically gave homebrew all that extra power because something something owning the device. We quickly realized that trolls might abuse it (duh) which is why we introduced the safe homebrew system. As long as your eboot.bin is set to "02 00 00 00 00 00 00 2F" at offset "0x80", it should not be able to wipe the nand. There is no reason not to mark all pirated dumps with that because by construction, games do not require the extended permissions (duh). However, it is up to the user (and whoever wrote the installer utility) to check that the permissions are set. We cannot do this without establishing some sort of whitelist/signing system and then we are no better then sony. Therefore, if you go installing stuff without using molecularShell/VitaShell then it is at your own risk. You might install something that bricks your system. If you want to be 99.9% safe, just stick to molecular/vitashell and don't install anything marked unsafe unless there's confirmation it doesn't break your stuff. This should be common sense for any computer user (who goes installing random drivers, for example) but unfortunately console hackers are too naive.The 3ds has firms locked down on boot (a9lh wise) or has emunnad (other entrypoints). Just keep backups, make sure the stuff you download isn't made or released by someone sketchy, and you don't have to worry about anything. Also, stick to luma3ds.
Back on topic though: I'm surprised that the vita allows for this to happen. I know a hacked consoles environment isn't the best, but the ability for an application to just wipe nand is interesting. Then again, I don't understand a whole lot about that...
edit: every cfw has a patch for svcbackdoor (read the above post), but corbenik allows you to disable it (not recommended). Things like ntr cfw rely on it, but it isn't powerful enough to just wipe nand completely.
So people write the file to mess/trolls people device?I though it was bug.The Vita doesn't allow this to happen. We specifically gave homebrew all that extra power because something something owning the device. We quickly realized that trolls might abuse it (duh) which is why we introduced the safe homebrew system. As long as your eboot.bin is set to "03 00 00 00 00 00 00 2F" at offset "0x80", it should not be able to wipe the nand. There is no reason not to mark all pirated dumps with that because by construction, games do not require the extended permissions (duh). However, it is up to the user (and whoever wrote the installer utility) to check that the permissions are set. We cannot do this without establishing some sort of whitelist/signing system and then we are no better then sony. Therefore, if you go installing stuff without using molecularShell/VitaShell then it is at your own risk. You might install something that bricks your system. If you want to be 99.9% safe, just stick to molecular/vitashell and don't install anything marked unsafe unless there's confirmation it doesn't break your stuff. This should be common sense for any computer user (who goes installing random drivers, for example) but unfortunately console hackers are too naive.
Also, for the record, it is completely possible for someone right now to write a 3DS bricker using only the svcBackdoor permissions that is granted to every homebrew by 3ds cfws. And they don't have a "safe homebrew" system...
The Vita doesn't allow this to happen. We specifically gave homebrew all that extra power because something something owning the device. We quickly realized that trolls might abuse it (duh) which is why we introduced the safe homebrew system. As long as your eboot.bin is set to "03 00 00 00 00 00 00 2F" at offset "0x80", it should not be able to wipe the nand. There is no reason not to mark all pirated dumps with that because by construction, games do not require the extended permissions (duh). However, it is up to the user (and whoever wrote the installer utility) to check that the permissions are set. We cannot do this without establishing some sort of whitelist/signing system and then we are no better then sony. Therefore, if you go installing stuff without using molecularShell/VitaShell then it is at your own risk. You might install something that bricks your system. If you want to be 99.9% safe, just stick to molecular/vitashell and don't install anything marked unsafe unless there's confirmation it doesn't break your stuff. This should be common sense for any computer user (who goes installing random drivers, for example) but unfortunately console hackers are too naive.
Also, for the record, it is completely possible for someone right now to write a 3DS bricker using only the svcBackdoor permissions that is granted to every homebrew by 3ds cfws. And they don't have a "safe homebrew" system...
That or something to collect info would be even worse, because the game would be "apparently working fine" and you wouldn't even suspect what's going on with your vita unless it is too late.I feared this would happen due to how the dumps basically are homebrew and can be modified to be malicious. Not being able to use Sony's distribution packages may possibly hurt the scene now when people have figured how to sneak in malicious code that may brick the device. Even more scarier is the though of delayed malicious code.
The instant i saw this, i deleted a game that i found. Now i feel sad. I can't even trust hacking peope.
After i just found that henkaku was opening a door to greatness, now is being closed by someone else using bad intentions? Is a video game console. For playing games, enjoying content, ESCAPE FROM REALITY! Things we all like. Why would someone want to target such a community? Even game companies and developers wouldn't take such low roads and low blows below the belt. I already have trust issues in real life with real peopel, now i can't trust what i thought was safe. What is this world coming to!?
The idea of a vita virus, can a anti virus or least check system be made for it or something?
This video sums up my feelings right now. Which is not specific to this situation but for now it is Is some mega man story come true i guess.
You don't see stuff this deep and inspirational everyday.They targeted gamers.
Gamers.
We're a group of people who will sit for hours, days, even weeks on end performing some of the hardest, most mentally demanding tasks. Over, and over, and over all for nothing more than a little digital token saying we did.
We'll punish our selfs doing things others would consider torture, because we think it's fun.
We'll spend most if not all of our free time min maxing the stats of a fictional character all to draw out a single extra point of damage per second.
Many of us have made careers out of doing just these things: slogging through the grind, all day, the same quests over and over, hundreds of times to the point where we know evety little detail such that some have attained such gamer nirvana that they can literally play these games blindfolded.
Do these people have any idea how many controllers have been smashed, systems over heated, disks and carts destroyed 8n frustration? All to latter be referred to as bragging rights?
These people honestly think this is a battle they can win? They take our media? We're already building a new one without them. They take our devs? Gamers aren't shy about throwing their money else where, or even making the games our selves. They think calling us racist, mysoginistic, rape apologists is going to change us? We've been called worse things by prepubescent 10 year olds with a shitty head set. They picked a fight against a group that's already grown desensitized to their strategies and methods. Who enjoy the battle of attrition they've threatened us with. Who take it as a challange when they tell us we no longer matter. Our obsession with proving we can after being told we can't is so deeply ingrained from years of dealing with big brothers/sisters and friends laughing at how pathetic we used to be that proving you people wrong has become a very real need; a honed reflex.
Gamers are competative, hard core, by nature. We love a challange. The worst thing you did in all of this was to challange us. You're not special, you're not original, you're not the first; this is just another boss fight.
So poeticThey targeted gamers.
Gamers.
We're a group of people who will sit for hours, days, even weeks on end performing some of the hardest, most mentally demanding tasks. Over, and over, and over all for nothing more than a little digital token saying we did.
We'll punish our selfs doing things others would consider torture, because we think it's fun.
We'll spend most if not all of our free time min maxing the stats of a fictional character all to draw out a single extra point of damage per second.
Many of us have made careers out of doing just these things: slogging through the grind, all day, the same quests over and over, hundreds of times to the point where we know evety little detail such that some have attained such gamer nirvana that they can literally play these games blindfolded.
Do these people have any idea how many controllers have been smashed, systems over heated, disks and carts destroyed 8n frustration? All to latter be referred to as bragging rights?
These people honestly think this is a battle they can win? They take our media? We're already building a new one without them. They take our devs? Gamers aren't shy about throwing their money else where, or even making the games our selves. They think calling us racist, mysoginistic, rape apologists is going to change us? We've been called worse things by prepubescent 10 year olds with a shitty head set. They picked a fight against a group that's already grown desensitized to their strategies and methods. Who enjoy the battle of attrition they've threatened us with. Who take it as a challange when they tell us we no longer matter. Our obsession with proving we can after being told we can't is so deeply ingrained from years of dealing with big brothers/sisters and friends laughing at how pathetic we used to be that proving you people wrong has become a very real need; a honed reflex.
Gamers are competative, hard core, by nature. We love a challange. The worst thing you did in all of this was to challange us. You're not special, you're not original, you're not the first; this is just another boss fight.
You don't see stuff this deep and inspirational everyday.
I suppose Mai could add a check for edited .suprx files to ensure this doesn't ever happen again. I can't believe people would go this low. Yes piracy is bad, but that does not justify bricking people's devices just because they're pirates.
@yifan_lu I dunno to be honest. I just didn't think stuff like this happen to video games intentionally. I just wanna have fun with them. Not that is some competition or malicious intent behind it, like a war. At first i thought it was some kind of punishment, i know that some games have anti piracy protection for punishment reasons. But from developers and publishers, not hackers who i was on the side of. Then i though perhaps is some prank, i mean Is october and Halloween is coming, then i just think "Why do such a thing now?"
I mean many news reports on youtube about hackers doing things like taking someone accounts, deleting their information or making bad comments to frame someone, or just generally unnecessary things simply to prove what? "I'm the best hacker ever, i can do whatever i want and get away with it?" Meanwhile there is more serious problems in the world and you waste talents on causing chaos and crime? After watching watch dogs and seeing such things, that is a fearful life to live, even more like mega man games.
I just wanna know who i can trust when it comes to having stuff done i wouldn't be aware of. It sucks, i pay for stuff and someone else wants to ruin it, maybe i am not the direct target but i still don't wanna be caught in the middle of things.
That is my bad. It should be 02 00 00 00 00 00 00 2FMaiDumpTool V233.2z9 has been released.
Google translated changelog:
"------------------------ Version v233.2z9: ------------------
● dump is automatically disabled when the standby (of course you have to manually standby I can not ....)
● Automatically scan for malicious code during game installation"
I wonder if it's performing the same check as vitashell.
I checked the eboot.bin from a few games I've dumped with vitamin 2.0 and one mai dump, they all seem to have '02 00 00 00 00 00 00 2F' at 0x80 rather than '03 00 00 00 00 00 00 2F'.