Hacking Why add anti-piracy measures to Devolution ?

grossaffe

Well-Known Member
Member
Joined
May 5, 2013
Messages
3,007
Trophies
0
XP
2,799
Country
United States
Unless people edited their posts, I have, in the life of this thread, seen multiple claims that it's true (one or two echos from IRC), and even more than one discussion on the obfuscation, including theories on how the .dvv files are created versus timestamps, and one person even talking about the ARM assembly and how it's obfuscated to the point that they can't figure it out easily along with either a screenshot or a text copy of a chunk of it (and I think an echo'd note from the dev about how it's specifically crafted to not run in Dolphin so people couldn't just use the debugging and memory reading tools in it to grab the important parts).

The exact order of those events of course is not as I put them, because this thread is 70+ pages and a year old. :P I'm not willing to dig through them very far (but that's because I don't care enough to as nobody posted exact info on how it was cracked).

ARM? Wii's built on PPC.
 

edwardbirkholz05

Well-Known Member
Newcomer
Joined
Nov 23, 2011
Messages
77
Trophies
0
XP
119
Country
United States
I've only seen claims but nothing to back them up ("he's playing with the registers", lol). Given how "leaky" the wii scene is (original backup loader, quadforce etc.) I think it's certain that the absence of any public "crack" means it doesn't exist.
 

Aractus

Well-Known Member
Member
Joined
Aug 4, 2013
Messages
125
Trophies
0
Location
Canberra
Website
blog.aractus.com
XP
60
Country
Not quite, that happened later. PAL GC launched with the digital AV output.
And it wasn't "all" games either. Many NTSC GC games lack 480p. Including Nintendo published releases, like Wario Ware.

Okay firstly, I had a lol at "GC launched with digital AV out". Digital means either DVI or HDMI. YPbPr and RGB is, and always has been analogue.

Every single NTSC game that was re-released as PAL, that had the 480p option, had that functionality intentionally removed. My point is that it wasn't just removed from the GC itself, it was removed from the game as well.
Unless people edited their posts, I have, in the life of this thread, seen multiple claims that it's true (one or two echos from IRC), and even more than one discussion on the obfuscation, including theories on how the .dvv files are created versus timestamps, and one person even talking about the ARM assembly and how it's obfuscated to the point that they can't figure it out easily along with either a screenshot or a text copy of a chunk of it (and I think an echo'd note from the dev about how it's specifically crafted to not run in Dolphin so people couldn't just use the debugging and memory reading tools in it to grab the important parts).

The exact order of those events of course is not as I put them, because this thread is 70+ pages and a year old. :P I'm not willing to dig through them very far (but that's because I don't care enough to as nobody posted exact info on how it was cracked).

I've posted rather crude ASM hacks myself back in the day when I cared (x86). But I'd be well and truly lost without a realtime debugger to help me, and I do not possess the soldering skills required to enable me to get realtime info from a Wii - and, in addition to this, and I really can't stress this point enough, I do not care enough to do so either!

And FYI I still use the term hack in its original meaning, please be aware of that, a hack originally meant a coding improvement that's abridged or otherwise shorter than the original, and that's still what I mean whenever I say hack.
 

Aractus

Well-Known Member
Member
Joined
Aug 4, 2013
Messages
125
Trophies
0
Location
Canberra
Website
blog.aractus.com
XP
60
Country
Yeah, My bad. I only do x86, I've never done ARM or PPC assembly (despite wanting to dabble in other things) so I didn't try to read any of it, I only acknowledged that it was there.

Hey, we have something in common. Although I should point out I haven't hacked in years, but I can hack x86 without too much trouble using a realtime debugger.

*sorry for the double-post, my bad.
 

soulrazor

Well-Known Member
Member
Joined
May 18, 2012
Messages
194
Trophies
0
XP
179
Country

at least explain instead of mocking him

Why would it do that? GC games don't use IOS so what would need to be patched?

Devolution relies on a IOS to run.
But even if it wasn't running on devolution, mios is also a IOS exclusive for gc games, on a special slot needed to run retail games
dios mios a "moded" mios to run gc ISO's from usb
 
  • Like
Reactions: Rydian

edwardbirkholz05

Well-Known Member
Newcomer
Joined
Nov 23, 2011
Messages
77
Trophies
0
XP
119
Country
United States
Not sure if you're laughing with me or at me but I'm dead serious - IOS patches normally remove things like signature checks or filesystem permissions, none of which applies to gamecube games.

Edit: MIOS doesn't really run the games, its job is only to load them and then wait for the power button.
 

SifJar

Not a pirate
Member
Joined
Apr 4, 2009
Messages
6,022
Trophies
0
Website
Visit site
XP
1,175
Country
With Devolution, MIOS is not running so that is irrelevant (although it should certainly be noted that it does a lot more than just load the games and wait for power button; it provides hardware access, the same as IOS does to Wii games). Devolution runs on IOS, so IOS is needed to give access to all the hardware. Now with Devolution, hardware isn't necessarily being accessed in the "official" ways, so some patches to IOS are probably required to allow Devolution to use hardware the way it needs to etc.
 

edwardbirkholz05

Well-Known Member
Newcomer
Joined
Nov 23, 2011
Messages
77
Trophies
0
XP
119
Country
United States
MIOS does not provide hardware access, GC games access the hardware directly via memory mapped registers just like they did on the gamecube. The only GC hardware that isn't directly accessible in wii mode is the disk drive and Devolution doesn't use it while running games, it doesn't require any IOS patches anyway (check cleanrip, wiimc etc.).
Devolution doesn't need to access the hardware in any way different from any other homebrew app so I still don't see why it would patch IOS. It also runs fine on IOSes that are already patched...
 

Aractus

Well-Known Member
Member
Joined
Aug 4, 2013
Messages
125
Trophies
0
Location
Canberra
Website
blog.aractus.com
XP
60
Country
Not sure if you're laughing with me or at me but I'm dead serious - IOS patches normally remove things like signature checks or filesystem permissions, none of which applies to gamecube games.

Edit: MIOS doesn't really run the games, its job is only to load them and then wait for the power button.

That's not exactly right. Nintendo has always led the way in terms of "encryption", or, "anti piracy". The major flaw in the security of the GC is the fact that Matsushita simply modified a stock-standard DVD drive to work with the CG disc (or as I prefer to say, matsushita patented disc - MPD), if they had bothered to write more specific firmware they could have easily made a drive that refuses to read any DVD format, just as the newer Wii's/Wii-U's do. The Wii added an extra layer of security past the drive, in software; and in fact the software itself is checked by the system's kernel which we call boot0/boot1/boot2, etc. The kernel, ultimately, is what gives you hardware access, not the IOS. As you've pointed out, GC discs didn't have the security present in Wii discs. To get around this, Nintendo made MIOS that was designed to provide access only to the hardware that the GC normally sees. It is obviously designed with security in mind, the normal boot process is boot0 > boot1 > boot2 > ios. As you know, IOS is thought to stand for "input output system" because that's how it behaves, so in that respect every IOS operates the way you just described MIOS operating, with the exception that they have extra built in security - that is to say an additional layer that wasn't in the gamecube. So the security comes down to MIOS, but MIOS isn't booted from the system's regular kernel (boot2), but rather from BC.

DM and DML are IOS patches like D2x or Hermes, except applied to "MIOS" rather than IOS56/IOS57, etc. Whereas regular IOS patches are designed, as you say, to remove protections, DM/DML is designed to add support to additional hardware not originally supported by MIOS.
 

BlackWizzard17

Don't worry Captin we'll buff out those scratches.
Member
Joined
Dec 1, 2012
Messages
1,371
Trophies
0
Location
E-Arth
XP
1,732
Country
United States
This attitude right here is part of the problem. Nobody is obligated to do anything for you, and shit-talking them because they won't do stuff for you is fucking rude. All the end ...
oh no don't get me wrong I respect them because the devs can do what ever they want but all I said was that I call bulldhit on the cracked version I didn't expect to see a link or something. It's just my opinion on this false version but what the hay I can respect devolutions policy but to be honest I don't use it because I have most GameCube games I need.once again I could care less about a cracked version as I am just a consumer who likes the things I get, like they say beggars can't be choosers.
 

air2004

Air
OP
Member
Joined
Oct 24, 2008
Messages
1,662
Trophies
1
Location
Anytown
XP
1,138
Country
United States
This attitude right here is part of the problem. Nobody is obligated to do anything for you, and shit-talking them because they won't do stuff for you is fucking rude.
quote]

I don't expect anyone to do anything for me , like I said before , I could really carless about this because I will never use it.
But its pretty childish for people to claim to have beaten the protection and then share how they have done it , that's why I say its BS.
SO either its BS or they just might be dicks , either way , why mention the exploit if they are unwilling to share ?
 

Rydian

Resident Furvert™
Member
Joined
Feb 4, 2010
Messages
27,880
Trophies
0
Age
36
Location
Cave Entrance, Watching Cyan Write Letters
Website
rydian.net
XP
9,111
Country
United States
I don't expect anyone to do anything for me , like I said before , I could really carless about this because I will never use it.
But its pretty childish for people to claim to have beaten the protection and then share how they have done it , that's why I say its BS.
SO either its BS or they just might be dicks , either way , why mention the exploit if they are unwilling to share ?
To prove that it can be done, and they share it with people that they know aren't going to spread it around but can confirm it to others.
 

air2004

Air
OP
Member
Joined
Oct 24, 2008
Messages
1,662
Trophies
1
Location
Anytown
XP
1,138
Country
United States
To prove that it can be done, and they share it with people that they know aren't going to spread it around but can confirm it to others.
I'm one of those people that wouldn't spread it around if I had it . I also wouldn't acknowledge its existence unless I was able to share it. It's acknowledgement should only be shared via pm instead of publicly and getting everyone in a tizzy trying to get their hands on it , or flaming those that claim to have cracked it but won't say how.
( trust but verify is my motto )
 

edwardbirkholz05

Well-Known Member
Newcomer
Joined
Nov 23, 2011
Messages
77
Trophies
0
XP
119
Country
United States
That's not exactly right. Nintendo has always led the way in terms of "encryption", or, "anti piracy". The major flaw in the security of the GC is the fact that Matsushita simply modified a stock-standard DVD drive to work with the CG disc (or as I prefer to say, matsushita patented disc - MPD), if they had bothered to write more specific firmware they could have easily made a drive that refuses to read any DVD format, just as the newer Wii's/Wii-U's do. The Wii added an extra layer of security past the drive, in software; and in fact the software itself is checked by the system's kernel which we call boot0/boot1/boot2, etc. The kernel, ultimately, is what gives you hardware access, not the IOS. As you've pointed out, GC discs didn't have the security present in Wii discs. To get around this, Nintendo made MIOS that was designed to provide access only to the hardware that the GC normally sees. It is obviously designed with security in mind, the normal boot process is boot0 > boot1 > boot2 > ios. As you know, IOS is thought to stand for "input output system" because that's how it behaves, so in that respect every IOS operates the way you just described MIOS operating, with the exception that they have extra built in security - that is to say an additional layer that wasn't in the gamecube. So the security comes down to MIOS, but MIOS isn't booted from the system's regular kernel (boot2), but rather from BC.

DM and DML are IOS patches like D2x or Hermes, except applied to "MIOS" rather than IOS56/IOS57, etc. Whereas regular IOS patches are designed, as you say, to remove protections, DM/DML is designed to add support to additional hardware not originally supported by MIOS.
There are numerous things wrong with your explanation.
Boot0 and Boot1 are simply loaders. Boot0 loads Boot1, Boot1 loads Boot2. They don't function like IOS; they have no kernel to speak of, just a single path of execution.
Boot2 is like a cut down IOS (no wifi, disc, sd drivers etc) with the single purpose of loading either 1-2 (the system menu) or MIOS, depending on the current clock speed.
MIOS does not manage hardware. It also has no real kernel, just a single path of execution that pokes the memory controller so MEM2 becomes ARAM and changes the memory mappings for the disc drive, EXI bus, audio interface and gamecube controller ports so they match the original gamecube hardware. It also disables communication between the PowerPC CPU and the ARM CPU - DM/DML skips that part. It then boots the GC disc and sits in an idle loop waiting for the power button. Gamecube games do not talk to MIOS - they were coded before it was invented and expect to run on the bare metal.
DM/DML however patches the DVD read function in the GC game's code to send a request to the ARM CPU instead of using the memory mapped DVD registers. The request is handled by its own custom kernel (based on bootmii) that runs instead of MIOS - it is not a group of patches applied to MIOS.

None of this is particularly relevant to the issue at hand though, which is: what purpose would Devolution have for patching IOS when it's not performing any functions beyond any other regular homebrew app? The only things it needs to use IOS for is storage (SD/USB), bluetooth and network - none of those require any special permissions or patches in order to be used.
 

Rydian

Resident Furvert™
Member
Joined
Feb 4, 2010
Messages
27,880
Trophies
0
Age
36
Location
Cave Entrance, Watching Cyan Write Letters
Website
rydian.net
XP
9,111
Country
United States
I'm one of those people that wouldn't spread it around if I had it . I also wouldn't acknowledge its existence unless I was able to share it. It's acknowledgement should only be shared via pm instead of publicly and getting everyone in a tizzy trying to get their hands on it , or flaming those that claim to have cracked it but won't say how.
( trust but verify is my motto )
Yeah, but I can't really blame them for being extra-careful, seeing how many leaks the scenes in general have gotten in the past year or whatever.
 

SifJar

Not a pirate
Member
Joined
Apr 4, 2009
Messages
6,022
Trophies
0
Website
Visit site
XP
1,175
Country
I don't expect anyone to do anything for me , like I said before , I could really carless about this because I will never use it.
But its pretty childish for people to claim to have beaten the protection and then share how they have done it , that's why I say its BS.
SO either its BS or they just might be dicks , either way , why mention the exploit if they are unwilling to share ?

In at least one case, the person who cracked it did not wish it to be made public knowledge but someone else spilled the beans.

Also, on the matter of how you "could care less":
caring.png
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    LeoTCK @ LeoTCK: yes for nearly a month i was officially a wanted fugitive, until yesterday when it ended