WiiCrazy said:
It was just a review around the wii security, nothing more, nothing less... only there was that failed attempt to demo bootmii as extra...
They somehow overpraised they work and they neglected the ones who helped in the long run... that kind of a show that was...
Who did we neglect? Please be specific.
QUOTESomewhat it sounded to me as "we fail" as much as "wii fail"...
Harshly criticizing Nintendo over getting an insecure system...
What they should know is finding someone's weakness is easy, exploiting that weakness is hard but it's the hardest to create a system with no weaknesses...
So when you are making a degrading comment of your opposition you should know your position...
Making a secure system is hard. Really hard. Hell, I couldn't do it -- and I think it's a waste of time and money to try. At the end of the presentation, mist explained why the PS3 security is mostly unhacked, even though they've spent less effort fixing bugs than Nintendo has.
That being said, if you're going to do something, you should do the best job you can. There are some mistakes that Nintendo made that are "honest mistakes" -- mistakes that any competent coder might make.
- a vulnerability in boot1
- DVD mode hole -- if they were going to ship a DVD player channel, there's not much they could have done to prevent this.
- reuse of crypto code in boot1, boot2, IOS
- insecure string handling in Zelda
- Not clearing memory when switching from IOS to MIOS
I do not criticize Nintendo for the above problems.
There are other mistakes Nintendo made which I believe are the result of them being sloppy. This is probably more an issue of tight deadlines and overworked engineers than of actual incompetence. However, each of these mistakes could have been -- and should have -- been easily prevented:
- Leaving boot1 unpatched for over a year, even though the architecture was designed to allow this to be quickly, cheaply and securely fixed.
- Leaving traces of DVD mode code in IOS, even though they never actually used it. (This is the most minor criticism of all, really)
- Rewriting RSA code from scratch instead of using well-tested, proven public-domain code
- Privilege escalation flaws in the IOS API that allow PPC code to manipulate IOS
- Taking a really long time to actually release patched versions of IOS
- Trying to put a quick band-aid fix in the system menu for the Zelda problem, instead of hardening IOS
- Repeatedly making trivial mistakes in a 10-line function to detect the Twilight Hack
- Having no easy way to report a vulnerability -- all you have to do is set up "[email protected]" and read it, for chrissakes.
- Storing keys in external RAM in IOS
- Spending time and money to fix the MIOS -> IOS thing when it no longer mattered
And, for the sake of completeness, I praise Nintendo for:
- Making a cheap console that actually turns a profit
- A fairly clever two-processor security architecture
- Clever boot0 design
- Good backwards-compatibility with GC