Hacking Coding vWii 3-core support - everything you need to know.

  • Thread starter Thread starter Maxternal
  • Start date Start date
  • Views Views 242,118
  • Replies Replies 1,263
  • Likes Likes 13
According to Team f0f, enhancing vwii is not extremely difficult, but impossible.
Once the registers with the settings are disabled, only a reset will enable those again.
While it's still possible to keep running all 3 cores, increasing their clock speed and enabling the extra memory is no longer possible.

Maybe creating a sandbox isn't possible either. It could be an all or nothing situation. (wiiu mode or vwii mode)
Even if it's possible and easier, Marcan said they have no interest in creating a homebrew environment for the wiiu.


Well that's certainly disheartening :dry: Might as well close this thread already, amirite? ;)
 
According to Team f0f, enhancing vwii is not extremely difficult, but impossible.
Once the registers with the settings are disabled, only a reset will enable those again.
While it's still possible to keep running all 3 cores, increasing their clock speed and enabling the extra memory is no longer possible.

Maybe creating a sandbox isn't possible either. It could be an all or nothing situation. (wiiu mode or vwii mode)
Even if it's possible and easier, Marcan said they have no interest in creating a homebrew environment for the wiiu.

It's not impossible to get full access to the hardware in vWii.
Only a reset will disable the registers if you activate them before. The next step would be to change the boot mechanism of vWii.
It's always a matter on how much effort someone would like to invest.
Some ages ago everyone was saying GC game loading via usb on the wii is impossible. But guess what, we can now start GC games.

Creating a sandbox is a different approach (and we have already a sandbox solution in the WiiU, called vWii).
Especially for people who would like to create a development environment it's more attractive.
If marcan has no interests, it's fine. Nobody can force him and we should accept that.
But I am only saying there are different solutions to get a proper homebrew environment in the U mode and to avoid piracy.
Maybe someone else has interests to implement such a solution.

I would see it as a challenge to create an secure environment for U homebrew development.
 
It's technically not possible to build a sandbox.
We need to break the WiiU's DRM at first to be able to install anything like a "Homebrew Channel U". Any half-decent pro-piracy developer can just use that part of the exploit (which we would have to release - how else would we install any kind of sandbox?) and remove whatever restriction we can come up with.

And then there's the whole "Break DRM to add our own DRM" irony ofc...
 
Piracy is on its way even if you don't release the exploit. WiiKeyU (or whatever it was called) was announced quite some time ago.

I understand you not wanting your work being used for piracy, I'm just saying that it's not like you are the only thing standing between it.
 
Piracy is on its way even if you don't release the exploit. WiiKeyU (or whatever it was called) was announced quite some time ago.

I understand you not wanting your work being used for piracy, I'm just saying that it's not like you are the only thing standing between it.

So what? Because someone else may enable piracy sometime in the future we should enable it right now in an even more convenient way? Sounds like a pretty stupid idea to me.
 
  • Like
Reactions: megazig
It's technically not possible to build a sandbox.
We need to break the WiiU's DRM at first to be able to install anything like a "Homebrew Channel U". Any half-decent pro-piracy developer can just use that part of the exploit (which we would have to release - how else would we install any kind of sandbox?) and remove whatever restriction we can come up with.

And then there's the whole "Break DRM to add our own DRM" irony ofc...

For sure it's technically possible.

"The break DRM and add a new DRM" topic is exactly the weak point.
And that makes the approach tricky.
Therefore you might have different possibilities (e.g. secure loader / signed software)

Just an example:
Let's assume we have an exploit in Pikmin 3.
The exploit can be activated via a special savestate (like the twilight hack, return of jodi ...).
However the savestate embeds a loader which only accepts a dedicated software, then you have already a kind of security.
It's a rudimentary example, but it's only to explain the theory.
 
Oh man, don't be so small minded.
Yes, it is possible.

How about loading music in a game.
As said it's only to demonstrate the theory. :rolleyes:

No, it isn't.

Let's assume we have some way to trick a game into running unsigned code.
That unsigned code now is the sandbox loader you imagine and we release that now.

What exactly stops anyone from replacing that sandbox loader with whatever code they want to replace it with? Nothing, because we broke the chain of trust already!
You cannot create a chain of trust when your starting point is alreading untrusted.
 
I though that was your conclusion. Sorry if I was wrong, I just tend to assume that most people on here are entitled pirates who think we're the devil for not enabling them to steal games.
Lol, I suppose GBAtemp has earned a pretty good reputation for that, so your reaction was understandable.
 
No, it isn't.

Let's assume we have some way to trick a game into running unsigned code.
That unsigned code now is the sandbox loader you imagine and we release that now.

What exactly stops anyone from replacing that sandbox loader with whatever code they want to replace it with? Nothing, because we broke the chain of trust already!
You cannot create a chain of trust when your starting point is alreading untrusted.

And here is already the mismatch.
The exploit only runs with the loader. Let's assume you are replacing the sandbox loader. In this case the exploit shouldn't work anymore.
-> Security chain still working.
 
And here is already the mismatch.
The exploit only runs with the loader. Let's assume you are replacing the sandbox loader. In this case the exploit shouldn't work anymore.
-> Security chain still working.

Why wouldn't the exploit work anymore then? Again, as soon as we release an exploit reversing engineering it is pretty trivial. And then you can patch out whatever checks we introduced.
We **HAVE** to break Nintendo's chain of trust, there's no way around that. And as soon as that chain of trust is broken we cannot just start our own chain of trust. It's just not possible.


Ninty's chain of trust (simplified):
boot0 -> boot1 -> [...] -> Game

Your goal:
boot0 -> boot1 -> [...] -> Game <-*-> Sandbox loader -> Sandboxed homebrew without piracy

We break the chain of trust at <-*-> and create our own starting at the sandbox loader. But anyone else can then just take a look at our exploit and apply the same method to do whatever they want after that point.
 
JoostinOnline, You know the old saying, "damned if you do, damned if you don't". I'll believe it when I see it. No offense, but this discussion is getting us nowhere, just back and forth talks about how piracy will prevent exploits from being released, how people are self-entitled, BS and more BS, etc. It's a vicious cycle; having this thread open serves no purpose. Let's face it, the Wii U will never be hacked due fears of piracy. Hate to be negative, but I don't have any hope at all of there ever being a practical hack for homebrew.
 
  • Like
Reactions: Margen67
Why wouldn't the exploit work anymore then? Again, as soon as we release an exploit reversing engineering it is pretty trivial. And then you can patch out whatever checks we introduced.
We **HAVE** to break Nintendo's chain of trust, there's no way around that. And as soon as that chain of trust is broken we cannot just start our own chain of trust. It's just not possible.


Ninty's chain of trust (simplified):
boot0 -> boot1 -> [...] -> Game

Your goal:
boot0 -> boot1 -> [...] -> Game <-*-> Sandbox loader -> Sandboxed homebrew without piracy

We break the chain of trust at <-*-> and create our own starting at the sandbox loader. But anyone else can then just take a look at our exploit and apply the same method to do whatever they want after that point.


And this step <-*-> must be secured.
That's what I mean with "it is tricky and challenging".
 
And this step <-*-> must be secured.
That's what I mean with "it is tricky and challenging".

Not "tricky and challenging", impossible with the WiiU's software stack.
But feel free to spend time thinking about it and come up with a solution! And by solution I mean something with detailed instructions, not just handwaving!
 
It is not possible. Sven and Marcan are experts. If you can run unsigned code without an exploit...why need an exploit? If you have exploit, then what can you use it for. There are aspects to the os that need to be worked out. Even if you jump to piracy, it gets patched without a way to prevent updates. It is not possible as Sven said. If you celebrate Thanksgiving, happy Thanksgiving. Marcan and Sven gave time to respond, thanks for that.

Edit: see what 30c3 brings and relax.
 

Site & Scene News

Popular threads in this forum