Hacking What's the challenge with the XCI loader?

[tinkle]

"installing" an XCI file, as some of the lower IQ members have learned, is just turning it into an NSP file. The certificate from the cart dump is lost in the process and you're just using an NSP at that stage.

Also to those who think you can't use updates and DLC with XCI files, I think you must be new here - you can use both, and without installing anything to your switch itself.

 

[ghjfdtg]

The problem is that TX did it first and people hate TX, so they hate XCI loading.

The piracy thing is mostly a smoke screen. There are plenty of hackers who don't care about that, but with the toxicity of the switch scene there is no point.

Bullshit. They do hate TX but they don't hate XCI loaders because of TX. They don't want to be held liable for writing that shit and they are against piracy. That's why. There may be plenty of people wanting it but barely anyone of them has the knowledge to pull this off.

 

[DocKlokMan]

Moral standpoints aside, no one will be able to replicate SX's XCI loading and distribute it as free open source software.
Not because of any technical hurdles or anything, but because it's flat out illegal.

TX reversed most of the gamecard protocol from the FS sysmodule and re-implemented it in their Loader KIP, hidden away inside a MIPS VM and a few layers of obfuscation. However, to achieve this, TX included sectors dumped from a real gamecard and the gamecard controller's certificate (which can be obtained by FS using a specific command). You can find these binaries by unpacking SX OS and searching inside the Loader KIP (simple hex editor will do) for "CERT" and "LOTUS".
Basically, any form of XCI loading requires heavily patching the FS sysmodule which can be quite a task if you want to support all firmware versions and what not. To avoid this, TX instead applies a single patch to FS which redirects gamecard commands to their MIPS VM. Then, code in their VM replies to the gamecard commands issued by FS with signed data ripped from a real gamecard.
After the authentication process has been forged, the VM is free to read data from the SD card and send it back to FS each time FS sends the gamecard sector reading command.

There are a few more details which I'm saving up for the writeup (SOON™), but that's the gist of it. A free solution will never be able to take this path for obvious reasons (instant takedown and lawsuits galore!), so a more complex approach will be necessary.

Not to be a twit about it, but did that writeup ever get made and posted anywhere?

 

[smf]

Bullshit. They do hate TX but they don't hate XCI loaders because of TX. They don't want to be held liable for writing that shit and they are against piracy.

I was talking about pirates who are anti XCI because they are anti TX. There are plenty of posts on here that show this.

--------------------- MERGED ---------------------------

More of that XCI can't be implemented as it is at the moment since it's extremly illegal.

There are plenty of illegal things in switch scene due to DMCA violations. One more isn't going to make a difference.

 

[linuxares]

I was talking about pirates who are anti XCI because they are anti TX. There are plenty of posts on here that show this.

--------------------- MERGED ---------------------------



There are plenty of illegal things in switch scene due to DMCA violations. One more isn't going to make a difference.

DMCA however isn't universal but only US. So it's not really an argument.

 

[guitarheroknight]

More of that XCI can't be implemented as it is at the moment since it's extremly illegal. That's why NSPs are "fine-ish" for now.
Or just use 4nxci to convert the xci to nsp and install it

Piracy is piracy be it in xci or nsp. They are equally illegal.

 

[_hexkyz_]

Not to be a twit about it, but did that writeup ever get made and posted anywhere?

No problem. The writeup hasn't been published yet.
I ended up neglecting that one in favor of more important stuff and the draft I've written is still stuck in time (SX OS v2.0). There are a number of code changes and features in recent updates that I find important to mention, so I'll have to dedicate some time updating the writeup to be on-par with their latest release. I'll probably pick it up once browserhax+nvhax are done and working.

 

[smf]

DMCA however isn't universal but only US. So it's not really an argument.

The DMCA implements WIPO treaties on anti circumvention technology that are required to be implemented around the world (EUCD in europe for example, Australia has anti circumvention in their copyright law).

It's easier to just refer to it as the DMCA as people know what that is.

If you're not worried about DMCA then don't worry about keys, it's impossible to copyright them as they have no artistic merit and are just random numbers.

 

[linuxares]

The DMCA implements WIPO treaties on anti circumvention technology that are required to be implemented around the world (EUCD in europe for example, Australia has anti circumvention in their copyright law).

It's easier to just refer to it as the DMCA as people know what that is.

If you're not worried about DMCA then don't worry about keys, it's impossible to copyright them as they have no artistic merit and are just random numbers.

You still aren't correct about it. Eucd isn't the same and I find nothing alike with the dmca about circumvention since it's different per country. Yes keys are trade secrets or heck even classified information. So yes the keys are their property. You talk about hashes still. Once a master key is made, it's a trade secret according to us law .

 

[smf]

You still aren't correct about it. Eucd isn't the same

sigh.

http://discovery.ucl.ac.uk/3879/1/3879.pdf

The EUCD’s restrictions on acts of circumvention and circumvention products and services are extremely similar to those of s.1201 of the DMCA: International Review of Law, Computers and Technology, forthcoming, 2006 -10- Article 6 Obligations as to technological measures 1. Member States shall provide adequate legal protection against the circumvention of any effective technological measures, which the person concerned carries out in the knowledge, or with reasonable grounds to know, that he or she is pursuing that objective. 2. Member States shall provide adequate legal protection against the manufacture, import, distribution, sale, rental, advertisement for sale or rental, or possession for commercial purposes of devices, products or components or the provision of services which: (a) are promoted, advertised or marketed for the purpose of circumvention of, or (b) have only a limited commercially significant purpose or use other than to circumvent, or (c) are primarily designed, produced, adapted or performed for the purpose of enabling or facilitating the circumvention of, any effective technological measures. The key difference with the DMCA comes in the definition of “effective technological measures”: 3. For the purposes of this Directive, the expression "technological measures" means any technology, device or component that, in the normal course of its operation, is designed to prevent or restrict acts, in respect of works or other subject-matter, which are not authorised by the rightholder of any copyright or any right related to copyright as provided for by law or the sui generis right provided for in Chapter III of Directive 96/9/EC. Technological measures shall be deemed "effective" where the use of a protected work or other subject-matter is controlled by the rightholders through application of an access control or protection process, such as encryption, scrambling or other transformation of the work or other subject-matter or a copy control mechanism, which achieves the protection objective. Circumvention of technologies that control acts or works not protected by copyright (such as DVD region codes, or protected public domain works) is therefore not restricted by the EUCD. 51

Yes keys are trade secrets or heck even classified information. So yes the keys are their property.

Only government bodies can classify something.

Once a master key is made, it's a trade secret according to us law .

Trade secret law is kinda pointless against this type of thing https://en.wikipedia.org/wiki/DVD_Copy_Control_Ass'n,_Inc._v._Bunner

Once you start distributing it, it's no longer a secret

http://www.bu.edu/law/journals-archive/scitech/volume102/martin.pdf

Ironically the sept binaries may be violations because the key is still a secret and use of a secret is covered just as much as distributing it.

 

[linuxares]

sigh.

http://discovery.ucl.ac.uk/3879/1/3879.pdf

The EUCD’s restrictions on acts of circumvention and circumvention products and services are extremely similar to those of s.1201 of the DMCA: International Review of Law, Computers and Technology, forthcoming, 2006 -10- Article 6 Obligations as to technological measures 1. Member States shall provide adequate legal protection against the circumvention of any effective technological measures, which the person concerned carries out in the knowledge, or with reasonable grounds to know, that he or she is pursuing that objective. 2. Member States shall provide adequate legal protection against the manufacture, import, distribution, sale, rental, advertisement for sale or rental, or possession for commercial purposes of devices, products or components or the provision of services which: (a) are promoted, advertised or marketed for the purpose of circumvention of, or (b) have only a limited commercially significant purpose or use other than to circumvent, or (c) are primarily designed, produced, adapted or performed for the purpose of enabling or facilitating the circumvention of, any effective technological measures. The key difference with the DMCA comes in the definition of “effective technological measures”: 3. For the purposes of this Directive, the expression "technological measures" means any technology, device or component that, in the normal course of its operation, is designed to prevent or restrict acts, in respect of works or other subject-matter, which are not authorised by the rightholder of any copyright or any right related to copyright as provided for by law or the sui generis right provided for in Chapter III of Directive 96/9/EC. Technological measures shall be deemed "effective" where the use of a protected work or other subject-matter is controlled by the rightholders through application of an access control or protection process, such as encryption, scrambling or other transformation of the work or other subject-matter or a copy control mechanism, which achieves the protection objective. Circumvention of technologies that control acts or works not protected by copyright (such as DVD region codes, or protected public domain works) is therefore not restricted by the EUCD. 51




Only government bodies can classify something.



Trade secret law is kinda pointless against this type of thing https://en.wikipedia.org/wiki/DVD_Copy_Control_Ass'n,_Inc._v._Bunner

Once you start distributing it, it's no longer a secret

http://www.bu.edu/law/journals-archive/scitech/volume102/martin.pdf

Ironically the sept binaries may be violations because the key is still a secret and use of a secret is covered just as much as distributing it.

However, Nintendo lost a courtcase in the EU against, for example "homebrews"
https://www.iptechblog.com/2014/02/...on-of-copy-protection-measures-can-be-lawful/

So no, your EUCD isn't set in stone. It's up to the courts to decide.
And still, the masterkey is property of the rights holder, according to the DMCA.
https://boingboing.net/2007/05/02/eff-explains-the-law.html

I still agree that it's silly a couple of hex numbers can be counted as their property. But the DMCA is as the DMCA is. This is why GBAtemp rather remove the keys than go in to a legal dispute.
Also EUCD =/= DMCA.

 

[toxic9]

The main question of the OP is:
Is anyone developing a xci loader? yes or no?

 

[smf]

However, Nintendo lost a courtcase in the EU against, for example "homebrews"
https://www.iptechblog.com/2014/02/...on-of-copy-protection-measures-can-be-lawful/

They won other cases in the EU against flash card sellers who argued they could be used for homebrew. They only said it can be lawful, the US has a similar view. They granted an exemption for phones but not for game consoles.

So no, your EUCD isn't set in stone. It's up to the courts to decide.

Which is a point I've made before. Laws always need interpreting, that is what the courts do.

And still, the masterkey is property of the rights holder, according to the DMCA.
https://boingboing.net/2007/05/02/eff-explains-the-law.html I still agree that it's silly a couple of hex numbers can be counted as their property.

Where does it say it is?

But the DMCA is as the DMCA is. This is why GBAtemp rather remove the keys than go in to a legal dispute.

If you want to stay on the right side of the DMCA then potentially linking to atmosphere and certainly hosting the patches here are an issue. The DMCA prevents distributing or talking about anything that decrypts copyright material without permission and both atmosphere and the patches allow that. Atmosphere decrypts copyright nintendo os code to load it without permission. The patches trick the switch into thinking you have permission to decrypt.

Also EUCD =/= DMCA.

I didn't say they were the same, only that they implement the same WIPO treaties for anti circumvention which are slowly being implemented around the world. The DMCA also covers other things than anti circumvention, but they are similar enough in the anti circumvention that they would be applicable here.

 

[linuxares]

They won other cases in the EU against flash card sellers who argued they could be used for homebrew. They only said it can be lawful, the US has a similar view. They granted an exemption for phones but not for game consoles.


Which is a point I've made before. Laws always need interpreting, that is what the courts do.

Where does it say it is?

If you want to stay on the right side of the DMCA then potentially linking to atmosphere and certainly hosting the patches here are an issue. The DMCA prevents distributing or talking about anything that decrypts copyright material without permission and both atmosphere and the patches allow that. Atmosphere decrypts copyright nintendo os code to load it without permission. The patches trick the switch into thinking you have permission to decrypt.

I didn't say they were the same, only that they implement the same WIPO treaties for anti circumvention which are slowly being implemented around the world. The DMCA also covers other things than anti circumvention, but they are similar enough in the anti circumvention that they would be applicable here.

I have not found nothing about flashcart wins in the EU, since they're empty from delivery. So it's a reason why for example 01Media is still around.
What I know the WIPO isn't law biding but a suggestion.

Please look at the Lawsuit I linked again about "homebrews" being legal.
The patches are however legal, since they don't modify anything with in the firmware. It's totally legal to modify our OWNED property in EU. It's ours and what we do with it, is up to us.

https://www.wired.com/2010/07/feds-ok-iphone-jailbreaking/ - same as Atmosphere, its perfectly fine to "jailbreak" your hardware in the US as well.

 

[leon315]

I have not found nothing about flashcart wins in the EU, since they're empty from delivery. So it's a reason why for example 01Media is still around.
What I know the WIPO isn't law biding but a suggestion.

Please look at the Lawsuit I linked again about "homebrews" being legal.
The patches are however legal, since they don't modify anything with in the firmware. It's totally legal to modify our OWNED property in EU. It's ours and what we do with it, is up to us.

https://www.wired.com/2010/07/feds-ok-iphone-jailbreaking/ - same as Atmosphere, its perfectly fine to "jailbreak" your hardware in the US as well.

but somehow we are unable to modify our firearms: like guns and rifles, even they are my properties.

 

[urherenow]

EDIT: Nevermind. I'm not getting involved in threads like this anymore.

 

[smf]

I have not found nothing about flashcart wins in the EU, since they're empty from delivery.

There are loads, here is one.

https://www.engadget.com/2011/10/04/french-court-reverses-ds-flash-cart-ruling-nintendo-smiles/

Shipping them empty appears to be irrelevant. There were court papers I read where the defendant claimed they could be used for homebrew and it was rejected as the likelihood was that they were not all going to be used for homebrew. As civil courts only need to be more than 50% sure, then it's good enough.

 

[Picalo]

Is anyone developing a xci loader?

 

[flowlapache]

and now?is there someone who is making an xci or nsp loader instead of going hollidays?

 

[wurstpistole]

and now?is there someone who is making an xci or nsp loader instead of going hollidays?

...sheesh.