Nintendo it seems have never been that high on the whole security thing. I'll admit that the GC took a while to get hacked but that was probably more due to a lack of interest. With the Wii it's already been hacked and there are over 6 million people with them. Can't wait to see what sort of homebrew gets released and hopefully a mod chip will come out soon that'll let unsigned code run.
Supposedly most of the NAND is encrypted
Do you think Nintendo are naive enough that they wouldn't expect anyone to try and take a look at and/or modify the flash memory? Whether they really care or not is another story.
Do you think Nintendo are naive enough that they wouldn't expect anyone to try and take a look at and/or modify the flash memory? Whether they really care or not is another story.
- Joined
- Oct 31, 2006
- Messages
- 2,421
- Trophies
- 0
- Age
- 36
- Location
- South East London
- Website
- www.gbatemp.net
- XP
- 571
- Country
Nintendo never would have left thier bios unencrypted. Any major console maker in this day and age has to expect thier console to tried to be hacked.
Maybe the NAND is encrypted, but like when we had to unscramble wii discs the key was short enough where brute-forcing it was feasible... maybe this is the case with the NAND too?
But I also agree with the person who said Nintendo doesn't seem to care nearly as much about modders as microsoft and sony do... Maybe because Nintendo makes more money from people who want modded machines?
But I also agree with the person who said Nintendo doesn't seem to care nearly as much about modders as microsoft and sony do... Maybe because Nintendo makes more money from people who want modded machines?
I have a feeling there's another BIOS within the CPU die....
Dumping the "NAND Flash" (Bad terminology there, Not And Flash doesn't really show what the thing does within the Wii, there are probably a few NAND Flash devices in there.) is a step forward to working out how the machine works. It's contents probably aren't encrypted and possibly just signed. But for running homebrew it isn't much of step forward, without a good understanding of the BIOS('s) within the Wii no one is going to find an exploit and no one really knows what processor is in there yet.
Dumping the "NAND Flash" (Bad terminology there, Not And Flash doesn't really show what the thing does within the Wii, there are probably a few NAND Flash devices in there.) is a step forward to working out how the machine works. It's contents probably aren't encrypted and possibly just signed. But for running homebrew it isn't much of step forward, without a good understanding of the BIOS('s) within the Wii no one is going to find an exploit and no one really knows what processor is in there yet.
I don't think that person is basing his opinion on any research as such.. more the fact that history (maybe prior to the DS) has proven this to be the case.
This is not a bios dump, this is a dump of the nand flash memory. So that would be kind of a dissapointment for y'all but.........
dark something ( former ds hacker, brought some pretty big releases back then ) has been able to dump the actual BIOS and is currently reprogramming it.
dark something ( former ds hacker, brought some pretty big releases back then ) has been able to dump the actual BIOS and is currently reprogramming it.
You realise Nintendo did very clever things to be able to bust your arse with a lot more than copyright infringement if making bootleg carts right? Technically GB/GBA homebrew is illegal because it has to contain Nintendo copyrighted data/A nintendo trademark.
It's only recently that the average joe has had the means to commit copyright infringement... back in the day Nintendo had to worry more about real bootleggers, the sort of guys that reverse engineer whole arcade boards and bootleg them. The best way to stop these people wasn't to lock the backups out because most people didn't have the equipment or knowledge to create carts at home. Instead they created a legal environment in which they could come down hard on bootleggers to stop the distribution/use of their products.
Nintendo take security seriously and do go into the shops that sell nintendo products. I can remember a few years back my friend buying some kind of cartridge for the SNES (Forgot what it did). He got a discount as the owner of the shop wanted to get rid of it before nintendo came to check up.
- Joined
- Aug 21, 2006
- Messages
- 65
- Trophies
- 0
- Age
- 39
- Location
- Denver, Colorado
- Website
- www.devo-e.com
- XP
- 138
- Country
Nintendo do pay attention to hacking, look t the gamecube, it took YEARS to get that to run backups alone... not to mention the various things they did with NDS, GBA, SNES, etc etc.
But yea im posative the Wii NAND/BIOS is encrypted, thats a given, anybody who thinks otherwise has no idea what they are talking about.
Whether that can be decrypted and such, thats only a matter of time, look at FlashME for NDS, that was doable LONG before they managed to dump the bios from ARM7 and ARM9 and get keys. (thus allowing slot1 carts due to encryption issues) Darkfader knows what hes doing, WAB im not so sure... but who knows....
Only a matter of time, and given the progress with the wii.... id say a month or so.... maybe 3 for solderable chips.... odds are we will see an exploitable hole with the research this will bring and hopefully just be able to use a flashme type deal with the wii.
God i hope this doesnt ruin online play.
But yea im posative the Wii NAND/BIOS is encrypted, thats a given, anybody who thinks otherwise has no idea what they are talking about.
Only a matter of time, and given the progress with the wii.... id say a month or so.... maybe 3 for solderable chips.... odds are we will see an exploitable hole with the research this will bring and hopefully just be able to use a flashme type deal with the wii.
God i hope this doesnt ruin online play.
As far as i am aware, the Bios / Firmware for the console (OS etc etc etc) is held on the internal NAND flash chip, this contains everything, your saves, VC, OS etc etc. So technically this is the BIOS (so to speak, it can really be called a bios anymore).
i have been experimenting with bricked wiis over the past couple of days, by swapping a working NAND flash, with a Bricked nand flash to see if the console would boot, it wouldnt. So there is definatly something Unique held in the console / NAND.
i have been experimenting with bricked wiis over the past couple of days, by swapping a working NAND flash, with a Bricked nand flash to see if the console would boot, it wouldnt. So there is definatly something Unique held in the console / NAND.
thecheekymonkey said:
What is it with me and rework stations, another one bites the dust!!!
Tested today :-
One good working Wii
One bad bricked wii (SPM Opera error)
removed both nand flashs from each wii, and resoldered the Good nand flash into the Wii that contained the bricked Nand, resulting in nothing but a black screen, i have swapped back the bricked nandflash and the wii is now working again (as in its giving video output with the bricked wii message from opera).
So swapping NAND`s doesnt work, and neither should copying a good nand flash onto a bricked nand flash, so people need to do more work, its likely there is unique keys or something?
let the work continue....................
- Joined
- Aug 21, 2006
- Messages
- 65
- Trophies
- 0
- Age
- 39
- Location
- Denver, Colorado
- Website
- www.devo-e.com
- XP
- 138
- Country
did you try swapping the following chip aswell as they are probably married....
http://wiire.org/Chips/K4J52324QC-BC14
This is U3 on the motherboard below...
Motherboard
http://wiire.org/Wii/console/motherboard
If you look at the datasheets for these two chips they work TOGETHER, i wouldnt be suprised if the bios is on the flashrom, where as the vc and general storage is on the 512MB GDDR3 chip (U3). This memory is used for both video and cpu memory.
I havent had the time to dump my chips yet cause well... im lazy lol
EDIT: removed repeated stuff thats probably already known
http://wiire.org/Chips/K4J52324QC-BC14
This is U3 on the motherboard below...
Motherboard
http://wiire.org/Wii/console/motherboard
If you look at the datasheets for these two chips they work TOGETHER, i wouldnt be suprised if the bios is on the flashrom, where as the vc and general storage is on the 512MB GDDR3 chip (U3). This memory is used for both video and cpu memory.
I havent had the time to dump my chips yet cause well... im lazy lol
EDIT: removed repeated stuff thats probably already known
- Joined
- Jan 7, 2007
- Messages
- 640
- Trophies
- 0
- Age
- 42
- Location
- Deltona, FL USA
- Website
- myspace.com
- XP
- 253
- Country
And how do you know a guy won't be reverse engineering them?
Nope, and i wont be doing either, i just dont have the equipment for BGA work (who has? except TMF at xbox hacker) . Twas just an experiment whilst i had a bit of free time
I have a feeling that there is a key/hardware encryption engine in the CPU die ... it's a custom fabricated PPC afterall... and all those test pads on the board are used to control the board on the production line and encrypt/prog the flash.
Yes, I actually hope that Nintendo's security is unbreakable by weenies.
- Joined
- Oct 31, 2006
- Messages
- 2,421
- Trophies
- 0
- Age
- 36
- Location
- South East London
- Website
- www.gbatemp.net
- XP
- 571
- Country
Similar threads
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@
SylverReZ:
You can make a post on the DS forum about your findings, and they'll do their best to respond. They have a GBAtemp account here, you know. -
@
Materia_tofu:
oh ye i made a post i did forget they had an account i prob shouldve tagged them in the post+1
tbh -
-
-
-
-
@
BakerMan:
Update on my brother: He's home now, tired and hungry, obviously, but other than that, seems to be doing fine.+1 -
