Wii Hacks

        

Friday, December 29, 2006

Nintendo GC / Wii Security Flaws

tmbinc did a speech at a Video Game Console Conference the other day. The video is up on youtube and has some very interesting info.

22 Comments:

Xian said...

If you actually watch the whole video, not the edited version on YouTube, he clearly states that HOMEBREW is not possible on the Wii because the executables are signed. So the backdoor 2 method he describes can be used ONLY for backups. This makes it highly unlikely that the information will be released publicly, as the hackers involved do not support piracy.

Lukas said...

i can't understand a damn thing he's saying. need subtitles

bram said...

correction : homebrew is not yet possible

Doomangel said...

"So the backdoor 2 method he describes can be used ONLY for backups. This makes it highly unlikely that the information will be released publicly, as the hackers involved do not support piracy."

However, they do support game backups? They wouldn't stop here, just because it "could" blow up piracy. Many gamesystems are hacked with the knowledge of that piracy is available..

Martin said...

@ xian :

Where can I find the whole Video ?

Xian said...

The entire presentation can be seen here...

http://cryptosystem.org/video/tmbinc-consolehacking2k6.ogm

It's an OGM video, so you'll need something like VLC Player.

Alfonso said...

If they don't support piracy, and finally don't give all the details, for what they've told, it's extremely easy to guess the hack.

Just we have to find the new connector and adapt the modchip to it. Don't worry that modchip makers know what they do... If not, wait a month and see...

Alex said...

I don't want piracy but I DO want to be able to play games from other regions

forrest said...

I believe that the Wii can also run unsigned GameCube code. After all, it can run GC disks, and they weren't signed or encrypted in any way.

Ari said...

So I was watching that video, and I looked up and successfully found multiple Wii mod-chips...as well as a program that runs an hdd to store games...including VC games. Check out the Viper Extreme chip (seems like the most sound of the mod-chips) and look for Wii hdloader.

raindog469 said...

I'm pretty sure any Wii modchips available for sale right now are scams. Give it another 6 months.

Also, homebrew may not be possible on the Wii using this particular hack, but the PSP uses signed executables too and people found exploits to allow arbitrary code execution on that. I think the same applies to the DS, judging by that RSA logo on the box.

forrest said...

The DS doesn't work through exploits in games like the PSP does, it works by installing new firmware. You have to bridge the SL1 jumper to allow the memory to be writable.

Ari said...

yeah...I looked into the modchip a little more and there is no way to purchase it on any of the sites that talk about it...it must be a "in development" chip.

The Wii backup theory seems sound however...I took my Wii apart actually (I know...heresy) and found the UTS port lines...I also was playing with the GC disc grabber thingy inside and might have found a way to disable it enough that it would think of a DVD disc as a GC disc...the only problem is I can't install the exploit due to lack of the SD card adapter.

Ian said...

Man, that's really disappointing to hear no homebrew yet, only backups. Now, backups are great in their own way... but homebrew is what is most exciting about the Wii!

xernobyl said...

Don't worry. We all know Nintendo sucks at security. It may not look like that because of gamecube's lower sales and 8cm disks.

I still belive the Virtual Console is the way to go for homebrew. Anyway Nintendo could stop piracy by letting people develop for Wii! It's not like they lose money per console sold :(

Doomangel said...
This comment has been removed by the author.
Sebbs said...

"We all know Nintendo sucks at security" i'd argue with that, seeing as the iQue seems largly secure and unhacked

"The DS doesn't work through exploits in games like the PSP does, it works by installing new firmware."
not true actually. the data being sent between the game and the DS is encrypted, except for the header and the passme devices slip in some redirection code just after the header has been sent. the custom firmware just looks for DS playable code in the GBA slot without having to be redirected from a passme
on this note, would a similar exploit be workable on the Wii?

Joe said...

Bottom line.... You cant copy games and there is no mod chip - period. From what I am seeing it looks like there will be no mod chip for the Wii.

Doomangel said...

"Bottom line.... You cant copy games and there is no mod chip - period. From what I am seeing it looks like there will be no mod chip for the Wii."

Did you watch the video? Security is really low, it should be easy to get a modchip working.

xernobyl said...

Yes. I think that's the moral of the story. About iQue not being hacked I don't really see the advantage of trying to hack it, as it was only available in Japan and it's more expensive than gamecube for essencialy the same hardware (not sure about this part).

Sebbs said...

iQue was released primarily for china, as its basically has the largest piracy rate for games, so it was designed to be unpiratable...and its hardware is essentially a N64 on a chip

as far as homebrew on the Wii goes, unless someone can crack the encryption (highly unlikely) the best chance will be trying to redirect to the SD bay and run code from there...short of an official solution anyway

mail said...

"Bottom line.... You cant copy games and there is no mod chip - period. From what I am seeing it looks like there will be no mod chip for the Wii."

Red Steel has been released on certain groups. Although there is currently no way to play this yet, I believe that a few months down the line we WILL see a modchip for the Wii.

Click Here to Post a Comment

Subscribe to the Nintendo Wii Hacks Blog RSS Feed

Also see:
PSP Hacks
PS3 Hacks
Zune Hacks
iPhone Hacks
Apple TV Hacks