Wii Internet Connection Reverse Engineered

AlexTheBeast writes "By packet sniffing his Wi-Fi connection, this hacker has already begun to dig into the internet interactions of the new Nintendo Wii. Basically, by using Firefox and after setting the user agent correctly, anybody can easily browse many WiiShop pages including the WiiShop main page and startup manual. More advanced connections including binary and virtual console downloads are currently in the works. Come join the project."

That's what happens...

[tttonyyy]

..when developers play with their Wii.

(Sorry, couldn't resist YAWJ (Yet Another Wii Joke))

Re:That's what happens...

[JohnSearle]

That's what happens... ..when developers play with their Wii.

What they wii-direct the DNS?

- John

Bad smell

[Rastignac]

I don't want to sniff out my wii. ;)

Re:Bad smell

[MyDixieWrecked]

well, I've been playing with my wii so much, my arm is sore

in fact, all my muscles are stiff. I'm in such bad shape, my wii makes me stiff.

Re:Bad smell

[Crizp]

Comedy gold. Shame I have no mod points :(

Re:Bad smell

[inKubus]

I'm in such bad shape, my wii makes me stiff.

I can't decide if this is a Soviet Russia joke in disguise...

Re:Bad smell

[Salmar]

That's why it's good for you. You've joined the legion of lazy-ass gamers who complain that using the Wiimote for even a few minutes tires them quickly. Stiff muscles and fatigue are VERY common in those who exert themselves suddenly without having exerted themselves recently (like within the last week). So, congratulations; you've had your first real workout in weeks (months?).

Re:Bad smell

[MyDixieWrecked]

well, I haven't done any workout that's impacted my muscles in that way in like... yeah... years? having a job kinda takes away time to do activities that require being active. although I walk about 2 miles a day between work and food (I don't have a car and live in new york city) .

but yeah, you're right. =P

Re:Bad smell

[patio11]

"In Soviet Russia, Wii stiff you!" -- printed on the checks issued to all workers of state-owned industries.

So ... What's next

[HappySqurriel]

So ... what's next?

Will we be getting a news story about a Hacker who had installed the Wiis web-browser on his PC by going to http://www.opera.com/ ?

Re:So ... What's next

[cloricus]

I was thinking that... Seriously today at work I sat in front of ethereal for two hours sniffing packets for regular network reports and just for general knowledge of what's going on and god knows what I saw go past. It isn't at all skillful to sniff out of a agent string and use a Firefox plugin to put in what ever you want - heck if you want to be 'uber leet' you can code your own agent string into Firefox! How awesome!

So in summery this isn't even remotely interesting. Go home script kiddies...and by home I mean digg! (Yes I do have the karma to burn.)

...Still four weeks till we get Wii's in Australia. :(

Re:So ... What's next

[SausageOfDoom]

Well, seeing as this shows that the channels are web-based, I would imagine that one possible next step would be to hijack the connection when it reaches your router, and then, depending on the page request, return your own content.

I'm guessing this would allow you to create custom channels by returning whatever content you wanted to the Wii. Perhaps it might also bypassing the need to buy Opera, as it sounds like it's already built in.

Re:So ... What's next

[Programmer_In_Traini]

i dont think the point was to be uber by displaying l33t h4ck1ng skillz0r. :)

but its a start at developping homebrewed apps for the wii. heck, maybe create homebrewed wiishops servers so users can share wii games.

thats the good thing with consoles on the net, its fairly easy to fool them once you know what kind of answer they expect.

Re:So ... What's next

[NaDrew]

Perhaps it might also bypassing the need to buy Opera, as it sounds like it's already built in.

Opera is free.

Re:So ... What's next

[SausageOfDoom]

Yes, Opera is free. Free as Opera for a desktop, free as Opera Mini for a mobile.

But it is not free for other devices like the DS, and it's not going to be free for the Wii either.

As the article I linked to above states, although Nintendo have said that they'll be giving Opera away for free until June 2007, they have also said that this would be a temporary promotion and that from July you will have to purchase it using Wii points.

I therefore stand by my original comment - now that it has been revealed that a reduced-functionality Opera is already built in to the Wii, perhaps some post-June adopters will be happy to avoid buying Opera by setting up their router to hijack the page requests and build their own web browsing interface. I guess that will depend on how much of a geek they are, and how much Opera Wii will cost.

Already Locked Down

[A+Brand+of+Fire]

Apparently Nintendo has caught wind of this and has already set up redirects to the Wii root website from these links.

Re:Already Locked Down

[l_bratch]

This only happens if your user agent is set incorrectly.

If you RTFA, you will see what user agent to set your browser to.

Re:Already Locked Down

[Zangief]

Did you change your user agent? For example, for the Wii shop you need to identify as

Opera/9.00 (Nintendo Wii; U; ; 1038-58; Wii Shop Channel/1.0; en)

Correction

[A+Brand+of+Fire]

It seems that it redirects with links referred from other websites. After putting in the URL manually, I was able to view the pages. Pretty cool stuff.

Re:Correction

[tttonyyy]

Given the number of consoles Nintendo must be anticipating serving those pages to, I'd expect them to be pretty much unslashdottable. A few people from slashdot? T'is but a scratch!

Re:Correction

[remembertomorrow]

Not sure if this was implied in your post or not, but you still need to set the user agent as well.

Roms! \o/

[remembertomorrow]

Once the Virtual Arcade system has been worked out, someone will put up a custom server where you can download the games for 0 points. All you'll have to do is point wii.com (or whichever A/AAA records are needed) to their server.

It seems like this system will be hacked rather easily. :/

Re:Roms! \o/

[Mage+Powers]

unless they do some of that stuff through https...

Re:Roms! \o/

[HappySqurriel]

Once the Virtual Arcade system has been worked out, someone will put up a custom server where you can download the games for 0 points. All you'll have to do is point wii.com (or whichever A/AAA records are needed) to their server.

It seems like this system will be hacked rather easily. :/

Well, being that Nintendo is not stupid I suspect that ever virtual console game is signed to prevent copying; on top of that (being that each game is only usable on one particular system) it is possible that Nintendo signs the signed code for each console when you buy a game. Now, unless the system is physically cracked, I think that it is nearly impossible to break this system.

Re:Roms! \o/

[Lissajous]

...on top of that (being that each game is only usable on one particular system) it is possible that Nintendo signs the signed code for each console when you buy a game. Now, unless the system is physically cracked, I think that it is nearly impossible to break this system.

I find it doubtful that Nintendo would do this. This would be putting the private signing key on a theoretically publically accessable network. You wouldn't believe how tightly guarded signing processes are - it's normally only 2 or 3 people in the world that have access to it. The implications for are far too great for them to even contemplate that approach. But I do agree with you that it's not going to be easily cracked, by any means.

Re:Roms! \o/

[remembertomorrow]

Then you just make a machine appear to be a Wii. Their server is none-the-wiser.

Re:Roms! \o/

[HappySqurriel]

I find it doubtful that Nintendo would do this. This would be putting the private signing key on a theoretically publically accessable network. You wouldn't believe how tightly guarded signing processes are - it's normally only 2 or 3 people in the world that have access to it. The implications for are far too great for them to even contemplate that approach. But I do agree with you that it's not going to be easily cracked, by any means.

Not really ...

If Nintendo can keep their super private signing key private and sign the rom before it gets to the distribution service.

Now, for every console you can generate a public/private key pair where the console holds the private key (without knowing what the public key is) and the service holds the public key (and keeps it secret). The result would be that you'd have to hack the online service in order to get the public keys to transfer the already signed rom to another console; not the easiest thing to do.

If you crack the console on the other hand this can all be bypassed though ...

Re:Roms! \o/

[remembertomorrow]

Exactly, I don't see what is so hard about cracking this setup.

Once you've purchased said games, they're a) stored unencrypted on your machine, or b) decrypted during runtime, and could be intercepted fairly easily.

Unless I'm wrong? Enlighten me!

Re:Roms! \o/

[Lanttu]

What if someone makes a system that can generate Wii compatible roms from all those rom files that you can download from the internet? I mean - there has to be somekind of signing system or FairPlay -styled coding system where you account is going to be the key to open those roms that you download from Nintendo. But what if - now, you have to realize that I dont know a **it about Wii's accounts or even seen the console in real life. Just general interest cause I am going to buy one. - someone puts up a server which uses same kind of system. It requests your account and then modifies the rom of that you want to use your account? Or even better - a downloadable program that does it for you and then you just need to build a server... I dont see any reason why that isn't possible because it downloads those roms via internet. I think that it is not going to lock those files with any fancy copy protection which needs internet connection (or is it?) but it might encode those files to match your Wii Account. Just like FairPlay. Now - if there is a way to build account free rom or modify the software to always try one decode style first or a software that transforms a standard .NES / whatever rom to Wii readable format then it should be pretty easy hack - no hardcore chips needed... but this is only what if... :D

Re:Roms! \o/

[HappySqurriel]

They would probably be decripted durring runtime but we don't know whether this would be stored in memory or whether this memory would be easily readable from outside the CPU ... Being that the CPU was designed with signed emulation in mind, the Wii CPU could (theoritically) take in encrypted data/instructions from memory, decrypt them into registers/on chip memory, re-encrypt the output and store that in memory. Ultimately, it is beyond me (or anyone I know) to break a system like that but I'm sure there is someone who could.

Re:Roms! \o/

[Lissajous]

Now, for every console you can generate a public/private key pair where the console holds the private key (without knowing what the public key is) and the service holds the public key (and keeps it secret). The result would be that you'd have to hack the online service in order to get the public keys to transfer the already signed rom to another console; not the easiest thing to do.

This was my point. The online service is accessable to the g.p. so would be theoretically open to t3h l33t h4x0rZ. Ninty (or anyone) would not under any circumstances what the key to fall into nefarious hands.

If you're generating a unique key-pair for each console, then this is another area of possible exploit. There'd be a difference between two identical systems based solely on this key pair. Remember that part of copy protection is protection-by-obscurity. Making it more apparent where the protection system lies is a big hint to t3h h4x0rZ as to where to look to break it.

The only redeeming factor would be that seeing as this is an online operation, they would be theoretically able to change the signing key, change the setup on you box you through a system update, and lock out any roms signed by the old system, whilst at the same time providing you with fresh shiny new copies of the legit. ones you bought. Huge bandwidth issue I grant you, but still cheaper than leaving the system wide open.

Re:Roms! \o/

[HappySqurriel]

I'm not positive I know what you're asking, but I think I'll give it a try ...

I could be wrong but I think the difference between what I'm describing and Fair Play is that Fair Play takes an unsigned data format and signs it to be specific to your particular account/machine and there is nothing that prevents you from using an unsigned version of that data with your account/machine; now, Nintendo could design a system such that it will only play games that were both signed by Nintendo (to make them an official rom) and signed for your specific machine. In Nintendo's case, stripping the per-account signing would give you an officially signed Nintendo rom but that would not be playable on an unmodified machine unless you had access to the account based signing key (by modifying the system you'd be attempting to remove the requirement that the game had to be signed per machine, or for homebrew that it was even signed at all).

Re:Roms! \o/

[Abcd1234]

What the hell are you talking about? Signing a binary doesn't prevent copying. All it prevents is someone from modifying the ROM and then running it on the Wii. The only thing that will "prevent copying" is full-on encryption. However, the Wii would then need the key to decrypt the content, at which point you just hack the Wii to get the key.

Basically, they're facing the exact same problem content providers are facing: you're trying to lock down content while at the same time giving the user the means to unlock it (so they can use it). And unless you can ensure the hardware is unhackable, this simply cannot work.

Re:Roms! \o/

[somersault]

That's an awful lot of ifs. It's a lot harder to duplicate Nintendo's system than just saying "I know!!! - What if someone cracked it!!1!!!oneeE!!!!!! Yay!!!". If the pricing is fair then why try to crack the system? Someone will probably work out how to break it if there's any incentive though..

Re:Roms! \o/

[assassinator42]

I don't know if I'd say the pricing is fair. Plus, you'll never be able to buy every NES/SNES/N64 game. What if I want to play Perfect Dark on the Wii? Anyway, I doubt you'll be able to do it without a custom firmware of some sort. Perhaps a modchip?

Re:Roms! \o/

[somersault]

How much does it cost? I wouldn't have too hard a time believing they're overcharging, seeing as Tetris for the DS costs £30 here.

If I wanted to play NES or SNES games I'd just get an emulator (I know it could be cooler using a Wii but meh..). I'm not a Nintendo fanboy so I don't have much Nostalgia for any old Nintendo games (apart from MarioKart :) )

Re:Roms! \o/

[Xenographic]

If they did any such thing to prevent people from downloading the ROMs, quite frankly, it would be a complete and utter waste of time.

As anyone should know by now, you can download ROMs and emulators for nearly any system you want online. It's not even hard. The Pirate Bay even has nice, huge, torrents with practically every ROM ever (including tons of bad dumps I have no idea why anyone would ever want).

So really, they shouldn't even bother. It would be a total waste of their time and money. Heck, if they're getting it from the store, at least people are paying for the ROM. So they can laugh about "hacking" the Wii store all they want, but if they're paying Nintendo instead of downloading it for free from any of the hundreds of ROM sites, well, they'd be shooting themselves in the foot to discourage that, I'd think.

Not that they wouldn't do such a thing, but...

Re:Roms! \o/

[HappySqurriel]

I suspect that Nintendo would be very careful about what code was running on their system for fear that it could be exploited to produce a soft-mod to allow for pirated games to be run.

Imagine if a buffer overflow error was found in the emulator, which allowed for unsigned code to be run, so the hacker could replace your firmware which allowed for booting from a usb hard-drive ...

Re:Roms! \o/

[Salmar]

I bought Tetris DS for US$35, I and thought it was worth every dollar. (Yeah, £30 is a bit more than that...) Still, I can't imagine Nintendo asking for more than US$15 for even Zelda. A good number of very nice, yet somewhat unpopular GC games have been moved to the "Player's Choice" category, giving them a substantial discount. There's no way they would overprice their 10~30yo games.

Also, the Virtual Console, is, uh, legal. Unless you're using your own backed-up roms, or are downloading only the ROMs of games that you own, using an emulator is neither legally nor ethically acceptable.

Re:Roms! \o/

[somersault]

Personally I have no ethical qualms playing games from a 15 year old system using an emulator if I don't have any alternative way of trying them out..? Ever heard od abandonware? I wouldn't use pirated copies of modern games (used copies are plenty cheap).

Re:Roms! \o/

[Salmar]

Yes, I've heard of the term. Yes, its meaning is exactly what you described: pirated games that would otherwise be unable to be enjoyed. But that's not what you were talking about. You were talking about (S)NES games. Many of them (the most popular) will be available legally from the Virtual Console. I won't personally stop you from downloading games that aren't obtainable in other ways, because I also personally understand your feelings on that point. But you don't have a leg to stand on if you choose to rip off Virtual Console games.

Re:Roms! \o/

[Salmar]

Whoops, I'm an idiot. Darn those tags.

Re:Roms! \o/

[Fancia]

"Abandonware" refers to games that are actually abandoned, not games the developer/publisher is continuing to sell.

Re:Roms! \o/

[k8to]

You point out (correctly) that signing of roms won't prevent duplication. Then you claim that encrypting the roms _will_ prevent duplication. How, exactly would I be unable to duplicate ecrypted roms? They're just bits.

The key to prevent piracy is to have keys at both ends which are verifiable. The store should use a pre-arranged key the wii can verify, and the wii should use a per-wii key that the store uses to modif the files, whether via signing or encryption does not matter. In this way, the wii will not accept unauthorized content, and authorized content will not be transferrable.

As a fan of homebrew games and console hacking (demos, etc) I sure hope they messed up on some of this.

Re:Roms! \o/

[somersault]

I think the only modern game I played for more than a day on an emulator was Pokemon, which I have since bought for my DS. I recently downloaded lots of Abandonware Amiga games (some of which I used to own, some of which I only had the demos and couldn't buy as I was only a kid and had very little cash..). Anyway. I most likely will get a Wii, and I'll only buy games for it legally, the same as I have for my PSX,PS2 and DS. I don't really like any form of pirating, though in the past I went through a phase of downloading MP3s , and I'm not too proud of it - I eventually decided against it (though when it comes to friends sharing music I still do that, but if I like an album a lot I buy it to support the artist) :)

Re:Roms! \o/

[Abcd1234]

Ahh, I believe we're running under different assumptions. I came at the discussion considering the problem of preventing ROMs from the Wii being copied and played on, say, a computer. As such, I didn't address the issue of copying material from one Wii to another. In this case, you're absolutely right, the problem is solvable (well, barring hacking of the Wii firmware or some other more advanced trickery).

Re:Roms! \o/

[ggy]

It's a lot harder to duplicate Nintendo's system than just saying "I know!!! - What if someone cracked it!!1!!!oneeE!!!!!! Yay!!!".

Yeah, but you could always patent it...

Re:Roms! \o/

[named]

This is exactly what client certs were invented for. Using https with client & server certs allows the client to authenticate the server, and vice versa. It would be pretty easy for Nintendo to issue a cert for every Wii.

The only issue might be the extra CPU involved in using SSL, but if they're going to be preventing loss of revenue I can see the accountants springing for the extra hardware :)

Re:Roms! \o/

[PygmySurfer]

I won't personally stop you from downloading games that aren't obtainable in other ways

I don't think you'll stop him from downloading games that ARE obtainable in other ways, either ;)

Re:Roms! \o/

[somersault]

Someone below posted this "1 Wii point = 1 cent, which means Mario 64 is $10, SNES/Genesis/Turbo Gfx games are $6-8 and NES games are $5(!?)"

Seems fair to me.. that's like £5 a game at most (though I recently completed my first ever Mario game, think it was Super Mario World on the SNES that was in our holiday home - completed it in 2 days, which I think is okay for someone that always thought they sucked at Mario games).

So when will the remote get hacked?

[DrXym]

If it uses Bluetooth as it is supposed to, what is to stop the Wii remote being used on a PC or even a PS3 if you wanted to? What's the point you may ask - well it would make for useful mouse replacement for presentations, or just for couch surfing.

Re:So when will the remote get hacked?

[DrXym]

You don't need the sensor bar functionality as the thing is armed with gyroscopes and accelerometers, which are more than enough to control a cursor on an overhead projector. All those buttons could be mapped as mouse buttons and the D-Pad as a scroll wheel. Gyroscopic mice have been available for quite a while now that do just that, but they cost far more than a Wii remote.

Re:So when will the remote get hacked?

[Spokehedz]

The above is true, with the exception that the sensor bar tells the system what relation to the screen you are. It doesn't use the sensor bar all the time--such as when you swing the controller off the screen, for example.

But you DO need to point it at the screen so that the camera in the front of the wiimote can see the IR beams to know how to translate the sensor data received from the wiimote into movement in the screen.

Let me put it another way: The wiimote doesn't know which way is up if you don't point it at the sensor bar. If you don't know up, how are you going to translate changes in G forces (which is what the accelerometers measure) into movement of a pointer? You wouldn't be able to know what the data you were receiving meant, without a point of reference--and that is what the sensor bar provides.

Re:So when will the remote get hacked?

[AvitarX]

You could use something such as the acceleration of gravity to know which way is up. Pressing buttons 1 and 2 simulteniously to recalibrate which way is up if that becomes a problem.

Mice without sensor bars have existed in the past and work.

Re:So when will the remote get hacked?

[odyaws]

If it uses Bluetooth as it is supposed to, what is to stop the Wii remote being used on a PC or even a PS3 if you wanted to? What's the point you may ask - well it would make for useful mouse replacement for presentations, or just for couch surfing.

Apparently it's trivial to at least use it as a gamepad: link. Pointer functionality can't be far off...

Re:So when will the remote get hacked?

[DrXym]

The above is true, with the exception that the sensor bar tells the system what relation to the screen you are. It doesn't use the sensor bar all the time--such as when you swing the controller off the screen, for example.

Doesn't matter. A mouse doesn't know where the edge of the screen is either. Besides, having a controller which requires you constantly point it at the screen to use a cursor is tiring and very clumsy. But you DO need to point it at the screen so that the camera in the front of the wiimote can see the IR beams to know how to translate the sensor data received from the wiimote into movement in the screen.

Again, doesn't matter. All the driver would require is to know when you swing it left, right up or down and translate that into the appropriate movement of the pointer. You don't even need to point the thing at the screen to move the pointer. That's exactly what existing gyroscopic mice do.

Let me put it another way: The wiimote doesn't know which way is up if you don't point it at the sensor bar. If you don't know up, how are you going to translate changes in G forces (which is what the accelerometers measure) into movement of a pointer? You wouldn't be able to know what the data you were receiving meant, without a point of reference--and that is what the sensor bar provides.

The driver makes the assumption that people hold the remote in a horizontal fashion and swing it left or right, or tilt it up or down to move the mouse. You can refine this I'm sure and even offer left / right handed behaviour but those are the basic requirements. I expect a peek at the driver for a gyro mouse would offer likely other enhancements.

And if by chance someone does want to implement the sensor bar, the thing is just a dumb strip with LEDs that and it might even be possible to jury rig it to work from a USB port.

Re:So when will the remote get hacked?

[Evangelion]

It knows which way is up, so it can figure it's pitch (rotation around x) and roll (rotation around z), but it can't use gravity to figure out it's yaw (rotation around y).

It also can't use gravity to figure out it's position relative to anything.

It can detect *movement* in six axes (x/y/z, rotation around x/y/z), but it can only figure out absolute position in two of the rotational ones due to gravity.

That's where the sensor bar comes in -- it gives the remote a reference point (above or below the display) so that it can be used as a pointer.

Also, it's worth noting that the "sensor bar" is passive. It doesn't read anything, it just gives the remote a reference point to use. Assuming the Wii is on, the wiimote will be able to figure everything out on it's own.

(y=up/down,x=right/left,z=in/out)

Squid proxy = Homebrew injection

[palad1]

Good news everyone!
By setting-up a squid proxy one could be able to make homebrews appear as games requiring 0 wii points before being sent to the wii, which will gladly accept it as a runnable executable!

Now we just have to reverse engineer the 'Virtual Game Console'. 100 say it will turn-out to be a Mame clone.

Can't wait till the Wii gets released in Europe. Oh my :)

Besides, we may even be able to stream a divx player using this technique.

Re:Squid proxy = Homebrew injection

[EvilRyry]

I gotta believe these executables need to be signed or something. I can't believe they'd leave the back door wide open like that.

If not though, does it run Linux?

Re:Squid proxy = Homebrew injection

[geekboy_x]

You dont need that - the Wii Opera browser can hit normal web pages just fine, so flash-based homebrews can just be served off regular ol' pages, like this:

http://wiicade.com/Home.aspx

Have fun!

Re:Squid proxy = Homebrew injection

[LocalH]

Homebrew doesn't refer to Flash. Homebrew refers to unlicensed software running directly on the hardware.

Re:Squid proxy = Homebrew injection

[CliffSpradlin]

I totally disagree. Flash is just an easy way of writing and distributing these games, it's still homebrew. You still use the Wiimote in order to control it. This can be "emulated" with a mouse, much like a SNES controller can be emulated with a keyboard, but it's just not the same.

I would love to see a homebrew community formed around flash Wii apps. People could test out ideas very quickly, and show them to others as well. In fact, once Opera is officially released I really hope to see this happen.

Am I the only one who is impressed by.....

[8127972]

..... the fact that this doesn't look like some sort of custom solution that would be forever tied to the hardware. Instead it seems to be very "off the shelf" in nature from what I can see. I'm impressed that Nintendo would go that route. Many companies wouldn't.

Signed code You

I assume the phrase "signed code" has never entered your mind?

Something tells me they learned a few lessons from the DS and WiFiMe.

Welcome to the New Console Hack-fest

[SalaciousPucker]

Microsoft is really the only console maker that has ventured online in any substantial way. They locked down their hardware and sealed off the wild wild internet (no IE on the 360) for good reason.

I really think the Wii and/or the PS3 are going to be hacked to death. They have browsers, neither are experienced here and with Sony in particular, the whole thing seems kinda....rushed(?). I mean, with the media they are fine - people won't be burning blu-ray cheap enough soon enough. One click pirated downloads would be even worse though...it would be much easier. Given the cost & market for the PS3, a hack like this would be instant death for developer support.

Re:Welcome to the New Console Hack-fest

[iapetus]

Yes. With potential security holes like this, I doubt it'll be long before we see some sort of crazy hack to run Linux on the PS3. Wouldn't that be great?

Re:Welcome to the New Console Hack-fest

[xtracto]

Microsoft is really the only console maker that has ventured online in any substantial way. They locked down their hardware and sealed off the wild wild internet (no IE on the 360) for good reason.

That is something I found very interesting about Microsoft's new console. I kept hearing about the Hypervisor this and the Hypervisor that and the new Xbox was unbreakable and antihacker box and all that from Microsoft, after it was released I followed some of the hacking efforts and it seemed to be very heavy locked. (of course it is now possible to play pirated games... duh!).

Au contraire, neither Nintendo or Sony have braged about any antipiracy methods... I could think that 10% of the Xbox360 power is wasted in the Hypervision anti haxx0rs software (the most funny thing is that they still think they can fix a HARDWARE PROBLEM [this is the reproduction of illegal copies] with a software patch...).

I for one am really happy to have preordered my Wii yesterday (Comet shop in UK) I am waiting for it as the first console I have got in 5 years .

Re:Welcome to the New Console Hack-fest

[FroBugg]

Is this really such a terrible thing for the Wii?

Sure, some people may end up downloading pirated games instead of buying them from Nintendo, but as iTunes shows, people are perfectly willing to pay reasonable prices for things they can get free elsewhere.

And since the Wii hardware itself is actually profitable for Nintendo (as opposed to the PS3), they're still going to make money from people who buy a Wii with no intention of ever buying a legit Virtual Console game or even a real Wii game. And maybe once these hackers have a Wii they'll buy some games after all.

Re:Welcome to the New Console Hack-fest

[Virgil+Tibbs]

thats where yellow dog linux is going- with all macs going intel, yellow dog hasno choice but to go to the ps3 because there are no other powerpc processors

Re:Welcome to the New Console Hack-fest

[xtracto]

Sure, some people may end up downloading pirated games instead of buying them from Nintendo, but as iTunes shows, people are perfectly willing to pay reasonable prices for things they can get free elsewhere.

And I am sure their primary userbase is not the hacker that downloads from romhustler or priarrrbay but mom and dad that get out of work, turn on their Wii and choose the newly released game from the Wii Channel.

Re:Welcome to the New Console Hack-fest

[wootest]

Or stay on what has to be 40+ million PowerPC-based Macs in the world, or run on Wii or Xbox 360 (both also custom PowerPC-based cores).

I hope you're not fooling yourself that the PowerPC is now doomed, doooooomed. It's already been in embedded devices for ages, and it looks like it will be staying in consoles for the foreseeable future as well.

Re:Welcome to the New Console Hack-fest

[freeweed]

Well said. The 1% of us that know how to find ROM images online (while making sure they're the right ones, and transferring them to an SD card) aren't really going to do much damage here.

Mom and Dad will still pay the measly $5 (although I really wish they had gone with iTunes' pricing model for 20 year old games!) and just click to download.

Re:Welcome to the New Console Hack-fest

[cnlohfin3109]

problem may be with the fact that companies may not want to develop games on a system that people can just hack and download the game for. Nintendo tring to stop this wouldnt be protecting itself(directly) but companies like EA or ubisoft.

Re:Welcome to the New Console Hack-fest

[StikyPad]

with the media they are fine - people won't be burning blu-ray cheap enough soon enough

Eh.. One of the benefits of competing formats is that they're prone to price wars. I'd be surprised if BD/HD-DVD recordable media isn't below the $5 mark by this time next year, and burners in the $200-$300 range. That would be cheap enough to attract more than a few people, especially when it's the same cost as buying 3-6 games at $50-$60 a pop.

DNS redirection

[AsnFkr]

Using DNS redirection you can get the Wii to any website you wish. Video

DMCA violation...?

[__aaclcg7560]

Isn't reverse engineering the Wii packets to figure out the proper browser user string a DMCA violation?

Re:DMCA violation...?

[Midnight+Thunder]

Isn't reverse engineering the Wii packets to figure out the proper browser user string a DMCA violation?

Depends. Reverse engineering is not a violation, but cracking encryption is.

Note I haven't ever read the DMCA, so am I am relying on what I have heard on forums and new sites.

Re:DMCA violation...?

[remembertomorrow]

If you have to question whether or not something violates the DMCA, chances are it does (unfortunately).

Don't Make Content Accessible

Re:DMCA violation...?

[Dr.+Mortimer]

No, because there's no encryption being broken here.

Re:DMCA violation...?

[crossmr]

Who cares, I don't live in a country which recognizes the DMCA. Lesson 1: America's laws are not the world's laws.

Re:DMCA violation...?

[ajs318]

No, but telling you you can't look at the data packets originating from a piece of hardware you own is a violation of common-law property rights.

Re:DMCA violation...?

[idonthack]

Everyone in America cares, because we do live in a country that recognizes the DMCA.
 
Lesson 2: Just because it doesn't affect you doesn't mean it isn't a valid question.

It's actually a very good name.

Wii was a very good name to choose, just because of how much it sounds like a pet name for the penis.

Here in Finland there used to be a brand of chocolate milk called Jukiuilla. That sounds very, very close to a word which translates best to English as "bloody assrape".

People remembered that brand of milk. It became a hit sensation among teens just because of its name. While other chocolate milks had more benign names, that chocolate milk had a name that stood out. I think Nintendo has managed, intentionally or not, to do the same thing.

Re:It's actually a very good name.

[tttonyyy]

That's true. When Nintendo announced the name, many people were disappointed, upset, and even angry. There was even a petition to Nintendo of America to change the name.

Certainly everyone talked about it.

And now we make affectionate jokes about the name, and it's quite accepted.

Methinks Nintendo made a very smart (or lucky) choice.

Re:It's actually a very good name.

[somersault]

Wow.. interesting why anyone would want to think about pounded crap while drinking chocolate milk :s Yuck

Re:It's actually a very good name.

[eln]

The Finns have a word for "bloody assrape"? I'm suddenly afraid to go to Finland.

Re:It's actually a very good name.

Here in Finland there used to be a brand of chocolate milk called Jukiuilla. That sounds very, very close to a word which translates best to English as "bloody assrape".

Huh? I'm not that young but I've never heard of such product. It doesn't get a single google hit either, not even suggestions for possible typos. Also, while I know more filthy slang terms for shady activites than would be really healthy, I can't figure out how that word could mean anything at all, let alone violent sodomy in Finnish. Did this story take place in some parallel universe or are there more Finlands than I'm aware of?

The point is valid, of course. There are many products which have become legendary for their more or less intentionally funny naming or advertising. Still, this particular example leaves me completely puzzled. Got any references?

Re:It's actually a very good name.

[smoker2]

Wii was a very good name to choose, just because of how much it sounds like a pet name for the penis.

In the UK, wee is the "pet" name for piss.

Great choice, they could have called it "shite".

Re:It's actually a very good name.

Here in Finland there used to be a brand of chocolate milk called Jukiuilla. That sounds very, very close to a word which translates best to English as "bloody assrape".

Sorry to be serious but no, we didn't have that brand of chocolate milk in Finland and no, it doesn't mean "bloody assrape" nor does it mean anything else in Finnish. This whole post is a nice story but totally false.

Re:It's actually a very good name.

[stunt_penguin]

It's a sign of how well Nintendo have made, marketed and managed the launch of the Wii that, PS3 fanboys and 7 year olds aside (aren't those the same thing? ;), practically no-one who is a bit into gaming is genuinely sneering at the name or the product.

Now everyone might not make it our top priority gaming purchase (I am!), but no-one can ignore the games lineup, the innovation and the quality of service that Nintendo are offering.

Re:It's actually a very good name.

[AcidLacedPenguiN]

Where I'm from "wee" is the pet name for "to take a piss" whereas wee-wee is the pet name for "penis"

Re:It's actually a very good name.

[Propaghandi]

This reminds of something that a particularly sick coworker of mine saw in an adult bookstore: "Milkshaking". It involved a guy anally violating a young woman who had diarrhea, and the subsequent discharge (and no, we're not talking about Santorum!). That image put me off Wendy's Frosties for 6 months .

Mike

Re:It's actually a very good name.

[Thalidomide+Pickpock]

There's more to the UK than England - up here in Scotland it means 'small'

Re:It's actually a very good name.

[6th+time+lucky]

excuse me while I go wee from my wee wee-wee

Re:It's actually a very good name.

There isn't. It would be something like "verinen perseraiskaus" which is pretty far from a specific word. And I don't think I've ever even heard those words used in that order. It sounds a lot better in English...

why does this even work?

[v1]

I am very surprised we are not seeing them use public key encryption here. If the wii has microsoft's public key, it can send encrypted requests which cannot be reverse engineered unless you are able to guess microsoft's private key. The way around this would be to disasemble the code on the wii. Since they are merely using packet sniffing, the traffic must not be encrypted. If someone were to have bet me if this would have been encrypted, well, I guess I would be out some money about now. Not that it's a bad thing for us, but what is microsoft thinking?? They had to know this would happen, and I can't believe they would sit idle and let it occur.

Though I suppose in a couple months we'll see a "software update" (i.e. they drop the portcullis) and that'll be the end of the tinkering without a screwdriver.

Re:why does this even work?

[Yosho]

You appear to be under the misconception that the Wii is produced by Microsoft. It's not. It was created by Nintendo. Unlike Microsoft, they're not obsessed with encrypting everything under the sun. Why would they care if somebody figures out their network protocol?

Re:why does this even work?

[dimer0]

What does Microsoft have to do with this?

Re:why does this even work?

[JFMulder]

You said : Why would they care if somebody figures out their network protocol?
The summary said : More advanced connections including binary and virtual console downloads are currently in the works.

I suppose this means that there could be a way to get Virtual Console games for free or to leach them from someone else downloading them. Not good for Nintendo's business. Too bad it wasn't encrypted.

Re:why does this even work?

[Yosho]

I suppose this means that there could be a way to get Virtual Console games for free or to leach them from someone else downloading them.

I highly doubt that knowing how the protocol works will enable people to get Virtual Console games for free. Everybody knows how HTTPS works, but you don't see people getting things for free from online stores all over the world. I suppose, in theory, it might be possible for somebody to sniff the connection of a download in progress, intercept the binary game data, and get it over to their Wii -- but the number of people who are capable of doing that, let alone would do it, is insignificant compared to the rest of the market.

Re:why does this even work?

[powerlord]

Not to mention that you would have to have a sniffer in a place where they can see that traffic. ... of course ... considering that the Wiis primary method of internet connection (along with the PS3 60GB) seems to be a WiFi connection, there me be quite a few people that can be in the position of being able to intercept the incoming traffic.

Now imagine that someone creates the program to sniff the packets and grab the game payload.
The only thing missing is a way to re-inject those payloads to a Wii, and any number of people will be able to download a game for free, once the game has been sniffed from one person downloading it.

Considering how secure most WiFi connections are, this seems like a realistic scenario.

"Hey mom, dad, I know this great site where I can download the games for free." Yeah ... a site would be sued out of existence, but what if the site was just your home computer running downloaded rom files via BitTorrent, and a custom web-proxy program to inject the code?

MOV

[HappySqurriel]

Something I would like to see someone try is to redirect to a page that contains a movie file format which the Wii supports (like MOV); this could be the easiest way to convert your Wii to a media center extender (with crappy file support).

Re:Signed code You

[Midnight+Thunder]

I assume the phrase "signed code" has never entered your mind?

Well that has never been cracked before ;)

Why would you encrypt this?

[SuperKendall]

Honestly, why would you encrypt this?

Encryption takes overhead. And since every console would have to have the same key (public not private by the way in order to sign a page with something Nintendo would recognize) the key would not remain secret for long - so it would be a bit of development trouble for zero gain.

Re:Why would you encrypt this?

[marcosdumay]

The news is that someone at a 'enterprise' was able to figure that out.

Because of all other examples we're getting recently, we expected otherwise.

How to setup for this (simple way)

[zepo1a]

This is for FF 1.5 (yeah lame..haven't updated yet, I assume will work for 2.0)
type
about:config
in FF Address bar
right click in window. New->String
use
general.useragent.override
for preferemce name, click ok
use
Opera/9.00 (Nintendo Wii; U; ; 1038-58; Wii Shop Channel/1.0; en)
as string value. click OK. you should now be able to hit the site without a redirect to wii.com

Re:How to setup for this (simple way)

[inKubus]

After doing this, try going here: http://209.67.106.203/oss/common/vc/ and then viewing the source. It seems that there's a lot of cool java and javascrpt here. Apparently there are java objects to access the video and sound of the Wii, some other stuff.

Lots more to explore, more later.

Reverse engineered?

[sid77]

!iiW

Re:Reverse engineered?

[earthbound+kid]

Who modded that troll? Mods on crack, I reckon.

slask dotted

[Virgil+Tibbs]

coralcdn copy at http://mozy.org.nyud.net:8080/wii/

Here is how to do it. was:Re:DNS redirection

[2bitcomputers]

In case anyone here doesn't quite understand the fundamentals of DNS here is how you would do this:

1. On the wireless access point you use to connect your Wii to the internet modify the DHCP server to hand out an IP address on your network for a DNS server.

2. Setup a DNS server at that IP (BIND, Windows DNS, etc)

3. Manually create a DNS entry for the following domain: oss.shop.wii.com

4. Use: 64.233.187.99 (google.com) for the A record

Now when you fire up the Wii and go to the shop channel you should be sent to google.com instead

(Note: I have a Wii but have not tried this yet, I am at work, but I will as soon as I get out of here)

Mirrors

Mirrordot Links:

This Hacker How to view them

The wii uses a browser to communicate. By emulating this browser with firefox, you can surf the wii shop.
1. Open Firefox
2. Install the User Agent Switcher
The previous tech-recipes on the use of this tool is also killer.
3. Click Tools
4. Click User Agent Switcher
5. Click Options -> Options
6. Click User Agents
7. Click Add
8. Description: wii
9. User Agent: Opera/9.00 (Nintendo Wii; U; ; 1038-58; Wii Shop Channel/1.0; en)
10. Click OK X 2
11. Click Tools again
12. Select User Agent Switcher
13. Select wii
14. Copy and paste one of these links into firefox and visit it:

Main Channel:
http://oss.shop.wii.com/oss/common/vc/W_01.jsp?lan guage=en®ion=USA=US

Surf the Manual!
http://209.67.106.203/en_US/html/manual/USA/startu p.html

My Nintendo Membership Link:
http://oss.shop.wii.com/oss/common/vc/S_02.jsp?lan guage=en®ion=USA=US&=init

Sonic The Hedgehog Page:
http://oss.shop.wii.com/oss/common/vc/B_05.jsp?tit leId=000100014D414845

HTH, Monkeyboi (AC, I'm no karma whore...)

Where's the Opera browser download then?

[assassinator42]

It seems like they have it sort of working. When will they release it? And does this mean we won't be able to use USB keyboards and mice with the browser?

mythtv client

[perler]

i wonder if fullscreen for flash videos is enabled in wiipera. this way i somehow imagine a myth frontend, on the fly encoded by the mythbackend, in the end a tv in the tv..

PAT

VC Question

[whoop]

Can you buy points directly from within the Wii, put in your credit card number and all? Or do you have to hit a store for the points cards and then redeem them on the Wii?

Re:VC Question

[onlysolution]

You can input your credit card info to the Wii Shop, or input the code from the back of the points card to get wii points. 1 Wii point = 1 cent, which means Mario 64 is $10, SNES/Genesis/Turbo Gfx games are $6-8 and NES games are $5(!?)

They'll Just Update It

[ahayes_m]

They'll just update the Wii hardware so that all this will be encrypted.

Re:They'll Just Update It

[sitturat]

They'll just update the Wii hardware so that all this will be encrypted.

No, they'll just update the Wii software so that all this will be encrypted. Much easier.

Re:So how long it takes....

[frakir]

before I can squirt from my Wii too all the white/brown/black zunes on the block?

Games section?

[Daetrin]

So why didn't this article get tagged for the games section? I can see that it's got enough technical detail to warrant being on the front page, but that doesn't mean it shouldn't be part of the games section as well.

Re:Signed code You

[LunarCrisis]

It hasn't for the DS, why do you think you need to flash your DS firmware before it will accept wireless download homebrew? Because the firmware is required to _skip_ the signature check. For the DS at least, it has never been figured out.

You smell that?

[aztektum]

If you're sniffing Wii packets and they smell funny, do you take it to the doctor?

Piss 3

[tepples]

In the UK, wee is the "pet" name for piss.

So what does that make the Piss-3?

Has anyone done this for XBL or Sony's PNP yet?

[AbRASiON]

Serious question, I always wondered about the MS network.

Backup

[jdbartlett]

I've been looking forward to Wii's release for some time, especially Virtual Console. Flicking through the linked manual, I have a couple of concerns. Check this out:

Content downloaded from the Wii Shop Channel is saved within your Wii console memory... If the content you want to download requires more memory blocks than you have available, you will need to manage your content... You can either move memory blocks to an SD card, or you can delete channels or games you no longer need ready access to. If you decide to delete a game or channel, you can always return to the Wii Shop Channel and re-download it at no additional cost.

Content downloaded through the Wii Shop Channel cannot be downloaded directly to an SD card.

Typically, Nintendo has been pretty good about continuing support for legacy equipment, but can they really depended on to support and serve the Wii Shop Channel indefinitely? If I have to depend on them for archives of my games, I need a solid answer to this question: 10 years from now, when Wii is just a distant memory, will I still be able to re-download the copy of Goldeneye 007 I had to delete to make space for Star Fox?

Re:Backup

[Willuknight]

the answer is in your face, use SD cards to archive your games...

Re:Backup

[johndoejersey]

The answer isnt in his face.Content downloaded through the Wii Shop Channel cannot be downloaded directly to an SD card.

Re:Backup

[Willuknight]

yeah, but it says you can transfer the blocks to the SD card *after* its downloaded.

Though this probably won't last for all time, like he seems to be after, but that seems an impossible wish.

Re:Backup

[jdbartlett]

The manual explicitly states that "Content downloaded through the Wii Shop Channel cannot be downloaded directly to an SD card."

Though it mentions transferring blocks to the SD card, it appears to be referring to game saves--not to the games themselves.

Please let me know if my interpretation is incorrect, though!

Apache

[namire]

The Wii shop uses Apache Tomcat/4.1, as see on it's 401 on page here:
http://oss.shop.wii.com/oss/common/vc/NaN

Opera lockin

[arifirefox]

Now isn't this ironic? All this time Opera changes their user agent to look like IE in order to get in sites that would otherwise block it. now we see Opera used to block everything else on Nintendo. Now aren't you glad that it is Firefox and not the closed source Opera that is gaining ground on Microsoft?

Re:Opera lockin

[physicsnick]

Now isn't this ironic? All this time Opera changes their user agent to look like IE in order to get in sites that would otherwise block it. now we see Opera used to block everything else on Nintendo. Now aren't you glad that it is Firefox and not the closed source Opera that is gaining ground on Microsoft?

What are you talking about? The Opera browser included on the Wii doesn't block anything. It just doesn't give you anywhere to type in a URL, which is why you need to use a DNS redirection.

Re:Opera lockin

[arifirefox]

You're right. concede the point

Nice hack, but...

[zeiche]

Do you get to hear that cool music when shopping via Firefox? =)