Wii Uses Elliptic Curve Cryptography For Saves

An anonymous reader writes "A user at the Nintendo-Scene forums just posted a lengthy post about his discovery that the Wii savegame files are signed and encrypted with NIST B 233 bit elliptic curve cryptography. Could this be the first step for a Wii softmod the homebrew community have waited for? From the post: 'It appears a Wii savegame file ends with a certificate chain. The certificates contains a public keypair (the one that is being "certified") and a signature (another number pair) from the signing entity. The number pairs are stored as a compound 60 bit data (first 30 bytes for the first number, and the next 30 bytes for the second). Hence, the first and middle byte is always 00 or 01 for keys, and 00 for signatures. One can check that the keys are indeed NIST B 233 keys using openssls EC_KEY_check_key function (code forthcoming).'"

FRIST PROST!!!

[aichpvee]

Creationists are TWATS!

Re:FRIST PROST!!!

Go play on your Apple, you mouth-breathing freaktard.

Re:FRIST PROST!!!

This kind of thing is why they moved the 'Post Anonymously' checkbox.

Re:FRIST PROST!!!

More like idiots, if you ask me.

Uhh

[Redlazer]

So, this is cool, right?

I assume, without RTFA, that this is a step in the direction for allowing homebrewers to save games on the console.

I confess, despite being an avid Nintendo fan, that I'm irritated at the Apple and Microsoft-like paranoia in keeping people out of their software/hardware.

-Fred

Re:Uhh

you realize Nintendo pretty much predates both of them when it comes to that... right??

being the avid nintendo fan you are... right?!?!?

Re:Uhh

[dohzer]

I assume, without RTFA, that this is a step in the direction for allowing homebrewers to save games on the console. I thought it would just enable them to hack their saved games and give themselves infinite lives/gold/etc.

Re:Uhh

[Redlazer]

Wellllllllllll.....

Sorta. I mean, the whole NES and SNES cart thing was pretty bad. But Atari took the cake for being a dick to their programmers.

But, really, the same basic idea is occuring. And in a way, i don't really blame any of them for it. I dont like it, but in Nintendo's case, they can't control much. Microsoft only does software.

Apple, on the other hand...

Well, in all seriousness, they have such a small marketshare (admittedly growing), that it doesnt matter, yet.

And technically, all the consoles are just as paranoid. As far as I know, Microsoft is way worse for bricking hacked consoles than Nintendo is.

And in a truly terrifying turn of events, Sony doesnt seem to care very much. But, in their case, it means someone actually bought the console.

I guess beggars cant be choosers, eh?

-Red

Re:Uhh

[Edie+O'Teditor]

Me too. Though having read the summary my first thought was: great - only the other 58 bytes to decipher.

Re:Uhh

[Headcase88]

In terms of bricking consoles, Nintendo's a little bit nicer about it. They'll still brick it, but they'll warn you first "hey, if your console is modded, this update's going to brick it, so you might want to abort now".

By the way, with some games refusing to run without updating, this becomes one of those scenarios where if your console is modded, you have to get games illegally to make them work (assuming pirates have found a way to eliminate the code that forces the update).

Re:Uhh

[PhotoBoy]

There is a way to remove updates, it's a small program called Wii Brick Blocker that patches isos. It is rather ironic that Nintendo essentially force people into piracy with their updates...

Re:Uhh

[Volante3192]

Ironic? Only if you've modded your Wii. I've always considered a console in the realm of "no user servicable parts inside." Course, it's not like Nintendo plans to worry about every possible modding configuration available. Rather, they have a set piece of hardware and a set piece of software. Thus, designers know exactly what they have to code for.

Unlike Windows which you can get to install on damn near anything within reason.

I figure modders should get a second, control Wii if you will, that they can fall back on for games.

As much as I'm for tinkering, it's not like Nintendo's really promoting openess on their systems. Why should the modding community expect it? I feel the same way about the XBox and PS3 (although the PS3 not as much; Sony promoted the Linux part quite a bit).

Guess I'm just old fashioned in some ways. I like my consoles too much to tinker with em.

Re:Uhh

[arivanov]

No.

This means that Nintendo has a clue.

It is signing all the data with a certificate. Proper crypto, not DIY snakeoil ala most DRM schemes out there. The only way to break it is to get to the device key.

If they have done is right the key is per device and hardware protected by a crypto module. From there on breaking this at the crypto level is absolutely impossible.

The consequences are actually the opposite to what the clueless editor posted:

1. No chance for homebrew unless someone steals a cert from somewhere and even then Nintendo can simply revoke it using their online service or in a service pack.

2. All communication from the console to a server and back can be signed with strong crypto so no online game cheating.

As far as the elliptic curve cipher choice, this is a common choice for devices with very limited CPU or memory resources. That is what these ciphers are designed for.

All I can say: Applause Nintendo, applause, well done.

Re:Uhh

[pringlis]

'Hacking' save games is just one of the possible uses for this. The most worrying one for Nintendo is that it allows people to write their own code, sign that, fool the console into thinking it's a save game and then look for some program on the Wii which is happy to execute a block of code within a saved game. This can then be used to modify some properties of the console, usually nothing particularly drastic but I'm sure Nintendo don't want to take the risk.

Re:Uhh

Yes because Nintendo forced you to mod your Wii. Oh wait, no you chose to do that so you could play pirated games in the first place.

Re:Uhh

[Bert64]

No matter how efficient the crypto, it still detracts from the end user experience...
If it's software based, then its using some cpu cycles that could otherwise be used for gaming...
If it's hardware based then the cost of the hardware increases to cover it (or other features are removed to reduce costs back)...
Users can no longer edit save games themselves, i often found it very useful to download save games to get past sticking points... And some games stored the saves in plain text, enabling users to make the changes themselves.

All this paranoia about piracy, the wii has already been cracked far enough to play pirated games, but it still won't run homebrew. All the legit users are losing out wether they just want to play legit bought games, or want to run legit homebrew, the only people benefitting are those who want to pirate games.

Re:Uhh

[batkiwi]

This is a save game, not in memory. It now takes 3.4 seconds to load/save instead of the 3.33339 it took without the crypto. Yippie fucking do?

Re:Uhh

[John+Betonschaar]

And why exactly would it be impossible to get the key if it's stored in hardware then? It might be impossible without a modchip, and it might be impossible with some kind of other software exploit to get to the hardware, but it's most definitely 'impossible' at all. The xbox 360 uses a similar encryption/signing mechanism (per-box key stored in the CPU, signed and encrypted kernel and savegames), and people have already found ways to get to it. Either through an exploitable kernel that enables booting linux (if you never updated your console) or through a timing attack on the boot sequence (using hardware modifications). After you have the CPU key the whole security system more or less falls apart, because it allows downgrading the kernel, and (afaik, but I'm not 100% sure) hacking/encrypting/signing modified kernels.

So although the security implemented in these savegames is definitely about as good as it gets for now, it is definitely not impossible to break.

Re:Uhh

[John+Betonschaar]

"but it's most definitely 'impossible' at all" should be "most definitely not impossible at all" ofcourse, my bad...

Re:Uhh

[jamar0303]

Oh, you must be one of those rare EU people that are patient enough to wait for games to come out in your region. Not everyone is as patient; they want to play US/JP versions of games, and modchips allow them to do just that.

Re:Uhh

[Antique+Geekmeister]

No, the most worrying for Nintendo is successful emulators that can run on non-Nintendo hardware. By locking down the savefiles, they retain control over savefiles, and over the ability of emulators to successfully save at all.

Re:Uhh

[Lehk228]

AFAIK there is no deliberate bricking, but rather the update process and/or the newly updated system code can fail due to the presence of mods. Nintendo warns the user of this because they don't want an uproar about them sabotaging consoles if an update kills machines with a relatively common mod chip installed.

Re:Uhh

[PhotoBoy]

Actually no, I do not pirate games. I've been importing video games from the US and Japan since the days of the NES. I said it was ironic because if someone like myself had modded the system for imports and then bricked it, Nintendo would in theory have left them no choice but to pirate games or buy another Wii. Thankfully I have not bricked mine and can run imports without any problems. It simply seems odd to me that Nintendo would do something that would encourage piracy.

Next time try not to automatically assume modding = piracy, because it does not, no matter how much the hardware manufacturers like to say it does. If I could buy a mod chip that enables imports but not pirated games I gladly would. The constant erroneous association of modding with piracy by clueless people such as yourself has become extremely tiresome.

Re:Uhh

[PhotoBoy]

I've been tinkering since the NES days, so it's an old habit now! :)

I do actually have a second control Wii, I mainly use it for VC games, but if Nintendo ever get any decent online going I will be able to use it for that as well.

Re:Uhh

[arivanov]

It depends how well the system is designed and how pervasive is the PKI thoughout it. While it may be possible to introduce a MIM (man in the middle) via an exploit or via a timing attack on boot it may end up being prohibitively difficult.

For example, on a well designed system you cannot get the key, because it never leaves the hardware. As a result you have to intercept all requests to the crypto hardware and all replies. Depending on the implementation this may actually be quite hard. It may be useless as well. For example, if the authentication is based on two-way public key crypto (device to executable/servcie and executable/service to device) and both keys are unique most MIMs have very little chance to succeed. In the Nintendo case due to the limitations of its storage system, this can be done only for games that mandate online connectivity. For its bigger "brothers" from Sony and Microsoft it can be done even for games that do not require online connectivity provided that at least some components are distributed or activated via their network services.

Re:Uhh

Aren't Wii savegames transferable between Wii's? That would indicate that its not per device wouldn't it? Unless its reencrypted during transition which makes that a new weak point.

Re:Uhh

[Walpurgiss]

Yep, it's like the old adage; locks keep honest people honest. Implication being someone with criminal intent to defeat the lock will do so, everyone else is deterred.

Re:Uhh

[billcopc]

The modding community "expects it" because you own the goddamned hardware, it should be yours to tinker in whichever way you like.

When you buy a car, does the dealership forcefully prevent you from using "unapproved" gasoline ? Do they tell you which bumper stickers you're allowed to stick, and where ? Do they come and smash your car with a crowbar if you disobey ?

Re:Uhh

[Splab]

Why does people insist on using it for breaking into the stuff? If you know the cypher and you got the key (it's in there somewhere) you can _create_ stuff that the WII think it has made itself - that way they might be able to get it to do what they want.

Re:Uhh

[Spokehedz]

No console to date has been bricked from an update downloaded from the Internet.

None.

Playing a game from another region, with a modchip that is designed to remove the region HAS bricked the Wii. It's fairly obvious why. Disc sees that your console is not up to date (1.5U =! 1.5E) and then it patches the flash. Since the TV and some other internal things are slightly differnt--you get a nice white paperweight.

Nintendo is simply covering their asses when it comes to the patches with the note about 'unauthorized technical modification'. While Nintendo can tell that a modchip is installed, the haven't gone out of their way to stop them from working. It would be a simple check via the firmware to disable the entire Wii.

The modchips are not really true modchips at all. They are drivechips, which are in the most basic sense, forcing the drive to read copied disks. the games still authenticate with the CPU, they still check to make sure that everything is signed. The drive is just passing the data along--there is no memory locations on the Wii itself being bypassed or altered.

Re:Uhh

[AgentPaper]

When you buy a car, does the dealership forcefully prevent you from using "unapproved" gasoline ?

Actually, some dealers do just that. Mercedes will void your warranty and cancel any service contract you might have with them if you use anything other than premium fuel (91 octane rating or better), and I've heard, but not been able to confirm, that Audi does the same.

Re:Uhh

[jZnat]

You can get 91+ octane gasoline at most if not all gas stations. Hell, if you know how to refine crude oil into said gasoline, you can do it yourself and your car will still work. That's an issue of quality, not brand or some other arbitrary restriction.

Re:Uhh

[KDR_11k]

If the emulator is supposed to do both the encoding and the decoding it could just ignore that part of the code. After all, a per-machine key won't be verified separately by the software without allowing to feed it a fake key.

Re:Uhh

[AgentPaper]

The point isn't that you can make and use your own gasoline, and by extension, the point with modified consoles is not that you can physically open up the case and install the modification. The issue at hand is the conflict between two points of view: that of the hack-minded consumer, who believes that he/she is entitled to do anything he/she pleases to a product that he/she owns, and that of the product manufacturer, who believes that it is entitled to stop hack-minded consumers from using their product in a non-approved manner.

Can you modify your game console - that is, are you physically capable of altering its hardware? Sure! You can make it run imported games, homebrew games, Linux, anything you please. Heck, you can turn it into a motion-sensitive coffeepot if you want. However, the console manufacturer never sold you a motion-sensitive coffeepot, and they are under no obligation to support it if that's what you build out of it. To continue the car analogy, this would be like converting your new gasoline-powered vehicle to run on biodiesel, and then complaining to the dealer when it won't run on gasoline anymore. You're completely within your rights to do that, but the carmaker is also within its rights to make you support it yourself by taking away your warranty.

Re:Uhh

[Antique+Geekmeister]

Are you under the impression that the emulator can wave a magic wand and have the commercial game software not do the savegame verification? That seems incredibly unlikely, if any components of the savegame authentication are built into the game software itself.

Re:Uhh

[sjames]

I've always considered a console in the realm of "no user servicable parts inside."

He who owns it gets to modify it. It's one thing to refuse warranty service on hacked hardware, it's another entirely to deliberatly break it. If they want to keep modded boxes off of network games run from their servers, that's fine since it's their service and servers.

If as some say it's really just a possability that an end user mod may incidentally interact badly with a belssed update, that's just the cost of modifying something. It's important to distinguish between deliberate bricking and unfortunate consequences.

Personally, I think consumer products should be made as hackable as possible without driving up costs unreasonably. The most inexcusable tactic is to implementr cost increasing anti-hacking measures (and plenty of products do just that).

For example, the Wii could willingly load save files that are unsigned, but possably refuse to allow those for online games, or even allow them only if all players involved agree.

It's not a big stretch at all to consider anti-modification tactics to be an illegal interferance with ownership (though the courts haven't understood or validated that arguement for electronics to date). For a real-world example, if I offer to sell you a house, but then send you a "lifetime use so long as you don't put up wallpaper" agreement instead of the title, I have comitted fraud and a court will either force a transfer of title or require a return of the payment.

For another, If I buy a lawnmower, I have an absolute right to modify it in absolutely any way I see fit. I have the right to hire a machinist to help me and he has the right to accept my offer of employment. I can even disable every safety and cut away most of the deck if I'm stupid enough to want that. The manufacturer will not have any standing to sue me for my new "kill mower". Any legal liability I might have would come from people I actually endanger with it, if any. If I only use it myself on my own property with nobody (or their property) in range of flying parts I have no legal worries (but I'd still be a darwin waiting to happen). Why should any other consumer hardware be any different? At least a hacked X-box or Wii won't kill anyone.

On a related note, there is no reason at all that most hardware couldn't include a JTAG and/or LPC header to allow easy recovery from a an reflash gone wrong. They SHOULD provide thaat, but failing to do so is nowhere near as offensive as active anti-hacking.

Re:Uhh

[ravenshrike]

Actually, the proper car analogy would be, you convert your car to biodiesel and the next time you take it in for maintanence they yank the engine and give the rest of the car back to you.

Re:Uhh

[tomstdenis]

Arrg I was gonna mod in this thread but I have to reply ...

Sure, you are free to mod your Wii, but they don't have to support it, and you don't have to run updates (just don't bitch when future games don't run). Nintendo sold you a Wii, they intend to support the Wii. If you mess it up, it's your OWN DAMN FAULT.

It's like if I remove the front left tire from my car, then bitch that Ford won't service it under warranty because I should be free to do whatever I want to my care.

Simple fact is, if you mod your console hardware you run the chance of being shutout of future gaming. Which is why you just don't mod it, or you buy two and have one for games which won't run modded.

Re:Uhh

[sjames]

Actually I agree with that UNLESS an update is released with the intent of bricking modified units (I'm not saying Nintendo has or has not done that, I don't know). There's a world of difference between an intentional act of sabotage and a modder-caused incompatibility.

The rest of my comment was similarly directed to the important difference between not supporting mods (perfectly OK) vs. actively defeating them (not OK).

Re:Uhh

[tomstdenis]

I'd like to think the ideal situation is not to alienate users, even those who aren't buying as many [any] games. They're not microsoft after all.

And given the track record with the GBA/DS so far they're not really causing a fuss.

Re:Uhh

[Laurence0]

I was wondering the same actually! Wii games /are/ transferrable between Wiis. I've done it myself (specifically to get all the Rabbids games unlocked on someone else's console).

Re:Uhh

[Swift(void)]

The GP

As much as I'm for tinkering, it's not like Nintendo's really promoting openess on their systems. Why should the modding community expect it? I feel the same way about the XBox and PS3 (although the PS3 not as much; Sony promoted the Linux part quite a bit).

The P

The modding community "expects it" because you own the goddamned hardware, it should be yours to tinker in whichever way you like.

You expect Nintendo so support and promote homebrew tinkering to the Wii just because you own the hardware? What sort of mind bending justification is that? They are under no obligation to support any changes to their hardware. You tinker, you void your warrenty and therefore any and all support from Nintendo.

Go ahead and have a blast tinkering, but expecting Nintendo to give you the thumbs up and still support you is idiotic.

Re:Uhh

The problem is that there are enough people playing pirated games to warrant Nintendo's reluctance to support (or "help") the modding community. You're playing imported games, but probably the other 9 out of 10 people are playing burned games illegally.

Re:Uhh

[billcopc]

I don't expect support from Nintendo, but I do expect them to not destroy the console.

Voiding the warranty just means they won't help me if/when I break it. It doesn't mean they have a right to send a kill signal over the wire and brick my legally-acquired equipment, just because I took a screwdriver to it.

When's the last time someone from Ford showed up to blow up your car, because you installed an aftermarket stereo ?

Thus Tyrants are Born.

Such hate creates oppression and violence. I recommend you show love by letting others live. I'm and Xian, and don't speak of others in such a manner.

Re:Thus Tyrants are Born.

I recommend you show love by letting others live.

It's not a question of letting others live. Many creationists want it taught as science, which it most clearly is not.

Re:Thus Tyrants are Born.

[Yahweh+Doesn't+Exist]

>I recommend you show love by letting others live.

it would be nice if your god would do the same.

I don't care about whether you use swear words or not, but if you believe that the world was created by a powerful being that discriminates between the "worthiness" of people on the basis of their sex, sexuality, skin colour, not chopping off foreskin, sex before marriage, etc etc or any other personal matter then you are being far more insulting than if you had simply said "fuck off you cunt".

creationists spread many very offensive ideas themselves, even if they use "pollite" words to phrase it.

but while christian and other religious prejudices are annoyingly stupid, I don't believe people have a right to not be offended.

Re:Thus Tyrants are Born.

[toriver]

Creationism is the amusing theory that the stories of a nomadic desert people hold more truth than scientific discoveries made 4000 years later. Creationists aren't that much of a nuisance though, since they do not have any more computers than the Israelites did.

Re:Thus Tyrants are Born.

Such beliefs creates oppression and violence. I recommend you show love by slitting your wrists so we will be one step closer to eliminating religion from this planet and acheiving utopia.

Elliptic Curve?

[underpenguin]

Well, I'll just dig out my uplink disk....I think I have an elliptic code breaker in there somewhere

Re:Elliptic Curve?

[__aaclcg7560]

I think I still have an elliptic code breaker written in logo from my Apple ][ days. :P

Re:Elliptic Curve?

[bbcisdabomb]

Yeah, but it's pretty useless without a HUGE bounce path or a couple 200ghz processors. You got any?

Re:Elliptic Curve?

I have a pair of 2 Gigahertz ones. (Sort of) If anybody has another 98 of them we can probably work something out.

Re:Elliptic Curve?

[the_digitalmouse]

i briefly read this as 'epileptic cryptography', and wondered how they filtered out noise during a seizure when capturing randomly uttered letters/pass-phrases from the afflicted for use as a one-way hash?

Re:Elliptic Curve?

[mwvdlee]

I hope your uplink disk isn't a circular one, since only elliptical will work.

Re:Elliptic Curve?

[Kubnektar]

Hmm... Porobably, that's grate!

More important than homebrew potential

[iamacat]

Is the question why your personal device keeps secrets from you. It's your savegames. You should be able to modify them as you wish. Yet another case of a company treating customers like criminals.

Re:More important than homebrew potential

[Eddi3]

Not criminals. Cheaters. They're keeping gameplay fair.

Re:More important than homebrew potential

[farkus888]

it would seem this way on the surface. but the potential for online games on the wii[see mario strikers charged or big brain academy wii degree for early efforts] means cheats for extra gold coins or whatever could have a negative affect on me. personally I am not interested in hacking my saves and would like to know people I am playing against online are not cheating, so this is something I would request. in my mind as a regular player [I own a wii console four full controllers 2 classic controllers and about 13 games, that makes me a big buyer for them compared to most] I feel that they have done me a service by trying to keep online gaming fair and I've not had anything I wanted to do on my wii hindered by this. just something to keep in mind.

for reference I am a linux user and took time out of writing a shell script for a solaris machine at work to write this response. normally your mentality is how I think but this time it doesn't stand up to a little critical thinking from the perspective of a fairly heavily vested party. [I don't know anyone who has spent more towards wii, games, and controllers than I have. though I am sure some /.er will outrank me here]

Re:More important than homebrew potential

Slashdot puts passwords on its user accounts.

Just another case of Slashdot treating its visitors like criminals.

Re:More important than homebrew potential

[Josef+Meixner]

No, I think there is a much more mundane reason. In the past some of the consoles were broken with manipulated save games, the games didn't properly check the data and so opened a hole. I would guess Nintendo didn't want to take that chance and so added an API which sits between the game and the saved data. As the saved data could be verified for being originally written by the game before the game would even get a chance to have a look at it, it means it is much harder to attack code not written by Nintendo to be exploited.

Disclaimer: I have never seen the API of a game console, this is only a wild guess.

Re:More important than homebrew potential

[nicolastheadept]

I think it means encryption for virtual console games etc.

Re:More important than homebrew potential

[pembo13]

I don't really see a good argument for anyone to modify saved games. There is zero benefit to the end user, unlike DRM on music. If the encryption disallowed use of the saved game, that would be problematic, but if it disallows mods of the saved game, that makes sense. Think modding your saved game to make you a level 10 player, not very nice if this game has to go online.

Re:More important than homebrew potential

No the point is that if you can ditz with the "save game" then you can "cheat". You could distribute them (allowing people to "skip" actually playing the game to see stuff) or "level up" characters to your advantage in multiplayer games. As a player of these games I don't like cheating - you want a level playing field. So do I think Nintendo should protect these files? YES! Do I think they can? Sadly... no.

Re:More important than homebrew potential

[Drantin]

What? Having a Japanese and American Wii, 4 controllers, 3 nunchucks, 3 classic controllers and 15 games isn't normal?

Re:More important than homebrew potential

[farkus888]

no its not, why the fuck haven't you bought the fourth nunchuck yet?

Re:More important than homebrew potential

[Malevolyn]

Somewhere in this array of comments everyone forgot to mention that 99% of the time, online-based games store all user data on the server's end, not the client's end. And so you can hack, hack, hack the day away and the game's server will stop you dead in your tracks.

Re:More important than homebrew potential

I am not interested in hacking my saves and would like to know people I am playing against online are not cheating, so this is something I would request But the point is, it never works. Anti-cheat protection always gets broken. I've personally made bots for every Unreal engine since UT99. It's only a deterrence for less intelligent cheaters and barely that. If you want to cheat at a game there's always a way. It's an exercise in futility to try to stop it.

Another problem is that anti-cheat protection makes developers lazy. Online games typically follow the server-client model and as such, any important calculations that need to be tamper-proof should be done on the server. Unfortunately you've got one of the most popular MMO games, MapleStory, that actually depends on the client to detect if the player has been hit by a monster. They rely on anti-cheat protection to keep a player from bypassing all hit detections and obtaining God mode. The problem is, they've already lost. Their code will never be bullet proof as long as I control the hardware.

Re:More important than homebrew potential

[Bert64]

Modding save games has very little to do with online play... Typically for an online game, your "save game" will be stored on the server so you can't edit it anyway.
Editing single player save games would have no effect on online play...
To prevent cheating with online games, you want to prevent modification of the game data itself, and modification of the network traffic. However this all gives a false sense of security, because people will still always find a way to cheat.

Re:More important than homebrew potential

[LordVader717]

Only for Online-only play. Say a player collects rewards while playing offline, and the developers want to enable him to take them online.
One example that springs to mind is the online Pokémon trading in Pearl/Diamond, where many Pokémon are cheated, which kind of kills the point of it all.

Re:More important than homebrew potential

[TheRaven64]

Diablo II had this kind of ability; you could use characters online and offline. As I recall, there was also a mode where you could only use a character online but I never used it. Unlike the Wii, this was important since it supported LAN play as well as Internet play, so a group of friends could get together and solve some of the quests together. Since the game was mainly cooperative, rather than competitive, it didn't affect the play for other people much.

If the only two options are offline and Internet play, then you can do some things to reduce the effects of cheating. For example, you can require that a character for online play be created online, and then played offline. This ensures that the server always has an old copy of the save game file for the character. It can then compare the old and new, and see if it is reasonable for the character to have acquired all of the things it did in the intervening period. Some simple validation of this nature won't stop all cheaters, but it will stop cheaters from getting huge advantages.

Re:More important than homebrew potential

[Kongming]

"Diablo II had this kind of ability; you could use characters online and offline."

Um... I'm afraid that Diablo II has no such feature. You can have eight characters on your computer and eight on the server, and they cannot mix. Incidentally, allowing the use of local characters on official servers would have really messed with the economy given the ability to modify savegame files. (You would have had people in chat offering "FREE SOJs in game freefreefree!!!" without it being just another troll.)

Re:More important than homebrew potential

I know that you know that there is a shift key on the keyboard, because I can see that you use it, you arrogant twat!

Re:More important than homebrew potential

[jandrese]

Yeah, I don't know how many times my Wii online play has been ruined by cheaters thus far...

Re:More important than homebrew potential

[TheRaven64]

Um... I'm afraid that Diablo II has no such feature. You can have eight characters on your computer and eight on the server, and they cannot mix. Interesting. I frequently used the same characters in LAN games as in single player mode. I just fired up the game on a couple of machines, and it still seems to work. The only down side is that you lose the mapping information in any areas you visit. The map is dynamically generated on the server each time the game is launched, and so if you take a single player character in to a network game their map is reset.

Re:More important than homebrew potential

[Burpmaster]

It DOES have this feature. How could you miss it?

They have both 'open' and 'closed' servers. The 'open' servers accept characters stored on your computer, and have no protection from hacked saves, but they are good for playing with friends who you know aren't cheating.

On 'closed' servers, your characters are created on their server and can only be played online.

Re:More important than homebrew potential

[Glyphstream]

The offline character could only be used in LAN games. Online characters were unique to the Blizzard servers and not usable offline, specifically because of the problems involved with using character editors and the like to make your characters godly beyond what was even possible by normal means.

Re:More important than homebrew potential

Not useful?

I for one would love to take my save for some of my Virtual Console games and replace the entire data with another game save I downloaded, the downloaded save being in RAW format and not from an Virtual Console game.

Re:More important than homebrew potential

[Krakhan]

I believe you have playing multiplayer games with Battle.net and LAN confused.

Whenever you make characters for single player and LAN or TCP/IP games, any 'open server' will accept them.

However, when you use the Battle.net servers, in addition to an account, the characters are stored on the server side. That's referred to as a 'closed server', since you can only play as characters you made on there, and they are stored on the server side.

Blizzard did say they were going to put in a feature where you could export your battle.net characters so you have a copy locally, but only one way. Mainly, so you couldn't upload a hacked character to the battle.net servers.

Re:More important than homebrew potential

[iamacat]

slashdot prevents users from applying a CSS filter to their personal copy of their discussion pages to block annoying comments from anonymous coward. Just another case of slashdot treating its visitors like criminals.

Re:More important than homebrew potential

[iamacat]

As a "player of these games", is it any business of yours how I play my copy of the game and weather I see stuff without going through a particular level? Online games are a different matter and it would be Ok if online savegames were signed by the server.

Re:More important than homebrew potential

[PitaBred]

Yeah, you're right. Game developers will never win as long as there are douchebags like you who want to ruin the fun of the game for everyone who isn't cheating.

Re:More important than homebrew potential

Because, of course, the Wii will never have cheating attempts in online play and there's absolutely no reason to plan for it from the start rather than try to slap something on later.

Re:More important than homebrew potential

[SplatMan_DK]

Slashdot puts passwords on its user accounts.

Just another case of Slashdot treating its visitors like criminals.
Worse yet: Slashdot probably encrypts that password before storing it in their database!!! The bastards!!!

Yes. I agree. They are no better than the RIAA. Death to all websites who use passwords and enrypt them before storing them. We want freedom for all!

Btw, what is the username for your PayPal account?

Re:More important than homebrew potential

[Eddi3]

And why do you think that is?

Re:More important than homebrew potential

You have the right concept, but its hardly bulletproof :) The xbox used signatures to sign each of their save games and that did not stop determined people from figuring out how to resign games. Heck, the Xbox Bios had a couple weak attempts at signing the bios and we all know how wide open that got broken.

Save signing is to stop casual modifications, and to allow publishers to do things like lock a save to a particular console.

WTF?

Why is it that we live in a world where our console gamesaves are protected more aggressively than our bank accounts and our identities combined?

Re:WTF?

[__aaclcg7560]

Without encrypted gamesaves, the global economy will collapse and basement gamers will be out on the streets panhandling for money.

Re:WTF?

[Yvanhoe]

Or our votes....

Re:WTF?

[noidentity]

The governments of the world don't need easy access to your game saves, apparently.

Re:WTF?

[adamofgreyskull]

And you thought homeless people smelt bad now?

Re:WTF?

[iamthetru7h]

^ This.

Re:WTF?

[Skrapion]

Legacy.

Re:WTF?

[suv4x4]

Why is it that we live in a world where our console gamesaves are protected more aggressively than our bank accounts and our identities combined?

Reason 1:

Because the manufacturer of a hardware/software product has more expertize in data protection and encryption than a bank owner does.

Reason 2:

In the first case, the vendor tries to protect itself and his assets. The incentive is strong.
In the second case, the vendor is supposed to protect their customers. The incentive is weaker.

---------

That said, I want to hear a single case where the modern browser encryption was directly exploited on someone's bank account. No examples, right? Right.

Re:WTF?

[harlows_monkeys]

Because if someone steals from your bank account, that is a crime, and there is a mechanism to punish them.

If, however, someone cheats with a gamesave, there is no official mechanism to deal with them, and so people would have to turn to vigilante justice to track down and deal with cheaters. That would be bad. Very bad. First, it would start out with roving gangs of gamers, seeking out and punishing the transgressors. Some might see them as heroes, but it would not last. Disagreements would arise over what is cheating, and what is acceptable modding.

This would finally lead to civil war, as the gaming world splits into two (or more!) factions fighting it out. As the gaming world goes, so goes civilization itself, and the new dark ages would be upon us.

Until the government gets off its ass and outlaws fiddling with gamesaves, all we have standing between us and the apocalypse are the game companies, and their gamesave cryptography.

Re:WTF?

[britneys+9th+husband]

If a gamesave is not protected, a multinational corporation might fall one cent short on its earnings next quarter. If a bank account or identity is not protected, a person might spend the rest of their life trying to set things straight while their ability to get credit, rent an apartment, get a job, get health insurance, or buy a home is destroyed.

Clearly, our society has spoken as to which of these things is more important to prevent.

Re:WTF?

[vmfedor]

That sounds like it would be a great MMO!

Re:WTF?

[sqldr]

Reason 3:

If the game save is encrypted, then the computer can check it's not been tampered with, and thus protect itself from buffer overflows in the data. Most of the copyright cracks on PS2 and Xbox were carried out by loading up bogus saved games.

They're protecting themselves.

Re:WTF?

[GeckoX]

Sounds more like a bad rockstar game ;)

It seems to me...

[PipianJ]

That this likely means the exact opposite. Elliptic Curve Cryptography is relatively difficult to crack (not unlike RSA). More to the point, it's also not liable to factorization attacks like RSA is. Furthermore, the best crack of elliptic curve technology is of a 109-bit key, and still took 3,600 or 15,000 computer-years (whether it's a binary or prime field case, respectively).

Nintendo's not stupid. They've used RSA encryption to keep the average hacker out of DS-wireless homebrew, and this is most likely a mandated response to the Splinter Cell hack that allowed soft modding on the Xbox. It won't stop hacking through security holes in the internet protocols (a-la PSO+BBA), but they're certainly making efforts to prevent corrupted data from opening up softmod paths.

Re:It seems to me...

I'm not sure what you're getting at when you say ECC isn't liable to factorization attacks. Its certainly more difficult to compute discrete logs in an elliptic curve group than it is to factor an RSA modulus. That's why it takes a 2048 bit RSA key to have roughly the same security strength as a 233 bit ECC key.

But, particularly because of the recent confusion regarding ECC's resistance to quantum computing (that is, that it has none), I want to make sure people realize ECC isn't any stronger than RSA. Sure, you get shorter keys and faster computations with ECC versus RSA, but for all practical purposes if/when RSA falls, ECC will go down with it. Factorization algorithms usually lead to discrete log algorithms, and vice versa. That's certainly the case with Shor's algorithm, which probably should have been made clear when the quantum computing article was posted.

Re:It seems to me...

[tpwch]

Yes, but they don't have to break it, they just have to find the public key. It must be stored somewhere on the wii, so it can do the encryption of the saves. They were able to find the keys for blu-ray and hd-dvd, so why not here?

Re:It seems to me...

[numatrix]

This is an important point. I'm no really sure what the GP means. In fact, long ago when I actually understood a very tiny bit about how these things worked I asked a similar question on sci.crypt and got the following responses:

http://groups.google.com/group/sci.crypt/browse_thread/thread/d096e5e93192f176/6e0e62f174f8a9e3

Re:It seems to me...

[Watson+Ladd]

Discreet log algorithms are different depending on the group they are in. Braid group algorithms, for example, are almost polynomial time, while in $\mathbb{Z}/m\mathbb{Z}$ the best known algorithms are exponential in complexity.

Mod parent troll

[VirusEqualsVeryYes]

Yet another case of a company treating customers like criminals.

What? Are you an idiot? How in hell does this treat customers like criminals?

Perhaps you don't understand why most /.ers think the RIAA treat their customers like criminals. The RIAA use DRM to restrict users such that their Fair Use rights are impeded. Further, they explain their actions away by claiming to thwart piracy. Further, they sue their customers with no initial proof that the defendant did anything illegal, and instead abuse the courts and demand to invade their property in order to then determine any wrongdoing. And further, they do all this solely for their own profit and not for the profit of the licensed musicians.

Nintendo does none of this. They encrypt savefiles. So what? This does not impede on your right to do anything. You can play any given game on as many Wiis as you wish. Nintendo is also not suing people to force hackers to halt breaking their savefile encryption. Game developers generally don't want players artificially advancing within games. Perhaps there are statistics stored within the savefile used online. Whatever's in the savefile is up to the game devs, and Nintendo is simply hiding that.

In other words, Nintendo is completely within their rights to encrypt savefiles. In turn, AFAIK, you are completely within your rights to attempt to break that encryption. And in turn again, Nintendo is completely within their rights to push out any updates to change or otherwise enforce their encryption. It's really that simple.

Re:Mod parent troll

HAHA, and your calling the OP an idiot. "you are completely within your rights to attempt to break that encryption"

no your not last i checked circumventing encryption was illegal in 1/2 a dozen countries.

why do you freaking nerds have to defend nintendo all the time? they aren't going to love you back you know.

Re:Mod parent troll

[farkus888]

I think they absolutely love us. the kind of money they are making on those of us who play their games is more than enough to get us past the "no kissing on the lips" rule. I am by no means a nintendo fanboy, I haven't even played video games consistently for almost 7 years. I am speaking their praises because they built a system that is cool enough to play to get me back in to gaming. I know there are some crazy nintendo is always right people but don't discredit everyone who sings the wii's praises. and yeah I know you weren't speaking directly to me.

Re:Mod parent troll

[Malevolyn]

The DMCA may have made that illegal, but the DMCA also makes the mod10 algo illegal because you have to reverse engineer a credit card number to verify it. In short, no one is really going to care if the Wii's save files get decrypted. And that includes Nintendo.

Re:Mod parent troll

[WarwickRyan]

He's wrong, not a troll. Unfortunately you can't mod posts 'wrong'.

Re:Mod parent troll

[LordVader717]

Wrong. The DMCA and co. are about copy-prevention systems, and this is not the case. And I would be very sceptical whether a developer has any copyrights to a save file at all.

Re:Mod parent troll

[iamacat]

Nintendo does none of this. They encrypt savefiles. So what? This does not impede on your right to do anything. You can play any given game on as many Wiis as you wish. Nintendo is also not suing people to force hackers to halt breaking their savefile encryption. Game developers generally don't want players artificially advancing within games.

You are from a generation that forgot about actual property rights, despite extensive brainwashing about intellectual property. The game console, the game disk and the memory stick are MINE. Personally, I find at least one area in each game that I don't enjoy playing through due to repetitive tasks, boring scenario or requirement for teenager reflexes. There is nothing wrong with using a device like GameShark to "teleport" me beyond the area or give me a BFG to get through it efficiently. Most PC games have an engine console that allows as much and is appropriately blocked in online mode. I don't care what developers want to do with my personal property. If they actually purposely interfere with my full use of it, they should be arrested for trespassing.

Now, if I connect to an online server, I am using other people's property. I guess it would be Ok if games were signed and not encrypted and the signature would be verified for any use in online mode, including transmitting the statistics or using bonus characters.

Re:Mod parent troll

[Krakhan]

Game developers generally don't want players artificially advancing within games.

Actually, I seem to remember Nintendo suing Galoob in the early 90s over this with the Game Genie device that essentially just wrote to areas in memories to modify the game. Of course, they claimed that usage of it created derivative works, but thankfully the judge had sense to realize it did not, and a person enjoying the game as otherwise that may seemed fit would be fair use. Hence, why do you think stuff like Game Sharks and the like are still around for all the major consoles? Wikipedia article for more of the details.

Another big thing that came out of that case I found is why should game developers care about how a user of their game enjoys it in a single player environment though? It seems in that case, for single player games at least, that the devs just have more of a chip on their shoulder.

Re:Mod parent troll

[blahplusplus]

"This does not impede on your right to do anything."

Actually it does. The Wii allows removable flash memory storage for save games so you could technically edit save files on your PC with tools made by others to give you an advantage in single player games, plus lots of people just like to screw around and see what crazy kinds of things the can get the game to do.

Witness Warhog jumping is an example of us screwing around -- http://www.youtube.com/watch?v=2Kg52_2XVtI

And since technically as a consumer the Wii is a product (not a service) we have rights to own and modify our own save files. While you may think I am splitting hairs, I assure you that in the last PS2 / Gamecube / Xbox generation I hated the fact that I could not edit my save files or mod the save-data... especially when this game to games like F-Zero which would have had cool (even if small) modding opportunities.

Translation

"homebrew community"

aka

videogame pirating community

Re:Translation

[BarneyL]

"homebrew community" aka videogame pirating community

The parent may have been flamebait but has a point.
Nintendo is pulling in a lot of money by selling emulated games for the Wii.
Some of the most common homebrew put on to consoles is of course emulators. The ability for example to put a SNES emulator and every SNES ROM ever on a 1Gb SD card could cost Nintendo a lot in lost sales.

Re:Translation

I see the game business shills have been out in full force lately.

Great, now about the next step.

[Neuticle]

(Assuming that this discovery allows people to write new, arbitrary yet signed data into a save file on a SD card that the Wii will recognize as a "valid" save)

The next step will be to search for an exploit in the console or in a game that allows execution of that data. The final step is to figure out how to get that newly loaded code to do something useful. I know this has been done before, but I'm under the impression that the exploit (in a 007 game) was found by chance. After that lucky break, the code-something-useful part came very fast.

Is there any way to search for such an exploit other than brute force testing of games? Are there things to look for that normal players might see, or do you have to just try to execute code over and over and over in various situations, hoping to find a hole? In short, how can I, a non-programmer, help?

I have hundreds of SNES and NES carts. I would love to be able to run those games on the Wii without having to buy them a second time or wait for N to trickle them out. Now if I can just hack together some Wii wireless SNES and NES pads, I'll be in heaven.

Re:Great, now about the next step.

[Bert64]

I have a compilation DVD that runs on a modded gamecube or wii, it includes an emulator and a whole heap of NES/SNES (and sega consoles) rom files... I believe there's an xbox version of this DVD too. You could use that, and if you really feel bad about piracy just play the games where you also posess the physical cart.

Re:Great, now about the next step.

[gl4ss]

a new mod is needed for the new wii consoles that are in shops now, as they use a newer version of the drive chip that is what was the attack route before with wii modchips(no chip works on gc2-d2c chip, as apparently the legs are not connected inside the chip, so the currently thought of workaround is afaik to replace the entire chip, which takes a little more of soldering experience than normal modding).

with older wii's you can use very cheap modchips(wiikey clones are under ten bucks a piece)..

so a softmod attack would be very welcome.

Re:Great, now about the next step.

[Donniedarkness]

Regarding the part about the wireless SNES controller:

Have you seen Nintendo's "Classic controller" that they offer (primarily for the virtual console games)? It looks a little odd, but after you start using it, you'll realize that it's really an SNES controller with some analog sticks thrown on at the bottom (and two extra "shoulder" buttons). Also, it plugs into the wii-remote, so I consider it semi-wireless.

Anyways, definately my favourite controller ever, so you should give it a try, if you haven't yet.

Re:Great, now about the next step.

[Shabadage]

Those two little Bean buttons on the top are surprisingly comfortable. I just wish the analogs would click in. But I think N has just assured that the next genny consoles will have 8 shoulder buttons with those ZL and ZR buttons (We've needed more should buttons for a while now).

Re:Great, now about the next step.

[JonXP]

Oh please no, "clicky" analog sticks are one of the worst human interface designs ever... It's so easy to hit them by accident, or even worse, never realize they're even there.

Re:Great, now about the next step.

[Neuticle]

I've tried it, and it's pretty darn good, but I like my classic games on the period controllers they were designed for. I've maintained a stable of NES, SNES, Genesis and 64 controllers, and repaired more than a few rather than buy some 3rd party replacement. Anything broken beyond easy fix would be a perfect fit to turn into a Bluetooth wireless.

As an extra bonus, they could also be used on a PC with emulators (if I'm remembering correctly)

I know the NES, SNES and Genesis controllers were done, but do you know if anyone has hacked a 64 controller to interface with the Wii yet?

Re:Great, now about the next step.

[Neuticle]

Amen.

In my experience, you have to return the joystick close to center to click reliably, which is asinine, and the tactile response is poor and uneven.

What makes it worse is the way they are implemented. I hate it when a game requires a click in a context where you are already using the joystick for aiming or movement (Like zooming in). The only worse sin is when a click makes you do something you really don't want to do, like lie down.
I've curse over that one a few times.

I would have added buttons on the grips for the ring fingers before clicky sticks.

I for one dont have a problem with this

[kongit]

While encrypting the save files saved on the hard drive might seem like a logical step to keep people from cheating I don't think it will have much effect. I don't believe that cheating on games that you play by yourself or with friends on the same system (opening up maps for the multi player when you don't have any urge to play the solo game all the way through for one example) is in anyway wrong. However if the save file on the Wii effects online play versus people you don't know then well we have a problem. BUT I am sure that Nintendo doesn't do that since to do that would definitely make online playing a joke when the save files get hacked, and they will get hacked.

Additionally those that would of hacked the save files to install mods are not a majority of players on any system. Most people who own a console do not have the skill set or urge to install mods. While encrypting the save files will slow down the hackers it will most likely not stop them, so unless Nintendo did something stupid and made the Save files have full authority over online play encrypting the save files with elaborate means is just a waste of the players time as the games have to take longer to save.

Re:I for one dont have a problem with this

[mwvdlee]

As has been stated elsewhere, the main reason is that hackable save games could allow execution of save-game data if manipulated the right way, thus potentially allowing to hack the Wii itself.

PS

[Neuticle]

I know I made a big assumption* in the parent post, but I wanted to ask the question about the second step, if we ever get there.

It's just too bad that there isn't some way to compromise to allow a Wii "sandbox" to play around and develop in without allowing full fledged piracy. Maybe a modified (i.e. slightly crippled to prevent full piracy) Wii dev-kit open to all for a reasonable cost?

Just throwing the idea out there

*I know getting past the encryption will be no easy task, and may not be feasible at all with current technology. IANACR (I am not a cryptology researcher) but I know that elliptic curve encryption is pretty strong stuff, and 300+ bit key is pretty big.

Re:PS

[tepples]

It's just too bad that there isn't some way to compromise to allow a Wii "sandbox" to play around and develop in without allowing full fledged piracy. It's called a PC with a Bluetooth adapter.

Re:PS

[FigTree]

Which runs on entirely different hardware... Console programming can get fairly low level and having the experience of working with the hardware as opposed to APIs can be a good experience for those who want it. Look at devkitARM for instance.

Re:PS

[tepples]

Console programming can get fairly low level and having the experience of working with the hardware as opposed to APIs can be a good experience for those who want it. Look at devkitARM for instance. And devkitPPC. Buy a GameCube, a boot disc, and an SD card; then you can experiment in an environment quite similar to that of the Wii. I was just confused as to whether Neuticle wanted to develop for the Wii for the sake of developing for a console, or whether (s)he wanted to develop for a system that uses its controller. Both a PC + Wii Remote and a GameCube + boot disc qualify as Neuticle's "modified (i.e. slightly crippled to prevent full piracy) Wii dev-kit", but in different ways.

Re:PS

[Neuticle]

Like I said, I'm not a programmer, but I do enjoy playing around with homebrew stuff.

As for the Gamecube, you wouldn't have the Wii remote at all (unless there is some interface I'm not aware of). That pretty much kills it if you want to play around with Wii remotes.

For the PC: has the sensor bar been successfully interfaced? If not then the interface is still broken. Even then, you could have a lot of fun messing around with a Wii remote and Bluetooth PC. But you're tied to a PC, and it's my understanding that NOT being on a PC is the attraction to homebrew for some people.

PS, I'm a dude. The name has a long and stupid history, funny mostly to those who were there at the time. Think "Ode to the Nut-shot"

Re:PS

[catprog]

The senser bar is actually a bunch of IR LED's. I don't know whether they can get the data of the wiimote for position though but I think they can.

Re:PS

[Floritard]

IANACR (I am not a cryptology researcher) Alright that's the last straw. What is this fascination with IANA* acronyms? It's useless to create an acronym for something if you always have to list the words that comprise it directly after, and it's highly unlikely anyone will adopt your new acronym to the point of making it ubiquitous enough to no longer warrant the explanation. Is there some secret club I'm unaware of where people meet and share experiences of not being something? If you're going to use the IANA*, then be a man and refuse to list the meaning upon peril of incoherency!

Re:PS

Take a rage dump man, it's just a Slashdot meme.

The ridiculousness of the acronyms is what makes it funny.

While it is not liable to factorization attacks

[S3D]

It is still liable to disassembly attack. If elliptic curve used is sect233r1, as poster assume, that could be useful information for disassembly. If wii use OpenSSL that fact could be even more useful.

what will we do with out it!

[kaizokuace]

What will all the hacker and code breaker types do with their time if all companies stop encrypting stuff?

Re:what will we do with out it!

Maybe they'll start hacking the Linux pocket protectors worn by fellow hackers, while pimping their own with the latest crypto protocols and firewalls?

It's just like Demolition Man...

[Tim+Browse]

...where the police are looking for a violent killer, and then their surveillance locates him, and they all breathe a sigh of relief, as they assume that's the hard part done - all they have to do now is arrest him.

I can't help thinking that there's a wee bit more work to do than just find out what encryption method is being used.

Then again, maybe your average slashdotter thinks that 'breaking encryption' is as easy as 'guessing the algorithm used' :-).

Re:It's just like Demolition Man...

[Poromenos1]

I don't know about the average slashdotter, but this editor probably seems to be "oh, it's just encryption; I'll reverse it and be home for lunch" school of thought.

Re:It's just like Demolition Man...

[forkazoo]

...where the police are looking for a violent killer, and then their surveillance locates him, and they all breathe a sigh of relief, as they assume that's the hard part done - all they have to do now is arrest him.

I can't help thinking that there's a wee bit more work to do than just find out what encryption method is being used.

Then again, maybe your average slashdotter thinks that 'breaking encryption' is as easy as 'guessing the algorithm used' :-).

Well, sure, it'll be none trivial to get a key. OTOH, there are a lot of Wii owners with an interest in finding it, so it might not be infeasible to imagine a distributed computing project with many thousands of nodes cranking away for a year.

Re:It's just like Demolition Man...

[Tim+Browse]

. OTOH, there are a lot of Wii owners with an interest in finding it, so it might not be infeasible to imagine a distributed computing project with many thousands of nodes cranking away for a year.

I don't want to worry you, but there's a possibility that cryptographers have thought of that.

For example:

the Xbox uses a 2048-bit encryption key - and that will be really hard to crack, even if it is theoretically possible to derive the private key from the public key. Via New Scientist: "Brian Gladman, an independent cryptography expert based in the UK, says the length of the key means there is an incredibly slim chance of finding it via brute force computing. According to RSA company, it would take a million Pentium 500MHz computers 100 billion years to run through all the possible solutions of a 1640-bit key. A 2048 bit key would be exponentially harder to crack.

Re:It's just like Demolition Man...

[Eivind]

True, if the encryption/signing is implemented correctly, there's little hope that it'll be cracked anytime soon.

But there's another avenue for attack. Given that a wii-game is capable of creating, verifying and signing its own savefiles, this means that the encryption-keys are also stored either in the wii-console or in the game-software.

So, it's just a matter of extracting them.

Once you know *both* the method of encryption and signing, *AND* are in posession of the relevant keys, the rest really is a walk in the park.

Commodity hardware ain't terribly good at hiding encryption-keys from the owners of the hardware which can take it all apart, insert logic-probes and generally mess around with the hardware at will.

Something here is not right...

[Danga]

FTFS
The number pairs are stored as a compound 60 bit data (first 30 bytes for the first number, and the next 30 bytes for the second).

Interesting that they can store 60 bytes of data in 60 bits! I think someone made a typo...

Re:Something here is not right...

i saw that too

Re:Something here is not right...

that's a hash function!

well, no. sorry.

Re:Something here is not right...

[DiEx-15]

Nintendo has a long history of being out of touch with the standards of computer terminology. Whenever they mention the size of a game, they mention it in MegaBITS not MegaBYTES. So for them to say that somehow a large number of bytes can be stored in a small amount of bits isn't too shocking for me.

_____
"It is a tragedy that if I sold the answer for world peace, I'd get busted for selling pot!"

Re:Something here is not right...

[Carnildo]

Nintendo has a long history of being out of touch with the standards of computer terminology. Whenever they mention the size of a game, they mention it in MegaBITS not MegaBYTES.

Hardly. They describe ROM sizes in megabits because they can use bigger numbers that way.

Obligatory quote

[Yvan256]

"Enough of your borax, poindexter! We need action!" - Chief Wiggum

Autosave to defeat quickloading?

[tepples]

This is a save game, not in memory. It now takes 3.4 seconds to load/save instead of the 3.33339 it took without the crypto. Some games save continuously because they don't want the player to be able to revert to a previous saved state after having things go wrong; instead, they want the player to face the consequences of a poor decision. Think NetHack.

Re:Autosave to defeat quickloading?

[jandrese]

That's pretty rare behavior on consoles though. The only game that I can think of that does that is the Golden Sun series on the GBA, and only because they want you to restart the whole level in the event that an enemy gets a lucky critical hit.

Re:Autosave to defeat quickloading?

[DrScotsman]

What are you talking about? Golden Sun let's you save (almost?) anywhere, any time and any number of times, and it even has three save slots. It never autosaves.

Nonetheless, to the grandparent: I'm interested to know what games you're talking about that save to non-volatile memory continuously. Usually you'll either have to bypass checkpoints to save, or do something like a clean shutdown for the save to actually be stored.

Re:Autosave to defeat quickloading?

[jandrese]

Oops, that's what I get for posting too early in the morning. The game is actually Fire Emblem.

Re:Autosave to defeat quickloading?

[jZnat]

The game you're thinking about is Fire Emblem. Well, the Fire Emblem series, but yeah, those games.

Re:Autosave to defeat quickloading?

[AnyoneEB]

The only console game I can think of that acts like NetHack in that regard is Legend of Zelda: Majora's Mask. Neither save constantly for that effect. All they have to do is do a write when the save is loaded so it can only be loaded once.

Re:Autosave to defeat quickloading?

[edwdig]

Some games save continuously because they don't want the player to be able to revert to a previous saved state after having things go wrong; instead, they want the player to face the consequences of a poor decision. Think NetHack.

We're talking about a console with flash memory storage. Flash is rather slow to write to, and continual saving would wear out the flash fairly quickly.

Re:Autosave to defeat quickloading?

[tepples]

Flash is rather slow to write to I have both USB 1.1 and USB 2 ports on my PC. USB can transfer up to 1.2 MB per second. If NAND flash memory is so slow, then why does every USB flash drive bring up the "This device would work faster through a high-speed USB 2.0 port" warning if I plug it into my PC's USB 1.1 port?

and continual saving would wear out the flash fairly quickly.

Modern NAND flash memory is rated for at least 100,000 writes per sector. A write to a single sector roughly every fifteen seconds (that is, every time the player walks a certain number of meters, starts or ends a conversation, digs something out of the ground, etc.) would wear out the flash after about 400 one-hour play sessions. Moreover, modern flash memory controllers distribute writes across multiple empty sectors.

Or they could just keep Mr. Resetti.

Re:Autosave to defeat quickloading?

[UnknownSoldier]

> Some games save continuously because t

The Wii Programming Guidelines (or Lot Check docs -- don't have the info at home but at work) dictate a maximum number of saving k/sec so as not to wear out the flash memory.

Re:Autosave to defeat quickloading?

[tepples]

The Wii Programming Guidelines (or Lot Check docs -- don't have the info at home but at work) dictate a maximum number of saving k/sec so as not to wear out the flash memory. If that's greater than 0.1 KiB per second, then game world events can still be journaled (like in a journaling file system), to be replayed and fully saved whenever the player returns to the game's main menu.

Some save mods arguably aren't cheating

[tepples]

I don't really see a good argument for anyone to modify saved games. There is zero benefit to the end user False. I want to move a "zipper shirt" from my character in Animal Crossing for Nintendo GameCube to my character in Animal Crossing: Wild World for Nintendo DS. From GameCube to GameCube, I can use the "Hear code" and "Say code" inside Tom Nook's store to move the item. From DS to DS, I can use the online features. But unfortunately, the "Hear Code" functionality was cut from the DS version, so I have to write a program that hacks the DS version's saved game to insert the item into the player's inventory.

So what you are trying to tell me is...

I can has empire?

Re:So what you are trying to tell me is...

LOL NO U DONT IDORT

"no user servicable parts inside"

[da5idnetlimit.com]

I happen to have a modded Xbox and a modded Wii

the Xbox has been my media center for about 4 years. I bought it the day it was easily moddable/hackable. It now plays the anime and movies from my server and also plays my dvds along with the games and imports. I really like the option to pay imports. I do speak and understand english, so there really is no reason I should wait 1-2 years for a game. Or movie...

After maybe 2.5 years the dvd reader died and I couldn't read discs anymore. I bought a replacement dvd player for the xbox and installed it myself, voiding my already dead warranty.

Morale of the story :

1 / I used my xbox in a "creative" way, exceeding by much what MS previewed/allowed me to do with it. I had fun with it, and I didn't have to build or buy a pre-made media center.

2 / When it got broken I just had to buy a small, cheap part. not a full xbox, as a "no user servicable parts inside" box concept would have made me.

Episode 2, the WII

Take story from ep.1, make hardware standard pc stuff as in xbox, rinse, repeat.

Guess I, too, am just old fashioned in some ways. I'm too cheap to have every piece of kit I want, so I like to tinker with consoles to give them all the bells and whistles I cannot afford otherwise...

Re:"no user servicable parts inside"

[SilentChris]

"I'm too cheap to have every piece of kit I want, so I like to tinker with consoles to give them all the bells and whistles I cannot afford otherwise..."

Here's the funny thing, though -- if you have that kind of knowledge, the time you spend "tinkering" probably costs more than purchasing "the other pieces of the kit". For example, I make about $100 an hour. It would probably take me about a couple hours to properly mod an Xbox. That's a couple hundred dollars I *could* spend on better hardware.

There's nothing wrong with hacking -- enjoy it. But to make the argument that you're saving money is probably incorrect.

Re:"no user servicable parts inside"

[da5idnetlimit.com]

Lol, I take the situation from the other side of the point of view.

"u have that kind of knowledge, the time you spend "tinkering" probably costs more than purchasing "the other pieces of the kit". For example, I make about $100 an hour. It would probably take me about a couple hours to properly mod an Xbox. That's a couple hundred dollars I *could* spend on better hardware."

Alas, the time I would spend otherwise entertaining myself or buying new kit would be much more expensive : I would have to pay to go to the cinema, or pay for some hardware,...

As it is, I have the free time, I use it on hardware I already have, and without anymore capital investment I have both an enjoyable moment (the tiny microsecond where you succeed) and improved kit.And I get to keep the money after I got the functionality I needed/wanted. I now have the money to do yet again something else (pay my taxes, invite gf to nice restaurant, ...) AND the improved hardware, AND I didn't spend my afternoon seated passively in front of the tv.

From my point of view I am saving money, as it is only my free time that is concerned....

Re:"no user servicable parts inside"

[Caoz]

I too have a soft modded xbox that I've been using as a media center. Sadly, the drive also broke after 4 years of use and I am looking for a replacement. I hope they can be found for cheap now. Any recommended sites ?

bits or bytes

[cerelib]

The number pairs are stored as a compound 60 bit data (first 30 bytes for the first number, and the next 30 bytes for the second)
That math does not seem to work out.
60 b = 30 B + 30 B (huh?)

So which is it, bits or bytes? Oh well, I guess I will go read the article to find out.

Re:bits or bytes

[strstrep]

I'm guessing bytes. A 30-bit keyspace is pretty small, definitely within the realm of brute forcing.

Re:bits or bytes

[bluebonics]

i'm guessing 30bits. elliptic curve cryptography requires a smaller key for a comparable amount of security to other methods and 30bits is still 1,073,741,824 combinations.

Re:bits or bytes

[rbarreira]

30 bits is ridiculous even for ECC. A 109 bit key has been cracked already, with the use of distributed computing.

I cracked it!

The secret key is
17 Pr!N75 M0N3Y$

solution to the 'votes' problem

[roman_mir]

Make voting into a video game, outsource development to Nintendo Wii, watch Nintendo become company non-grata in most 'democratic' states of the world.

You may not like the answer, but...

[Xenographic]

Clearly, the people who make our video games are far more competent than those protecting those other things like votes, money, identity, etc.

Actually, it makes a sort of perverse sense. It's pretty easy to write bog-standard business applications that do CRUD (in both the database & other sense), but it's not so easy to program a game that has to run at acceptable frame rates.

Re:You may not like the answer, but...

"but it's not so easy to program a game that has to run at acceptable frame rates."

Actually, its not so hard either. Neither is elliptical curve encryption. Don't overestimate the difficulty of these things. They might have been hard 15 years ago, but today such things are well documented and a plethora of libraries are available to make it even easier.

PSO's security hole was an anti-cheating back door

[Myria]

I found the PSO exploit when I was cheating the Dreamcast version of the game. PSO "version 2" added a new packet, known as RcvProgramPatch, that downloaded code to the system. Sega used that packet to download assembly code to the client that checked for some of the cheats we made. The packet stayed in the game through the GameCube version, at which point someone else found it and made the BBA homebrew exploit.

Of course, Sega didn't sign that downloaded code, which is why it worked.

Regarding this savegame thing, it's just dumb. There's no reason for them to use asymmetric cryptography on saved games when symmetric cryptography would have worked equally well. Once someone, anyone, can execute code on the machine, the savegame protection on that system will be broken. The only real protection is to use per-device keys - that is what makes Wii saved games secure, not this asymmetric crypto. Sacrificing player convenience for security.

I can't wait until quantum computers end the reign of the 360 and Wii homebrew security systems.

Wait... WHY?

[Hyperspite]

Why are they encrypting savegame files? I understand maybe a boot sector or even an entire game to prevent copying, but MEMORY CARDS? WTF?

Re:Wait... WHY?

[SagSaw]

Why are they encrypting savegame files?

They've probably learned from Microsoft's mistakes here. Bugs in the save-game code of http://en.wikipedia.org/wiki/Softmod#Xbox softmods>several x-box games allowed users to install linux onto their x-boxen.

Re:Wait... WHY?

[Hyperspite]

But why would they care about a few scattered cases? I mean seriously. Encryption increases saving and loading times (probably insignificantly but still...). Do they just want to keep even the way the game saves your items and position blackboxed?

Slow down cowboy!

[kramulous]

Oh well, I guess I will go read the article to find out.

"That's one small step for man ... "

Why ECC?

[tuxlove]

I'm not sure I understand why they had to use asymmetric encryption. A plain old symmetric algorithm would suffice, since asymmetric methods are only necessary when passing messages between parties. Since the save files are both encrypted and decrypted on-machine, only symmetric encryption is required. This would possibly simplify things, as well as potentially speed them up (since symmetric algorithms are faster). A good symmetric algorithm is usually very compact codewise as well, and much less complicated to implement and maintain. Odd choice on their part, though admittedly for security purposes either can be used to effectively protect the save files (and both are equally vulnerable should the encryption key be plundered from the device).

Re:Why ECC?

[KinkoBlast]

They probably used the same encryption code on the savegames as they did on the stuff from the Wii shop. That IS encrypted in decrypted in different places.

And, you know, one algorithm is usually smaller code-wise than two :)

Yet it may be evidence of a clue...

[Xenographic]

> Actually, its not so hard either. Neither is elliptical curve encryption. Don't overestimate the difficulty of these things. They might have been hard 15 years ago, but today such things are well documented and a plethora of libraries are available to make it even easier.

Using ECC, you're right, isn't that hard. Using ECC correctly is harder, but not that hard.

Mostly, it's rare. That's the part that gets me.

Given that I haven't seen too many using ECC, even though it has some cool properties like not being affected by advances in factorization, so I have to give them some credit on that one. It makes me feel like the person who designed it had a clue.

Crypto as cheat-prevention

[Saint+Fnordius]

I was thinking along the same lines, that the crypto was less about preventing homebrews (though Nintendo probably does want to keep homebrews down), and more about preventing players from hacking into their savegames and "improving" their saved position. But seeing as I don't do much online gaming, I didn't see the point. Now I do.

Now normally I would have nothing against "cheating" in this form: it is more like cheating at solitaire or using house rules an a dinner-table game. But when you are playing with strangers, you need some reassurance that they don't have a whole slew if royal flushes stuffed up their sleeve. If I understand this properly, Nintendo has integrated an encryption method into the savegame routine on the system level for the benefit of the developers, and didn't see enough demand to offer an unencrypted version. After all, homebrew just isn't a part of Nintendo's DNA.

Tied to a PC, or tied to a GameCube

[tepples]

For the PC: has the sensor bar been successfully interfaced? The sensor bar is two banks of infrared LEDs. Its "interface" is just whether a voltage is applied over the contacts or not.

But you're tied to a PC, and it's my understanding that NOT being on a PC is the attraction to homebrew for some people. And if I code for a GameCube, I'm tied to a GameCube. That's why I develop homebrew for the DS, so that I'm not tied to anything.