A few days ago at the 24th Chaos Communication Congress a Wii hack was demonstrated that allows arbitrary software to run on the Wii console. Previously, the console was only available via the Gamecube emulation mode. This new hack will allow folks to write homebrew software that can take advantage of the Wii’s full capabilities.
Here’s a description of the hack from Tysoe_J in the WiiLi forums:
In pressed Wii games, there are two values that are put together to make the on-the-fly decryption key with which the Wii can actually execute the game. One in on the security ring of the manufactured disc, and one is stored by every Wii to decrypt data (the static key). What’s happened here is they’ve got the “Lego Star Wars” game key simply from the disc, and they’ve got the FULL (“master”) key used to decrypt ONLY Lego Star Wars game through dumping Wii memory (this was done by disabling some of the ATi bridge that locks out the RAM during Gamecube mode).
Now, this resulted in the “master” key for Lego Star Wars, and the “disc auth” key for it too. Reverse engineering this resulted in the generic Wii data key, thus allowing them to burn their own data under the disguise of LSW. Then, of course, a drive modchip was needed cos they can’t press their own discs…
STILL, that’s what’s going on… Nintendo wouldn’t be able to patch this with a firmware update. They’d have to change hardware keys and most DEFINITELY fix up the ATi lockout bridge too.
Wii Linux, open source Wii games – a lot of stuff should be possible now. Happy new year!
Nintendo Wii Homebrew “Hello World” – [via] Link
24c3 tweezer attack @ WiiLi.org forum – Link
ADVERTISEMENT