• Moved!

    This blog is no longer updated!

    Please visit http://xcomprandomness.co.uk/ for future updates and comment there instead!

  • Advertisements

Another Wii Update Already, Nintendo Patches Up the Possible Flash Exploit?

If you had your Wii running today then, you might have noticed the blue light blinking again. In my case, it was blinking while I left the Wii menu running away idly. When I came back, Nintendo left this message on the board:

“This update will prevent your Wii console from locking up, which can occur when using the Internet Channel if you press the RESET on either your Wii console or the HOME Menu. This update also corrents some Internet connection stability issues when using the Wii LAN Adapter from Nintendo.”

Internet Channel

That’s right, Nintendo had another firmware update today but a very small one so no version number changes. It’s still v3.0E. I’m presuming this update also patches the possible Flash exploit found on the Internet Channel which hackers could make good use of. Run “homebrew” software for example but I guess they’ll have to look for some other weakness now. It’s not the first exploit Nintendo had to patch up mind you.

If you don’t know about the Flash exploit, it’s apparently something that occurs when you’re viewing a Flash embedded site such as Youtube and the Wii decides to freezes up.

It’s actually happened to me once before. I can’t remember which video I was accessing on Youtube but the Wii suddenly froze and the rumble pack on the Wiimote went berserk. The buttons on the console weren’t working so the only thing I could do was turn off the mains power. I wasn’t really surprised at the time because I already knew about the problem.

Hacking with the Exploit Theory

You might be thinking to yourself, “How can a Wii that freezes up help hackers?” Well, you’ll have to understand a little about how computers work. Everything happening on your Wii display is stored in the machine’s memory banks temporarily by pieces of software to keep track of activities such as where the little hand cursor is pointing or, what active channels you have running.

Before this temporary data is stored, the software has to reserve a range of memory blocks and create a record of where everything is. However, due to some programming error some software may end up using memory blocks outside its reserved range thus, overwriting other software’s data which may or may not be crucial for the machine to operate normally. In this Flash exploit’s case, you’re forced to shutdown the mains so you can imagine how serious it is. This kind of memory overwriting is known as a “buffer overflow” and isn’t limited to the Wii of course. When a crucial part of the system is affected by this overflow, hackers can make the system run code that it wouldn’t normally run.

This is just my theory but if the Flash exploit was used correctly, a hacker can make the Wii run whatever code they want by taking advantage of the system data area it’s managed to overflow into. The code can be written in such a way that it’ll stop the machine from freezing up but also allow their own code to be executed. I’m not a hacker so I wouldn’t know how it would be done but most likely, the code would be crafted into a Flash presentation.

With the PSP, I think it’s been easier for hackers to decrypt, analyse and modify because the firmware updates are at least downloaded and run off a memory stick. With the Wii, you update the moment you finish downloading the firmware so the custom firmware route wouldn’t work here. You would have to find a way of intercepting and dumping the Wii updates first. Then there’s also the problem of getting them to run off the memory card slot so it’s much more difficult.

In any case, later games will require up-to-date firmware so the hacking part would have to be an on-going battle just like the PSP. Or perhaps they can come up with something along the lines of Devhook…

In the end, I just want a way to play import games on my Wii without chipping it – not access to an infinite library of games. So, it’ll be great if Nintendo decides to include a region-free feature with one of their future firmwares and also downloadable demos. That way I don’t need to play backup copies to try them out first. Wouldn’t mind a software DVD decoder either.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: