Feeds

Wii U 'has been JAILBROKEN' via legacy games, say homebrewers

Backwards compatible with backdoors

3 Big data security analytics techniques

A squad of techies claim they've cracked Nintendo's anti-piracy defences in the Wii U days after the games console hit US shelves.

The hack, the gaming equivalent of jail-breaking, allows home-made games, pirate copies of titles and other unauthorised software to run on the Wii U, according to wiiuhacks.com. The attack appears to involve exploiting security holes in old Wii games when a Wii U is running in legacy Wii mode.

The team has compiled a list of authorised games that can be hijacked to launch unofficial titles.

The group has also produced a seven-minute video of what appears to be a Wii U playing homebrew games after running the "Smash Stack" exploit from a disc. Nintendo, like other console makers, locks down its machines so, in theory, they can only play cryptographically signed software; hackers usually have to exploit security holes in the system or endorsed games to defeat these protections.

Chris Boyd AKA PaperGhost, a senior threat researcher at GFI Software and an expert in gaming security, said major Wii homebrew communities such as wiiubrew.org are yet to hack the Wii U.

"We have not been successful in running homebrew on the Nintendo Wii U. But running code in Wii Mode is possible," wiiubrew.org stated.

"It's the same story elsewhere, even on sites with dedicated modding and homebrew sections," according to Boyd.

He added that it's one thing to get old exploits working in legacy Wii mode, but another to develop exploits for vulnerabilities exclusively present in new Wii U systems. He is cautious of the wiiuhacks.com team's boasts.

"There is one video on YouTube where the uploader claims to be successfully running homebrew on the Wii U using an older exploit designed to load unauthorised code on the original Wii console, but I've no way of verifying if the video is genuine," Boyd told El Reg.

"Additionally, there are groups picking through the back catalogue of programs and exploits from the original Wii - some of which no longer work on certain versions of system menu - to see if they can uncover a blind spot in the new console."

The Wii U console is backwards compatible with most Wii games and accessories, which explains why older exploits for the previous console still work, up to a point, on the next-generation machine.

Nintendo pushed a firmware update to Wii U consoles less than a day after the system went on sale on Sunday in the US. The sizeable upgrade does not block the Wii U Smash Stack exploit, but future updates could, wiiuhacks.com warned. Attempts to interrupt the lengthy Wii U update process once it starts can leave the console as useful as a squishy brick, as Nintendo itself advised. ®

SANS - Survey on application security programs

More from The Register

next story
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Report: Apple seeking to raise iPhone 6 price by a HUNDRED BUCKS
'Well, that 5c experiment didn't go so well – let's try the other direction'
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Hearthstone: Heroes of Warcraft – A jolly little war for lunchtime
Free-to-play WoW turn-based game when you have 20 minutes to kill
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.