Homebrew (video games)

Screenshot of the Atari 2600 homebrew Duck Attack! (2010)

Homebrew is a term frequently applied to video games or other software produced by consumers to target proprietary hardware platforms (usually with hardware restrictions) that are not typically user-programmable or that use proprietary storage methods. This can include games developed with official development kits, such as Net Yaroze, Linux for PlayStation 2 or Microsoft XNA.[1] A game written by a non-professional developer for a system intended to be consumer-programmable, like the Commodore 64, is simply called hobbyist (rather than homebrew).

Along with the Dreamcast, Game Boy Advance, and PlayStation Portable, the most frequently used platforms for homebrew development are older generations of consoles, among them the Atari 2600 and Nintendo Entertainment System (NES). The relative simplicity of older systems enables an individual or small group to develop acceptable games in a reasonable time frame.

All major sixth generation consoles enjoy some use by homebrew developers, but less so than earlier generations. This is mostly the case because software production requires more resources, accurate emulators do not exist yet, and the consoles themselves often employ rather complex systems to prevent the execution of unauthorized code. Homebrew developers must often exploit loopholes to enable their software to run.

Homebrewing is not only limited to games; there are numerous demos that have been released for most systems with a homebrew scene.

Development

Homebrew games for older systems are typically developed using emulators for convenience since testing them requires no extra hardware on the part of the programmer. Development for newer systems typically involves actual hardware given the lack of accurate emulators. Efforts have been made to use actual console hardware for many older systems, though. Atari 2600 homebrew developers use various methods, for example, burning an EEPROM to plug into a custom cartridge board or audio transfer via the Starpath Supercharger. Game Boy Advance homebrew developers have several ways to use GBA flash cartridges in this regard.

First through fourth generation consoles

The Atari 2600 is a popular platform for homebrew developers.

Magnavox Odyssey

In 2009, Odball became the first game for the Magnavox Odyssey since 1973. It was produced by Robert Vinciguerra[2] who has since written several other Odyssey games. On July 11, 2011, Dodgeball was published by Chris Read.[3]

Fairchild Channel F

A handful of homebrew games have been programmed for the Fairchild Channel F, the first console to use ROM cartridges. The first known release is Sean Riddle's Lights Out which included instructions on how to modify the SABA#20 Chess game into a Multi-Cartridge.[4] There is also a version of Tetris and in 2008 "Videocart 27: Pac-Man" became the first full production homebrew for the Channel F.

Atari 2600

The Atari 2600, released in 1977, is a popular platform for homebrew projects. Games created for the Atari 2600 can be executed using either an emulator or directly when copied onto a blank cartridge making use of either a PROM or EPROM chip. Unlike later systems, the console does not require a modchip. Although there is one high-level compiler available, batari Basic, most development for the Atari 2600 is still done in 6502 assembly language. Combined with the extremely limited resources of the 2600, it is a difficult system to develop for, and some games are programmed simply for the technical challenge.[5]

NES

Several compilers are available for the Nintendo Entertainment System, but like the Atari 2600, most development directly applies assembly language. One impediment to NES homebrew development is the relative difficulty involved with producing physical cartridges, although third-party flash carts do exist, making homebrew possible on original NES hardware.[6] Several varieties of custom processors are used within NES cartridges to expand system capabilities; most are difficult to replicate except by scavenging old cartridges. The hardware lockout mechanism of the NES further complicates the construction of usable physical cartridges. However, the NES-101 removed the 10NES lockout chip so any game, whether homebrew, unlicensed, or another region of an official game, can be played. The 10NES chip can eventually be permanently disabled by performing a minor change to the hardware.

Genesis and Master System

The Sega Genesis received a high-profile homebrew game with a physical release, Pier Solar, in 2010.

Both the Sega Genesis/Mega Drive and Sega Master System benefit from limited homebrew development, as there is no physical lockout mechanism, thereby easing the operation of software on these platforms. Homebrew efforts for the Genesis have grown, as there are now several full games scheduled for release in physical form, such as Rick Dangerous 1 & 2 and a port of Teenage Queen. Pier Solar and the Great Architects and Frog Feast for the Genesis and Mighty Mighty Missile for the Sega Mega-CD are examples of homebrew games already released for Sega consoles.

The 2018 game Tanglewood was developed using original Mega Drive development hardware.[7]

A QBASIC-like high level compiler named basiegaxorz exists for the Sega Genesis.

Neo-Geo MVS, Neo-Geo AES, and Neo-Geo CD

The Neo-Geo Home Cart and Arcade Systems can be tough candidates for homebrew development. Neo-Geo AES and MVS cartridges have two separate boards: one for video, and one for sound. If programming a cartridge for the system were to occur, it would involve replacing the old ROM chips with your newly programmed ones as the cartridges are in a sense, Arcade boards. NGDevTeam who have released Fast Striker and Gunlord found a workaround with this. What they did was print out their own board, and soldered their own ROM chips into them; this, however, can cause the Universe Bios logo to look corrupted if a custom bios were to be programmed. Programming for the Neo-Geo CD, however is easier than programming for cartridges. The CDs themselves can actually contain both sound and video respectively. Depending on the Megabit count for a game program, load times will vary. A CD game with low Megabit counts will load only one time; whereas a CD game with higher megabit counts could load in between scenes, or rounds. There are now some full games scheduled for release in physical form, such as Neo Xyx. [8]

Programmer of the Neo-Geo Universe Bios, Razoola is currently working on a "Skeleton Game Driver" that supports two players. This ROM is meant to remedy the corrupted Universe Bios Screens, as well as work with an unmodified/stock Neo-Geo Multi-Video System (MVS), or Advanced Entertainment System (AES) [9]

SNES

After its discontinuation of games in 1998, and production in 1999, the fans of the Super Nintendo Entertainment System made homebrew ROM images, even without Nintendo's support for the console. Nintendo designed the machine with various security measures to prevent unauthorized code running on the machine.

Eventually the homebrew community figured out how games ran on the SNES hardware and were able to bypass its security mechanisms. Companies such as BUNG released hardware plugins such as the Game Doctor SF series. These allowed users to not only copy games but also to run homebrew developed games on the SNES hardware. Homebrew ROMs could be converted into the Game Doctor SF format and put onto a 3 1/2" floppy. Games as large as twelve megabits could be put on floppy disks formatted to 1.6 megabytes.

An alternative device was the Super Flash, by Tototek, which allowed for multiple games to be burned onto a flash memory chip of cartridge (allowing up to 48Mbits). This chip was the mask ROM for the Super Flash development cartridge; it was easy to use and had a user interface on the computer end; simply plug in the Super Flash cartridge and upload the games one wanted. This allowed users to make a SNES game and play it in an actual cartridge rather than a floppy disk.

In the 1990s, Nintendo sued Color Dreams for producing NES games without an official license. The outcome was an undisclosed settlement, but Color Dreams continued to produce unlicensed games. The strength of Color Dreams' position lies with that they worked around the 10NES lockout chip code rather than illegally duplicating it.

TurboGrafx-16/PC Engine

The TurboGrafx-16/PC Engine has a small but dedicated homebrew scene. The first homebrew title released on CD was MindRec's Implode in 2002, a few years after the system's last official release (Dead Of The Brain I & II for the PC Engine in 1999). Two years later, MindRec released Meteor Blaster DX on CD-R. Official word was that it was unable to be pressed to CD proper due to the glass mastering software suddenly unable to handle the unorthodox style of CD layout that the system expects. Five years later, Aetherbyte Studios released Insanity, a Berzerk clone, on pressed CD, quelling the notion of unpressable CDs. Aetherbyte later went on to prototype and produce a new HuCard design called AbCARD that is 100% compatible with the console. Other homebrewers of note include Chris Covell (developer of Tongueman's Logic, released in 2007), Frozen Utopia (developer of Mysterious Song, released in 2012), and Cédric Bourse (aka Orion, developer of Ultimate Rally Club, released in 2011).

There is one dedicated C compiler for the console known as HuC. It has not been officially updated since 2005. The MagicKit assembler is generally considered the de facto assembler for the console, and comes included with HuC. Additional libraries for HuC/MagicKit include Squirrel, a sound engine developed by Aetherbyte Studios, and the SGX/ACD library, developed by Tomatheous, that gives the developer easy access to the SuperGrafx video hardware as well as the Arcade Card.

The cc65 C compiler is also noted to be compatible with the console, although there is no official development library support.

Fifth-generation consoles

Atari Jaguar

Despite being unpopular during its commercial run, the Atari Jaguar has enjoyed a cult following after being declared as an open platform in 1999.

After the properties of Atari Corporation were bought out by Hasbro Interactive in 1998, Hasbro released the rights and patents to the Jaguar into public domain in 1999, declaring the console an open platform and opening the doors for homebrew development.[10][11][12] Thanks to this, a few developers and publishers such as AtariAge, B&C Computervisions, Piko Interactive, Songbird Productions, Telegames and Video61 continue to release both previously unfinished games from the Jaguar's past life cycle and several brand new titles to satisfy the system's cult following. These titles are not endorsed or licensed by Atari.

Homebrew games for the Atari Jaguar are released in either cartridge, CD or both formats. Titles released in the CD format are either glass mastered, or burned on regular CD-Rs however, since the add-on was released in very limited quantities, most of the homebrew developers prefer to publish their works either online on forums or in cartridge via independent publishers, with many of the cartridge releases stylized as a retail Jaguar title from the era. Since both systems do not have regional locking all of the titles are region free but some titles, such as Gorf Classic and the initial release of Black Out! do not work correctly on PAL systems. Some of the earliest CD releases were not encrypted, requiring either B&C's Jaguar CD Bypass Cartridge[13] or Reboot's Jagtopia (Freeboot) program burned into a CD in order to run unencrypted CD games,[14] but Curt Vendel of Atari Museum released the binaries and encryption keys for both the cartridge and CD format, making it possible to run games without the need of development hardware.[15] Most recently, the BIOS of the Jaguar CD was cracked and can be installed inside the system but with some soldering skills.[16]

Some of the titles listed have been released on other platforms, such as the Amiga, Atari ST, Dreamcast, Genesis, mobile devices, PC, PlayStation and Super Nintendo. The very first homebrew title programmed for the Jaguar dates from 1995, a version of Tetris called JSTetris developed using a hacked Alpine Dev. Kit, one of the pieces of development hardware used to program official Jaguar titles.[17]

Since emulation of the console is still limited, coding is best conducted using a real Jaguar console through either the Skunkboard development cartridge, using a BJL modified Jaguar, or the official Alpine Development Kit. The commercial game BattleSphere Gold, also contains the JUGS (Jaguar Unmodified Game Server) aid to development.[18]

Homebrew games and demos for the system developed between 1995-2008 were done by small groups which released their titles in either downloadable or physical format, with the downloadable games needing an emulator or development device. There has been an increase in the number of homebrew games released for the Jaguar in recent years, with 2017 seeing the highest number of new titles released for the system since 1998.

PlayStation

Making games on the PlayStation is possible with any model of the system through the use of a modchip or the double 'Swap Trick'. Requirements consist of a PC (Personal Computer), SDK (Software Development Kit), and a 'Comms Link' device to upload and download files to and from the console.

Another way of starting Homebrew on the Playstation is 'UniROM', which is a Softmod which is a software which gets installed onto a cheat-device, which is connected via the parallel-port (on old consoles) and allows loading of custom code via burned CDs and the Serial-Port.

Homebrew was originally promoted by Sony with the Net Yaroze, which had a large scene for quite some time. However, the official Net Yaroze site was shut down in mid-2009, and Sony stopped supporting the system as well as the users who still owned the console.

Sega Saturn

The Sega Saturn homebrew scene is small but active. As with the PlayStation, all models are capable of homebrew. Modchips for the Saturn Model 1 have been scarce for sometime now (as it seems that no one has produced any new modchips in years), so the only two options left are to either perform the easy swap trick or extensively modify a Saturn Model 2 modchip.

Running homebrew on the Model 2 is as easy as bridging two points on the modchip, soldering a wire from the modchip to the Saturn power supply, and inserting it where the CD-rom ribbon cable inserts. The swap trick is more difficult to pull off on this Model due to the lack of an access light.

Now there is the "PseudoSaturn" unlocking method. A program created by CyberWarrior2000 which installs in place of the original firmware of a "Pro Action Replay" cart. It unlocks region, frequency and CD protection of most Saturn models. Either a modded Saturn or a swap trick is required to run the installer, which loads the code in the FlashROM of the cartridge. Afterwards, the cartridge unlocks everything and most software can be run, from backups to homebrews. There is also now a new engine for development called the Jo-Engine created by Johannes Fetz to allow easy development,[19] the creation of this engine has allowed for some more impressive projects like a fully 3d Sonic The Hedgehog game called Sonic Z-Treme[20][20]

Virtual Boy

Planet Virtual Boy has promoted homebrew for years by the site, since the system has no region lock.[21] But it wasn't until the flash carts FlashBoy and FlashBoy+ were released that the homebrew scene began to grow. Despite the Virtual Boy's mere 8 months in production before being discontinuation (August 1995 - March 1996), dedicated fans have been making a variety of homebrew games for years. Two previously unreleased games, Bound High and NikoChan Battle have been released.

Nintendo 64

The Nintendo 64 homebrew scene is small, but homebrew can still be played and developed through the use of a Doctor V64, (Acclaim used a Doctor V64 to help develop Turok,[22]) the Everdrive 64[23] or 64drive.[24]

NEC PC-FX

There is only one homebrew development kit known for the PC-FX, which is based on the GNU Compiler Collection version 2.95.1. The Mednafen author began work on a library for the compiler called pcfxlib but it was discontinued due to lack of interest until trap15 started development of a new library called liberis. The toolchain is designed for a Linux environment, although it can also be used with cygwin. To date, no homebrew titles for the PC-FX have been released, although Aetherbyte Studios and Eponasoft have both expressed interest in developing new software for the console.

Sixth-generation consoles

Nuon

The Nuon was a game chip built into several DVD players. VM Labs, which made the system, released an SDK just before it went bankrupt. Homebrew Nuon apps can only be played on Samsung DVD-N50x and RCA Nuon DVD players.

Dreamcast

Despite its short commercial lifespan of less than two years in North America, the Dreamcast benefits from an active homebrew scene even ten years after its discontinuation. Due to a flaw in the Dreamcast BIOS, which was intended for use with MIL-CD's, the console can run software from CD-R without the use of a modchip. Sega reacted by removing MIL-CD support from the BIOS of the later produced Dreamcast consoles manufactured from November 2000 onwards.

The console is especially notable for its commercial homebrew scene. One notable project was the Bleemcast! emulator, which was a series of bootdisks made to play PlayStation games on the system, featuring visual enhancements over the original console. Newer independent releases include Last Hope, released by RedSpotGames in 2007, and DUX,[25] both Shoot 'em up style games. These releases were written using the KallistiOS development system. A port of the freeware high-level development language Fenix and BennuGD is available for use in game development; many DIV Games Studio games have been ported and others were originally written for the system.

PlayStation 2

Early versions of the PlayStation 2 have a buffer overflow bug in the part of the BIOS that handles PS1 game compatibility; hackers found a way to turn this into a loophole called the PS2 Independence Exploit, allowing the use of homebrew software. Another option for homebrew development is the use of a modchip. Also, it is possible for developers to utilize a PS2 hard drive and HD Loader.

As of May 2008, there is a superior exploit called Free McBoot, which is applicable to all PS2s including Slimlines except for SCPH-9000x models with BIOS 2.30 and up, where the exploit was patched by Sony. Manufacturing of such homebrew-proof models started in the third quarter of 2008, which is denoted as date code 8C on the console, although some consoles of this line still have the old unpatched 2.20 BIOS.

Unlike the Independence Exploit, which requires a trigger disk, Free McBoot needs only a standard Memory Card, which allows it to be used on systems with broken optical drives. The installation is keyed to the Memory Card and will be usable on only the same version consoles that it was originally installed on, unless a Multi-Install is performed.

The drawback of this exploit is that it needs to be installed/compiled on each individual memory card. Simply copying the exploit is not possible; this means that an already modded or exploited system is required to install FMCB on a Memory Card.

After installing an exploit, unsigned executables (Executable and Linkable Format) may be launched from a Memory Card or a USB drive. Such programs include emulators, media players, hard drive management tools, and PC-based or NAS-based file shares. The exploit is also notable for allowing the user to copy PS1/PS2 save files from a Memory Card to a USB drive, a functionality normally only possible with tools such as a DexDrive.

Sony also released an official homebrew-development kit that allows PlayStation 2 to run Linux.

Nintendo GameCube

Homebrew development on the Nintendo GameCube tended to be difficult, since it uses a proprietary MiniDVD-based drive and media as opposed to the standard DVD drives of the PS2 and Xbox for piracy protection. Also, its connectivity is limited, as it does not feature a USB port or an HDD port like the PlayStation 2.

The barrier to burning Nintendo GameCube discs with a consumer DVD burner is the Burst Cutting Area, a "barcode" in the innermost ring of the disc, an area inaccessible to most burners and writeable only by very expensive disc pressing machines. For a long time the only way to run homebrew software on Nintendo GameCube was through a patching-system exploit of Phantasy Star Online Episode I & II, requiring users to find the game and a Broadband Adapter. Both of these are difficult to find because a follow-up has been released (under the name Phantasy Star Online Episode I & II Plus) and thus the original PSO was rarely sold after then, and because the Broadband Adapter was not often carried in stores due to the Nintendo GameCube's very limited selection of online games.

Currently the most common method is to use a special loader software, often using a modchip, and homebrew software can be loaded from DVD-R, SD card (with an SD card to memory card adapter and an SD Media Launcher), or over Ethernet. A more recent method that does not require a modchip is to use a saved game exploit, which involve transferring modified game save files to a GameCube memory card that trigger arbitrary code execution when loaded by an official game, allowing custom software to be run from a memory card, SD card, or other media.[26] As the Nintendo GameCube's case does not fit a full-size DVD-R, third party replacement cases are available. Most of Nintendo GameCube homebrew software is developed to emulate other video game systems.

Xbox

Microsoft Xbox with modchip installed

The Xbox console uses several measures, including cryptographically signed code to obfuscate firmware. The primary method of executing homebrew code required installing a mod chip which could be flashed with a modified Microsoft BIOS. This BIOS allowed the system to boot unsigned executables (XBEs) and control several hardware variables, such as region coding and video mode. With the leak of Microsoft's official development kit (XDK) homebrew coders were able to write replacement Xbox GUIs (known as dashboards), games and applications for the Xbox.

A softmod which uses a commercial game such as 007: Agent Under Fire, Mech Assault or Splinter Cell to load up homebrew software has been discovered. This method utilizes modified font bug and sound bug to cause the Xbox to cause a stack buffer overflow and load one of the homebrew dashboards. Once in this condition, the Xbox is able to execute homebrew games and applications.

Because the Xbox uses standard PC libraries, writing homebrew games is relatively easy, as the vast majority of libraries available for a PC programmer are available to an Xbox homebrew programmer.

One of the more common type of homebrew games for the Xbox are ports of PC games whose source has been publicly released or leaked. Many classic PC games have been released for Xbox, but most are created with the XDK which limits their availability. The only places to find these ports are through IRC or peer-to-peer browsers.

The Xbox system is also very adept at running emulators which have been ported from PC. The Xbox is able to emulate systems up to the previous generation, including the Nintendo 64 and the PlayStation. For this reason, many different emulators have been created for the Xbox, and some of them have even more development support than their PC counterparts.

Recently, progress has been made in the creation of a legal development kit for the Xbox, known as OpenXDK. The OpenXDK is intended to allow coders to create new applications and games, as well as port existing source codes, without using illegally obtained Microsoft software. The games and applications created under the OpenXDK can be legally hosted on the net, and downloaded by users.

Even after the release of the Xbox 360, the Xbox homebrew scene remains extremely active, with new game ports, emulators, and applications coming out weekly. Microsoft is currently encouraging Xbox 360 homebrewed content with XNA, though at a charge of $99 per year.

Seventh-generation consoles

PlayStation Portable (PSP)

Nintendo DS

Nintendo DS Lite with SuperCard DS Lite and MicroSD card.

Nintendo DS homebrew software is unofficial software written for the Nintendo DS by hobbyist programmers, versus software written by a game production company or corporation using the official development tools from Nintendo. Homebrew software is typically used on the DS via third-party rewritable game cartridges, SD cards, emulators, or rewritten game cards.

Xbox 360

Microsoft has released a version of its proprietary Software Development Kit (SDK) for free, to would-be homebrew programmers. This SDK, called XNA Game Studio, is a free version of the SDK available to professional development companies and college students. However, to create Xbox 360 games you must pay for a premium membership to the XNA Creators Club. Once the games are verified, the games written with XNA Studio can be made available for 80, 240, or 400 Microsoft Points to all Xbox 360 owners (through Xbox Live). This allows creators of homebrew content access to their target audience of Xbox 360 owners. This content is available under the Indie Games section of the New Xbox Experience.

On March 20, 2007, it was announced that a hack using the previously discovered hypervisor vulnerability in the Xbox 360 kernel versions 4532 and 4548 had been developed to allow users to run XeLL, a Linux bootloader. The initial hack was beyond the average user and required an Xbox serial cable to be installed and a flashed DVD Drive firmware. Felix Domke, the programmer behind XeLL, has since announced a live bootable Linux CD suitable for novice users, with the capabilities to be installed to the SATA hard drive of the Xbox 360. Despite the availability of such a distribution, the Xbox 360 still isn't considered a popular platform for homebrew development, given the dependence of the exploit on the DVD-ROM being able to load a burnt DVD |game, a modified version of the game King Kong, and two older kernel revisions of the console itself.

A group independent of Microsoft is working on the means to run homebrew code, as part of the Free60 project.

Note: The hypervisor vulnerability in the Xbox 360 kernel versions 4532 and 4548 was addressed by Microsoft with the release of the NXE system and dashboard update in 2008.

Homebrew was since re-enabled on any Xbox 360 with dash 2.0.7371.0 or lower via an exploit referred to as the jtag / jtag smc hack but was promptly patched again by Microsoft with the 2.0.8495.0 update.

Homebrew has now become available on most if not all Xbox 360 consoles due to the Reset Glitch Hack. So far it works on all current dashboards up to as of now the latest 17526 dashboard. Although it can run unsigned code some hardware is required to do the hack/exploit. Also soldering skills are a necessity when attempting to use this exploit.

PlayStation 3

The PlayStation 3 was designed to run other operating systems from day one. Very soon after launch, the first users managed to install Fedora Core 5 onto the PlayStation 3 via the 'Install Other OS' option in the PlayStation 3's XMB (Xross Media Bar), which also allows configuring the PlayStation 3 to boot into the other OS installed by default.

So far, several Linux flavors have been successfully installed to the PlayStation 3, such as Fedora Core 5, Fedora Core 6, Gentoo, Ubuntu and Yellow Dog Linux (YDL). The latter comes installed with the Cell SDK by default, allowing programmers a low cost entry into Cell programming. See also: Linux for PlayStation 3

Originally, graphics support was limited to framebuffer access only (no access to the PlayStation 3's graphics chip RSX), yet some access to the RSX graphics processor was achieved (but Sony blocked this with firmware release 2.10).

As of firmware release 3.21, consumers are no longer able to access the 'Other OS' due to Sony removing the facility[27] from the software in an update. Sony said this was in response to several 'security concerns'.

Homebrew developers do have access to the Cell microprocessor, including 6 of its 7 active Synergistic Processing Elements (SPEs). The Game OS resides under a hypervisor and prevents users from taking full control of the PlayStation 3's hardware. This is a security measure which helps Sony feel secure enough to allow users to install other operating systems on the PS3.

The Sixaxis controller has also been exposed to Linux and Windows,[28] but no driver seems to have been successfully created yet that exposes its accelerometer functionality, except for Motioninjoy. However other drivers have successfully used it as a controller for gaming etc.

In May 2008, a vulnerability was found in the PlayStation 3 allowing users to install a partial debug firmware on a regular console. However, the debug functionality is disabled, so neither homebrew applications nor backup games can be run yet.

Another exploit was found on August 14, 2008, allowing users to boot some backup games from the PlayStation 3's HDD, although the exact instructions on how to do this were not released at that time. However, a different person posted instructions 10 days later, which explained the exploit.[29]

On January 6, 2009 a hacking ring known as the "Sh4d0ws" leaked the jig files needed to launch the PlayStation 3 into service mode. Although the PlayStation 3 can be triggered into service mode, it is not yet of any use because the files needed to make changes to the console have not been leaked.[30]

On August 31, 2010 PSGroove, an exploit for the PS3 through the USB port, was released and made open source. This exploit works on all of the PS3 models released up until then.[31] A guide for the creation of the PSGroove is available through several online sources.[32]

George Hotz, better known under his nickname "geohot", has recently appeared on Attack of the Show because he released the PlayStation 3's encryption keys, therefore any homebrew or custom firmware can be signed. Once signed, homebrew can be natively run. It would be difficult for Sony to fix this because it would most likely require a voluntary recall and the most expensive parts would have to be replaced.[33] In 2011, Sony, with help from law firm Kilpatrick Stockton, sued Hotz and associates of the group fail0verflow for their jailbreaking activities. Charges included violating the DMCA, CFAA, Copyright law, and California's CCDAFA, and for Breach of Contract (related to the PlayStation Network User Agreement), Tortious interference, Misappropriation, and Trespass.[34]

Wii

Wii Homebrew Channel logo

In advance of the Wii's release, WiiCade was the first site to host Adobe Flash homebrew games specifically designed for the Wii and its remote, which could be played without any exploits using the Wii's Opera web browser.[35] The Wii was hacked via a custom serial interface in December 2007.[36] The goal of most Wii exploits is to install the Homebrew Channel, a custom channel that lets users run homebrew software on the console. The Homebrew Channel's first full release was in December 2008.[37] Though Nintendo successfully patched various older exploits to install the Homebrew Channel, many exploits to run the channel on current firmware exist. This channel can be installed using exploits in games such as Super Smash Bros. Brawl, an exploit in the Internet Channel,[38] or it can be installed via an exploit in the Wii's messaging system.[39] Note that only exploits that use disc games are compatible with installing the Homebrew Channel on the vWii (virtual Wii) mode on a Wii U, with the exception of wuphax, an exploit that installs the channel via Wii U specific system permission exploits. The Wii Opera software development kit let developers make their own games in JavaScript.[40] The console's controller was also a popular target for modification.[41]

Eighth-generation consoles

Nintendo 3DS

A New Nintendo 3DS XL running the Homebrew Launcher

Several different exploits for running unsigned software exist. Unsigned software can be launched from the SD card by using a program that takes advantage of these exploits known as "The Homebrew Launcher," similar to the Homebrew Channel on the Wii. The Homebrew Launcher itself can only be launched on system versions 9.0-11.6 on old 3DS (original 3DS, 3DS XL or 2DS consoles) and New 3DS/New 3DS XL/New 2DS XL consoles. However, only custom software can be launched this way and only with limited permissions, meaning this software cannot be installed or run on the 3DS system menu or used to install or run unsigned native 3DS software. However, specific Homebrew Launcher programs on systems on 11.3 and below can be used to gain additional system permissions that grant the ability to install a custom firmware, among other privileges.

To directly install custom software onto the 3DS system, a custom firmware is needed. There are several custom firmware releases available, the most well-known of which is called "Luma3DS". Requirements to install custom firmware involve using various exploits to run a bootrom exploit called boot9strap, which executes custom code before bootrom lockout. The newest exploit to do so, called ntrboothax, uses a flashcart supported for the exploit with specific data flashed to it. Using this flashcart and a magnet on systems with a hinge or the sleep switch on the 2DS, users can boot a boot9strap installer from a file on their SD card by holding start+select+x+power to boot the console from the inserted flashcart. Since the ability for the console to boot from a DS cartridge rather than NAND flash or SPI flash is a part of the protected bootrom, as is the faulty signature check that allows it to be used to boot unsigned code, this exploit cannot be patched in any type of system update.

The first public homebrew exploit, ninjhax (developed by smealum), allows the user to scan a QR Code to exploit the game Cubic Ninja. Other ways to run the Homebrew Launcher are fairly numerous, including freakyhax, an exploit in the Deluxe edition of Freakyforms: Your Creations, Alive!,[42] Doodlebomb, an exploit in the 1.1.1 and older versions of Swapdoodle,[43] and smashbroshax, a New 3DS exclusive exploit for the 3DS version of Super Smash Bros. for Nintendo 3DS and Wii U.[44] The majority of system updates that have "Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience" in their changelog are simply to patch Homebrew Launcher (userland) exploits, including 11.7.0-40, the current firmware. Exploits that require a specific version of a game or application are often patched in these updates by adding those exploited application versions to the "IsTitleAllowed" block list, which prevents outdated applications on the list from launching, forcing users to update those applications to the latest version to launch the application.[45] This is the case for the most recent userland homebrew exploit, notehax. This exploit only works on outdated versions of Flipnote Studio 3D. In the 11.6.0-39 system update, all regions of Flipnote Studio version <=1.0.1 in USA, <=1.2.0 in EUR, and <=1.3.1 in JPN were blocked from launching, patching the exploit on current firmware.[46][47]

Wii U

The Wii U currently has homebrew execution in both the PowerPC kernel and the ARM9 kernel (nicknamed IOSU by the community). The most common way to execute code on the Wii U for 5.5.1 and below is through vulnerabilities in the Wii U's built in web browser. There are many different userland and PowerPC kernel exploits in the Wii U internet browser. The earliest userland exploits used C code (on versions 2.0.0-5.3.2) and libstagefright bugs (on versions 5.4.0-5.5.1) to load custom code in the browser, with memory and permission limitations.[48][49] The first kernel exploit found in the browser, called osdriver, only works on system versions 5.3.2 and lower, but this is no longer used as the 5.5.1 and lower exploit is more reliable. Currently, two different browser kernel exploits are used in the community. The first exploit found works on 5.5.1 and below and is very reliable.[50] The other kernel exploit works on 5.5.2 and below, but due to its unreliability, it is only used on 5.5.2 to install Haxchi. Haxchi exploits the fact that DS virtual console game data is only checked when the game is installed. When installed to a DS virtual console game, Haxchi launches homebrew directly (such as the Wii U Homebrew Launcher) using an exploit installed in the game's file location. Many homebrew applications that run via the homebrew launcher have been collected and hosted on wiiubru.com, which has a layout similar to that of the Wii U's own menu. These hosted applications can be downloaded directly on the Wii U using the HB App Store app in the repository. Some of these applications utilize an IOSU exploit that was released by the WiiUbru team, which allows full access to any Wii U console.[51] This IOSU exploit is often used to launch a console into a patched mode called CFW (custom firmware) sysNAND. In this patched mode, the system is able to launch any title, including unofficial titles and titles without valid signatures and Wii virtual console games or injections that are shortcuts to vWii (Wii Mode) games or homebrew applications. All of the current CFWs allow editing of files stored on the Wii U via an internet connection and an FTP application as well.

The Wii U's built-in Wii emulator (often nicknamed vWii or Wii Mode) is capable of running Wii homebrew, such as the Homebrew Channel.[52] However, vWii is much more fragile than a classic Wii console and has a higher chance of being bricked if dangerous software is used. Also, due to changes in the Wii operating system only found in vWii mode, previous exploits that utilized the HOME menu itself to load the HackMii Installer, such as Letterbomb, do not work on vWii. However, exploits that launch the HackMii Installer via a game still work on vWii. The only way to hack vWii without one of the exploit games is using an application called wuphax. Wuphax uses the public Wii U IOSU exploit to temporarily inject the HackMii installer into the Mii Channel so that the Homebrew Channel can be installed without an exploit game.[53]

Nintendo Switch

The Nintendo Switch got its first exploit with PegaSwitch on March 14, 2017; just 11 days after the console's release. It was developed by a team called ReSwitched, and it can be run through the browser included when connecting to a Wi-Fi network with a login page. Luca Todesco used the same exploit to jailbreak iOS 9 devices in 2016. It did not allow true homebrew to run on the system at the time, but it let developers look for other security bugs in the system. On October 1, 2017, ReSwitched announced many new exploits and tools allowing developers to start working on homebrew programs for the system even before they could be launched.[54] At the 34c3 event, hackers Plutoo, Derrek, and Naehrwert announced a kernel exploit for the system (which they said would not be released), and said that a homebrew launcher was coming soon.[55] On January 7, 2018, fail0verflow posted a video to Twitter showing a simple side-scrolling text program before booting the system, which shows that there is a way to run code before boot, opening up possibilities for new programs.[56] A homebrew launcher for systems on version 3.0.0 has been released as well,[57] and a custom firmware for systems on 1.0.0 (the initial system version that shipped with consoles on launch), called Atmosphere, is also being worked on.[58] A Japanese copy of Puyo Puyo Tetris will be required to launch this CFW when it releases. Users on 1.0.0 should buy such a copy of Puyo Puyo Tetris, and they should not cart update to 3.0.0 or update over the internet to the current system version (5.1.0) because this CFW is arriving soon. Those above 1.0.0 but below 3.0.0 should cart update using an early print copy of Pokkén Tournament containing the 3.0.0 system update. These early print copies always have a serial number on the back of the cartridge ending in the numbers 000.Those above 3.0.0 (3.0.1 and above, up to the current version 4.1.0) should update to 4.1.0 if they are not currently at 4.1.0. In any case, system updates should be blocked to prevent automatic updates, since any future system update past the current version could patch the TrustZone (full control) exploit found in 1.0.0-4.1.0 that will allow future CFW on those versions.[59]

On March 29, 2018, SciresM, a respected developer in the homebrew community, announced that custom firmware called "Atmosphere" would be released for all available firmware versions at the time.[60] Firmware above 1.0.0 will be hackable via a cold boot exploit known as Fusée Gelée developed by the Reswitched team. This exploit takes advantage of a bug in the boot ROM on the Tegra X1 chip used by the Nintendo Switch. The exploit was also independently discovered by Fail0verflow under the name ShofEL2. Firmware version 1.0.0 will be hackable via a Trustzone exploit known as Jamais Vu.

Xbox One

The Xbox One has a Dev Mode which, though intended to be used for retail game development, can be used to run unsigned homebrew software.[61] It can be enabled on any retail Xbox One console. Dev Mode disables retail games and software while enabled. Homebrew software can be developed as Universal Windows Platform applications, allowing many programs designed to run on desktop editions of Windows 10 to run on the console.

See also

References

  1. Winterhalter, Ryan (April 29, 2011). "31 Homebrew Games Worth Playing". 1UP.com. Retrieved December 12, 2013.
  2. "Odball for Magnavox Odyssey Official Page". Revrob.com. 2010-08-04. Retrieved 2012-04-03.
  3. "Dodgeball – Magnavox Osyssey". Atari2600Land.com. 2012-07-17. Retrieved 2012-07-17.
  4. "Sean Riddle's Home Page – Channel F info". Seanriddle.com. 2004-06-16. Retrieved 2012-04-03.
  5. Williamson, D. Scott. "Atari 2600 Star Castle". archive.org.
  6. "PowerPak – RetroZone". Retrousb.com. Retrieved 2012-04-03.
  7. "This Guy Is Making an All-New Sega Genesis Game the 90s Way". Motherboard. 14 November 2016.
  8. NGDevTeam.com
  9. Razoola (23 January 2015). "Neo Geo Dev: Two Player Skeleton game driver". Retrieved 11 February 2018 via YouTube.
  10. "The Atari Jaguar 64-Bit Multimedia Entertainment System". Atari Explorer. Retrieved 2018-04-07.
  11. "Hasbro Releases Jaguar Publishing Rights". Hasbro Interactive. Retrieved 2018-04-07. Beverly, MA (May 14, 1999) – Leading entertainment software publisher, Hasbro Interactive announced today it has released all rights that it may have to the vintage Atari hardware platform, the Jaguar.
  12. Goss, Patrick. "Redundant gadgets (Atari Jaguar entry)". Archived from the original on October 11, 2007. Retrieved 2018-04-07.
  13. "B & C Computervisions myatari.com atarijag.txt". B&C Computervisions. Retrieved 2018-04-07.
  14. "Reboot - Releases". Reboot. Retrieved 2018-04-07.
  15. "Jaguar File-Store". Atari Museum. Retrieved 2018-04-07.
  16. "Atari Jaguar CD Encryption Bypass BIOS Kit". Consoles5.com. Retrieved 2018-04-07.
  17. "History on what's new on the Jaguar Server Home Page?". Jaguar Server Homepage. Retrieved 2018-04-07.
  18. "THE SEMIOFFICIAL BATTLESPHERE FAQ". Official BattleSphere Home Page. Retrieved 2018-04-07.
  19. "Jo Sega Saturn Engine, Sega Saturn SDK for homebrews". jo-engine.org. Retrieved 2017-10-18.
  20. 1 2 XL2 (2017-10-06), (Sega Saturn homebrew) Sonic Z-Treme 2017-10-06, retrieved 2017-10-18
  21. KR155E. "Planet Virtual Boy". www.planetvb.com. Retrieved 11 February 2018.
  22. "Archived copy". Archived from the original on 2013-03-28. Retrieved 2012-08-24.
  23. EverDrive 64 Archived 2013-01-05 at the Wayback Machine.
  24. "64drive by Retroactive".
  25. Agnello, Anthony John (November 19, 2013). "Back from the dead: 9 modern games for obsolete consoles". The A.V. Club. Retrieved December 12, 2013.
  26. "Booting Homebrew".
  27. "Sony blocks OtherOS in firmware 3.21". Retrieved 2012-04-14.
  28. "Sixaxis driver for Windows XP". Archived from the original on 2007-09-01.
  29. "How to run a PS3 game backup".
  30. "PlayStation 3 Service Mode JIG Set-Up Files Leaked!".
  31. "Open Source PS JailBreak Clone "PSGroove" Available Now! | PS3-Hacks :: Hack your PlayStation 3". PS3-Hacks. Retrieved 2012-04-03.
  32. "Web hosting, domain name registration and web services by 1&1 Internet". Howtohackps3.com. Retrieved 2012-04-03.
  33. "Geohotz Page".
  34. Sony follows up, officially sues Geohot and fail0verflow over PS3 jailbreak. Nilay Patel, Engadget (2011-01-12). Retrieved on 2011-02-16.
  35. "For your enjoyment: WiiCade".
  36. Wilson, Mark. "Nintendo Wii Hacked, The Video".
  37. "Wii Homebrew Channel turns 1.0".
  38. "New free homebrew entry point. FlashHax". GBAtemp.net - The Independent Video Game Community. Retrieved 2018-06-14.
  39. "LetterBomb". please.hackmii.com. Retrieved 2017-06-30.
  40. "Revolutionary: Web Wii Wares".
  41. Brophy-Warren, Jamin (29 April 2007). "Magic Wand: How Hackers Make Use Of Their Wii-motes" via Wall Street Journal.
  42. "Freakyhax Website".
  43. "Doodlebomb".
  44. "yellows8/3ds_smashbroshax".
  45. "IsTitleAllowed Documentation".
  46. "11.6.0-39 Documentation".
  47. "Notehax".
  48. "Build system and examples for running C code on the Wii U". 4 March 2015. Retrieved 20 February 2015.
  49. "Wii U libstagefright exploits". 13 January 2016. Retrieved 20 February 2016.
  50. "Wii U Hacking & Homebrew Discussion". 13 January 2016. Retrieved 20 February 2016.
  51. "Wiiubru on GBATemp". 22 October 2016. Retrieved 17 November 2016.
  52. "WiiMode". 3 February 2016. Retrieved 20 February 2016.
  53. "Official - wuphax v1.1 - Hacking vWii from WiiU Mode". Retrieved 11 February 2018.
  54. "octrelease". 1 October 2017. Retrieved 4 February 2018.
  55. "Nintendo Switch Kernel exploit 34c3 presentation: "Nvidia Backdoored themselves"". 29 December 2017. Retrieved 4 February 2018.
  56. "We made a nice scroller for Switch :)". 7 January 2018. Retrieved 4 February 2018.
  57. https://switchbrew.github.io/nx-hbl/
  58. https://twitter.com/SciresM/status/969790718951608321
  59. https://switch.hacks.guide/get-started
  60. "An update on timelines • r/SwitchHacks". reddit. Retrieved 2018-03-29.
  61. "Developer Mode Activation App FAQ". support.xbox.com. Retrieved 2018-07-04.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.