None of this would have happened if Nintendo’s Engineers would have taken a few extra minutes to enable the on-chip firmware protection in the STM32H7B0VBT6 processor. And all this happened since the product release on 2, just 10 days ago. Once that happens, as far as Nintendo is concerned the product is essentially dead to them. These two things make the appearance of Chinese clones inevitable at a fraction (2/5-1/2) of Nintendo’s $50 street price. The generic hardware is trivial to reverse engineer (schematics are already in the wild) and all the components are of gumball variety, cheap and readily available. The unprotected firmware now lives in the wild and third-party games and even emulators are being run on it today.Ģ. They kill the product commercially for Nintendo. Posted in Nintendo Hacks Tagged game and watch, nintendo, stm32 Post said: “…User hacks are inconsequential because Nintendo isn’t selling additional games.” There are a few hardware works-in-progress such as increasing the SPI Flash size and finding the unconnected USB pins, so we look forward to more exciting news from this quarter. Given the lack of custom chips in this console it is easily possible that its hardware could be directly cloned and that Nintendo might have unintentionally created a new general purpose hacker’s handheld gaming platform. Aside from the DOOM we’ve already seen there are work-in-progress NES and Game Boy emulators, and fascinatingly also work on bare-metal games. Finally the STM32 itself is unlocked, and the backed-up Nintendo firmware can be returned to the device or instead a custom firmware can be created. It’s a succession of scripts to sequentially unlock and back up the various firmwares with STM payloads for each step. The relative simplicity of the process as seen in the video below must conceal an immense amount of work from multiple people. Instead the snap-off programmer that comes with an STM Nucleo board is a safer choice that many people are likely to have already. The console’s STM32 architecture means that programming hardware is straightforward enough to find, though we’re cautioned against using the cheap AliExpress type we might use with a Blue Pill or similar. It’s early days and this is still touted as for developers rather than gamers, but it serves to show where work on this console is going. The process of unlocking it is now atraightforward enough to warrant a HOWTO video, to which has treated us. With relatively straightforward hardware it conceals potential far beyond a simple Mario game or two, and it’s now at the stage of having a path to dumping both its SPI Flash and internal Flash, unlocking its processor, and running arbitrary code. Nintendo’s reborn tiny handheld game has certainly attracted the attention of hardware hackers, and we’ve been treated to a succession of exploits as its secrets have been one by one unlocked.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |