• thingsiplay@kbin.social
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    @Kolanaki BIOS is software that can be rebuild. It’s always better to use the original firmware and BIOS for maximum compatibility. The Wii keys on the other hand are not software you can rebuild. These are key codes to unlock a protection, something like a serial key. So the situation is much different from the Bleem thing.

    • JackbyDev
      link
      fedilink
      arrow-up
      7
      ·
      edit-2
      1 year ago

      Would another key work? My guess is no because we’re dealing with encryption and not hashing. With hashing you can theoretically find multiple inputs that make the same output. Also I have no idea how many bits the key is. It can easily go from a “get a community driven distributed computing event to crack it” to “have you heard the one about monkeys and Shakespeare?”

      • 520@kbin.social
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        Nope. Think of the key like a massively long password. Only that password is going to be able to open the file.

        • JackbyDev
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Yeah but in theory multiple passwords can open an account because hashing doesn’t produce unique output.

          • 520@kbin.social
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            1 year ago

            Actually it does. That’s literally what hashing is supposed to do.

              • 520@kbin.social
                link
                fedilink
                arrow-up
                4
                ·
                1 year ago

                That is what we call an attack, or a vulnerability. It isn’t supposed to happen, and at the point where it does, that algorithm becomes cryptographically insecure and should not be used.

                I see what you’re thinking though, as it would be such an old hash that collisions must be known, right?

                Well unfortunately, what we are dealing with here is encryption, not hashing, and hash collisions do not apply as an attack vector to encryption.

                You could in theory try a cryptographic attack on the encrypted data but then you run into a few other problems:

                1. you’re effectively distributing a DRM bypass tool, expressly forbidden under DMCA

                2. Attacking even the likes of RC4 takes considerable compute time on modern systems

                3. If you do crack it, you legally can’t store it, which compounds problem number 2.

                • JackbyDev
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  1 year ago

                  Legality aside because I’m sure there’s always going to be some random law that they will use (or twist) to fight this… With 3DS I remember there was a community provided cloud cracking service. I’m guessing it was either some comically weak algorithm or they found some vulnerability they were able to exploit.

                  But even then that’s not really a good comparison because if there was some master key (I don’t know the specifics) it is still physically on your 3DS and they weren’t sending them around (or worse, hosting it on a store).

                  The situation sucks but I understand it from Valve’s point of view. It’s not about whether they think it is okay or not, it’s about them being concerned about liability from Nintendo who are well known for protecting their IP.

                  • 520@kbin.social
                    link
                    fedilink
                    arrow-up
                    4
                    ·
                    1 year ago

                    Oh the shit on the 3DS was absolutely comical.

                    Get this: their digital licensing protection scheme was entirely client side. Which meant anybody with a hacked 3DS could just request any game they liked directly from the eShop.

                  • 520@kbin.social
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    1 year ago

                    …what are you even talking about? A hashing algorithm takes one data input and makes one hash from said data input.

        • phi1997@kbin.social
          link
          fedilink
          arrow-up
          5
          ·
          1 year ago

          If they don’t emulate that part, they either can’t read games, or they need to require games to be decrypted when dumped, and everyone needs a new set of ROMs

        • SSUPII@sopuli.xyz
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          You literally cannot see the contents of the game without first decrypting it. Your internet connection is encrypted, your device is decrypting it with its known keys. You would not see the content of your Lemmy instance if your device didn’t decrypt what it received.

          • Buttons
            link
            fedilink
            arrow-up
            4
            ·
            1 year ago

            Mostly right, but a bit misleading.

            Almost every internet connection you make creates new keys. The miracle of encryption is that two people can stand in a room filled with cryptography experts and yell numbers at each other, and those two people are able to establish a secret between them that nobody else in the room can know, even though everyone else in the room has heard the conversation from the very beginning. Once you share a secret, you expand upon the secret to share more information.

        • thingsiplay@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          @Kolanaki Cracking encryption is considered illegal I think. The only safe way I see is by providing keys to unlock, without breaking the lock. But I don’t know enough about this material and just speculate around it.

        • lowleveldata
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Knowing the algorithm shouldn’t give you advantages for any encryption algorithms with practical uses. There is no point to encrypt otherwise because someone must know the algorithm before they can implement it.