

Ninjhax – 3DS Homebrew Exploit - yuriks
http://smealum.net/ninjhax/

======
GuiA
I don't get why Nintendo doesn't have a public SDK. Charge for it (e.g. $100 a
year), and have an "Indie eShop" along with the "eShop". The open app store
models works great for companies that control both hardware and software, and
all video game companies fit perfectly in that niche.

It seems that it will be that way soon because MS, Sony, and Nintendo have
been increasingly more open to indies in the past decade- for the very good
reason that it makes business sense. It'd be very surprising if the trend
reversed- and it's surprising that it's taking so long for it to reach its
logical conclusion.

Particularly for Nintendo: if they make the 3DS an openly programmable
computer with an app store, there could be some very unexpected apps (not
video game related) that would open up new revenue streams. I believe that
they've been needing that recently, and it seems unlikely that selling plastic
figures is more of a viable long term strategy than Zynga freemium crap.

~~~
AlyssaRowan
Nintendo _like_ closed - the "Seal of Quality" approval is what they perceive
as dragging gaming back out of the Atari-induced crash of '84\. Of course it's
been 30 years since then, but they're still very hot on control - for example
they won't have _The Binding of Isaac_ even though it'd probably sell pretty
well because it's "blasphemous".

I don't see it happening, ever, without a major culture shift there.

~~~
jsheard
Nintendo _wouldn 't_ allow Isaac on their systems, but two years later the
developers of the remake are teasing 3DS and Wii U versions.

[https://twitter.com/tyronerodriguez/status/53190754526770380...](https://twitter.com/tyronerodriguez/status/531907545267703808)

Either Nintendo have lowered their standards or the increased popularity of
the game makes the potential backlash a worthwhile risk.

~~~
ANTSANTS
Nintendo allows games like _Senran Kagura_ to be published on the 3DS, even
outside of Japan, so while I'd be happy to be proven wrong, I really doubt
that they had any kind of moral dilemma about The Binding of Isaac.

I think you guys are forgetting that Isaac was a _Flash_ game. Porting it to
_any_ mobile platform would have required a C or C++ rewrite... which, hey,
what do you know, was just released as The Binding of Isaac: Rebirth...

~~~
jsheard
The specific reason they gave was "questionable religious content", and none
of the religious themes were toned down in the remake.

[http://www.gameinformer.com/b/news/archive/2012/02/29/bindin...](http://www.gameinformer.com/b/news/archive/2012/02/29/binding-
of-isaac-blocked-from-3ds-due-to-quot-questionable-religious-content-
quot.aspx)

~~~
ANTSANTS
Oops, my mistake.

------
voltagex_
Unfortunately you won't be able to snag a copy easily, apparently this has
been out for 3 days.

Interesting watching the supply and demand effects of this. It was a
previously unknown 3DS game, ~$5 in whatever your local currency. Now it's
$50-100 if you can find it.

~~~
smosher_
I just confirmed it's on the eShop for $39.99 (via search) in the 'U' region.
I haven't bought it, so maybe it would fail if I tried.

~~~
b0b_d0e
I went to download it from the eShop about an hour ago and it said that its
currently only available from your local game store. I'm pretty sure that
means Nintendo pulled it because of this vulnerability, but hey, I would
probably pull it as well if I was Nintendo. I'm curious to see if its
available for purchase for other people besides me.

~~~
CrazedGeek
AFAIK, it was never up in the eShop anywhere but Japan, where it (is going to
be/has been) pulled.

------
AlyssaRowan
Over a QR code that you scan? I have to express my admiration for the elegance
of that exploit. Very nice work.

Nintendo are not going to like it. (However it cannot be used for piracy at
the moment; you'd need a user mode -> kernel privilege escalation as well, and
no-one's waving one of those around.) It'll be interesting to see what results
of this, aside from the price of unpatched versions of Cubic Ninja
skyrocketing of course and Nintendo pulling that from the Japanese eShop
(according to smea, the only one where it was available?).

------
sspiff
This is all really exciting! I order the required game before they get
impossible to acquire (maybe I'm already too late, the shop said 3-4 weeks
waiting time).

I programmed the GBA as a teenager, and this brings back memories. I'd love
for a homebrew scene to grow around the 3DS.

------
emodendroket
Already off of the Japanese e-shop so I suppose I'll be left out, but this is
neat and hopefully it picks up steam.

------
asb
Does anyone know of documentation on how the exploit functions? i.e. what the
vulnerability in Ninjhax is?

~~~
CJefferson
We don't have exact details, but 'cubic ninja' has a fairly extensive level
designer, and there is obviously a buffer overflow in the level loading code.

