Read on Twitter
I was just reminded of this piece that I wrote ten years ago now. It is still just as relevant today as it was back then.
If you are working on any kind of reverse engineered product for hardware, learn how to care about your users to keep them safe. https://marcan.st/2011/01/safe-hacking/
If you are working on any kind of reverse engineered product for hardware, learn how to care about your users to keep them safe. https://marcan.st/2011/01/safe-hacking/
That post speaks of 1.2 million installs of The Homebrew Channel, but I think these days we're closer to 10 million.
Still zero bricks.
We had one near miss, which was saved by the many layers of safety-in-depth I had built in, based on the principles I wrote about there.
Still zero bricks.
We had one near miss, which was saved by the many layers of safety-in-depth I had built in, based on the principles I wrote about there.
Thankfully the Apple Silicon macs are largely brick-proof*, though restoring them currently requires another Mac. Making this work from Linux is also a project goal.
* I'm sure you can if you try hard enough, and I'll try hard to never go anywhere near there, of course.
* I'm sure you can if you try hard enough, and I'll try hard to never go anywhere near there, of course.
One of the reasons why we wrote our own flashing code for Wii bootloader flashing is because I took one look at Nintendo's (BroadOn's?) existing API for it, and determined it was completely unfit for purpose and dangerous.
It is now well documented that they later bricked a non-trivial fraction of Wiis worldwide, whether they had BootMii or not, when they pushed a dummy bootloader update whose only purpose was to overwrite our installed version (but which unconditionally applied to everyone).
My flasher not only had the two-copy safety that their design called for (but which their updater was not safely implementing), but also included a novel trick to provide *three-copy* atomic safety. Powering down at *any* time during BootMii installation is, in principle, safe.
That one near miss was a bug in this stuff in some corner case Wiis, which ended up corrupting one of the (eventual) main copies. However, my code checked and refused to run if *any* copy was not valid, so the affected user could do no further damage. Their Wii was fine.
All they saw was a first install attempt (I forget if it failed or reported success) that didn't work in practice, followed by all subsequent install attempts failing with a safety check error.
After fixing the bug I added even more paranoia to make sure it didn't happen again.
After fixing the bug I added even more paranoia to make sure it didn't happen again.
