Revealing Capcom’s Custom Silicon Security

Ask any security professional and they’ll tell you, when an attacker has hardware access it’s game over. You would think this easily applies to arcade games too — the very nature of placing the hardware in the wild means you’ve let all your secrets out. Capcom is the exception to this scenario. They developed their arcade boards to die with their secrets through a “suicide” system. All these decades later we’re beginning to get a clear look at the custom silicon that went into Capcom’s coin-op security.

Alas, this is a “part 1” article and like petulant children, we want all of our presents right now! But have patience, [Eduardo Cruz] over at ArcadeHacker is the storyteller you want to listen to on this topic. He is part of the team that figured out how to “de-suicide” the CP2 protections on old arcade games. We learned of that process last September when the guide was put out. [Eduardo] is now going through all the amazing things they learned while figuring out that process.

These machines — which had numerous titles like Super Street Fighter II and Marvel vs. Capcom — used battery-backed ram to store an encryption key. If someone tampered with the system the key would be lost and the code stored within undecipherable thanks to “two four-round Feistel ciphers with a 64-bit key”. The other scenario is that battery’s shelf life simply expires and the code is also lost. This was the real motivation behind the desuicide project.

An overview of the hardware shows that Capcom employed at least 11 types of custom silicon. As the board revisions became more eloquent, the number of chips dropped, but they continued to employ the trick of supplying each with battery power, hiding the actual location of the encryption key, and even the 68000 processor core itself. There is a 6-pin header that also suicides the boards; this has been a head-scratcher for those doing the reverse engineering. We assume it’s for an optional case-switch, a digital way to ensure you void the warranty for looking under the hood.

Thanks for walking us through this hardware [Eduardo], we can’t wait for the next installment in the series!

How-to: Make a Mains Crossover Cable

Update: This How-To was written for April Fools’ Day. It is not advised  you attempt to make or even use this cable. The comments have made it very clear how dangerous to you and others using this cable can be. The image above is not of a full male-to-male cable, only the ground is connected, and the generator is not running.

We all know Ethernet has the crossover cable, cars have jumper cables, and RS232 has the null modem. Well, it is about time our wall sockets get their own crossover cable. This crossover cable is great for running power to a circuit disconnected from power. Maybe you are out of fuses, the breaker is broken or you just don’t want to go check the fuse box when there is a murderer about. This cable makes a great gift for even the most loathsome of acquaintances. Continue reading “How-to: Make a Mains Crossover Cable”

Lori Drew not guilty of felony computer hacking

Today, a Los Angeles jury acquitted [Lori Drew] of three felony computer hacking charges. She was convicted of three misdemeanor counts for accessing a computer without authorization. The 49-year-old Missouri resident posed as a teenage boy on MySpace and harassed her daughter’s estranged friend [Megan Meier], who then committed suicide. The case came to our attention in May because of it’s unorthodox use of the federal Computer Fraud and Abuse Act. Prosecutors charged that by violating MySpace’s Terms of Service, [Drew] had gained unlawful access to their computers for the purpose of harming others, an equivalent to computer hacking. While an interesting approach to cyberbullying, it would set a very dangerous precedent for anyone that had violated a TOS before (all of us). The case broke when [Drew]’s employee [Ashley Grills] testified that no one involved had read the TOS, that the hoax was all her idea, and that she sent the final message to [Meier].