unsigned

2 Articles

90s Apple Computer Finally Runs Unsigned Code

April 28, 2022 by 12 Comments

Back in the 90s, the console wars were in full swing. Nintendo vs Sega was an epic showdown at first, but when Nintendo seemed sure to clench the victory Sony came out of nowhere with the PlayStation. While these were the most popular consoles at the time, there were a few others around that are largely forgotten by history even if they were revolutionary in some ways. An example is the Pippin, a console made by Apple, which until now has been unable to run any software not signed by Apple.

The Pippin was Apple’s only foray into gaming consoles, but it did much more than that and included a primitive social networking system as well as the ability to run Apple’s Macintosh operating system. The idea was to be a full media center of sorts, and the software that it would run would be loaded from the CD-ROM at each boot. [Blitter] has finally cracked this computer, allowing it to run custom software, by creating an authentication file which is placed on the CD to tell the Pippin that it is “approved” by Apple.

The build log goes into incredible detail on the way these machines operated, and if you have a Pippin still sitting around it might be time to grab it out of the box and start customizing it in the way you probably always wanted to. For those interested in other obscure Apple products, take a look at this build which brings modern WiFi to the Apple Newton, their early PDA.

Continue reading “90s Apple Computer Finally Runs Unsigned Code”

Running Nintendo DS Unsigned Code With Audio

December 31, 2014 by 9 Comments

Even if you haven’t ripped off the top screen of your original DS to create an even better Game Boy Advance yet, there still might be some life left in that old bit of hardware. [Smea] is running unsigned code on the Nintendo DS, using only a bargain-bin game and an audio file.

The exploit this time comes in a form that might be familiar to anyone who has ever installed the homebrew channel on a Wii. Like SmashStack, this exploit uses a level editor/transfer feature in a game, this time with a 6 year old DS game Bangai-O Spirits.

[smea] is using the sound-based level transfer feature to load unsigned code into the DS. This level-transfer feature works by sending a single period sine wave at 1024Hz with a given amplitude; a binary 1 is a few dB louder than a binary 0, and with a buffer overrun it’s possible to load code into a DS and jump into that code. There’s no redundancy, error correction, and is not the thing you want when loading unsigned code onto a DS. It does, however, work.

The code to generate the audio payload for this exploit is available on github and if you have a copy of Bangai-O Spirits, you can try it out for yourself by playing this file (headphone warning).

Thanks [gudenau] for the tip

Continue reading “Running Nintendo DS Unsigned Code With Audio”