There are still remaining issues with the VHBL port of Super Collapse 3 that I couldn’t solve yet, I am still investigating: the Duke3d engine is crashing (Duke3d, zombie crisis), Daedalus seems to be crashing when loading roms (I probably won’t investigate this, as Daedalus is slow on VHBL no matter what), Geometry War Portable crashes at startup, Picodrive will crash if you press the “select” button, etc…

So, still lots of incompatibilities of course, but this is getting better, and I sure hope you guys will enjoy snes9xTyl. Interestingly, I had to hook sceAudioOutput with sceAudioOutputblocking, which led to a terrible performance result on the PSP, but is not that visible on the vita. Once again, the superior hardware of the Vita is helping us out.

While I’m at it, here’s a tip for those who didn’t know: if you press start and select simultaneously while in a homebrew, you will be taken back to the VHBL menu. This is useful for games that don’t have an exit button. you can also change this key combination in the VHBL hbl_config.txt file.

Oh, and stay tuned, as in the days to come I plan to announce a fun VHBL contest with money prizes. Nothing’s final yet, but people who are not programmers will be able to participate as well

Download

Download this new release of VHBL on the vhbl page, as usual

So what does this really mean for the end user? Well, in the short term, absolutely nothing, but read along for more details.

A bit of background

Flash0, PSP Emulator, PS Vita, Kernel hack… unless you’ve been in the “scene” for a while, these terms might be a bit confusing, so let me do a quick explanation on the security implemented on Sony’s devices. If you know about this already, feel free to skip to the next section.

Basically, the PSP has 2 levels of permissions: user, and kernel. If you use a shared computer at school or work, “kernel” is a bit equivalent to the “admin” rights of your computer. The user mode has a limited access to the PSP features, basically everything that’s required by games to run properly. The kernel mode, on the other hand, has access to everything, including the possibility to verify/decrypt games with DRM, or the possibility to update the firmware of the PSP, among other things.

From a hacking perspective, this means that getting access to a PSP user-level hack will give us limited features, while accessing a kernel-level hack gives us access to everything on the device, such as the possibility to rewrite the firmware (which is necessary, for example, for Custom Firmwares).

Similarly, a program running on the PSP in user mode does not have access to all files on the PSP or all sections of the memory. In particular, the “modules” used by the firmware are stored in a portion of the (Flash0) memory that can only be accessed in Kernel mode.

In addition to all that, on the Playstation Vita, the PSP emulator runs in a “sandbox”, which means that it does not have direct access to all the features of the PS Vita. In other words, a “Kernel exploit in the PSP emulator” does not give you a full access to the Vita, at best it gives you full access to the PSP emulator, which in itself is fairly limited.

Current (AFAIK) situation

Based on the explanation above, and the stuff that is publicly known, here’s what I can tell you: The only publicly available hack for now on the Vita is VHBL, which runs in User mode, inside the emulator sandbox. Davee has access to a kernel exploit that gives him access to more features of the PSP emulator, and apparently another hacker does too, since this person was able to access the PSP emulator firmware files on the Vita.

Just for reference, the schema below dirtily summarizes the permission levels (things in gray are unknown/hypothesis). And for reference, I included “where” we should be if we wanted a PS Vita iso loader, just so that people stop asking. It is worth mentioning yet again that I personally do not have any PSP Kernel exploit, and therefore it is also useless to ask me if I plan to release a PSP iso loader for the Vita.

OK, some hackers are gonna kill me for such an inaccurate diagram, apologies in advance

So what about that flash0 dump?

My awesome diagram shows that the Flash0 dump is at the kernel level, so I already see people saying this thing could give us access to the PSP Kernel inside the Vita… well…no, because I suck at diagrams. Yes, Kernel access was required to get that information, but no, it doesn’t magically give us access to the Kernel. If your admin takes a screenshot of his desktop and sends it to you by email, that doesn’t give you any admin rights, but it allows you to have a look at what the admin has on his desktop.

And this is, in essence, what this “leak” is about. We do not get PSP kernel access with this, but we get access to a few files we couldn’t get otherwise. So what will this lead to? Well, first of all, it means Davee is not anymore the only one who can investigate Kermit, the library that handles communication between the PSP emulator and the vita. Secondly, it will allow (motivated) devs to investigate the differences between an actual PSP’s firmware and the one on the emulator. We already know Kermit is one such difference, but maybe there’s more.

More unlikely (but we’re allowed to dream), the PSP emulator could reveal some more interesting secrets… some universal drm encryption key maybe? This is extremely unlikely, but after all, at some point the PS3 helped us to hack the PSP, so who knows if the PSP emulator doesn’t have a flaw that would lead to a Vita hack?

Nevertheless, from the end user’s point of view, this brings absolutely nothing. This can’t lead to a PSP Kernel access, or at least, not in a way that would be any easier than finding Kernel exploits in the actual PSP (and reusing them in the emulator). After all, if Davee (Proxima/some1) got access to such an exploit, it was (obviously) one that already existed on the PSP firmware, which anybody with a PSP and enough free time can investigate whenever they want. There’s also no telling that enough developers will be interested in looking into these files and reverse them… but who knows, it only takes one guy.

Don’t get me wrong, this is still very interesting, because it gives us access to files not everyone could access before, and it tells us there are at least two groups of people with access to the PSP kernel on the Vita. This is still, of course, very far from giving us a full control of the PS Vita, but it is exciting nonetheless

What do you guys think of this? Feel free to discuss here, or in the dedicated /talk thread

I believe this will improve compatibility with a bunch of PSP homebrews, but sadly, not all of them. I couldn’t get any revision of Daedalus, ScummVM, or any game relying on the Duke3D engine (Duke3D, Zombie Crisis) to run. But I think even if this only fixes SNES emulation, it will be worth it.

The video shows of course Snes9XTYL, but also Lamecraft, NesterJ (running the famous NES game Contra on a PS Vita, how cool is that?), and GPSP (a version I got from this thread, many thanks to Hysen)

By the way, I am aware of some attempts at running emulators through the PS Suite SDK, which is a nice idea, but with a few shortcomings IMO, so this doesn’t make VHBL obsolete yet. I’ll try to blog about this in the days to come.

Also, if you’ve sent me PMs recently, please wait a bit before you complain from my lack of replies, I’ve been swamped since I got back from holiday, thanks for your understanding.

I’ll try to release this VHBL update asap, stay tuned!

Ok, so, first of all, many thanks go to Zethfox and Mike, who have driven 95% of the improvements to Wagic since the last release. Many thanks also go to the other devs of the Wagic team who contributed to this release. As usual, we bring an insane amount of changes in this version, but let me introduce Wagic to those who don’t know about it yet:

What is Wagic?

Often compared to commercial games for its replay value and quality, Wagic is a heroic fantasy card game, in which you fight as a wizard against the computer. As you win battles, you unlock new game modes and earn credits that allow you to improve your army. Wagic is community driven and entirely customizable: you can create themes, mods, new rules, or even new games (check for example Knights VS Dagons on our forums, a game strongly inspired by strategy games such as warcraft). Wagic is available in several languages (English, French, German, spanish, Italian, Portuguese, Chinese, Japanese, Serbian), and open source. It currently runs on the Sony PSP (as well as on the PS Vita if you have VHBL), Windows, Linux, maemo, meego, Android (phones and tablets), and iOS (iPhone, iPad).

Changelog

Almost 1000 new cards were added to this release thanks to the work of Zethfox and Dr Solomat. This means we now have more than 9400 unique cards in the game. Among these cards are the long awaited Planeswalkers, as well as a few new sets. We also dramatically improved the Android and iOS ports, especially the deck editor. Check the changelog below for more details

• Close to 1000 new cards, Wagic now supports more than 9400 unique cards, including (finally!) Planeswalkers support, and Dark Ascension
• (iOS/Android) replaced some psp specific shortcuts with buttons for the touch screen. This makes the deck editor, in particular, much more usable
• (iOS/Android) more intuitive way to scroll cards left and right in the deck editor, which should make it easier to build a deck
• On Android, it is now possible to choose if you will download the game files on the internal memory or your SD card (experimental)
• Many bug fixes, and minor gameplay improvements on all platforms (too many to describe them all)

More Info

Remember that in addition to the news in this blog, you can find more Wagic news on twitter and facebook thanks to Leungclj

Download

If you enjoy Wagic, please consider a donation. Thanks in advance!

Alternatively, if you like Wagic, please spread the word! An article in your blog, a post about this release in your favorite gaming forum, a video on youtube… everything helps!

download here

The link above takes you to the download page where you can choose the correct archive depending on your platform
As usual, enjoy this new release of Wagic!

A few days ago I released VHBL for the game Super Collapse 3, and I’ve seen lots of people running into various types of issues, so let me try to summarize a few hints and tips here.

First of all, apologies for my lack of activity in the past days. I’m on a holiday with my family, with close to no internet access, and absolutely no time. Things will be back to normal in a few days, but until then I cannot actively work on any of my projects, including VHBL.

This is a nice transition to the first thing I want to discuss: people are having trouble running various homebrews on VHBL for super collapse 3, including some homebrews that should definitely work such as Snes9xTYL, the super NES emulator. Based on the descriptions of the issue, I’m thinking this is a simple bug with a hook for one of the audio functions. It should be easy to fix, but again, as I am not available for a few days, somebody will have to step up and fix the issue, or you guys will have to wait for me to come back and look into it. As a reminder, HBL is open source and anybody with a bit of free time and a PSP could fix the issue.

In general, if you are having issues running a specific homebrew on VHBL, head over to our /talk VHBL subforum. You should be able to quickly find information on most homebrews there, working versions if any, or explanations on why the homebrew doesn’t work for you. Again, most issues have a solution, and if the solution is not on our forums yet, it usually only takes one guy to figure it out…

Some people are having trouble installing homebrews. A typical symptom is a clicking noise in the VHBL menu, but nothing happening, or the menu crashing. This is usually happening because your install.zip file was not correctly prepared, in particular it should be an uncompressed zip file. You can use Homebrew Preparer to do this correctly for you (be sure to use revision 0.2 or higher, as version 0.1 has a critical bug that will cause the exact same bug I’m describing in this paragraph). Alternatively, you can probably find a bunch of pre-made homebrew packages for VHBL in our forums. Finally, let me remind you again that anybody could create their own menu for VHBL, create one that supports a better installation method if needed, etc… so please feel free to step up to improve the experience

Some people are contacting me to know if VHBL for Motorstorm or Everybody’s Tennis will work on firmware 1.67. The answer is no, so stop asking.

Some people missed this third release of VHBL for the game Super Collapse, and are asking me how they could be made aware of our future releases in advance. The answer is simple: trusted member of our /Talk forums get some information before everybody else. If you are registered on /Talk, it does not guarantee you will get the information before others, but if you are not registered there, you can be sure you will be one of the last to know about it. I believe we’ve made that system pretty clear for the past three VHBL releases.

Stay tuned for more VHBL updates, in particular bug fixes for the Super Collapse 3 version of VHBL. In the meantime, enjoy the homebrews that are already working, and when a homebrew doesn’t work, before you complain, remember that before HBL, people used to be happy with just a hello world (but don’t get me wrong, constructive criticism or genuine attempts at making HBL better for the community are more than welcome)

Now comes the stressful moment for me: releasing the VHBL files publicly, and cross fingers that it works correctly on everybody’s Vita.

It is worth mentioning that, as for our previous releases, members of the /talk forums knew about the game’s name up to one week in advance, which gave most of them enough time to get the game without any issue. I want once again to thank the community for being able to keep the secret, although it didn’t go without issues. Way too many people talked about the release publicly on our forums, despite the message on the forum clearly stating not to. We appreciate the support, but next time, if you want to say “thanks”, say it with a PM . There were also a few leaks on a few websites, we are in the process of tracking down the sources of the leaks, and making sure these people will not get access to future Ninja releases.

Many thanks go to thecobra for this release, he found the exploit and did the VHBL port, I just tweaked it for the EU version of the game. I’d also like to mention that this game exploit had been sent to me years ago by WosRet on the lan.st forums, so thanks go to WosRet as well.

Download

If you want to thank thecobra for his work, please use the paypal button below.

If you want to thank me for the release process, please donate to the Red Cross, depending on your country they accept paypal.

Download on the VHBL page, as usual, and please report success or failure!

Note: Sources for the exploit and additional code for the vhbl port will follow shortly in our svn

Insert here weird explanation on why people should buy the PSP game Super Collapse 3 on their Vita. Implicitly make it clear that this is the next game being used for VHBL. Don’t forget to thank thecobra for his exploit and the port.

Mention that the game is mostly unavailable for the vita in Europe/Asia, but has been so far spotted in the US, UK, Canada, Mexico, Finland, Czech, Sweden, and Poland.

Tell people to wait a bit more for the VHBL files.

Wagic is an Heroic Fantasy card game with a mix of luck and strategy. You can find details here.

If you don’t want to help finding the bugs and/or prefer to wait, the public release should happen soon enough.

Without going too much into details (which I will do for the official release), this version finally adds official support for Planeswalkers, and many improvements in the interface for touch devices (Android/iOS)

I’ll also do proper thanks for the official release, but want to already thank Mike for organizing the beta, and Zethfox who did a huge part of the changes in this new version of Wagic.

Check it out here

So what I did is look for the “bug bounty” programs of a few big projects/companies, and looked for the first results:

Facebook offers in general 500$ for a vulnerability report

Google offers between 100$ and 1337$ for such reports

Mozilla offers up to $3000 for security bugs

Microsoft doesn’t have a bounty program but organizes white hack “contests” with massive rewards.

Sony offers money to the people who could give them information about hackers… wait, what the…? (ironically, other results for that query are 100% about Facebook, Google, etc… ‘s bounty programs)

The last result for Sony is just icing on the cake. Initially I was doing the research just to show that Sony didn’t have a bug bounty program while it should. The result was even beyond my “expectations”, not only do they not have a bug bounty program, they actually pay money to chase hackers (in this case, those were some pretty bad guys, but that’s not the point)

I’m just a blogger, but here’s some advice for Sony: most of the psp/vita/ps3 hackers I know are students, and would really think twice about publicly releasing a hack (or contacting me about it) if the alternative was a 500$ reward. I am convinced a bounty program on your gaming consoles could dramatically mitigate hacks such as the ones used for VHBL, for example.

It could also probably help mitigate commercial piracy such as the True Blue dongle on the ps3. The people behind this dongle would never sell their hack for a few hundred dollars (why would they, they are sitting on hundreds of thousands of dollars with their black market), but it is possible that a few independant hackers would dig more seriously into reversing the True Blue dongles if they knew there was a reward…

If you think there are about a dozen exploitable psp games on the psn right now, it would mean that for about 5000$, Sony could get rid of the current “threat” that is vhbl… if I were them I’d consider running a bounty program… unless, like me, they believe VHBL is actually good advertising for their console (and let’s be honest, given its poor sales, the Vita needs every form of promotion it can get)

A Bug bounty program, given the current demographics of PSP/Vita/PS3 hackers, would be in my opinion a very cost-effective way for Sony to mitigate hacking (and to some extent, piracy) on their consoles. It could also probably be extented to their websites and services (especially the PSN). Another indirect benefit would be that trust issues would rise in current Sony hacking communities, making it difficult for hackers to work together.

Thankfully, I’m just a pissed off sony customer, and I know Sony never listens to their angry customers, so I think we’ll still have hacks for a while on our consoles.