D
Deleted User
Guest
OP
I don't post on here too often, mainly because I'm not really a big fan of watching people with slim-to-no technical knowledge or programming skills argue over things they know nothing about.
But I've been seeing some really silly shit being said lately, and I'd like to clear a few things up before the hive-mind around here pick it up and run with it as "fact". Much of this has already been said. Many users are aware of these things, but I figured centralizing it into one ranting manifesto would probably be worthwhile.
Yes, every system that can be connected to via some external interface (ex: internet, i2c, etc) can also most likely be exploited to run some form of arbitrary code. Hence the old saying that the only secure computer system is one that's turned off and sitting in a lead box under 20 feet of concrete. Of course there are more exploits to be found in newer firmwares, there's not a single doubt there.
The problem here isn't that there isn't some kind of exploit to be had. The problem is interest, and available time. Most of these guys, including myself, aren't teenagers with spare time. Most of them are working professionals, some with families to support. And while some random buffer overflow exploit is easy for anyone with a weekend to look into, diving into KASLR and JOP/ROP programming is something that requires a good amount of time, and writing a complete toolchain to take advantage of it using RE instead of the leaked SDK is a monumental task. On a related note: the folks able to accomplish these things are also better at their work. They're busier because their skills are in demand. I'm a software engineer by trade, sure, but I'm not quite to the same level as the names you hear here so often.
This isn't to say that I don't understand why many of you say what you say. Back when the PSP was first released when I was in highschool writing crappy little LUA games, I was similar to many of the users that bother me today; Demanding more from developers who give up their free time to produce freely available software for people to simply enjoy. Of course even then I should have known it was a bit of a dick move on my part, but the same goes for many of you.
Here's the point: These developers have a lot of responsibilities. I work full-time while working on my Masters. Daeken has about 30 projects at any given time, and between bug bounties and jobs he's a busy dude. The same can realistically be said about any of these guys. Yet I've already seen a ton of users posts questioning various dev's work ethic, skill, motivation, etc. Let's put that to rest now, and I would hope the mods would have the courtesy to reflect that ideal.
In terms of homebrew: No, it's not incredibly far away. But to the demanding users who don't know the complexity of the task their asking? Much longer than they think. As of writing this a hello world is certainly possible. Yellows8 is putting more and more work into libnx, just having pushed more gfx work along with plutoo's excellent work. So yeah, we're getting closer.
I'd like to end with this. It looks like Daeken is stepping back now that we have the beginnings of a functional toolchain (as limited as it may be), as well as an exploit to run with. I'm hearing talks about his backing out from the PSX dynarec, and how many of you automatically cast him in a bad light for that and telling of things to come. Instead of pretending like anyone owes you anything, simply be thankful that the poured that much time and effort into the work, and wish him well. Take this as advice from someone who's contributed to many projects, and been part of many scenes over the years. There's a reason GBATemp has been the laughing stock when it comes to homebrew communities since around 06', and it's the user's attitudes to blame.
But I've been seeing some really silly shit being said lately, and I'd like to clear a few things up before the hive-mind around here pick it up and run with it as "fact". Much of this has already been said. Many users are aware of these things, but I figured centralizing it into one ranting manifesto would probably be worthwhile.
Yes, every system that can be connected to via some external interface (ex: internet, i2c, etc) can also most likely be exploited to run some form of arbitrary code. Hence the old saying that the only secure computer system is one that's turned off and sitting in a lead box under 20 feet of concrete. Of course there are more exploits to be found in newer firmwares, there's not a single doubt there.
The problem here isn't that there isn't some kind of exploit to be had. The problem is interest, and available time. Most of these guys, including myself, aren't teenagers with spare time. Most of them are working professionals, some with families to support. And while some random buffer overflow exploit is easy for anyone with a weekend to look into, diving into KASLR and JOP/ROP programming is something that requires a good amount of time, and writing a complete toolchain to take advantage of it using RE instead of the leaked SDK is a monumental task. On a related note: the folks able to accomplish these things are also better at their work. They're busier because their skills are in demand. I'm a software engineer by trade, sure, but I'm not quite to the same level as the names you hear here so often.
This isn't to say that I don't understand why many of you say what you say. Back when the PSP was first released when I was in highschool writing crappy little LUA games, I was similar to many of the users that bother me today; Demanding more from developers who give up their free time to produce freely available software for people to simply enjoy. Of course even then I should have known it was a bit of a dick move on my part, but the same goes for many of you.
Here's the point: These developers have a lot of responsibilities. I work full-time while working on my Masters. Daeken has about 30 projects at any given time, and between bug bounties and jobs he's a busy dude. The same can realistically be said about any of these guys. Yet I've already seen a ton of users posts questioning various dev's work ethic, skill, motivation, etc. Let's put that to rest now, and I would hope the mods would have the courtesy to reflect that ideal.
In terms of homebrew: No, it's not incredibly far away. But to the demanding users who don't know the complexity of the task their asking? Much longer than they think. As of writing this a hello world is certainly possible. Yellows8 is putting more and more work into libnx, just having pushed more gfx work along with plutoo's excellent work. So yeah, we're getting closer.
I'd like to end with this. It looks like Daeken is stepping back now that we have the beginnings of a functional toolchain (as limited as it may be), as well as an exploit to run with. I'm hearing talks about his backing out from the PSX dynarec, and how many of you automatically cast him in a bad light for that and telling of things to come. Instead of pretending like anyone owes you anything, simply be thankful that the poured that much time and effort into the work, and wish him well. Take this as advice from someone who's contributed to many projects, and been part of many scenes over the years. There's a reason GBATemp has been the laughing stock when it comes to homebrew communities since around 06', and it's the user's attitudes to blame.