Rikimaru
Veteran
I think Gateway 3DS is available for 2 years already.
Wii U was hacked on launch but hackers did not share info. https://fail0verflow.com/blog/2014/console-hacking-2013-omake.html
- Status
Wii U was hacked on launch but hackers did not share info. https://fail0verflow.com/blog/2014/console-hacking-2013-omake.html
Still, I think Android would need a hypervisor OS, say Linux or Windows 10, though, for extra security.
That's one of the things I don't like about Android, my phone has a lot of software that I can't uninstall but I don't use and don't want to have.
Rikimaru
Veteran
What? Locked bootloader and encrypted image is sufficient.
Biggest problem with Android that you need to distribute your source code. Easier to find bugs.
Thats why Sony uses FreeBSD.
You can disable most apps. Or delete them with root.
Laughing at people for being wrong isn't insulting in your culture?
I have absolutely no idea what this is supposed to mean.
Again with the prejudice remarks.
Apple have been writing complex OSes for decades. They have the experience and knohow. Nintendo have kept to very simple OSes for most of their consoles and lack experience. that doesn't mean they can't pull it off, but they're be facing a massive struggle to create a robust OS that's comparable to others, if they want the same sort of complexity. If they want to drop things like multitasking, they could do a lot better.
What was wrong with PS3 at launch? It worked. Wii U had major issues. And importantly hadn't learned from any of the mistakes of PS3. So PS3's slow firmware updates, Wii U made worse. that's because Nintendo, as they've admitted, don't watch the rest of the industry and learn from their competition.
Nope. Lord Demigod (Ubisoft gameplay programmer) in the comments discussing pCARS Wii U situation -
And if you follow the trail on multithreading, there's more criticisms out there.
Ah, so you're saying Nintendo can and have made console OSes before. Okay. No-one said they hadn't. The argument is Nintendo's experience with complex, computer-like OSes is weak.
Dominik D
Regular
I've worked with both. I'd take Windows source over Android any time of the day.I'm sure Microsoft's Xbox engineers would prefer to modify Android than Windows
What's your definition of "hacked" then? In order for homebrew to work on 3DS there's a chain of hacks used. Bug in Cubic Ninja is just a way to deliver payload which then exploits problems with software and hardware to circumvent security features. For example (and this is just an example of OS hacks ninjhax employs) NX bit is used to prevent executable pages from being modified (and RW pages from being executed). This is OS feature that takes advantage of certain HW capabilities. This is circumvented by the exploit. Does this mean OS was hacked? Yes it does. 3DS is in a completely different position than certain handhelds were before where you could only operate in user space on the already mapped memory. Here you have much more freedom (e.g. access to the GPU). In my book that's very much the definition of OS being hacked.
D
Deleted member 11852
Guest
I can't think of any implementations of Android that run on top of a hypervisor and in most cases you would really only want to introduce a hypervisor unless you have more than one main OS running or you have certain hardware resources need to be completely isolated from the main OS. Every software layer between game code and the hardware is acting as a barrier to theoretical maximum performance.
You do realise that isn't a decision that is mandated by the stock Android OS? Your phone's UI and the control you have (or don't have) is entirely a result of the whims of the phone manufacturer and your carrier. If you want to lose all of the crap, unlock the phone and install a clean Android build but - this is where the misconcepted ideal of 'open' falls apart, stock Android without specific compatible device drivers for the particular hardware in your phone, can result in diminished performance. Android is 'open' for developers, users are still limited by practical realities of OS versions, driver and hardware compatibility - just like on PCs.
D
Deleted member 11852
Guest
I don't know anything about Wii U but PS4 is nothing like that. It has a LP ARM microcore (probably TrustZone) in the South Bridge running an microOS from 256mb DDR3 which only has access to the I/O subsystem. This is why PS4 can download in Rest mode (or in the background) to disk but nothing gets installed until your turn the PS4 on. Ditto uploads. If you setup the PS4 to 'background install' firmware it actually turns on the PS4, installs the firmware, then shuts it down again.
In real terms it's just a low powered I/O manager.
D
Deleted member 11852
Guest
Yes, that's the I/O - this is the function of the South Bridge. This is also a good place to implement TrustZone as compromises are injected over I/O and TrustZone can screen these. It could also explain why the PS4 routes HDD I/O via the USB bus because I don't know of any TrustZone implementations that work well with SATA. It's possible, but tricky.
D
Deleted member 11852
Guest
Which OS?
Maybe it is because SATA supports busmaster DMA, while USB does not? Or, well, maybe USB3 does, this latest incarnation supposedly is more independent of the CPU, as overhead at 5Gbit/s would be huge otherwise I suppose.
So... Hell if I know! Heh.It's still a bit weird they're doing HDD access over USB.
PS4's main BSD OS is not limited by the southbridge ARM core as such; that core only affects I/O. Other OS functions, like those you mention, would remain unaffected.
Rikimaru
Veteran
Why do you think so? Even on Wii initially you could not do that (before AHBPROT was found). Even read NAND from PPC.
Because every function call and memory access cannot go through the southbridge, and its weak-ass ARM core. It would be a tremendous bottleneck.
Rikimaru
Veteran
Look at IOS on Wii (and Wii U).
"IOS is the operating system that runs on the Starlet coprocessor inside the Hollywood package. It provides services that are used by Wii code to access many system devices: USB, networking, security, app management, NAND flash storage, SD card, optical disc, and also WiiConnect24 features.
...
IOS is not a "hypervisor", as it runs on a dedicated, separate CPU. However, IOS does isolate its memory from access by the main Broadway CPU, has the ability to reboot (and hence bootstrap) it, and is designed to be secure if the PowerPC side is compromised (although in practice many exploits have been found). In that sense, IOS is higher in the security hierarchy than code running on the PowerPC."
http://wiibrew.org/wiki/IOS
Every hardware access and some services go through IOS on ARM926EJ-S.
"IOS is the operating system that runs on the Starlet coprocessor inside the Hollywood package. It provides services that are used by Wii code to access many system devices: USB, networking, security, app management, NAND flash storage, SD card, optical disc, and also WiiConnect24 features.
...
IOS is not a "hypervisor", as it runs on a dedicated, separate CPU. However, IOS does isolate its memory from access by the main Broadway CPU, has the ability to reboot (and hence bootstrap) it, and is designed to be secure if the PowerPC side is compromised (although in practice many exploits have been found). In that sense, IOS is higher in the security hierarchy than code running on the PowerPC."
http://wiibrew.org/wiki/IOS
Every hardware access and some services go through IOS on ARM926EJ-S.
D
Deleted member 11852
Guest
Maybe it is because SATA supports busmaster DMA, while USB does not? Or, well, maybe USB3 does, this latest incarnation supposedly is more independent of the CPU, as overhead at 5Gbit/s would be huge otherwise I suppose.
The ideal TrustZone implementation is for it to operate transparently from the host system so it can't introduce significant latency, particularly on a point-to-point bus architecture. There are ways around it by increasing the number and/or power and/or clocks of the TrustZone cores but this obviously adds cost.
I agree, all evidence is that any security built into PS4's South Bridge is effectively invisible to the rest of the system and this is the ideal implementation. If an exploit manages to slip through, it should never be able to further compromise the security.
The approach of many TrustZone solutions is that it operates as a gatekeeper, preventing exploits from being injected over any I/O source which is the only way data can get into RAM.
I know nothing about Nintendo console's system architecture but having your security (Starlet) onboard the graphics chip (Hollywood) seems a very odd approach unless Hollywood is both the chip housing the GPU and South Bridge. Modern security is generally taking the gatekeeper approach, i.e. stopping exploits even getting to main RAM thereby eliminating any chance of the code being executed.
Rikimaru
Veteran
TrustZone looks like exactly Wii/3DS approach. http://www.openvirtualization.org/open-source-arm-trustzone.html
Sony wanted hardware isolation because PS3 was hacked by a bug in USB stack.
Sony wanted hardware isolation because PS3 was hacked by a bug in USB stack.
D
Deleted member 11852
Guest
TrustZone is a set of capabilities and reference software, the implementation will vary depending on the target system architecture, budget and vectors of attack. I've worked on several systems with TrustZone protection and all were different.
Can you share more about the Nintendo approach, particularly how the security solution in the GPU protects against attacks?
Can you share more about the Nintendo approach, particularly how the security solution in the GPU protects against attacks?
- Status
Similar threads
