UW Computer Security Research and Course Blog

Slashdot is reporting that a lot of Wii homebrew code is being developed and released now. Apparently, a bug was found in The Legend of Zelda: Twilight Princess that allows you to smash the stack by overflowing the horse name buffer. Creating a modified saved game allows you to inject this malicious name. I was under the impression that the Wii cryptographically signed saved games to prevent bugs like these from being exploited, but it appears that people have either figured out how to sign saved games, or bypass the signature check, if one exists at all.

Here’s a link to the article I mentioned today in class, which is related to the material that we covered on Friday: http://blog.washingtonpost.com/securityfix/2008/02/pakistan_censorship_order_take.html (from The Washington Post).

Here’s a quote from the article:

So, what happened? From everything I’ve read and heard, the YouTube situation appears to have been due to an innocent — if inept — mix-up, which allowed Pakistan’s ISPs to effectively announce to the world that its Internet addresses were the authoritative home of YouTube.com, and for about an hour or so, most of the rest of the world’s ISPs incorporated those updated directions as gospel.

Jon Johansen (known for his work in defeating CSS in DVDs) has recently released an application known as DoubleTwist. DoubleTwist is designed to defeat Apple’s FairPlay DRM by playing the track’s in fast forward and capturing the analog signal as it leaves the sound card. In addition to stripping the DRM from songs, it allows users, through a Facebook application, to share songs with their friends.

(Read on …)