Custom firmware

Custom firmware, also known as aftermarket firmware, is an unofficial new or modified version of firmware created by third parties on devices such as video game consoles and various embedded device types to provide new features or to unlock hidden functionality. In the video game console community, the term is often written as custom firmware or simply CFW, referring to an altered version of the original system software (also known as the official firmware or simply OFW) inside a video game console such as the PlayStation Portable and Nintendo 3DS.

Video game consoles

Custom firmware often allow homebrew applications or ROM image backups to run directly within the game console, unlike official firmware, which usually only allow signed or retailed copies of software to run. Because custom firmware is often associated with software piracy, console manufacturers such as Nintendo and Sony have put significant effort into blocking custom firmware and other third party devices and content from their game consoles.

PlayStation Portable and PlayStation Vita

Custom firmware is commonly seen in the PlayStation Portable handhelds released by Sony. Notable custom firmware include M33 by Dark_AleX as well as those made by others such as the 5.50GEN series, Minimum Edition (ME/LME), and PRO.

Unlike the PlayStation Portable, there is currently no native CFW for its successor, the PlayStation Vita, although there is a CFW framework. There exists eCFW for the PS Vita, too, meaning custom firmware for PSP running in the PSP emulator of the PS Vita. These eCFWs include ARK, TN-V and more recently, Adrenaline, which includes more features since it was hacked from the native side. In 2016 things changed for the PS Vita scene, as a Team called Molecule released HENkaku which alters the OFW of the PS Vita on firmware 3.60 and by doing so creating a custom firmware on your handheld, opening it up like never before. The team behind the original HENkaku has also released taiHEN. taiHEN is a framework on which the newest version of HENkaku runs. It is a way to load plugins at the system level like you were used to on the PSP allowing you to change/add function to your console.

Nintendo 3DS

The modding scene of the Nintendo 3DS involves both flash cartridges which emulate an original game cart (which can be solely used to play untouched game cart ROM backups) and custom firmware (software which patches the official firmware "on the fly"), which requires an exploit to obtain control of the ARM9, the 3DS' security coprocessor. The current most widely used CFW is Luma3DS, developed by Aurora Wright and TuxSH, which allows unsigned CIA (CTR Importable Archives) files to be installed on the Nintendo 3DS devices, provides region-free features, exception handling for homebrew software developers etc.. Other past and abandoned CFWs included Gateway (a proprietary CFW locked to a flash cartridge via DRM and the first publicly available one), Pasta, RxTools (the first free and widely used one) and Corbenik^[1]; still developed CFWs are ReiNAND, on which Luma3DS (previously known as AuReiNAND) was originally based, Cakes CFW (the first open source CFW, which used a modularized approach for patches and was the inspiration for the following ones). 3DS CFWs used to rely on "EmuNAND"/"RedNAND", a feature that boots the system from an unpartitioned space of the SD card containing a copy of the 3DS' NAND memory. These EmuNANDs could protect the 3DS system from bricking, as the usual system NAND was unaffected if the emuNAND is no longer functioned properly or was otherwise unusable. EmuNANDs could also be updated separately from the usual system NAND, allowing users to have the latest system version on the EmuNAND while retaining the vulnerable version on the system NAND; thus making online play and Nintendo eShop access possible on outdated 3DS system versions. EmuNANDs were obsoleted by the release of arm9loaderhax, a boot-time ARM9 exploit that allowed people to safely use SysNAND and update it, as CFWs started patching the OS' update code so that official updates wouldn't remove the exploit. However, this exploit required a downgrade to a very early system version to get the console's unique OTP, necessary for the installation. On May 19, 2017 a new exploit called boot9strap was released, replacing arm9loaderhax and allowing users to get even earlier control of the system, granting code execution in the context of the bootROM and thus a cleaner environment, with no downgrades or OTP required. At the same time, another bootROM exploit was announced, which allows people to use a backdoor present in the bootROM to get full system control on any 3DS console regardless of the firmware version (as the bootROM can't be updated), only requiring a modified DS flash cartridge and a magnet. A list of compatible DS flash cartridges and the required software have yet to be released.

Other devices

Various other devices, such as digital cameras, wireless routers and smart TVs, may also run custom firmware.^[2] Examples of such custom firmware include:

Rockbox for portable media players
CHDK^[3] and Magic Lantern^[3] for Canon digital cameras
Nikon Hacker project for Nikon EXPEED DSLRs
Coreboot and Libreboot for computers
Many third-party firmware projects for wireless routers, including:
- LibreWRT project for Ben Nanonote, Buffalo WZR-HP-G300NH and other computers with minimal resources^[4]
- OpenWrt, and its derivatives such as DD-WRT^[3]
- RouterTech, for ADSL gateway routers based on the Texas Instruments AR7 chipset (with the Pspboot or Adam2 bootloader)
Cable Hack and Sigma for uncapping cable modems, but with dubious legality^[5]^[6]
Firmware that allows DVD drives to be region-free
SamyGO, modified firmware for Samsung smart TVs^[7]

References

↑ "Corbenik's author and maintainer announces his retirement from the project".
↑ How hackers are outsmarting smart TVs and why it matters to you
1 2 3 "Custom Firmware Rocks!". 2009-08-05. Retrieved 2009-08-13.
↑ "Hardware Support". LibreWRT.org.
↑ Poulsen, Kevin (2009-01-12). "Hardware Hacker Charged With Selling Cable Modems That Get Free Broadband — Update". Wired. Condé Nast. Retrieved 2016-06-15.
↑ Poulsen, Kevin (2004-02-05). "Cable Modem Hackers Conquer the Co-Ax". SecurityFocus.com. SecurityFocus. Retrieved 2016-06-16.
↑ "SamyGO: replacing television firmware". LWN.net. 2009-11-14. Retrieved 2009-12-11.

Homebrew
Atari 2600	List of Atari 2600 homebrew games A-VCS-tec Challenge Halo 2600 Duck Attack! Oystron Medieval Mayhem Warring Worms
Nintendo Entertainment System	Family BASIC List of unlicensed NES games
Nintendo DS	Colors! DSLinux MoonShell
Other	ZX Spectrum Commodore 64 Dreamcast PlayStation 2 PlayStation Portable Pandora Ouya GP2X
Related	Custom firmware Flash cartridge

Embedded systems
General terms	Embedded software Original equipment manufacturer (OEM) Embedded database Embedded hypervisor Consumer electronics Microcontroller ASIC/FPGA/SoC Memory footprint Single-board computer IoT Board support package Cross compiler Embedded OS bootloader
Firmware and controls	Custom firmware Rooting (Android OS) iOS jailbreaking PlayStation 3 Jailbreak Closed platform Vendor lock-in Defective by Design Hacking of consumer electronics Homebrew (video games) Crippleware
Software libraries	uClibc dietlibc Embedded GLIBC musl
Development tools	Bitbake Buildroot BusyBox Yocto Project Almquist shell Stand-alone shell OpenEmbedded
Operating systems	Linux on embedded systems Linux for mobile devices Lightweight Linux Windows IoT/Win CE Real-time operating system
Programming languages	Ada Assembly language CAPL Embedded C MISRA C nesC Embedded C++ Embedded Java
Lightweight browsers Open-source computing hardware Open-source robotics

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.