A few weeks ago we talked about malicious software that could brick your PSVita or PSTV. The first malicious software to appear on the Vita was Lego Harry Potter: Years 1–4 aka the evil game cart. More games started to follow like Fruit Ninja, and kung fu rabbit via maidump and even a homebrew called duck hunt which tried and failed to do so. Well. HENkaku is about to help you in that department!
If you are a homebrew developer you may have to change a few things with it for it to be a safe homebrew. We all know that the custom theme manager is a safe homebrew but since it writes to ur0: the new update will call it an unsafe homebrew.
— Red Squirrel (@redsquirrel87) October 28, 2016
Here what you need to know about the next update..
The next update for HENkaku will be a major one and in order to protect the safety of our users, we are making two changes that might affect how your homebrew runs:
- Safe Homebrew will be outputted by default by the toolchain. Currently, you must specify a flag for marking your homebrew as safe. In the future, you will do the opposite. By default, homebrew will be marked as safe. If you wish to use unsafe/vsh functions you must build with an unsafe flag. A warning will show up if you attempt to use unsafe/vsh functions in a safe homebrew and it will not work by default on the Vita. More information about the specific SDK changes will be posted at a later date.
- Unsafe Homebrew will be blocked by default on HENkaku enabled consoles. To run unsafe homebrew, the user must set a configurable option. Unsafe homebrew will not be launchable by default. This is basically how Android does it.
If your homebrew currently builds with the
vita-make-fself -s flag, you do not have to do anything! Your homebrew is already marked as safe and will continue to work. Otherwise, you have two options: if your homebrew requires using unsafe/vsh functions then your users will have to enable unsafe mode to run your homebrew. If you wish to mark it as safe, add the
-s option to
vita-make-fself when building. Then test your homebrew to make sure it still works. The main changes for a safe homebrew is
- vsh functions are blocked. This includes stuff like registry access, partition table access, etc.
- Device access is limited to
ux0:datafor general shared storage,
app0:for read only sandbox access to the application’s own files,
savedata0:for sandbox access to application specific storage, and a handful of other locations not important right now.
If you use any unsupported functions, please find a workaround. Come chat with us on #vitasdk to sort things out. Please file a ticket if anything doesn’t work as expected so I can fix it. Thanks for making the homebrew community as it is today!