A few weeks ago we talked about malicious software that could brick your PSVita or PSTV. The first malicious software to appear on the Vita was Lego Harry Potter: Years 1–4 aka the evil game cart. More games started to follow like Fruit Ninja, and kung fu rabbit via maidump and even a homebrew called duck hunt which tried and failed to do so. Well. HENkaku is about to help you in that department!
Now The Flow has already updated VitaShell to help make you aware of what could happen if its malicious software.
If you are a homebrew developer you may have to change a few things with it for it to be a safe homebrew. We all know that the custom theme manager is a safe homebrew but since it writes to ur0: the new update will call it an unsafe homebrew.
#CustomThemesManager will be an "unsafe" #homebrew soon (afterall it requires to write on the database at ur0:/ xD) https://t.co/dcUIMX5CjD
— Red Squirrel (@redsquirrel87) October 28, 2016
Here what you need to know about the next update..
The next update for HENkaku will be a major one and in order to protect the safety of our users, we are making two changes that might affect how your homebrew runs:
- Safe Homebrew will be outputted by default by the toolchain. Currently, you must specify a flag for marking your homebrew as safe. In the future, you will do the opposite. By default, homebrew will be marked as safe. If you wish to use unsafe/vsh functions you must build with an unsafe flag. A warning will show up if you attempt to use unsafe/vsh functions in a safe homebrew and it will not work by default on the Vita. More information about the specific SDK changes will be posted at a later date.
- Unsafe Homebrew will be blocked by default on HENkaku enabled consoles. To run unsafe homebrew, the user must set a configurable option. Unsafe homebrew will not be launchable by default. This is basically how Android does it.
If your homebrew currently builds with the vita-make-fself -s
flag, you do not have to do anything! Your homebrew is already marked as safe and will continue to work. Otherwise, you have two options: if your homebrew requires using unsafe/vsh functions then your users will have to enable unsafe mode to run your homebrew. If you wish to mark it as safe, add the -s
option to vita-make-fself
when building. Then test your homebrew to make sure it still works. The main changes for a safe homebrew is
- vsh functions are blocked. This includes stuff like registry access, partition table access, etc.
- Device access is limited to
ux0:data
for general shared storage,app0:
for read only sandbox access to the application’s own files,savedata0:
for sandbox access to application specific storage, and a handful of other locations not important right now.
If you use any unsupported functions, please find a workaround. Come chat with us on #vitasdk to sort things out. Please file a ticket if anything doesn’t work as expected so I can fix it. Thanks for making the homebrew community as it is today!
-Yifan
molecule