"I don't want to be a part of piracy"
Meet the student who just made 3DS homebrew easy - and set Nintendo on high alert.
This week, 22-year-old Jordan Rabet sat down at his keyboard and told his many Twitter followers the good news: his year-long project to crack the 3DS' security was finally at an end.
He had found a backdoor into Nintendo's handheld - a way for anyone to load unofficial "homebrew" games, normally outlawed by companies due to fears such methods enable piracy.
What makes Rabet's exploit, which he's called NINJHAX (you'll see why in a second), special is its simplicity. It is the first to work across all Nintendo 3DS types and does not require any fiddly programming skills.
And while he wasn't yet ready to explain how his method worked, he was able to reveal what 3DS owners would need to access his new-found exploit: a copy of Cubic Ninja, a long-forgotten Ubisoft platformer that was now out of print.
Within hours, several strange things happened.
"We have five of these games for sale," read the $50 Amazon listing. "This price is for one item, Cubic Ninja, brand new factory sealed. Needed for homebrew."
"This item is hot," a $99 listing for the same game explains. "Get it while it lasts. :)"
"This game is now a desirable game and supposedly there were only 20,000 copies made," read a third, priced at just $69.99 plus shipping. "You can hack your 3ds with it."
Not only did demand for Cubic Ninja skyrocket, causing it to sell out at the few places that still had copies in bargain bins, but its digital version disappeared as well.
Cubic Ninja had only been available to download via the 3DS eShop in Japan. Within four hours of Rabet's tweet it was gone.
"I expected attention but I guess not that much," Rabet confesses in an interview with Eurogamer. "The way the game has sold out, the way the price has raised so much, I didn't expect that to happen so quickly. It's insane."
One thing he seems flattered by is how quickly Nintendo noticed his tweet - and how the company seemed to have just believed it.
"It's interesting because I didn't provide any proof that it really was going to be Cubic Ninja," he explains, as if still trying to puzzle out the fact. "I'm wondering if they would have done that with any game..."
Announcing his exploit instead works using the newly-released blockbuster Super Smash Bros. for 3DS "would have been an interesting experiment", he laughs.
But the fact Nintendo took his announcement seriously shouldn't come as a surprise. Rabet, known online as Smealum, is well-known within the homebrew scene, having made a name for himself for uncovering software exploits in Nintendo handhelds and then developing homebrew games to play on them.
"Basically, I love video games and have done since I was a little kid," he says. "I've always wanted to make my own games and when I was 11 or 12 I started making my own. I had a Game Boy and Game Boy Advance, so got a flash card and a dev kit and started making games from that. And then I started making games for DS, too.
"I made a Portal adaptation which I thought was pretty cool," he continues, referencing Aperture Science DS, a 3D adaptation of Valve's puzzle adventure he built from scratch, shrunken down perfectly for Nintendo's dual-screened device.
His next project was DSCraft, an unofficial port of Markus "Notch" Persson's smash-hit sandbox game Minecraft. It was downloaded more than half a million times.
"I also made a few original games but they weren't very successful," he concedes, laughing again. "I wonder why! Then the 3DS came out and no-one was making homebrew for it yet, so I decided to try and make it happen as some way to give back to the community."
Rabet, born in France but now living in the US to study computer science at the prestigious Stanford University, never pursued software development as a career. His success creating homebrew games, however, begs the question: why not?
"I don't know..." he says, when asked if he'd ever consider it. "Maybe." His work poking about inside console code and cobbling together games has always been more of a hobby, while his current "3DS stuff" is just a side-project in what sounds like an incredibly busy schedule.
By day Rabet works on his Master's degree, specialising in artificial intelligence - "which is completely different", he explains. "The Master's is not a lot of hours of class - probably around nine - but then you're supposed to do a bunch of homework. It depends on each assignment but it could be five hours a week, or 10 or 25."
On the days he's not in class or doing project work he has a part-time job at a California-based start-up, where he works to develop self-driving technology that will be built into cars.
"The days I'm at work, that's eight or nine hours of that, then an hour on the train back, then I work on 3DS stuff until I go to bed, probably about five hours later. And then I sleep after that. Doing all those things sometimes feels impossible, which is why it's going to be really nice to release this so I can take a break."
A break Rabet will fill by completing another ongoing hobby project: 3DSCraft, a port of Minecraft for 3DS.
"The 3DS Minecraft thing is interesting. It uses the console's GPU to render stuff, which is what we should be doing, but we don't really know how it works that well," he says, referencing himself and the team of artists and coders he's also roped in. "So while I'm working on Minecraft I'm also writing a driver for the GPU. That's the main project after this: making a stable and complete driver for the 3DS GPU."
3DSCraft is currently one of the main attractions for Rabet's new homebrew loader, and perhaps the only legal one, which brings us onto the elephant in the room.
Playing illegally-copied games on 3DS is, unfortunately for Nintendo, not difficult. Piracy-enabling "flashcards" are now outlawed in many countries but remain easy to find online. Buy one of those and you can play any pirated 3DS game. But this wasn't what Rabet wanted to enable - and NINJHAX currently doesn't.
"It's very dangerous," he says. "If you release an exploit that's too powerful you might let people do whatever they want with their console - which can be great - but you also have the possibility of piracy... which isn't so great.
"I don't care if people pirate in their private lives, but I don't want to be a part of it," he continues. "I don't want to release something others can use to steal someone else's intellectual property. That's not what I want. I wouldn't release something that could be used for piracy... it's just not something I want to do.
"Right now I'm hoping the loader attracts more developers and people start building more homebrew games. I'm working on the 3DS version of Minecraft and a bunch of people are working on emulators. I'd really like to see how far we can push the 3DS."
Furthering independent homebrew development is a noble cause, but it's easy to see why companies such as Nintendo would be alarmed. For many, homebrew remains synonymous with piracy, and even methods such as Rabet's open up a Pandora's box packed with problems.
"Nintendo continuously monitors all threats to its products' security," a spokesperson for the company told Eurogamer this week. "We will take the necessary technical and legal steps to prevent the facilitation of piracy and to protect intellectual property rights."
Rabet highlights some homebrew games that push hardware further than the games Nintendo actually does allow on its platform. He suggests "commercial" developers work on a game up to a point but never fully investigate how much better it could be because studios, inevitably, hit project deadlines and budget caps. And anyway, he says, a handheld game would likely sell the same no matter how shiny a gun was.
"But right now basically it's that Minecraft port and a bunch of emulators," he says, returning to the fledgling 3DS homebrew scene. "There's a SNES emulator that works really well on homebrew games and commercial ones. There's a Game Boy emulator for Game Boy and Game Boy Color games.
"There's a NES emulator - I think there are a couple of other emulators, in fact. I guess it's a lot of emulators right now."
Perhaps Rabet's loader will spark into life a new era of homebrew development. Perhaps not. But when you launch an exploit designed to load emulators and an impressive, albeit unofficial, port of someone else's game, you can understand why Cubic Ninja disappeared from Nintendo's eShop server so quickly.
"I would say the emulator itself definitely isn't piracy, to me," Rabet counters. "Pirating ROMs is definitely not legal or morally responsible - but if you own the game and want to play it on the go, I don't see anything wrong with that."
Nintendo may. It makes money from selling its old Game Boy and NES catalogue through the eShop, something emulators circumvent entirely. While not directly providing illegal copies of software, emulators facilitate their use - although you could also just use them for home-made games.
"I guess there's the argument that emulators may hurt Virtual Console sales but, honestly, the homebrew scene is pretty small," Rabet continues. "Cubic Ninja is not a game that was sold a lot and now it is being sold at super high prices, so it's not going to cause any significant damage."
More important, he says, is software designers get a chance at seeing their work on 3DS, while others get a chance at playing what bedroom developers come up with.
"I just think it's pretty cool that we're going to be able to use our 3DSes for a lot more stuff," he adds.
Rabet's aim is for as many people as possible to be able to run homebrew games and apps on their 3DS, which is why the instructions for his software are designed to be as simple to use as possible. All someone would need to run the loader is a copy of Cubic Ninja, an SD card and a Wi-Fi connection.
"Cubic Ninja has a level editor, which is the vulnerable part of the game," Rabet explains. "And it has a way of sharing levels, which is through QR codes. So basically what I have is a manufactured QR code you scan with your game, and from there it starts running code on your console, and then downloads more code through Wi-Fi, installs it to the save game and loads up the Homebrew menu.
"I kind of targeted games based on whether they had a level editor or not, or whether they had a easy access point. If it didn't have the QR code then people would need to have some sort of specific hardware to write the save data to the game, which would not be too practical."
Rabet had the method working back in July and a release date set for August, but delayed the launch at the last minute when, a day before he was due to reveal his exploit, Nintendo announced its New 3DS. At that point he knew he should hold off - to stop the company somehow permanently blocking his method on the new 3DS models.
Which is why the release is now today, 21st November, the day the New 3DS and New 3DS XL arrive in Australia and New Zealand (after first launching in Japan a couple of weeks ago).
"I figured it would still be vulnerable - and it is - which is why it releases now," he says. All consoles - 2DS, 3DS, 3DS XL, N3DS and N3DS XL - are "vulnerable" to the exploit, which also works on any firmware version from 4.0 to the latest, 9.2.
Speaking just a few hours before launch, Rabet concluded he couldn't wait to see his controversial creation finally release. "It's been very stressful," he concedes. "It's going to feel great... I've been working on it for so long."
But Rabet knows there may be more work to come. After months of teasing Twitter followers and showing hints of his work on 3DSCraft, he knows he has caught Nintendo's eye - evidenced by how swiftly the company pulled down the digital version of Cubic Ninja.
"I think they're going to try and patch it out as soon as they can," he concedes, admitting action from Nintendo is probably a matter of when, not if. "I don't know how long it's going to take them - the problem is I've already been talking about this for a couple of months so its possible they may have figured out what I've been doing.
"It's just a vulnerability in a game to access a vulnerability in the system firmware. All they'd really need to do is patch the firmware and then the game doesn't even matter."
So unless you're really committed, it may be best to hold off that $99 purchase of Cubic Ninja for a bit longer.