Hi a friend of mine developed a way to dump pics of naomi games and decript those games also, i have dumped my 22 gdroms and got the keys and the decrypted data for those ones. i have to say tmbinc and mrsporty helped with info to my friend. Today i talked with my friend and his key dumping method is going to be public. i will also make public my dumps to help mame emulating the naomi. where should i put those dumps ?
Read some posts by TheGuru, then decide again. He constantly refuses to believe that other people might already have solved problems he is still claiming to work on, so he wouldn't be much excited. In contrast, he will tell you at least one reason why you completed missed the point in whatever you were doing. I'd be very interested in some more triforce keys, btw .
He sits in a hot room with all those fumes and I think it affects him. I don't know who has helped who. However I know at least one group who had reverse engineered the key chip, said they wouldn't give any information for MAME. So Elsemi designed an adapter and guru built it and posted all the keys he has on his page. We're also going to get one of the chips decapped, because we're like that. Having the keys doesn't excite me one bit, having the chips decapped does. I heard that someone had already decapped the chip and was again not going to give it out for use in MAME, so we'll see just how long it will take for it to turn up. The guru has previously had to make up receiving a board to panic someone into releasing their hoarded dump. The decap thing is real though ;-)
Ha, maybe that's it . Ok, actually I never wanted to tell this store or make a big thing out of it, so I should probably just have shut up. Anyway, let me explain my "unhappyness". When I started becoming interested in the Triforce (or Naomi, as it's really the same in terms of Media encryption), there was almost no public information on how the encryption works or what the key IC actually does. MrSporty, I was told, once found out how the PIC chip actually works, but that post was pulled (for whatever reason). So I started digging. I never wanted a "perfect emulation" of the DIMM-Board, I just wanted the payload, i.e. the decrypted game - and of course understanding the process from "GD-ROM disc" to "decrypted game". So I ripped apart the Triforce I got, analyzed the Gamecube part of it (what, afaik, nobody had done before). I came to the point where I understood the concept of how a game loads, and saw that basically the DIMM board is in charge for decrypting the content. Fine, I kind-of ripped a GD-ROM disc, found the content to be encrypted, logic-analyzed the PIC chip, disassembled the DIMM-board-firmware (based on a dump which MrSporty gave me - and I later repeated), and broke the encryption. I did some further discussions with MrSporty, who basically broke the encryption before in another way, and I solved the main puzzle, which was how to actually make any use of the key - the DES algorithm with the reversed keys. While that wasn't a mega huge breaktrough discovery, it was definitely not discovered before (at least not in public), and it took me some days and a lot of thoughts (and some luck). Thus, I consider myself as the one who should be credited for "making something useful out of the dumps", in terms of emulation. Without this discovery, neither the key nor the gdrom dumps would make any sense. We had keys before (thanks to MrSporty) and we had dumps before (thanks to the people like Bobo64). I had great help from MrSporty, and later ElSemi, and a (more than a) helping hand from Serantes. Everything was perfectly fine for me, and I hope for the others as well. We had some internal discussions whether releasing this information would hurt anything (especially Chihiro), but in the end, we decided that all those systems are dead anyway, and it would just help emulation, which was our (well, at least mine - I can't speak for anyone else) initial goal. Now, imagine how I felt when reading http://www.mameworld.info/ubbthread...802&page=5&view=expanded&sb=5&o=&fpart=1&vc=1 (To explain the technical background: Acquiring the code content of the security PIC (which is probably meant by "decapping") will uncover the "other" side of the (symmetric) obfuscation algorithm used for the keyexchange with the dimm board. It will not help "solving the DES puzzle", like actually *doing* something with the gathered data. Again, I spent most of my time on actually understanding the exact process of the decryption, not with reversing that single function which does the obfuscation. That's stupid, normal SH-4 asm (the DIMM-board side of it) and took me maybe 1 or two hours. So no, decapping would *not* made anything of my discoveries irrelevant.) I should not care, it's just a stupid forum post. I would not care. ElSemi tried to explain the situation a bit better, but read this (written by, yes, TheGuru himself): I consider this as one of the most stupid, yet insulting, responses ever. (Technical background: I explained in a lot of details that I already DID reverse the algorithm out of the firmware. I did not post the firmware file due to copyright reasons - in fact, anybody who asked me got a useful link - ask Serantes. That's not "hoarding". TheGuru knew exactly what research I already did (and what puzzles I solved), but he still claimed that HE will have the only, ever real solution to this. Needless to say: I was pretty pissed.) Again, I should not care. Usually I don't care much about crediting, because I know that the people I care about understand the background and the source of discoveries. I thought TheGuru would as well, but i was mistaken. If TheGuru would be yet another forum troll, this wouldn't have been any problem. But as he is still considered as, yes, The Guru, this made me pissed. (And yet another technical detail: I understand that people like "decapping", and I'm fine with it. To be honest, I hate it. I consider it as a brute-force attempt to solve a problem for people with too much money and too less time/brain/interest (sorry, I don't want to insult anyone - so just claim it's the time aspect to do a real analysis. But that's just me - other people think different, and I accept that. I'd rather reverse, as in this example, the other side (DIMM board's PIC routines) than paying money for dumping a chip. That doesn't mean that I'm considering decapping generally as a bad idea, sometimes it really cannot be avoided. But in this case? And actually, what would the rom dump be good for? For emulation? Not really, as you wouldn't (lowlevel-)emulate the DIMM board anyway. It would be good only for cloning the chips. Which again is kind of useless from a commercial standpoint, so I'm fine with that. I just can't see the benefit for emulation, but maybe somebody can enlighten me). Next, I want to apologize to all the people who did their amazing job as part of MAME or the Naomi/Triforce thing (especially the people I worked with) and were not credited enough. Sorry, this is an egoistic, self-centric post which I should not have written.
And, maybe I missed to say that: I'm very happy that people like TheGuru started collecting ROMs and Keys. I'm fairly confident that even Triforce emulation is not that far away. I think I got quite far already, but it requires still a lot of work. So don't understand me wrong - I'm pleased with the result. Just not by the process.
Well RB did put a smiley & I thought the guru's post on the thread was actually quite neutral. Although the mame boards are not always a real friendly place to go & little good ever comes from there. I don't see anything there apart from a bit of competition. MAME will emulate the DIMM board & the security PIC. We generally don't like to HLE things. If there is a CPU then it's code should be run. Sometimes this is easier, sometimes it's harder. If all this is done in software then we'd probably only have reverse engineered the code when we couldn't get the key from one of the PIC's so we would have had to brute force the key from the game. Part of the history of MAME is that by documenting hardware and using all the roms, pals etc that we can then we can be useful as a resource for people fixing games. So if someone has a security chip that doesn't work then they'll be able to get the game running again. That is one reason why some people have been willing to dump roms. I know what you mean about the credit thing, it often seems petty but after putting in work you don't want to see others taking it. The rabid masses will give credit to the first person who gives them the g4m3z 4 fr33. fwiw I found your blog posts interesting.
Hi now i would like to clarify some things also. First one i dont know guru and havent give anything, seccond i got 3.17 firmware dump from tmbinc and gave it to elsemi, but we thought it was a bad dump for reasons im no going to tell, so then i dumped 5 naomi dims and when i dumped the last one (3.17) we noticed that the dump was indeed good, so yes i got the firm from tmbinc but at the end we (me and elsemi) havent used it cause we thought it was bad.Last thing as i said in the readme credits goes to the ppl that really hacked the system 1 mrsporty 2 tmbinc tmbinc and mrsporty helped elsemi to understand the system, i dont want to talk as i would be elsemi, but im pretty sure elsemi has the same reasons to perform this hack as tmbinc had, know how it works and emulate the machine in the future (check who done the naomi driver on mame). Well i hope i havent fucked any1 rlsing the key dumper, but its a keydumper not a pic simulator, no it will only help to ppl wanting to emulate the system. tmbinc i got more triforce isos for you, contact me please
Elsemi will probably want it for something other than MAME. He worked on chankast a few years back and then there is nullDC. I would expect that neither of them would emulate the DIMM board. On the MAME list it has been discussed that it will be emulated. I'd have to go through all the mails. The driver says the main guy was Samuele Zannoli. And I wrote the x76f100 emulation and didn't get a mention
Repeat of previous post, any chance of the GDrom PSU cable matey, it's been a while and thus far I've not been able to test / use the Naomi 2. So, let me know ;-)
This will help Naomi gdrom emulation, although the lack of Naomi emulators is for different reasons. I wouldn't expect anything, that way you don't get disappointed.
Can't say I'm mega-surprised, to be honest. I once offered the Guru an undumped game that was listed on his site. He said sure, post it to me recorded (in Australia!) and you can have it back in a few months. If you pay postage to get it back again. When I was upset that he wouldn't help out (I didn't have money to post it all the way around the world, I'd just bought the damn thing!) he got quite abusive, like he had a right to all the undumped games or something Not the way I'd go about things if I was trying to get people to help me out... Stone
Stone if you got a gdrom that i dont have, i will dump it and send it back to you (ofcouse i will pay the shipment back) and i will also send you a backup with your original back I offer the same to any1 interested on got backups of theyr games Alex
I don't know how upset you got. I don't know how abusive he got. You couldn't afford it, he couldn't afford it. Whats to get upset about? To be honest I wouldn't send someone a game to be dumped if I wanted it back. If it was going to be easy then you should be able to find someone locally that can dump it, or do it yourself. If it's hard then it could either take a long time, or it might not come back in one piece. It could also go missing on the way. ubber rare gdroms are probably worth more than getting a dreamcast and a serial cable and waiting (alot).
smf the problem seems that guru is an asshole that gets donations from ppl and thinks the stuff he got from others its his own stuff, thats what i heard from ppl everywhere, he loves to hoard things
He's paying for storage for all the games, until they are dumped and the money to return them comes from somewhere. I don't think it's fair to expect him to fund it personally, do you? A cd/dvd/gdrom is going to cost nothing to post, he'd probably pay for that himself too. If you know someone that was promised a game would be returned for free within a certain time frame and that hasn't happened then let me know & I'll see what the problem is. I don't pay attention to random bitching, it reminds me of being at school. The unpopular kids were always the most interesting.
