Hector Martin

1) still empowers the pirates, they just don't care, but sure, going with 10+ year old stuff is a safe-ish bet. 2) isn't useful because as soon as you have code exec you can pivot into warez.

We tried some variant of 2) with the Wii by DRMing/obfuscating our exploits and only opening up the PPC. Then the pirates used a stupid exploit and Nintendo ignored it *for 18 months* and instead concentrated on fixing *our* bugs instead.

We need to get console makers to include client certs into their WebKit instances. That way we can DRM web browser exploits into a chain that does not allow for piracy and hide the code from analysis

While I understand where you're coming from with trying to hide the exploit I would urge you to reconsider. I feel the exploits shouldn't be hidden since people will attempt piracy with whatever method of code execution you give them. (1/?)

Obfuscating the exploits doesn't hinder those people it just discourages people learning about the software side. I know you toyed with the idea of locking down code execution to only approved apps for the Homebrew Channel which is one area where an obfuscated exploit... (2/?)

serves a purpose but if you give people code execution with whatever launcher you make then I feel making the exploits obfuscated becomes useless. Plus those write-ups or source code for exploits that people give draw people in to learn about the stuff and... (3/?)

encourage them to try it themselves. I loved the exploit process and learned a ton from the write-ups people made. It was the reason I learned about homebrew and started getting me into the hardware side as well. fi God writing things on twitter in breaks like this feels stupid.

That was a joke and I thought the emoji made it clear. Also we never, ever "toyed with the idea of locking down code execution to only approved apps" on HBC. That is patent nonsense. The only thing HBC ever rejected were broken ELF files.