from Wikipedia, the free encyclopedia
Homebrew on a PlayStation Portable: A Hello World Program .
Screenshot of the homebrew video game Duck Attack! for Atari 2600

The term homebrew ( English for self-brewed beer ) mostly refers to software created by private individuals for consoles and handheld systems that are not intended by the manufacturer to run self-created programs. Homebrew programs usually offer additional functions and often bypass locking of otherwise inaccessible system files or the copy protection of games and applications. Unlike in the home computer era, computer games from the homebrew scene only seldom achieve the quality of commercial games due to the increased complexity of current game consoles.


Consoles and handhelds are usually closed and profit-oriented systems. Often the devices are sold below the manufacturing price so that the manufacturers can only make a profit by selling software licenses. The manufacturers assume that buyers of the devices will buy fewer or no official software titles at all if free programs can be used. In addition, homebrew software can bypass the commonly used copy protection under certain circumstances , which, in the opinion of the manufacturers, can also reduce profits from software sales. Therefore, security mechanisms are usually built into the devices to prevent privately created programs from being executed.

The security mechanisms sometimes have loopholes that make it possible to run homebrew software. Depending on the device and firmware , it may be necessary to install a modchip or insert a special module.

There are different views as to whether this restriction to official software titles through security mechanisms and their circumvention is legal. This monopoly could constitute an expropriation-like interference with the rights of the end customer and inadmissibly restrict the customer's freedom of choice. The end customer's right to free use (within the framework of the law) is opposed to the system provider's interest in making profits from the further sale of software.

On the other hand, a software offering expanded through homebrew titles can increase the attractiveness of a particular device platform. There are therefore manufacturers who do not incorporate any security mechanisms. For example, the range of functions of some Internet routers or print servers can be significantly increased.

Homebrew sees itself as legal and anti-piracy. The legal situation in Germany prohibits the circumvention of technical copy protection measures. However, it is unclear whether the homebrew software and changes to existing device software circumvent copy protection or just use protection - which is not prohibited. The homebrew scene is therefore in a legal gray area. However, console manufacturers are not allowed to tell customers what to do with the consoles or handhelds. This means that bypassing technical protective measures and using homebrews is legal. Most homebrew titles are created as freeware that can be redistributed for free. The distribution of copies of the commercial games is clearly prohibited in Germany.

Homebrew on different systems

Game consoles

Nintendo Gamecube

There are several options for the Nintendo Gamecube :

  • Method 1: soldering in a modchip. It is not necessary to enlarge the drive as the Gamecube can also read mini-DVDs that you have burned yourself.
  • Method 2: reloading unauthorized code. This is done by modifying the network traffic between the Gamecube and the Phantasy Star Online Server. If you redirect the connection to the PC, it is possible to execute copies and other unauthorized code via streaming .
  • Method 3: the SD media launcher. The simplest method is to use an SD card adapter in memory card slot B. A boot CD from the manufacturer allows unauthorized code and copies to be executed.
  • Method 4: modifying the MIOS. This method takes place in the Wii's Gamecube mode . By modifying the program responsible for the Gamecube mode, it is possible to start copies of USB and mini-DVDs. Any homebrew application available for the Gamecube can also be started on the Wii using additional software.


The Xbox allows you to run your own software after installing a modchip , which is flashed with an alternative BIOS . As an alternative to a modchip, there are also software modifications. Emulators , media players and other programs appeared for the Xbox . In addition to the Xbox Development Kit, an open-source development kit was later released with OpenXDK. Since the OpenXDK only reached an adequate level of functionality after the appearance of the Xbox 360, only a few projects were programmed with it. The homebrew developers do not have a license to use the Microsoft XDK, but innumerable privately created programs for the Xbox have appeared.

PlayStation 2

On the PlayStation 2 it is possible to run homebrew software by installing an extended bootloader on the memory card . These executable applications are of the ELF file type and give the console a few new options, such as acting as a media system via the SMS Player , emulating older game consoles such as SNES or starting PS2 games on the local and also from an external hard drive.

Sega Dreamcast

The Dreamcast of Sega allows the playback of CD-Rs without modchip or other conversions thanks to the compatibility of the hardware to MIL-CD format. Due to this peculiarity (and the powerful 128-bit hardware) a vital scene of enthusiasts has come together, which has so far developed almost a thousand programs and put them online free of charge.

These programs are mostly offered as simple files (" plain files ", for example, burned to CD-R using the Windows- based BootDream ) or as complete CDs in the Disc Juggler CDI format. Another common format is called SBI (SBI for " Self boat inducer "), which allows to burn multiple programs on a CD.

The spectrum of published software ranges from porting countless emulators from early 8-bit computers to 16-bit and 32-bit consoles, through multimedia applications to complex original developments such as Alice Dreams or Drill .

A large part of these publications have been legally developed using the free software library KallistiOS . Unlike the Xbox, official developer kits were only used in a handful of the earliest releases, such as QuakeDC from 2000, which is based on WinCE .

The use of KallistiOS and the replacement of the required boot sector (IP.BIN) with an equivalent and legal replacement file (written by LiENUS and published on January 15, 2002) also enabled commercial releases of games such as Feet of Fury (2003), Inhabitants , Maqiupai (both 2005), Cool Herders (2006) or Last Hope (2007) for Dreamcast via the independent labels GOAT Store Publishing and redspotgames . The release of Cool Herders made it possible for developers Harmless Lion Studios to distribute a port of the game to Nintendo DS through Alten8 .


The Wii does not offer any official developer kits for homebrew, but Nintendo would like to make homebrew options “less attractive” with the so-called Virtual Console (which can be used to download classics from the old days for almost any console). In addition, Nintendo is also relying on the new WiiWare channel, for which smaller developer studios can also develop without needing huge start-up capital. Audio and video files can also be played on the Wii via the photo channel - but only in AAC format on newer consoles with version 1.1 of the channel .

Despite these possibilities, both homebrew developers do not want to develop their own homebrew applications or the playing and software pirates GameCube - ISOs renounce etc.. Since February 2008 it has been possible to play homebrew on the Wii without the help of a modchip . Initially this was a savegame - Hack in The Legend of Zelda: Twilight Princess feasible. This possibility was made more difficult by the subsequent firmware update 3.4, but not completely prevented. The hack could only be successfully prevented with firmware version 4.0. With the release of firmware update 4.2, all homebrews have been removed from updated Wii consoles. Some time later, adapted exploits made it possible to execute and install unsigned code on the Wii again. The firmware 4.3 remained uncracked for a long time and you could only run homebrew by a complicated downgrade to version 4.1. However, it is now possible to run homebrew on 4.3.

In the meantime, an exploit has been published that enables homebrew on all firmwares (from 3.4).

The homebrew software enables the Wii console to be used as a media center in the living room. Open source programs for Wii have already been written for many areas.

Nintendo Switch

Exploits immediately after release

Soon after the release of the hybrid console, the first exploits, such as the exploit toolkit “PegaSwitch”, were published, which exploit vulnerabilities in the console's browser (or its WebKit rendering engine ). With the update to firmware 3.0.0, a way was found to start an unofficial web browser by changing the DNS settings. An exploit called “Rohan” was written for firmware 3.0.0 and presented for the first time with a demo homebrew at the 34C3 (34th Chaos Communication Congress) on December 28, 2017. In the beginning it was only compatible with firmware 3.0.0. Firmware 1.0.0 - 2.3.0 had to be updated via game, which required 3.0.0. The exploit and a corresponding launcher were released on February 19, 2018. The development of many homebrew applications was also started right away. A little later another exploit called "nspwn" was published, which allowed SigPatches for the first time. It also made homebrew compatible with firmware under 3.0.0. With the firmware update 3.0.1, Nintendo solved a serious bug in the SwitchOS service manager and also patched the WebKit exploit.

Tegra X1 Bootrom Exploit and Custom Firmwares

When a stranger published a bug in Tegra Recovery Mode (German: Recovery mode / Tegra RCM for short; not the official RCM in which you could perform a system update), the homebrew scene experienced a new boom. This error was found in the switch's bootrom and could not be corrected with a software update. This should allow permanent use of homebrew software and the console was then considered completely hacked. The exploit was given the name "Fusée Gelée".

If it was initially assumed that it was a purely software-based mod, it later became known that a hardware modification, albeit a trivial one, was required to use the exploit. This modification is necessary to get into the Tegra RCM. Initially there was only one test payload, later other payloads and tools were released a. also made the repeated hardmod at every start superfluous.

On July 11, 2018, Nintendo silently released a new revision of the hardware that Fusée Gelée patched. But there were two other known bugs in this revision: A userland bug with the name “nvhax” (fixed with 6.2.0) and a TrustZone bug called “deja vu” (fixed with 8.0.0). Since these bugs were fixed, the new revision cannot be modded with homebrew.


Game Boy

Companies such as Bung developed hardware flasher with which it was possible to save ROMs or play them directly on the Game Boy using flash cards.

Playstation Portable

With the PlayStation Portable (PSP) it was possible to execute your own code on the original, Japan-exclusive firmware (1.00) without any problems. In the subsequent firmwares, Sony tried to eliminate all bugs and exploits that made it possible to start unofficial programs. The homebrew scene responded by continually finding new opportunities. Finally, so-called custom firmwares were even developed on the basis of the official firmwares ; with them you have all the functions of the current official firmwares without having to forego the use of homebrew.

The PSP's homebrew scene is big; There are, for example, emulators for the Sega Mega Drive (Pico Drive) or the Game Boy Advance (gpSP) , and since programs such as Bochs , DOSBox and ScummVM have also been ported to the PSP, it is also possible to use PC programs on the PSP to a limited extent to use. Interpreters of individual programming languages ​​(e.g. Lua , Python ) have also been developed for the PSP in order to enable other hobby programmers to program in their simpler language. There are also many useful programs, such as the TempAR cheat program or some word processing programs.

GP32 and GP2x

The Korean company Game Park took a completely different approach with the GP32 . This handheld was initially intended to compete with Game Boy (among others), but then became open source relatively quickly , making it very easy to play homebrew. The successor - the GP2X - has been open source since its release in November 2005. Since then, countless smaller games, emulators and other programs have appeared for the GP2X.

Nintendo DS

Homebrew for the Nintendo DS can be started using a conventional NDS (slot 1) or GBA flash card (slot 2). They are written in various libraries in the programming languages ​​C / C ++ and Lua . To execute your own program code, the internal protection mechanism of the DS must be switched off. This is done using modified firmware ( FlashMe ) or a variation of the PassMe . This function is already integrated in the slot 1 variant. In December 2009, Nintendo suffered a setback in the fight against flash cards for the Nintendo DS. The manufacturer went to court against the French Divineo Group to prevent the sale of the modules, but the request was rejected. The judge also criticized the closeness of the handheld console . Maxconsole , the Divineo owner's console portal, claims that private developers have no choice but to bypass the DRM system in order to be able to program software for the console.

Nintendo DSi

Flash cards for the Nintendo DSi initially only supported DS mode. In early July 2009, the Twiizers team managed to run homebrew in DSi mode . Subsequently, the programmer "Wintermute" had a great success. He developed a "savegame exploit" for the DSi, with which one can write "assembly codes" in a file with saved game states ("save game file") from "Classic Word Games" and then execute them on the DSi. With the release of firmware version 1.4 for the DSi, all flash cards and exploits were temporarily blocked successfully. However, some cards can be used again after upgrading the flash card software.

In 2017 the first primary exploit called "UGOPWN" appeared for the free "Flipnote Studio", which made free homebrew use possible for the first time. This option is only available on consoles on which the program has already been downloaded because the DSi Shop has been closed. This exploit was later reimplemented under the name "Flipnote Lenny" and its execution was greatly simplified. With Unlaunch , the first boot code exploit was developed for the DSi, which executes its own code when the system is started, which enables permanent custom firmware.


With the "Hiya Custom Firmware" (short: HiyaCFW ) the range of functions can be expanded. In May 2019, “shutterbug2000” published an exploit for the preinstalled Nintendo DSi camera application called “Memory Pit”. Since then, after 10 years, every DSi (XL) console can be modded for free with Unlaunch and HiyaCFW.

Nintendo 3DS

Due to the backward compatibility with the Nintendo DS (i), flash cards for these consoles can still be used on the Nintendo 3DS as long as they have not been blocked by an update. However, since Nintendo has not updated the DS (i) whitelist database on the console since firmware version 7.0.0-13 (released on December 9, 2013), it can be assumed that Nintendo will no longer attempt to add DS (i ) To block flash cards.

The disadvantage of the DS mode of the Nintendo 3DS, however, is that DS software (and thus also homebrew applications) does not have access to the entire computing power of the 3DS. For a long time there was no commercially viable hack for the console. Unsigned code could only be executed with Hack Ninjhax from scene member Smealum . Here is a gap in the QR code - parser of the game "Cubic Ninja" exploited and an application on the SD card started, usually the homebrew launcher that works much like the Homebrew Channel on Wii. There are also ways to run homebrew applications without paying money, such as "Browserhax" and "Soundhax".

The Homebrew Launcher, which can be made to run on any firmware released to date (as of May 28, 2018), is able to start game cartridges that do not come from the same region as the console, and pirated games can be started however, do not use the homebrew launcher alone.

Unlike on the Wii, there is currently no way to permanently modify the firmware, which is why hackers have created so-called “Custom Firmware Loader” applications (rxTools, CakesFW, ReiNAND, Luma3DS etc.), with which the firmware can be checked without signature checks can restart. Any application, including pirated software, can be installed and executed without signature checks. In order to still be able to use Nintendo's online services and the latest games that require the latest firmware version, you create a copy of the system's flash memory (coll. "SysNAND") and copy it to a separate partition of the SD Card (coll. "EmuNAND" for emulated NAND ). The CFW loaders then start EmuNAND, which can basically be updated as usual.

Although there are also 3DS flash cards with which you can run 3DS homebrew and (pirated) software, they have hardly any advantages over custom firmware, especially since every .3DS ROM / software can be converted into an installable eShop "download version".

This homebrew with kernel exploit runs with the latest firmware version (11.10.0-43E, U, J as of September 19, 2017) As of firmware 11.4>, ARM9 kernel exploits obtained from the homebrew launcher can no longer be installed with a CFW, but only with certain requirements such as NTRboothax, DsiWarehax or Hardmod. In September 2018 a free method was developed with Frogminer again after 1 / 1.2 years with which 3DS can be modded with a custom firmware.

Official homebrew facilities

In the past, software pirates and homebrew hackers often joined forces to gain access to the systems. In the 7th generation of consoles , there were signs of a change in manufacturer policy. In order to reduce the number of attackers, manufacturers offer hackers the opportunity to get their own software up and running.

Sony PlayStation 3

Sony went the furthest here with its PlayStation 3 , which made it possible to install an alternative operating system, such as Linux , up to firmware 3.21 . An alternative operating system could not access the graphics acceleration because it was blocked by the hypervisor in order to make the development of homebrew games unattractive as a competitor to licensed titles. However, this protection has been broken.

In the current Playstation 3 slim , the option to install an alternative operating system has been removed. As mentioned above, with the firmware update to version 3.21 for the normal PlayStation 3, the option to use an alternative system has also been removed. Operating systems installed before this version were automatically deleted by the update. Sony cited cost reasons and security concerns as reasons for this approach.

Some PS3 hackers announced that they would release their own firmware version 3.21 with all the official features and the possibility to access alternative systems. This can be installed by downgrading to firmware version 3.55, which requires a hardmod.

Microsoft Xbox 360

Microsoft offers special developer kits ( XNA Game Studio ) and licenses ( Xbox Live Arcade ) for its Xbox 360 , with which you can develop your own games and market them online. Here the developer receives full access to the machine's performance using .NET languages for a fee .

See also

Individual evidence

  1. ^ Oxford English-Deutsch, Dudenverlag
  2. cf. , the decision C-355/12 the European Court of January 23, 2014
  3. Official SMS Forums. In: psx-scene.com. Retrieved January 7, 2016 .
  4. Official OPLv0.8 User Guides. In: opl.sksapps.com. Retrieved January 7, 2016 .
  5. New Ultimate Homebrew Guide (Wii) - by Wii-Homebrew.com v1.0
  6. Dennis Schirrmacher: Nintendo Switch: Hacker rebuilds iOS exploit and uses vulnerabilities in the browser. In: heise.de . March 13, 2017, accessed June 12, 2019 .
  7. Dennis Schirrmacher: Homebrew Launcher for Nintendo Switch released. In: heise.de . February 19, 2018, accessed June 12, 2019 .
  8. Hauke ​​Gierow: Tegra-X-1-Exploit makes the Switch hackable. In: Golem.de . April 24, 2018, accessed June 12, 2019 .
  9. Defeat for Nintendo: Alternative DS cards not illegal
  10. BREAKING: Judge rules Nintendo ILLEGALLY protects systems', should be like WINDOWS !!! ( Memento of the original from March 6, 2010 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.  @1@ 2Template: Webachiv / IABot / www.maxconsole.net
  11. hackmii.com DSi-Mode homebrew, anyone?
  12. github.com/WinterMute. (No longer available online.) Archived from the original on September 7, 2009 ; accessed on November 21, 2017 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / github.com
  13. System Menu 1.4. Retrieved November 21, 2017 .
  14. emiyl: DSi Guide. Retrieved September 27, 2019 .
  15. Overview of the updates of the Nintendo 3DS in detail
  16. Ninjhax: Nintendo 3DS cracked after three years
  17. The homebrew launcher
  18. Simple 3ds to cia converter
  19. ^ Felix Domke: Console Hacking 2006 - Xbox 360, Playstation 3, Wii , 23rd Chaos Communication Congress, December 28, 2006. Video recording.
  20. Geohots website