Bleemcast conspiracy *disclaimer tin foil necessary*

General Dreamcast discussion applies here. Before posting here please check the other forums in the Dreamcast section to see if your topic would fit better in those categories.

Moderators: pcwzrd13, mazonemayu

Forum rules
Please check the other forums in the Dreamcast section before posting here to see if your topic would fit better in those categories. Example: A new game/homebrew release would go in the New Releases/Homebrew/Emulation section: http://dreamcast-talk.com/forum/viewforum.php?f=5 or if you're having an issue with getting your Dreamcast to work or a game to boot it would go in the Support section: http://dreamcast-talk.com/forum/viewforum.php?f=42
|darc|
lithium
Posts: 46

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#41 » Wed Oct 16, 2019 4:01 pm

Ian Micheal wrote:I have done a file compare with the leaked beta and the orginal files with flexhex they dont share anything in common at all no match.. so wtf lol


Like I said in the previous thread, the IP.BIN likely has a simple decryption algorithm for a key that's stored in flash.

Remember, homebrew authors have to use a scrambled binary, and Echelon's binhack puts a scrambling routine in IP.BIN so that you can store binaries unscrambled (which get double-unscrambled when loaded by the BIOS and re-scrambled to be "plain" during the bootstrap sequence).

The only speculation being made here is that the bleem guys did the same thing but used a custom routine with a unique key for each build instead of the same routine for every user. This would be so easy and trivial but SMiTH wants to act like it's out of this world next level hacker shit.

If you're familiar with how the bleemcast final version works it does all kinds of similar loading tricks with the IP.BIN, not with an encryption key but the normal bootbin field is a red herring and the IP.BIN actually does many custom loading routines for getting the emulator into memory.

|darc|
lithium
Posts: 46

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#42 » Wed Oct 16, 2019 4:08 pm

SMiTH wrote:Ian this is so epic.
Thank you.

I also had a theory that the bleem beta colors were based on the rainbow series dod security books lol
Now I have even more questions about the bleem betas.
The origins of the leaked bleem beta.
The difference between the publicly available leaked beta and this new source.
When will it stop?
:)


lol these are the same files I already have and have been referencing this whole time, they are even indexed in Trurip as Dreamcast (Non GD-ROM)\Applications (bin)\Bleem Rainbow Books (USA). This is nothing new

SMiTH
Black Mesa
Posts: 1492

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#43 » Wed Oct 16, 2019 4:12 pm

No, darc I am saying to those who know about this stuff it seems super simple.
But to the rest of us it is out of this world next level OMG AcidBurn/Crash Override shit lol

|darc|
lithium
Posts: 46

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#44 » Wed Oct 16, 2019 4:21 pm

SMiTH wrote:No, darc I am saying to those who know about this stuff it seems super simple.
But to the rest of us it is out of this world next level OMG AcidBurn/Crash Override shit lol


you should read about the security of the final version then, that is really next-level shit.
There's a bunch of different loading stages and each stage results in a decryption key that gets put into the next stage.
It is truly ridiculous and no one has yet to strip all of the protections out completely still to this day, although japanese_cake is working on it and is close to doing so

|darc|
lithium
Posts: 46

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#45 » Wed Oct 16, 2019 5:12 pm

while doing some googling I found this post from you SMiTH:
viewtopic.php?p=64829#p64829

SMiTH wrote:for some reason the ip.bin and the bleem beta bin does not need to be binhacked?


IP.BIN binhacking = inserting the Echelon in-memory scrambling routine (sorta similar to encryption)
When the DC loads a MIL-CD, it does a decryption (descrambling) routine on the binary, so the binary has to be "scrambled" (encrypted) on the disc.
To get around having to scramble the file on the disc, Echelon's binhack puts an in-memory scrambling routine into the IP.BIN. So the DC scrambles the binary and descrambles it right back. And then runs the software.

It doesn't need to be binhacked because bleem is using a completely custom IP.BIN!
Compare the IP.BIN from Heartbreak Diary and the one in ISO16.RAW and you will see the custom code added in.

1. Custom IP.BIN confirmed by SMiTH
2. Ian points out all 5 color binaries are completely different with no similar bytes when comparing in hex editor = confirmation they're encrypted

By following the testers instructions we know:
1. All had the same exact custom bootstrap on their disc
2. All had different encrypted main binaries that supposedly result in the same exact decrypted binaries

Then also what SMiTH posted in that above thread:

SMiTH wrote:

Code: Select all

Here is extra info included - BETA Known Protections
================== ==================
- basically what happens is it copies its own data to 0x8c00f??? range
- then decrypts that data using a v.simple algorithm
- a mixture of a key in GR14 and using the XOR instruction

0x8c00f1ec: MOVLL (R2) --> R0
0x8c00f1ee: DT R1 - 1 --> R1; if R1=0, T=1, else T=0
0x8c00f1f0: XOR R0 ^ R13 --> R0
0x8c00f1f2: ADD R0 + R14 --> R0
0x8c00f1f4: XOR R14 ^ R13 --> R14
0x8c00f1f6: SUB R13 - R0 --> R13
0x8c00f1f8: MOVLS R0 --> (R2)


I don't know where you got this info from, but this is right on target with my speculation that bleem beta is just doing a similar thing to what the Dreamcast already does (descrambles/"decrypts" the binary upon loading) but that the bleem guys put a custom decryption routine in (just like you always put in a custom encryption routine every time you run binhack.exe on the IP.BIN), the only difference is that there needs to be something in the flashROM or BIOS to make that custom routine work for each tester.

SMiTH
Black Mesa
Posts: 1492

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#46 » Wed Oct 16, 2019 5:32 pm

darc, this is hilarious to me.
so not knowing it, i confirm a custom ip.bin
then after countless digs for any info about bleemcast beta i stumble upon a custom decryption routine.
and this all proves that the 5 dc thing is true.
OMG lol
:)

SMiTH
Black Mesa
Posts: 1492

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#47 » Mon Oct 21, 2019 6:35 pm

Continuing the bleemcast convo from earlier...

|darc| wrote:Why is it unbelievable that the NFO file that came with it would explain the true nature of the files?
If Rand Linden leaked the emulator on purpose, why would he lie about what the colors are for?


Well, I tend to want to find out for myself..especially when not knowing the source of the files.
And not knowing the validity of the information found in the .nfo
Also considering if this was a leak, then everything should be questioned.

|darc| wrote:Ian literally just said above that he did not test anything other than the blue beta.
Yellow/Green/Orange/Purple were never released in a cracked form online as far as I know. Please give me a link to one of these purported Yellow builds.


I am referring to the different betas that have been floating around the web since 2003.
Some claim to be blue, others claim to be yellow.
Who really knows?

Check attachments.
bleemcast.rar (allegedly YELLOW) 2003
bleemcast.zip (allegedly BLUE) 2003 by Jeffma
Bleem!cast Beta Boot Disks.rar (YELLOW?,BLUE?) *from dcisozone 2009ish

|darc| wrote:Because they are intended for different people using different Dreamcasts. This is really simple and you're making it out to be something tremendous.


I am making it out to be something tremendous because the amount of effort that was put into protecting bleemcast code was definitely insane.
The betas and then the final retail product was treated like something out of a james bond movie.
I find that to be way over the top.

|darc| wrote:The fact that you think they would keep this charade up for years -- to what end? -- is ludicrous.


They only had to speak about it once and it was taken as truth.
There is no reason to keep a charade up.
They already convinced the public.

|darc| wrote:What are you talking about, top level security clearances and practices seem like a joke?
Rand already said it was like maybe 10 lines of code to protect the beta.
You are really blowing this out to be more than it is.


To you it seems super simple.
But it doesn't change the perception that the paranoia level was heavy within bleem!


|darc| wrote:Every Dreamcast game has code in the IP.BIN that writes to a log in flash partition 3 with a record of that game on the system.
The code to do this is trivial.
It would be extremely simple to put a record on that flash partition on 5 Dreamcasts and give them to the employees of bleem! who were testers and have the bootloader Rand wrote check for this.


I still do not see the point in doing this.
Even though I now believe that it was done. {{maybe? or BS...}}
But why?


|darc| wrote:You have nothing but your own imagination.

I have my past communications and relationship with Rand Linden and one of the beta testers, all the public statements made by Rand and Rod, the NFO file that came from the same source as the actual binaries with no specific reason do doubt its veracity, the fact that the people who ended up cracking it never made any claims to the contrary to the NFO file and confirmed that all 5 builds are the same, and that someone like FG who spent hundreds of hours trying to reverse engineer the bleemcast releases and is very familiar with them agrees with it.

And you call what I'm saying 'utter bs' :lol: :lol:


Yes, all I can go by is what I think of the matter.
As for rand my point was its not like you can ring him up right now and discuss bleem! with him?
And I am not saying what you said is utter bs..
I am saying that my opinion differs.
About FG I truly respect the guy, I just wanted to find out for myself if the story of 5 dc's , 5 beta colors was bs or not.
I have concluded that it is not a conspiracy and it was actually true.

|darc| wrote:All 5 colors wouldn't boot it. So what? So his Aus copies are incompatible for whatever reason? This proves what exactly?


Ian said that the yellow booted the AUS copies and the blue did not.
That made me believe that there could be region code differences in the betas.
But maybe it was a misunderstanding or a good troll.
Either way it is still interesting to me.
Attachments
Bleem!cast Beta Boot Disks.rar
(728.04 KiB) Downloaded 316 times
bleemcast.zip
(361.64 KiB) Downloaded 294 times
bleemcast.rar
(1.59 MiB) Downloaded 318 times
Last edited by SMiTH on Sun Nov 17, 2019 6:01 pm, edited 2 times in total.

User avatar
deluxux
Black Mesa
Posts: 1400

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#48 » Mon Oct 21, 2019 10:04 pm

""Ian said that the yellow booted the AUS copies and the blue did not.""

I'd like to confirm that if you know of a source of some AUS games.

SMiTH
Black Mesa
Posts: 1492

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#49 » Mon Oct 21, 2019 10:15 pm

same here deluxux

SMiTH
Black Mesa
Posts: 1492

Re: Bleemcast conspiracy *disclaimer tin foil necessary*

Post#50 » Thu Oct 24, 2019 4:21 pm

So, I have updated the first post..since it is proven that the 5 dc, 5 betas was true.
The only conspiracy left is the "leak", intentional or not?
bs or not? lol


I attached 2 bleem!cast things that I found using webarchive.
bc.zip (another cracked bleemcast .nrg)
mgs.rar (metal gear solid vmu save file)
Attachments
mgs.rar
(16.97 KiB) Downloaded 288 times
bc.zip
(359.33 KiB) Downloaded 310 times

  • Similar Topics
    Replies
    Views
    Last post

Return to “Lounge”

Who is online

Users browsing this forum: Google [Bot], Majestic-12 [Bot]