Demystifying the Bandai Pippin Developer Dongle
I’ve had my Bandai Pippin @World for years. The Pippins were game consoles manufactured by Bandai based on the PowerPC Macintosh. It runs a special version of Mac OS 7.x. Pippin CDs can actually be played on PowerPC-based Macs (I’ve played Mr. Potato Head on my iBook G3). The Pippins were initially released in the Japanese market labeled as AtMark, and subsequently released in the U.S. labeled as @World.
Pippin CDs contain a regular HFS file system. The CDs contain a hidden file under the root folder, named “PippinAuthenticationFile”. If this file is invalid or not present, then the Pippin does not boot. This mechanism serves as Apple’s approach to prevent homebrew development of applications for the console. Of course, it does not prevent piracy, because a copied CD would still have the same authentication file.
There is an interesting write-up of the authentication mechanism at Hacking the Pippin. From my reading of the SDK documentation, a developer would write the application, and once ready for production, the application is sent to Apple. Apple would create the corresponding authentication file and send it back to the developer, which then gets included into the CD master for mass production. Each authentication file is different – perhaps some hash calculated from other contents of the CD (if anyone knows how, please contact me).
Aside from testing on PowerPC Macintosh systems, how would the developers have tested their applications on the console itself? It seems that the newer 1.3 ROMs do not perform the same authentication process, but I think these ROMs were only present in the units supposedly available in Europe, prototyped for release by Katz Media. The common AtMark and @World units I’ve seen all have the 1.0 or 1.2 ROM.
The special dongle, which previously has been suspected to be needed to generate the authentication file, seems to actually be another mechanism to disable the authentication process. Developers were provided these dongles so that they could test the application on the Pippin even before they send the application to Apple to create the authentication file.
The dongle has a standard ADB connector, so an ADB adapter is needed to convert from the Pippin’s flat “ADB” port to the standard ADB port. I have what I think is a developer controller that has a standard ADB connector. This controller chains to the dongle and behaves like a regular Pippin controller.
I took a regular Pippin CD, made an ISO image of it, and edited the HFS file system in the image to remove the authentication file. I burned the updated image back to a CD, and tried to boot the Pippin from that. Sure enough, without the dongle, the Pippin rejects the CD. But with the dongle attached, the Pippin merrily loads and runs the application from the CD.
The Pippin platform has been out of support from Apple for so many years now. I just wish that the algorithm that produces the authentication file could be publicly documented, so that retro-computing enthusiasts can continue making homebrew applications for the platform.