wait... new versions have malware?

@4 i've been using new version of pj64 for 8 months 😭😭

I used the older version of Project64 because Ocarina of Time mods crashed on the newer version. I think that's why many people prefer the older version.

Except they don't? I use Project64 2.3 and so long as you don't have an attention span of a TikTok child you can just opt out of the adware in the installation menu. You will be left with the nagging, but it's easily disabled in the configuration files. I never had any issues with Project64.

Been also using the latest version of Project64. How do I know if my installer is clean or compromised?

Yeah 😂

I guess he really did give us up 💀

​@@TMHLBPFanI don't blame him

@@WyvernLP Better than Ohio skibidi toilet among us palestine amazing digital circus

Funniest thing is, he probably already played a role in XSS vulnerability or another RCE vuln

Dear foreigners, "Project 64," despite being pronounced as if spelt "Project sixty-four," is not supposed to be spelt with "S." Therefore, Project 64 is not secure.

my guy 👍

to be fair, they fixed that bug over a decade ago before this exploit was discovered.

Project Secureixty-Four?

@@thewhitefalcon8539 🌮

If she didn't trust the file YOU made and sent, there's something else you need to be concerned about.

@@gluttonousmaximus9048 some people are just really scared of running stuff on their pc lmao

@@gluttonousmaximus9048 my mate is kinda paranoid about those things (good reason too, people on discord get hacked all the time, so if my account had been compromised that could be a way in)

If you sent it to her by Discord, then she did the right thing.

@@muizzsiddique aye, she's a smart cookie - that's what I like about her

who was it made by or did Kaze make it?

I wonder if you can detect PJ64 so it doesn't crash real hardware/other emulators

​@@notalostnumber8660It's def possible using a silent and timed payload.

​@@Kat-01 Devwizard made it

@@notalostnumber8660 this exploit has no effect at all on real hardware.. and most likely no effect on any other emulators. So basically automatically detects PJ64 bc it will only work on there.

I feel like there's an easier way to get RCE with a crafted ELF and a program willing to execute ELF files...

@@kodicraft The ELF files are supposed to be executed as GBA binaries within the emulator sandbox, not host binaries running outside the emulator. Should have clarified.

damn, when i play mmz2 i get the elf wars irl

There is a reason (actually more than one) why it’s called Very Bad Amulator

I'm a bit confused. It's been awhile since I dabbled with emulators, and VBA used to be the chosen one akin to P64. So... did someone figure out the Dolphin compatibility for the GBA Link up functions for the systems? I thought that was the main reason people kept using it.

Anything can happen in a roll hack after all

isn't it sandboxed by default in most emulators? lua was designed for this after all

@@v0xl yes, but it still opens a window for vulnerability, if the sandbox implementation is flawed. A high profile sandboxing flaw are what led both PS4 and PS5 to be jailbroken from a web exploit, for instance.

At least you could read one before running it

@@kolskytraveller1369 I hope that means that it is like a batch file.

@@v0xl Lua in emulators have kept the ability to load compiled C libraries as a useful tool for script creators. Most popular C library is probably LuaSocket which works great in emulators that didn't already include a socket library.

When/if that happens, I'll need to get it.

Figured someone would just make a version that works best. Though, I thought someone would just remove the nag screen on a newer version.

@@medhathobo That's already done, it's called Luna's Project 64 and it's the cross-platform Win-Linux fork. It's forked from 2.4 and it removed the nagware and has a bundle of pre-config'd plugins

Huge

wouldn't it be a good idea to pin this comment? @KazeN64

B3313 with a crash that crashes your computer would go so hard 🔥

@@MarioKartSuperCircuitme using a virtual machine

People are still talking about those? One of the dumbest "recent" trends. Creepypasta are classics but if you try to do it nowadays its just laughable.

@@SilentOnion Most of the mario 64 creepypasta hacks have died out The only reason why B3313 is actually like popular, is because of how massive the romhack actually is It's like 420 worlds btw, and it does great montage to the Greenio ARG series, while doing the most insane things

God no, that stuff was unbearable slop as is.

Same xD

Ended up doing much the same, though the move was less for that reason and just, well, Retroarch. “Wait, so this is a ton of emulators wrapped into one? Sign me up!” Of course, the problem there is that it’s harder to adjust settings for individual emulators in Retroarch. Bit me in the @$$ recently when DSemue decided that pressing B on Deck/A on DS force quits the emulation.

@@isenokami7810 Another issue with Retroarch is that the compilation is often less polished than just having each emulator individually.

Mupen64 is the way! As soon as Project64 started looking sus, I switched over and never looked back. No Retroarch for me though - I like the concept, but in practice it just gives me a headache. I run Rosalie's Mupen GUI, it does a nice impression of PJ64.

@@lpfan4491 Learned something along those lines when my Zelda Randomizer journey got to Wind Waker. WW Rando just about worked on Retroarch, but photos with the Picto Box wouldn’t show up (though they’d still count for triggers) and it was prone to crashing. And I think it was JUST Wind Waker I could get running. Ultimately I just got Dolphin standalone, and the big emulator bunch I got for Steam Deck has Dolphin separate too.

It's a pretty basic issue I'm seriously questioning how hasn't been brought up until now. Certainly he can't be the first to realize this exploit. Chances are most rom hackers of back then would stay quiet on this...

@@nicklespale22 It's probably been brought up repeatedly every few years, these things usually are when they date back that far in the history of less-than-entirely-accepted programming. Trying to find out who's personally responsible for oversights like this is next to impossible and almost as impossible as finding out who first discovered the vulnerability, described it in an online post somewhere and was ignored by everyone else. It sure wasn't me.

Wisdom from Mononobe no Futo

​@@heyhackursFr

​@@heyhackursFor real.

zsnes is still sort of the mainstream emulator sadly, probably because it has the best interface of all emulators

@@standoidontwantalastname6500 What about ZMZ? Do just not enough people know about it or is there something else?

The only good thing about ZSNES is that it's very nostalgic... Other than that, oh God not ZSNES

Isn't ZSnes still the major emulator for experimental romhacking-enhancements like widescreen? I don't remember because I admit, I always only used Snes9X.

​@@standoidontwantalastname6500Use ZMZ.

"if it ain't broke, don't fix it" is an all too common fallacy to clarify, I meant in general. not the emulator specifically

​@@Spax_well that and newer emulators have much higher system requirements than pj64 and I assume the speedrunning communities for most n64 games want to make it as accessible as possible, but at the same time project 64 isnt particularly accurate which is why emulator and real console always have to be separate categories for n64 speedruns so maybe n64 speedrunners should just tell people to git gud and "just buy a better pc", idk

@@Spax_ that's not a fallacy, its just out of place. this thing is really broken and needs to be fixed, so that argument never applied to begin with.

@@freedustin As broken as the Atari Jaguar CD amirite?

@@ExtremeWreck i just felt a part of my soul shatter the way it usually only does when I hear "the phillips CD-i controller".

Yep, they're compatibility layers to allow windows programs to run as if they're linux ones, and as such, you should only run programs you trust in them

Heck, even Windows malware can oftentimes do their job under Wine. By default, Wine mirrors your user folders inside the simulated Windows filesystem, so ransomware has no trouble finding your data and encrypting it. Stay safe out there, folks. It's a lot more inconvenient, but simply installing the flatpak version of Wine under a different user and switching to it to run Windows software, while inconvenient and tough to set up, will do a great job to keep your OS safe.

I believe Steam runs games in a sandbox, but the point still stands.

Yes, and while they absolutely shouldn't be seen as any kind of security tool, it can take additional work from a malware developer for non-trivial things. You have to check if the system is actual Windows or Wine, then write Linux-specific functionality to actually damage the host system (enable auto-starting, infecting system files, etc). I find it unlikely someone would go through that extra effort unless they had reason to believe it would be very easy to deliver to Linux users.

Joke’s on that, I couldn’t figure out how to make Wine work in the first place. And frankly I’ve gotten so used to sticking to Linux for the Deck that I don’t care about learning anymore.

there are a few emulators with confirmed similar bugs already!

​@@KazeN64is there a list?

oh this will be interesting i would be a good idea if something bad was found to also check the alternatives if they have a similar problem

I hope this does not affect duckstaion, 🐬,citra,cemu,pcxs 2

​@@KazeN64 can you share that information? Where did you first read about this issue with pj64? I am curious as to which forums can people read to be properly informed.

Thats likely parallel launcher. It has a few things to integrate with rhdc

You have never heard of it?

​@RoseQuartz692 nah

@@gibberishdump1610 how

@@RoseQuartz692 green beans

use a rommanager for verification, checksums are a thing

At this point I just assume hackers can use pretty much any file type to execute an attack. You know it's bad when you've gotten paranoid about downloading image files, like me, because maybe some hacker found some ultra obscure vulnerability in the photos app or smth.

​@@MultiCool55 And you wouldn't even be far off. At one point, people were hacking people's computers through Team Fortress 2 sprays and Minecraft skins by hiding code in the image files. More recently, a libpng vulnerability was discovered that affected everything that has ever used libpng, including most browsers, apps, and Discord. Sooner or later they'll probably be able to poison you by hacking the Apple Water Bottle™️ and injecting poison.bin into your liquid.

A similar thing was discovered in ZSNES a long time ago.

@@MultiCool55 only unusual image formats should concern you, it's really not that bad. lol

I was blown away when I was watching a video on the history of SM64 hacks and got a look at what Parallel could really do. I have it through Retroarch…and mainly play on the Steam Deck. So that potential is shackled twice over with how I have access to it. I could get it separately on my laptop, but that’s Windows. Not sure what the problem would be, but doesn’t sound like you recommend it.

@ami7810 the steamdeck is just running a modified version of Arch Linux isn't it? should be able to access the AUR to install it if that's the case (but arch being arch something might break if you're not paying attention lol). and there's no problem with the windows version, it's just one of the only cross-platform ones whereas others are windows ONLY (linux wasn't as big 20 years ago except for server stuff so was never developed for it). robomike said Vinny mentioned it, and he's a windows user, so yeah edit: just did a quick sanity check and apparently the steamdeck has flatpak compatibility built in, so you could just grab parallels off the flathub (or the Discovery app in case of steamdeck) and go that route since it has no chance of breaking (flatpaks are containerised, nothing on your system gets installed/modified, so they don't risk breaking your system)

What can it do that rmg can't?

yeah well I am on windows and I HATE IT! Is there a safe version of PJ64 or is my version safe? Mine is version 2.3

Unfortunately it seems to not run some rom hacks for me

It's sad too because some mods can only run on P64, but I dislike P64 a lot so I just avoid it

It almost feels like the Project64 developers have completely lost any sort of passion for making the emulator & now see it as nothing more than a paycheck.

I use the project 64 version recommended by B3313 in one of their video descriptions, which seems like a modified version of the emulator, I think it's lunar's or smth? Is that one safe?

@@mariotheundying Luna's Project 64 is a good one. From the dev's site on what's different from normal PJ64 "This is a build of Project64 3.0.1 that I made to have a Linux compatible alternative to 2.4 (Yes, it works on Windows too). It removes the nagware and adds all of the good plugins for SM64 romhacks with good settings. Read the info below, then download it by clicking the icon on the left." Kaze says the vulnerability isn't present in PJ64 versions past 1.7, so this is safe (it's using a fork from PJ64 2.4 that's intended to work on both Linux and Windows and it's currently on version 3.0.1)

yes i only use mupen64plus (and various versions of it like simple64 aka m64p) because i only use linux and that is the best one for linux

MM has SO MANY GRAPHICS BUGS in emulation. Currently funnily enough the best way to go emulate it is to get citra and play the 3DS version. I'm not messing with you, the 3DS version has less issues than the N64 version emulation wise. (if you have a Gamecube IRL that can play disc ISOs, get the Zelda Collector's Edition disc that came with Wind Waker, it has the least broken version of MM that's emulated).

​@@neoqwertyThe 3DS version is NOT the best version, unless you're also using a mod in Citra that fixes a few things. Sure it looks great, but a lot of stuff they did is really bizzare (especially the swimming)

​@@neoqwerty this hasn't been true for a very long time, you can just use parallel launcher OR ares if you have a decent pc, the latter being the most accurate n64 (and snes!) emulator out right now. if you want qol features then you can use majora's mask redux, which is a much better qol improvement than even the 3ds version

@@Infindox The reply was about emulation-compatibility, not the game itself.

@@neoqwerty dolphin works too as an emulator for the GC Collectors Edition version which is what I do, can do graphical enhancements like upscaling and texture replacements and all that jazz, though the decompile project for MM is 93% done (OOT is already 100%, and has been ported to run on PC natively by someone else, moddable and running at 60fps) so I'll be swapping to that once it's finished. only downside with the dolphin version is the FPS - since the game's physics are tied to the framerate, it needs to be modified on the code level for it to not break so I'd advise against the 30/60FPS hacks. the PC porters should fix that like they did with OOT

yep - imagine a Mario 64 ROM that acts like it's haunted by screwing with your computer as you play it could kill explorer or minimize all other applications, although you'd have to be careful because there's a point where the game straight-up becomes a virus if you go too far with this concept :P

@@SKCro.Playing hacks on console should start becoming more common then cause there's nothing else the console can do other than work within the game.

@@SKCro. SM64 can't close Explorer, unless it's an .exe game programmed to do this.

Get ready, the next generation of Ben Drowned is gonna be hilarious AF

Depends on what you mean by downgrade. The newer versions have better compatibility, but are less mod-friendly.

What's wrong with PJ64 3.0? And soon we 4.0 will see the day of light.

the downgrades is that other emulators cannot make games run in 21:9 without stretching the image, PJ64 1.6 could...

Really, downgrades is never a great reason not to update an emulator because the improvements are going to outshine it over time. Especially considering it's still open source and you can potentially get someone who knows code to restore cut features.

This is a bit of a strange take. You can still use 1.6 if you want to, just don't run untested/untrustworthy ROM's on it, keep it to strictly only ROM's you've checked the SHA-256 on. It's not like you can't have multiple emulators installed if you really want to try the latest and greatest random modded ROM from user25832.

+1, I use it and it's good but the vulkan rendering backend crashes a lot

It's just 30 seconds, man... That's less time than it takes for most roms to get past the intro sequences.

@@Crazy_Gamer_OGThat is objectively untrue. In fact it's made worse that the intro sequences happen only after the 30 second waiting period. Don't stick to PJ64. It's actually awful at emulating the N64 accurately and is the bane of most decomp romhackers for its many issues with displaying materials wrong. Pleasure just use Parallel Launcher, you have so many more options and plugins for emulating N64 games.

​@@Crazy_Gamer_OGagreed. I haven't used PJ64 as much recently, but I accepted it's just part of using it. Besides, they put in a lot of work to get games working at all. It's a small price to pay for being able to use it. Besides, I would support emulator devs if I could, I just don't have money to.

In fact you don't need to wait 30s, when you launch the emulator at the beginning you just have to right click on PJ64 in the taskbar and then click on Project 64, the emulator will restart without displaying the donation screen!

@@mozydiaz8296 Also they figured out launching it through a batch file that bypasses it

Explain *JACKED* real quick, if you'd please.

​@@mightywaranvil2912 getting fuckin ripped man, like buff AF. Muscles for days son.

@@trulyinfamousbro was thinking "jacked" as in "jacked off" 💀

you talking about virus rom one or sub one?

I was talking about the last clip with the "anti-piracy" feature. Not the outro.

@@itranscendencei7964 that what sain "pj664 not supported" and crashed PC?

Yes

NtRaiseHardError with OptionShutdownSystem still causes a BSOD on windows 11.

It can't unless you run It as admin.

@@ehs03y3ol then I hope that he ran pj64 as admin to implement this joke only, and that it's not required to run pj64 or any games for that matter.

@@ehs03y3ol it doesn't require admin to use NtHardError to create a BSOD.

Did you run random mods from unknown sources before?

Luckily, I only use the emulator Neko Project II, to play Touhou 1-5 xd

If anything, it became the villain a decade ago when they started bundling malware in it, even if they did eventually sort it out.

You either die a Kega Fusion or live long enough to see yourself become a PJ64.

​@@acronym.4328 Gens: I ain't a legend? I can run 32x!

Project 64 was never not the villain, from when they only released the source code to old versions, to now

​@@thewhitefalcon8539Is only distributing in source code an evil thing?

Prpject 1.6 is very old, did you really predict it when it already happened

Our savior!

My knowledge was always that 1.6 was fine but after that they went off the deep-end with malware & stuff

+1

There are certain safe versions of it I've used in the past (I believe they were community forks) but yeah PJ64 is the anti-Dolphin. Where Dolphin is almost better than the original hardware and flawlessly integrates multiple play styles, PJ64 is pretty stone age still to this day

Same. I've used Simple64 for a long time, and now that Ares works with the OoTMM combo randomizer that's become my main

PJ64 it's the face of the sad state of N64 emulation. So many people using this crap simply because there aren't many good alternatives. It's awful to have to rely on outdated plugins to run N64 instead of running everything natively. The same thing was happening with the PSX emulation, where ePSXe was the standard but it was terrible, an emulator worse than PJ64. If you didn't want to mess around with plugins, you either had to use the even older PSFin, completely outdated with no usuable configurations; or Mednafen which doesn't even have a GUI, making it a huge pain in the ass to use. Then Duckstation came along and improved everything, no need for plugins, command lines or outdated code, works out of the box and with a great optimization. I just wish we have a good N64 emulator just like Dolphin or Duckstation.

yep, it's just that people still use it so they have to be warned

i had the same concern about posting the video for this reason, but the people that found the exploit thought it was a better idea to warn people.

To be fair this vulnerability could've been discovered by hackers at one point, we never truly know.

@@LerrycapetimeThere likely would have been warnings and it would've become common knowledge or something like that if it was exploited already.

It's **never** a better idea to ignore serious sercurity issues. In **some** cases, it's considered polite to notify the company who makes the product first and give them some time to fix it. But since the bug has appareantly already been fixed in newer versions, ignoring it just means people don't know the risks they're unintentionally subjecting themselves to.

@@AliceGorgoniaThis just doesnt work with what I've already replied and the comment itself

if there is a checksum verification, it should be fine (since that'd mean noone could have edited the official rom). but if it says unknown checksum, it is not 100% safe. though i dont think anyone would have put the exploit into a rom this fast.

@@KazeN64 My apologies, but if I may, how would I check to see if my checksum is verified or not?

Parallel launcher uses retroarch so I'm guessing it's fine, but I'm not an expert in programming stuff idk

That's what I did in my ancient emulator years ago. The lookup tables got huge but ram was getting plentiful in the early 2000s. I am guessing zil didn't want the increased ram requirements

Actually Project 64 can run some few games that even the other ones couldnt do it perfectly and cant make you get softlock, like Rayman 2.

@@sebastianaliandkulche but why would you play rayman 2 on the n64

@@based980 Does that care? Why people play NFS MW on PS2 when its on PC? Why people play Big Rigs if we all know is a piece of trash? Why people use emulators when they have the original hardware? Sometimes there is not a clear answer. The only thing that matters is the actual solution.

​@@sebastianaliandkulcheWhich is absolutely worth pursuing, but I think the point being made is that *most* people who use PJ64 would be better off on a different emulator. There will be a few people who have very specific use-cases as always with existing software. Hell, some people still use MS DOS

@@mgord9518 Yes, but i cant play a few games in other emulators than PJ64. Plus PJ64 is way better optimized. So you give me the reason or not?

old roms will be fine