Hackers Seem Close To Publicly Unlocking the Nintendo Switch

Ars Technica reports that "hackers have been finding partial vulnerabilities in early versions of the [Nintendo] Switch firmware throughout 2017." They have discovered a Webkit flaw that allows for basic "user level" access to some portions of the underlying system and a service-level initialization flaw that gives hackers slightly more control over the Switch OS. "But the potential for running arbitary homebrew code on the Switch really started looking promising late last month, with a talk at the 34th Chaos Communication Congress (34C3) in Leipzig Germany," reports Ars. "In that talk, hackers Plutoo, Derrek, and Naehrwert outlined an intricate method for gaining kernel-level access and nearly full control of the Switch hardware." From the report: The full 45-minute talk is worth a watch for the technically inclined, it describes using the basic exploits discussed above as a wedge to dig deep into how the Switch works at the most basic level. At one point, the hackers sniff data coming through the Switch's memory bus to figure out the timing for an important security check. At another, they solder an FPGA onto the Switch's ARM chip and bit-bang their way to decoding the secret key that unlocks all of the Switch's encrypted system binaries. The team of Switch hackers even got an unexpected assist in its hacking efforts from chipmaker Nvidia. The "custom chip" inside the Switch is apparently so similar to an off-the-shelf Nvidia Tegra X1 that a $700 Jetson TX1 development kit let the hackers get significant insight into the Switch's innards. More than that, amid the thousand of pages of Nvidia's public documentation for the X1 is a section on how to "bypass the SMMU" (the System Memory Management Unit), which gave the hackers a viable method to copy and write a modified kernel to the Switch's system RAM. As Plutoo put it in the talk, "Nvidia backdoored themselves."

Re:You shouldn't have to depend on hackers.

[pots]

This is the truth, the parent AC doesn't know his gaming history. The Atari 2600 had no DRM and had huge problems with other companies making games for the platform, something that Atari had never anticipated. Nintendo's president believed at the time that this is what killed them. Not lack of royalties, but a flood of low quality games that Atari had no control over.

Whether this is true or not is debatable - they were a little too firmly dedicated to the 2600 and compromised subsequent platforms in its favor. Also, the controller for the 5200 was terrible. But this is the principle that Nintendo operated under, and it certainly worked out well for them. The NES was the first console with a DRM chip.

Re:You shouldn't have to depend on hackers.

[tlhIngan]

This is the truth, the parent AC doesn't know his gaming history. The Atari 2600 had no DRM and had huge problems with other companies making games for the platform, something that Atari had never anticipated. Nintendo's president believed at the time that this is what killed them. Not lack of royalties, but a flood of low quality games that Atari had no control over.

Whether this is true or not is debatable - they were a little too firmly dedicated to the 2600 and compromised subsequent platforms in its favor

Basically, what happened was EA and Activision happened, formed by a bunch of disgruntled Atari programmers. Basically Atari management refused to let the programmers put their names on the games and get some credit, so they left and formed EA and Activision. Since they were ex-Atari, they had all the inside knowledge on how it worked, so they started making their own games for it.

And make a ton of games they did - they kept cranking it out, because everyone wanted in on video games, so it was the best of times - crank out stuff. But then people came to the realization that most of what they had was... crap - churned out to make a quick buck because everyone was buying up games by the dozen - retailers were ordering hundreds of copies per store, etc. It was a boom time.

Then people realized most of it was crap and shovelware and stopped buying games. Retailers were stuck with thousands of cartridges and returned them in droves. Even worse, retailers were not buying games. Now this did not happen overnight, it basically took a couple of years where the video game industry declined. It became so bad, "video games" were a banned word at many retailers.

And this is where Nintendo comes in. They didn't call their system a video game system, they called it a toy, not to be sold in the now-banned video game section of the store, but where all the toys were. Problem number one - toy sections are girls, or boys. You can guess where Nintendo went, and potentially where we have such a gender imbalance in gaming today. (Check the ads - Atari ads always showed a relatively balanced family - mom, dad, son, daughter, playing their game system. Nintendo, though, showed only boys. No girls, no adults (it was a toy)).

Anyhow, the other reason for it is obvious - few people care about homebrew games on switch, everyone wants pirated games. So cracking the Switch really is for everyone to not pay for games ever again. (And ironically, this time around, it wouldn't be Nintendo strangling 3rd party developers). Face it, that's the real truth behind all the hacking.