Hackers Seem Close To Publicly Unlocking the Nintendo Switch

Ars Technica reports that "hackers have been finding partial vulnerabilities in early versions of the [Nintendo] Switch firmware throughout 2017." They have discovered a Webkit flaw that allows for basic "user level" access to some portions of the underlying system and a service-level initialization flaw that gives hackers slightly more control over the Switch OS. "But the potential for running arbitary homebrew code on the Switch really started looking promising late last month, with a talk at the 34th Chaos Communication Congress (34C3) in Leipzig Germany," reports Ars. "In that talk, hackers Plutoo, Derrek, and Naehrwert outlined an intricate method for gaining kernel-level access and nearly full control of the Switch hardware." From the report: The full 45-minute talk is worth a watch for the technically inclined, it describes using the basic exploits discussed above as a wedge to dig deep into how the Switch works at the most basic level. At one point, the hackers sniff data coming through the Switch's memory bus to figure out the timing for an important security check. At another, they solder an FPGA onto the Switch's ARM chip and bit-bang their way to decoding the secret key that unlocks all of the Switch's encrypted system binaries. The team of Switch hackers even got an unexpected assist in its hacking efforts from chipmaker Nvidia. The "custom chip" inside the Switch is apparently so similar to an off-the-shelf Nvidia Tegra X1 that a $700 Jetson TX1 development kit let the hackers get significant insight into the Switch's innards. More than that, amid the thousand of pages of Nvidia's public documentation for the X1 is a section on how to "bypass the SMMU" (the System Memory Management Unit), which gave the hackers a viable method to copy and write a modified kernel to the Switch's system RAM. As Plutoo put it in the talk, "Nvidia backdoored themselves."

You shouldn't have to depend on hackers.

Why doesn't Nintendo just allow people to use these computers as they see fit? Why must one always struggle for freedom from the Dear Leader?

Re: You shouldn't have to depend on hackers.

[c6gunner]

It's to prevent the 99% of people who won't bother to learn or take the time to hack their system.

99% won't learn, but they don't need to; as a 15 year old kid I made a booming business out of helping others modify their PlayStation consoles to play pirated discs, and then made more money selling them the actual games.

The majority of their user base might remain ignorant, but that's completely irrelevant as long as the users have access to a few guys who know what they're doing.

Re:Then Nintendo has a shitty business model

[mrfaithful]

You have a secondary problem where you get fake carts. The GBA and DS were both marred by this problem. You go looking for a specific game and you get something that looks the part only to notice that the plastic isn't quite right, the label is poor, and the PCB puts extra strain on the pins hastening the death of the slot and the developer gets not a single cent out of your purchase.

I'd argue that this is worse than piracy. These go after customers who wanted to give developers money and instead wound up funding a pirate cloner. It basically stopped me buying DS games.