Switch hacked. It runs homebrewers

[Cyan]

Game havent been pirated afaik, just home code can be run.

http://wololo.net/2017/11/15/can-now-run-homebrews-nintendo-switch-3-0-0/

 

[Shifty Geezer]

That's to be expected. So's piracy. Nintendo's security has always been the most lame possible.

Also, what's the point in Homebrew when Nintendo seem very open to developers and cost of entry sounds minimal?

 

[BRiT]

From the article the part that stood out to me and made me question things:

People on firmwares below that one will need to update to 3.0.0, which for now is only possible by grabbing a copy of Pokken Tournament DX, and updating from the cartridge.

So there is no way to update firmware (dashboard) on the Switch hardware except from a cartridge? There's no online update capabilities from Nintendo? Surely that can't be right ... right?

 

[arhra]

So there is no way to update firmware (dashboard) on the Switch hardware except from a cartridge? There's no online update capabilities from Nintendo? Surely that can't be right ... right?

As I understand it, the Pokken cartridge is the only way to update to version 3.0.0 specifically.

If you took an online update you'd be updated to a more recent version that doesn't have the bug they're exploiting.

 

[Lalaland]

https://arstechnica.com/gaming/2018/01/hackers-seem-close-to-publicly-unlocking-the-nintendo-switch/

The team of Switch hackers even got an unexpected assist in its hacking efforts from chipmaker Nvidia. The "custom chip" inside the Switch is apparently so similar to an off-the-shelf Nvidia Tegra X1 that a $700 Jetson TX1 development kit let the hackers get significant insight into the Switch's innards. More than that, amid the thousand of pages of Nvidia's public documentation for the X1 is a section on how to "bypass the SMMU" (the System Memory Management Unit), which gave the hackers a viable method to copy and write a modified kernel to the Switch's system RAM. As Plutoo put it in the talk, "Nvidia backdoored themselves."

Ars Technica had a write up on Switch hacking recently too, this jumped out and seems extraordinary to me even though I'd already assumed the Tegra in Switch was more or less off the shelf. Have prior handhelds (DS, Vita, PSP, 3DS) had similar low level documentation available for the hacking community? My impression of the PS3 and 360 hacks were that both largely involved reverse engineering as the leaked gamedev SDKs didn't have info on bypassing the SMMU and such.Of course I don't know this so if anyone knows otherwise I'd be happy to be corrected.

 

[bunge]

I might actually buy a Switch now.

 

[DieH@rd]

Entire talk about breaking down the switch protection at C3

In addition to this group, two more groups have announced that they have homebrew code running on Switch. It is not known when or if any of those exploits will become public.

 

[Lalaland]

If nothing else I'll be interested to see if the eShop is a more robust account based thing for the Switch, was astonished that the 3DS/WiiU both used a common auth. token rather than an account based system i.e. the same token allows a game download regardless of account, allowing hackers to compile lists of known good tokens and use them to download new games directly from the eShop).

 

[swaaye]

Seems like MS is the only company that can build robust console software. Something tells me they have the most manpower dedicated to it, and the right manpower, considering the company's specialty.