• Light/Dark
  • Ever wanted an RSS feed of all your favorite gaming news sites? Go check out our new Gaming Headlines feed! Read more about it here.

Nintendo Switch update 6.2.0 may have fixed its security flaw and stopped the hacking scene for now

Deleted member 2791

User requested account closure
Banned
Oct 25, 2017
19,054
aka avoid at all costs updating your switch to 6.2.0 if you value homebrews or back-ups
Feels like it was appropriate to make a thread since we get one everytime the hacking community makes progress with the current custom firmwares.

Quoting local genius scientist:
Vena said:
To any one playing along, the changes in 6.2 are genuinely fascinating in how Nintendo rebuilt their boot process to build a completely new, secure boot:

Nintendo has figured out how to defeat a hardware flaw with a software update.

The Big N did a real good job here, real damn good. We'll see if it can remain undefeated for a while but so long as TSEC remains secure, the only way to hack 6.2+ Switches will be through userland even with the older hardware-shot model. Meaning that we've entered a possible line in the sand for the Switch hacking scene that ends at 6.1.0.
Click to expand...
Click to shrink...

Known veteran of the Nintendo hacking scene (https://twitter.com/sciresm):
6-2-png.149927

e4e9fd7210.png
 
Last edited:
WestEgg

WestEgg

One Winged Slayer
Member
Oct 25, 2017
14,047
I'd been under the impression that it was basically impossible to overcome a hardware flaw with software, so huge props.
 
Jintor

Jintor

Saw the truth behind the copied door
Member
Oct 25, 2017
32,405
wow technically speaking that sounds fuckin nuts. I hope someone is kind enough to make an explanation video for us laypeople explaining how they fixed* a hardware problem with a software solution @_@

*from their perspective
 
Rust

Rust

Member
Jan 24, 2018
1,223
Is there a more appropriate image for the second one that DOESN'T spell 'See You Next Tuesday'?
 
Rhiwion

Rhiwion

Member
Oct 28, 2017
173
Germany
Impressive. But also necessary if they wanted to reign in piracy issues.
I wonder what that means for a potential hardware revision of the Switch. Might be later down the road than most people are expecting.
Or not. Covering their bases for the 20 million units that are already out in the wild seems like a smart decision regardless of that.
 
Magneto

Magneto

Prophet of Truth
Banned
Oct 25, 2017
14,449
Wow impressive. The timing with the imminent release of smash bros is perfect.

What's happening when you're on a previous firmware and you want to launch a game that requires a new firmware by the way ? Can you launch it with a modified Switch ?
 
Rand a. Thor

Rand a. Thor

Banned
Oct 31, 2017
10,213
Greece
And people were wondering why Pokemon Lets Go didn't have a hack check in place. Stupid yes, but it seems GF were quite confident and knowledgeable that Nintendo wouldn't allow this to continue. I don't do homebrew or the like so I have no stance on this, but it sounds amazing that they reverse engineered a hardware security backdoor to be closed by a software based fix.
 
Neoxon

Neoxon

Spotlighting Black Excellence - Diversity Analyst
Member
Oct 25, 2017
85,297
Houston, TX
Impressive work, Nintendo. I thought the flaw couldn't be corrected through an update, but I guess they proved me wrong.
 
Lpchaim

Lpchaim

Member
Oct 25, 2017
126
As an Atmosphere user who preordered Smash on the eshop, all I've got to say is ooooof. Yes, I like to live dangerously and no, a physical copy wasn't a possibility. Worst comes to worst I'll just go vanilla and wait for the inevitable workaround, not like it breaks my workflow in any way but the perks are nice.
They didn't even let us have our usual one week grace period to access the eshop and online services this time around, so as soon as I tried to download the copy of DK Tropical Freeze I'd just purchased it didn't let me. Oh well, comes with the territory.
 
Ygqora

Ygqora

Member
Feb 5, 2018
350
As someone with no real technical know how to actually understand, even for me this sounds impressive that they would be able to do this. Mostly because I had read repeatedly that a hardware flaw absolutely could not be effected by a software update.
 

Deleted member 37917

Banned
Jan 10, 2018
7,207
Tokyo
Best news of the day for sure. I intended to hack my current switch to transform it into an emulation heaven when a new model releases, but all in all, I prefer that it remains unhacked.
 
BernardoOne

BernardoOne

Banned
Oct 25, 2017
10,289
Neoxon said:
Impressive work, Nintendo. I thought the flaw couldn't be corrected through an update, but I guess they proved me wrong.
Click to expand...
Click to shrink...
Still isn't corrected. You can still, say, hack it and replace the OS with Linux. That won't ever be fixed. What Nintendo did here was changing the key generation of their own OS, now tied to a part of the hardware that isn't very well known and has currently no exploits.
 
Neoxon

Neoxon

Spotlighting Black Excellence - Diversity Analyst
Member
Oct 25, 2017
85,297
Houston, TX
BernardoOne said:
Still isn't corrected. You can still, say, hack it and replace the OS with Linux. That won't ever be fixed. What Nintendo did here was changing the key generation of their own OS, now tied to a part of the hardware that isn't very well known and has currently no exploits.
Click to expand...
Click to shrink...
So basically like fixing a leak by plugging a different hole, interesting.
 
SirBaron

SirBaron

Banned
Oct 27, 2017
853
justiceiro said:
Wonder if it's like the spectrum flaw, that to correct you need to give up performance.
Click to expand...
Click to shrink...

No all it does is use a coprocessor which is designed for this process in the first place, and now generates the key internally on the TESC, rather than doing it via bootloader.

Edit: normally keys are generated and sent to the TESC which is a nvidia coprocessor that usually deals with this sort of stuff (and also hasn't been hacked because it's very fucking secure) .

What's changed is that now one of those keys is done in the TESC itself so you can't see the key that tells the switch to carry on and boot up.

0 performance loss.
 
Lpchaim

Lpchaim

Member
Oct 25, 2017
126
justiceiro said:
Wonder if it's like the spectrum flaw, that to correct you need to give up performance.
Click to expand...
Click to shrink...
I could be very mistaken but as far as I understand they basically made it so that the boot chain makes use of a security coprocessor (TSEC) that previously dealt only with other crypto stuff, problem is it's, well, a security coprocessor so hijacking it and grabbing its new secret key isn't going to be easy at all. It, among tons of other validity checks, refuses to do its thing if it notices anything unusual in memory aka patched binaries you'd need to even have booted with the hardware exploit earlier in the chain to begin with. A tough one for sure.
There should be no performance impact though.
 
stan423321

stan423321

Member
Oct 25, 2017
8,676
FWIW some hackers seem very prone to misrepresenting the situation to intentionally confuse everyone else for one reason or another. I remember when Wii U hacks were unraveling, some big figure was trying to tell people that IOSU prevents SD card access from ordinary programs, but after one dumb question from myself and an answer of sorts it became rather clear that this was rather easy to defeat by masquerading as a different program. I imagine that a few people were aware of this Switch scenario being possible, they just didn't talk about it so that... Nintendo wouldn't think of it earlier than by itself, I guess?
 
You must log in or register to reply here.