• iOS/Safari issues when launching the site from mobile home screens should now be fixed! A2HS button compatibility on Android Firefox has also been fixed! Add some purple to your home screen today.

Nintendo Switch update 6.2.0 may have fixed its security flaw and stopped the hacking scene for now

Oct 25, 2017
8,270
#1
aka avoid at all costs updating your switch to 6.2.0 if you value homebrews or back-ups
Feels like it was appropriate to make a thread since we get one everytime the hacking community makes progress with the current custom firmwares.

Quoting local genius scientist:
To any one playing along, the changes in 6.2 are genuinely fascinating in how Nintendo rebuilt their boot process to build a completely new, secure boot:

Nintendo has figured out how to defeat a hardware flaw with a software update.

The Big N did a real good job here, real damn good. We'll see if it can remain undefeated for a while but so long as TSEC remains secure, the only way to hack 6.2+ Switches will be through userland even with the older hardware-shot model. Meaning that we've entered a possible line in the sand for the Switch hacking scene that ends at 6.1.0.
Known veteran of the Nintendo hacking scene (https://twitter.com/sciresm):

 
Last edited:
Oct 25, 2017
5,023
#4
I’d been under the impression that it was basically impossible to overcome a hardware flaw with software, so huge props.
 
Oct 25, 2017
10,552
#5
wow technically speaking that sounds fuckin nuts. I hope someone is kind enough to make an explanation video for us laypeople explaining how they fixed* a hardware problem with a software solution @[email protected]

*from their perspective
 
Oct 28, 2017
128
Germany
#18
Impressive. But also necessary if they wanted to reign in piracy issues.
I wonder what that means for a potential hardware revision of the Switch. Might be later down the road than most people are expecting.
Or not. Covering their bases for the 20 million units that are already out in the wild seems like a smart decision regardless of that.
 
Oct 25, 2017
1,196
#22
Wow impressive. The timing with the imminent release of smash bros is perfect.

What's happening when you're on a previous firmware and you want to launch a game that requires a new firmware by the way ? Can you launch it with a modified Switch ?
 
Oct 31, 2017
5,159
Greece
#27
And people were wondering why Pokemon Lets Go didn't have a hack check in place. Stupid yes, but it seems GF were quite confident and knowledgeable that Nintendo wouldn't allow this to continue. I don't do homebrew or the like so I have no stance on this, but it sounds amazing that they reverse engineered a hardware security backdoor to be closed by a software based fix.
 
Oct 25, 2017
126
#31
As an Atmosphere user who preordered Smash on the eshop, all I've got to say is ooooof. Yes, I like to live dangerously and no, a physical copy wasn't a possibility. Worst comes to worst I'll just go vanilla and wait for the inevitable workaround, not like it breaks my workflow in any way but the perks are nice.
They didn't even let us have our usual one week grace period to access the eshop and online services this time around, so as soon as I tried to download the copy of DK Tropical Freeze I'd just purchased it didn't let me. Oh well, comes with the territory.
 
Feb 5, 2018
121
#32
As someone with no real technical know how to actually understand, even for me this sounds impressive that they would be able to do this. Mostly because I had read repeatedly that a hardware flaw absolutely could not be effected by a software update.
 
Oct 25, 2017
2,535
#33
The fixed the Nvidia SoC flaw?
Apparently the SoC flaw did not break everything, but the region which was still unbroken didn't do anything "interesting" before. Now it does, though details are scarce - it's not clear to me if it just protects the data or hardware as well.
 
Jan 10, 2018
1,944
Tokyo
#40
Best news of the day for sure. I intended to hack my current switch to transform it into an emulation heaven when a new model releases, but all in all, I prefer that it remains unhacked.
 
Oct 25, 2017
8,573
#41
Impressive work, Nintendo. I thought the flaw couldn’t be corrected through an update, but I guess they proved me wrong.
Still isn't corrected. You can still, say, hack it and replace the OS with Linux. That won't ever be fixed. What Nintendo did here was changing the key generation of their own OS, now tied to a part of the hardware that isn't very well known and has currently no exploits.
 

Neoxon

Community Resettler
Member
Oct 25, 2017
16,350
Houston, TX
#42
Still isn't corrected. You can still, say, hack it and replace the OS with Linux. That won't ever be fixed. What Nintendo did here was changing the key generation of their own OS, now tied to a part of the hardware that isn't very well known and has currently no exploits.
So basically like fixing a leak by plugging a different hole, interesting.
 
Oct 27, 2017
285
#45
Wonder if it's like the spectrum flaw, that to correct you need to give up performance.
No all it does is use a coprocessor which is designed for this process in the first place, and now generates the key internally on the TESC, rather than doing it via bootloader.

Edit: normally keys are generated and sent to the TESC which is a nvidia coprocessor that usually deals with this sort of stuff (and also hasn't been hacked because it's very fucking secure) .

What's changed is that now one of those keys is done in the TESC itself so you can't see the key that tells the switch to carry on and boot up.

0 performance loss.
 
Oct 25, 2017
126
#47
Wonder if it's like the spectrum flaw, that to correct you need to give up performance.
I could be very mistaken but as far as I understand they basically made it so that the boot chain makes use of a security coprocessor (TSEC) that previously dealt only with other crypto stuff, problem is it's, well, a security coprocessor so hijacking it and grabbing its new secret key isn't going to be easy at all. It, among tons of other validity checks, refuses to do its thing if it notices anything unusual in memory aka patched binaries you'd need to even have booted with the hardware exploit earlier in the chain to begin with. A tough one for sure.
There should be no performance impact though.
 
Oct 25, 2017
2,535
#48
FWIW some hackers seem very prone to misrepresenting the situation to intentionally confuse everyone else for one reason or another. I remember when Wii U hacks were unraveling, some big figure was trying to tell people that IOSU prevents SD card access from ordinary programs, but after one dumb question from myself and an answer of sorts it became rather clear that this was rather easy to defeat by masquerading as a different program. I imagine that a few people were aware of this Switch scenario being possible, they just didn't talk about it so that... Nintendo wouldn't think of it earlier than by itself, I guess?