• Light/Dark
  • Ever wanted an RSS feed of all your favorite gaming news sites? Go check out our new Gaming Headlines feed! Read more about it here.
  • We have made minor adjustments to how the search bar works on ResetEra. You can read about the changes here.

nVidia security co-processor (in Nintendo Switch and billions of other devices) has been cracked

cucholix

cucholix

Member
Oct 30, 2017
935
hexkyz via Twitter
TSEC (Tegra Security Coprocessor) is a controller used in most Tegra devices, including the Switch. Like many other controllers found in Tegra devices, it is powered by a Falcon microprocessor, but with additional crypto capabilities (via the SCP).
What you probably don't know is that this specific exploit would only work under certain circumstances (which won't be detailed for obvious reasons). While the 7.0.0 keys could be extracted this way, the 6.2.0 ones, for example, couldn't (as bizarre as that may sound).

Due to this, it was uncertain if keys in future updates could be extracted or not... Until now.
Third time's the charm. I found a critical design flaw a few weeks ago and after a short brainstorm session with @SciresM, we were able to obliterate the TSEC's crypto scheme forever.

It only affects Switch manufactured before july 2018, has Nintendo patched the flaw in new units. It seems Nintendo won't be able to patch this flaw via software anymore, at least they figure out the way the new exploit is working.
 
Nanashrew

Nanashrew

Banned
Oct 25, 2017
6,328
What Vena said. What they cracked, cracked everything relating to Nvidia and all of their security. Everything Nvidia has ever put Falcon on. 3 billion devices.
 
Unknownlight

Unknownlight

One Winged Slayer
Member
Nov 2, 2017
10,578
Vena said:
This isn't just the Nintendo's Switches problem. In fact that's effectively a footnote. This really buries the lede on what this news actually means.

This is nVidia's problem in everything.

Welcome to the happy world of nVidia's GPUs and Tegra line of products: http://download.nvidia.com/open-gpu-doc/Falcon-Security/1/Falcon-Security.html

All shipping with a critical hardware flaw.
Click to expand...
Click to shrink...

...Whoops.

Is it something hackers can take advantage of remotely, with a virus or something?
 
Daysean

Daysean

Member
Nov 15, 2017
7,392
inb4 people shit on nintendo and their security instead of realizing its a Nvidia situation
 
Rand a. Thor

Rand a. Thor

Banned
Oct 31, 2017
10,213
Greece
And then people wonder why consoles ship with slightly custom SoCs and nothing off the shelf. Especially with Nintendo. Nobody is ever satisfied with this company and will do anything to not spend a dime on their products, and this is the result of it. Hopefully Nvidia is gonna contact them and learn of the design flaw, cause this is specifically for a fuckton of their products.
 
Vena

Vena

Community Resettler
Member
Oct 25, 2017
6,471
Unknownlight said:
...Whoops.

Is it something hackers can take advantage of remotely, with a virus or something?
Click to expand...
Click to shrink...

If they can ACE from software that has access to the TSEC, which nVidia often leaves in side of other functionals, then yes. The handful of people with this knowledge can do anything with Falcon now, and that means that anything that trusted Falcon operations for DRM is also compromised on the hardware.
 
Maxina

Maxina

Banned
Oct 28, 2017
3,308
Rand a. Thor said:
And then people wonder why consoles ship with slightly custom SoCs and nothing off the shelf. Especially with Nintendo. Nobody is ever satisfied with this company and will do anything to not spend a dime on their products, and this is the result of it. Hopefully Nvidia is gonna contact them and learn of the design flaw, cause this is specifically for a fuckton of their products.
Click to expand...
Click to shrink...
Funny how you say this when Nintendo Switches are flying off selves, and software for their biggest franchises are too. I'd agree with you if you mean't third parties were affected.
 
ckareset

ckareset

Attempted to circumvent ban with an alt account
Banned
Feb 2, 2018
4,977
I have no intention of hacking my switch, is this something the average consumer should be worried about?
 
TyrantGuardian

TyrantGuardian

Member
Oct 25, 2017
4,293
Rand a. Thor said:
And then people wonder why consoles ship with slightly custom SoCs and nothing off the shelf. Especially with Nintendo. Nobody is ever satisfied with this company and will do anything to not spend a dime on their products, and this is the result of it. Hopefully Nvidia is gonna contact them and learn of the design flaw, cause this is specifically for a fuckton of their products.
Click to expand...
Click to shrink...
What did I just read?

I own four Nintendo consoles yet I still rightfully criticize Nintendo about pretty much everything (except the quality of most of their first party games). Am I OK in your book or do I need to provide proof of purchase or something? Sheesh.

In terms of devices being cracked for private use; good stuff. Does this open up the floodgates for remote cracking as well though? Because that's a lot less cheerful.
 

Deleted member 50374

alt account
Banned
Dec 4, 2018
2,482
Now I'll have to decide: sell mine because someone else might want to mod it and get a special edition, or enjoy the perks (like sideloading Android)

questions questions

Harald23 said:
I wonder if Nvidia is working on a custom version of Tegra X1 for the revision to fix this.
Click to expand...
Click to shrink...
They fixed it already on recent Switches

Vena said:
They (switch devs) won't release this, they'll likely report it, and manufacturers affected will make patches to make software exploitation of Falcon related products impossible or difficult through proper audits.

nVidia is getting taught a hard (and expensive) lesson in doing proper code auditing, which they clearly failed to do for a decade.

And all of this results in a broken chain of trust on countless devices and products because nVidia didn't do its job properly. All in all, I expect a bad financial day for nVidia.
Click to expand...
Click to shrink...

Hardware flaws can't be fixed, no reason not to release the exploit like usual. People who has flawed critical hardware should replace it entirely, not rely on security by obscurity
 
Vena

Vena

Community Resettler
Member
Oct 25, 2017
6,471
SteveWinwood said:
so what's the worst case scenario with my home computer
Click to expand...
Click to shrink...

They (switch devs) won't release this, they'll likely report it, and manufacturers affected will make patches to make software exploitation of Falcon related products impossible or difficult through proper audits.

nVidia is getting taught a hard (and expensive) lesson in doing proper code auditing, which they clearly failed to do for a decade.

And all of this results in a broken chain of trust on countless devices and products because nVidia didn't do its job properly. All in all, I expect a bad financial day for nVidia.
 
Scum

Scum

Member
Oct 25, 2017
1,024
Vena, mate. There are new Switch revisions with fixes in place to avoid this, correct?
 
TC McQueen

TC McQueen

Member
Oct 27, 2017
2,592
So, does this mean people can make custom BIOS for Pascal and Turing cards now? Because that'd be worth it.
 
Vena

Vena

Community Resettler
Member
Oct 25, 2017
6,471
Scum said:
Vena, mate. There are new Switch revisions with fixes in place to avoid this, correct?
Click to expand...
Click to shrink...

iPatched switches do not have a way of getting to TSEC through boot, so its already "fixed". This is a problem that cannot be fixed short term in any capacity that could lead to software based compromises but is already "fixed" in terms of how it is currently being utilized/used for, which is unsigned code execution on bootloader-flawed Switches which were fixed last year.
 
SteveWinwood

SteveWinwood

Member
Oct 25, 2017
18,686
USA USA USA
SinCItyAssassin said:
What's the worse case scenario with your laptop or phone?
Click to expand...
Click to shrink...

sure that too I dunno
Vena said:
They (switch devs) won't release this, they'll likely report it, and manufacturers affected will make patches to make software exploitation of Falcon related products impossible or difficult through proper audits.

nVidia is getting taught a hard (and expensive) lesson in doing proper code auditing, which they clearly failed to do for a decade.

And all of this results in a broken chain of trust on countless devices and products because nVidia didn't do its job properly. All in all, I expect a bad financial day for nVidia.
Click to expand...
Click to shrink...
So it's really nothing I have to worry about most likely as long as I keep my stuff updated right?
 
Odeko

Odeko

One Winged Slayer
The Fallen
Mar 22, 2018
15,180
West Blue
Alright give it to me straight people.

Does this get us any closer to a homebrew port of Dolphin to the Switch?
 
Sean Mirrsen

Sean Mirrsen

Banned
May 9, 2018
1,159
Vena said:
lol no

This is a complete failure of their entire Falcon line of security co-processors. They'd need to overhaul their entire design.
Click to expand...
Click to shrink...
Considering that you still need proper access to work with the flaw, perhaps not so much. Since the patched Switch units are still effectively immune.
All they have to do is prevent the equivalent of the f-g exploit from working on their other tech, at least in the meantime. The bootrom exploit blew the TX1 wide open, but nVidia has long since moved on from TX1. So it's bad for older devices, but not as critical for everything else.
 

Deleted member 50374

alt account
Banned
Dec 4, 2018
2,482
Odeko said:
Alright give it to me straight people.

Does this get us any closer to a homebrew port of Dolphin to the Switch?
Click to expand...
Click to shrink...
Dolphin on Swich is currently as hard as getting good GPU drivers for the Android port or hardware acceleration in the already ported Retroarch, I think it has been running on Lakka already (Linux based OS with Retroarch as user interface)

Sean Mirrsen said:
Considering that you still need proper access to work with the flaw, perhaps not so much. Since the patched Switch units are still effectively immune.
All they have to do is prevent the equivalent of the f-g exploit from working on their other tech, at least in the meantime. The bootrom exploit blew the TX1 wide open, but nVidia has long since moved on from TX1. So it's bad for older devices, but not as critical for everything else.
Click to expand...
Click to shrink...
The real issue with the exploit is that I think TX1 was installed in some cars for example, which might be at risk compared to personal devices. Exploit with physical access to a device aren't very critical when they're personal, like you can reset easily the password and access files on Windows just by booting a Linux pendrive; a car sitting somewhere parked is waiting to be exploited.
 
Scum

Scum

Member
Oct 25, 2017
1,024
Vena said:
iPatched switches do not have a way of getting to TSEC through boot, so its already "fixed". This is a problem that cannot be fixed short term in any capacity that could lead to software based compromises but is already "fixed" in terms of how it is currently being utilized/used for, which is unsigned code execution on bootloader-flawed Switches which were fixed last year.
Click to expand...
Click to shrink...
Sweet! I thought I'd read somehere that something had been done about this. Time for nVidia to get on it then.
 
Vena

Vena

Community Resettler
Member
Oct 25, 2017
6,471
Sean Mirrsen said:
Considering that you still need proper access to work with the flaw, perhaps not so much. Since the patched Switch units are still effectively immune.
All they have to do is prevent the equivalent of the f-g exploit from working on their other tech, at least in the meantime. The bootrom exploit blew the TX1 wide open, but nVidia has long since moved on from TX1. So it's bad for older devices, but not as critical for everything else.
Click to expand...
Click to shrink...

Sure, but if a software flaw gains access, it compromises the entire system. So any developer using Falcon now has to make deathly sure Falcon doesn't get exposed top-down from software, or left exposed somewhere in nVidia's drivers (which are themselves riddled with software exploits as we've learned from the Switch).

They're not going to leave this sitting around, and such a breach of trust is going to end up resulting in a lot of problems for nVidia down the road when making deals/trying to sell their product lines.
 
Odeko

Odeko

One Winged Slayer
The Fallen
Mar 22, 2018
15,180
West Blue
themuzzotheory said:
Dolphin on Swich is currently as hard as getting good GPU drivers for the Android port or hardware acceleration in the already ported Retroarch, I think it has been running on Lakka already (Linux based OS with Retroarch as user interface)


The real issue with the exploit is that I think TX1 was installed in some cars for example, which might be at risk compared to personal devices. Exploit with physical access to a device aren't very critical when they're personal, like you can reset easily the password and access files on Windows just by booting a Linux pendrive; a car sitting somewhere parked is waiting to be exploited.
Click to expand...
Click to shrink...
I barely understand what I'm talking about here, but am I remembering correctly that there's a pretty decent bounty set up for getting hardware acceleration working outside of Lakka? Hopefully that drives some innovation there.
 
LazyLain

LazyLain

Member
Jan 17, 2019
6,503
I have no intentions of hacking my Switch, but could somebody give me instructions how so I don't do it accidentally?

In all seriousness, this sounds like a pretty big oops for Nvidia, though admittedly the technical details and potential ramifications definitely go way over my head.
 
Mechanized

Mechanized

Member
Oct 27, 2017
3,442
Oh just Tegra stuff. Hopefully homebrew will advance because of this.
 
Last edited:

Deleted member 50374

alt account
Banned
Dec 4, 2018
2,482
Odeko said:
I barely understand what I'm talking about here, but am I remembering correctly that there's a pretty decent bounty set up for getting hardware acceleration working outside of Lakka? Hopefully that drives some innovation there.
Click to expand...
Click to shrink...
I think:

- Retroarch as an homebrew is still missing either the dynamic recompiling or the 3D APIs inside Horizon
- Lakka has issues with audio and other stuff, but it has working drivers and dynamic recompiling
- Android is still being worked on, missing drivers for GPU (tho I think they can port from the Shield or something)
 
Vena

Vena

Community Resettler
Member
Oct 25, 2017
6,471
texhnolyze said:
So, does this mean that every Switch (available and future revision/version) is hackable now?
Click to expand...
Click to shrink...

No.

cucholix said:
Yes, but bear in mind that new manufactured Switches (post july 2018) doesn't have this flaw.
Click to expand...
Click to shrink...

Your statement is contradictory. You're confusing TSEC/Falcon, which is in every unit, with f-g exploit which was fixed last year. The latter is needed to leverage the former, so it doesn't really change anything in the current landscape.
 
Anthony Hopkins

Anthony Hopkins

Banned
Feb 10, 2018
17,534
Billions of devices?
Is there that many?
Theres switch, shield, pixel tablets, tesla cars and some other cars that use tegras, will that really be a billion?
 
Ninjadom

Ninjadom

Member
Oct 25, 2017
5,197
London, UK
Anthony Hopkins said:
Billions of devices?
Is there that many?
Theres switch, shield, pixel tablets, tesla cars and some other cars that use tegras, will that really be a billion?
Click to expand...
Click to shrink...

All Audi's from 2013 onwards have the chip in their entertainment systems. Tesla cars use two chips each.

And these devices (from Wikipedia):

Avionic Design Tamonten Processor Board, Exper EasyPad, Notion Ink Adam tablet, OlivettiOliPad 100, Point of View Mobii 10.1, ViewSonic G Tablet, ViewSonic ViewPad 10s,
ASUS Eee Pad Transformer, Samsung Galaxy Tab 10.1, Toshiba AC100, Toshiba Folio 100, Advent Vega, Hannspree Hannspad, Aigo n700, CompuLab Trim-Slice nettop,
E-Noa Interpad, Malata Tablet Zpad, MSI 10-inch (250 mm) tablet, Toradex Colibri T20, Lenovo IdeaPad Tablet K1, Lenovo ThinkPad Tablet, Velocity Micro Cruz Tablet L510,
Zyrex Onepad SP1110, Zyrex Onepad SP1113G, Acer Iconia Tab A100

And many more.
 
Mr G

Mr G

Banned
Oct 27, 2017
219
Netherlands
Vena said:
No.



Your statement is contradictory. You're confusing TSEC/Falcon, which is in every unit, with f-g exploit which was fixed last year. The latter is needed to leverage the former, so it doesn't really change anything in the current landscape.
Click to expand...
Click to shrink...
Can this message be added to the OP?
People are already spreading misinformation.
 
MajesticSoup

MajesticSoup

Banned
Feb 22, 2019
1,935
Ninjadom said:
All Audi's from 2013 onwards have the chip in their entertainment systems. Tesla cars use two chips each.

And these devices (from Wikipedia):

Avionic Design Tamonten Processor Board, Exper EasyPad, Notion Ink Adam tablet, OlivettiOliPad 100, Point of View Mobii 10.1, ViewSonic G Tablet, ViewSonic ViewPad 10s,
ASUS Eee Pad Transformer, Samsung Galaxy Tab 10.1, Toshiba AC100, Toshiba Folio 100, Advent Vega, Hannspree Hannspad, Aigo n700, CompuLab Trim-Slice nettop,
E-Noa Interpad, Malata Tablet Zpad, MSI 10-inch (250 mm) tablet, Toradex Colibri T20, Lenovo IdeaPad Tablet K1, Lenovo ThinkPad Tablet, Velocity Micro Cruz Tablet L510,
Zyrex Onepad SP1110, Zyrex Onepad SP1113G, Acer Iconia Tab A100

And many more.
Click to expand...
Click to shrink...
That's maybe an extra 5 million devices max. This billions figure is a little much.
 
You must log in or register to reply here.