Nintendo Switch Hacked, Cannot Be Patched By Nintendo
Hackers have a particular liking when it comes to hacking Nintendo Switch. The console has been hacked following a complete dump of the Nintendo Switchโs boot ROM, with two very similar exploits of the console being released that take advantage of a security vulnerability in the Nvidia Tegra X1 processor, which cannot be patched by Nintendo, reports Eurogamer. In other words, the exploit takes advantage of bugs in the Switchโs bootROM and USB recovery mode, which can be abused to run arbitrary code.
Also Read- Best Nintendo Switch Games
The exploits was first uncovered by console hackersย โfail0verflowโย with the groupโs ShofEL2 release, as well as the Fusรฉe Gelรฉe hack from Kate Temik and the team at ReSwitched. Since theย vulnerability extends to most Tegra devices, the nature of the exploit was fully disclosed to Google, Nintendo and Nvidia by both the hackers well in advance.
Whileย fail0verflow was set to release its exploit on April 25th, it pre-poned the release once the Switchโs boot ROM dump leaked. The video below shows Linux running on an unmodified Switch due to the exploit.
How to hack Nintendo Switch?
โChoosing whether to release an exploit or not is a difficult choice,โย fail0verflow wroteย in a blog post accompanying the release of its exploit. โGiven our experiences with past consoles, weโve been wary of releasing vulnerability details or exploits for fear of them being used primarily for piracy rather than homebrew.
โThat said, the Tegra bootrom bug is so obvious that multiple people have independently discovered it by now; at best, a release by other homebrew teams is inevitable, while at worst, a certain piracy modchip team might make the first move. 90 days ago, we begun the responsible disclosure process with Google, as Tegra chips are often used in Android devices. The disclosure deadline has now lapsed. The bug will be made public sooner or later, likely sooner, so we might as well release now along with our Linux boot chain and kernel tree, to make it very clear that we do this for fun and homebrew, and nothing else.โ
The reason Nintendo cannot patch to stop the hack is because the flaws are reportedly hardware-based that allowย homebrew code to run on the hybrid console. So, the only way for Nintendo to patch the hack and remove the ROM exploit would be to alter the Nividia Tegra X1โs architecture โ the processor that powers the Switch. Homebrew code is mostly used to emulators of classic video game platforms like the SNES, but it can also be used to pirate or modify software. Basically, every Switch released till date and going forward is vulnerable to the exploit until the Tegra chip is modified.
โSince this bug is in the Boot ROM, it cannot be patched without a hardware revision, meaningย all Switch units in existence today are vulnerable, forever.โ The group goes on to explain the exploitโs process, which basically requires a wire bridge (or a 3D printed tool). โAs it turns out, what Tegra calls the Home button is actually connected to Pin 10 (the rearmost pin) on the right hand side Joy-Con connector. You can just use a simple piece of wire to bridge it to e.g. a screw on the rail (easiest), or pins 10 and 7 (or 1) together (10 and 9 wonโt work),โ writes fail0verflow.
Nintendo has yet to comment on how it plans to address the exploits. When reached for comment a spokesperson at the company said, โWe have nothing to announce on this topic.โ
Source: Eurogamer