-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Huge Nintendo Switch exploit (potential hack) found on firmware 3.0.0
- Thread starter Atheerios
- Start date
Naked Snake
Member
It's right there:
Maybe it doesn't show once the system determines that there is an update? I didn't connect the new Switches to the internet when I checked the version. And my main Switch is on the latest so there is no further update currently, and it shows me the current version.
n64coder
Member
I'll try it again once I get home. I'm pretty sure mine does not show the version. It just says "Update is ready".
Naked Snake
Member
Like I said maybe it hides the version when it knows there is an update.
If that's the case, I think the only way to check the version is to go into recovery mode and delete the update (and be disconnected from the internet so that it doesn't get the update again). But I heard some people lost their save files by doing that.
n64coder
Member
I don't understand why they hide the version. Thanks for the info about recovery mode. I'll try that tonight. I haven't played the Switch much so it's ok to lose my save. Still been playing the heck out of my 3DS.
Maybe take it off of your internet it wouldn't know there is an update then right?
LRG
Naked Snake
Member
Nobody knows for sure. On gbatemp one dev recommended to update to 3.0 while another said the lower the firmware version the better...
Different homebrew developers are probably targeting different versions. So until something useful is published, you won't know which version you need to be on (or if it even matters).
Pokken Tournament DX comes with 3.0 in all regions I believe. Unless Nintendo starts shipping newer copies with later versions.
Not likely, with 3DS and Wii U (maybe the Wii did this at one point?) the system background downloads the update whenever it can and then it sits there in your system until you push the button. I'm quite certain they would continue this trend with the Switch.
That didn't happen afaik. Nintendo banned 3DS's that modified the save of Pokémon games and were detected when they connected to the internet.
I might buy this for peace of mind. I'd just like to know for sure if the American release has 3.0 or if it's just limited to Europe.
It's definitely possible to delete the already-downloaded firmware update so you can check your current firmware version. I've done it myself but I don't quite remember how it's done. I've heard that this procedure may screw with save files (it didn't for me) so I'm not sure if it'd recommend it.
It is not, we don't even have a working ROP-chain right now. We have sandboxed "code execution" right now.
All tools/progress that is going to go public has gone public.
Switches can be uniquely permanently banned, this cannot be spoofed or changed.
Pokemaniac
Member
If you really want to find your current version, you can probably find it via the detailed info that is captured when an error triggers. Just cause an error to happen (easiest way is to try to use some online thing without having an Internet connection), then check the details in the error history (in the topmost section of the settings).
Naked Snake
Member
First Switch homebrew released: access the game Golf
http://www.neogaf.com/forum/showthread.php?t=1445357
http://www.neogaf.com/forum/showthread.php?t=1445357
Thats not homebrew.
Wowfunhappy
Member
Actually, it technically isit's a small homebrew application which sates your clock to a specific time.
Sure, it's simple, but the first applications always are. This is a lot better than something that displays "Hello World", imo.
Hello World would mean you have the ROP working, which we currently do not have in any capacity. Hello World would mean a lot more than this, this is basically nothing.
This is literally just tricking the "internet" clock by redirecting what its looking for to a different point.
Naked Snake
Member
Oh, disappointing.
n64coder
Member
I tried to initialize my console but it wants to unlink my NintendoID. To do that, I have to connect and it requires a System Update. I then tried to hard reset (power off, press vol up/down and power on). On that screen, it displayed my system version as 3.0.
I'll keep this Switch as-is to be used in the future when homebrew is ready. I do have another Switch coming tomorrow from Amazon which I'll keep up-to-date.
Naked Snake
Member
The Switch you have coming from Amazon will likely be on 3.0 or lower, might be easier to keep that one for homebrew since you already linked your Nintendo ID on your previous one, unless you don't mind losing that ID and any eShop purchases linked to it.
Also another benefit of doing that is you can sell the new Switch for a higher price than a used one in case homebrew doesn't happen or takes too long or you decide to sell the second Switch for whatever reason.
Naked Snake
Member
My Switch is on the latest update and it's always in sleep mode for days at a time. Haven't encountered this issue.
Also, your post doesn't seem relevant to this thread.
n64coder
Member
Thanks for the advice. Do you recommend that I leave it unopened and not confirm that it's 3.0 and under?
See this post, its affecting more people:
http://www.nintendolife.com/forums/nintendo-switch/black_screen_-_what_now?start=
Naked Snake
Member
Nintendo systems don't come sealed anyway. So you could do this: carefully open the box, take out just the tablet (wear gloves to prevent fingerprints), turn it on and set it up using your existing joycons (so you don't use/unwrap the new the ones), check the firmware version, then Initialize the system from the settings, which will return it to factory state and it will turn off automatically. Then put the tablet back into the plastic sleeve it comes in and close the box. Good as new. Total use time is less than a few minutes and none of the accessories were touched. Whoever opens it and turns it on next could not tell that it was ever turned on.
Heck GameStop does the above + they update the firmware to the latest version before selling consoles as new.
n64coder
Member
Great advice, thanks. Unfortunately the one I just got from Amazon has 3.0.1. I'll just play with this one and save my current one for future home brew if it ever happens. At least the accessories will still be new.
Naked Snake
Member
Oh wow, I guess I lucked out as mine came with 2.1.0 also from Amazon just last week.
Private for now (much like with the 3DS, but re-switched will eventually publish it), but the bootloader for the Tegra (the chip of the Switch) has been dumped: https://gbatemp.net/threads/nintendo-switch-bootrom-dumped.486841/
To make matters clear/simple: this means nothing unless they find an exploit. Far as I understand, this will also be part of nVidia's coding/work/security much moreso than Nintendo's so the expected level of ineptitude should be much lower than normal. Also unlike the 3DS which used ARM9 security, the Switch uses TrustZone which is industry standard and hides many of the system keys and this does not give us any access to them, this only gives us access to the boot itself. You will still need a compatible firmware, though, as there's no getting around the Switch's fuses as they are a physical component unlike the 3DS which ntrboot allowed you to completely re-write firmwares, this won't be possible with the switch for a number of reasons so I don't think its something to expect.
However if they do find a very major exploit, only way to fix it is with a hardware revision to update the bootloader of the Tegra chip itself. For now, though, don't expect anything until something happens.
Also, meanwhile though not entirely relevant, the PS4 4.55 firmware is apparently compromised for homebrew + backup loaders: https://gbatemp.net/threads/homebrew-and-backups-coming-to-ps4-4-55-fw.486792/
If someone wants to make a thread for the PS4, they're welcome to.
To make matters clear/simple: this means nothing unless they find an exploit. Far as I understand, this will also be part of nVidia's coding/work/security much moreso than Nintendo's so the expected level of ineptitude should be much lower than normal. Also unlike the 3DS which used ARM9 security, the Switch uses TrustZone which is industry standard and hides many of the system keys and this does not give us any access to them, this only gives us access to the boot itself. You will still need a compatible firmware, though, as there's no getting around the Switch's fuses as they are a physical component unlike the 3DS which ntrboot allowed you to completely re-write firmwares, this won't be possible with the switch for a number of reasons so I don't think its something to expect.
However if they do find a very major exploit, only way to fix it is with a hardware revision to update the bootloader of the Tegra chip itself. For now, though, don't expect anything until something happens.
Also, meanwhile though not entirely relevant, the PS4 4.55 firmware is apparently compromised for homebrew + backup loaders: https://gbatemp.net/threads/homebrew-and-backups-coming-to-ps4-4-55-fw.486792/
If someone wants to make a thread for the PS4, they're welcome to.
Naked Snake
Member
Kernel exploit found (not that I know what that means).
https://twitter.com/qlutoo/status/925502507228508162
@qlutoo said:
https://twitter.com/qlutoo/status/925502507228508162
I don't know if he's saying the truth ... and also I don't understand his tweet completely.
If true, he got read/write permissions on the entire system space (kernel-side, not only user mode), if I understand correctly.
Naked Snake
Member
From what I gathered on gbatemp he's a known scene developer, so I don't think he'd be lying.
test_account
XP-39C²
Naked Snake
Member
People are speculating it was done via Splatoon 2 (from the squids in the tweet?)
If it's like other linux devices though, Kernel would be something that can be updated via firmware update. So again, utility might be limited to specific versions. I imagine this is the beginning of cat and mouse though, it'll be hard for Nintendo to put the genie back in the bottle, they'll just have to make it really inconvenient (ie. protections bundled with attractive software and updates)
I agree but, afaik, the switch OS is based on FreeBSD and I don't remember how the kernel updates are managed in the BSD world.
(Nintendo could have changed update system completely, of course, who knows)
Rellik
Member
The PS1, PS2, PS3, Wii and Xbox 360 did fine...
The PSP strives off of it's homebrew community, the DS & 3DS seemed fine, it allowed the microsd2vita thing to happen as well
Naked Snake
Member
Think the word you're looking for is "thrives"
Rellik
Member
I was going to mention those (Especially the PSP) but I decided to stick to just consoles that had all kinds of stuff done to them and put in great numbers and lasted a long time.
But you're right. Handhelds like those mentioned and have also thrived, and the Switch pretty much half handheld itself.
This won't damage the Switch. If anything, it'll add sales. Like I originally said in this thread, homebrew would make me more interested in a Switch.
Neff
Member
Hardware gets a boost from piracy/hacking, but publishers and consumers eat shit.
Multiplayer games in particular become a farce once hackers get their dirty fingers inside the pie.
That said though, hardware manufacturers have done well to stay on top of things in recent times, even during serious security breaches.
AcademicSaucer
Member
Big games continue selling, its the niche games the ones that suffer.
Tarnpanzer
Member
That might be true right now (I don't really know, bought mine day one), but I think in a few months at worst we'll see non-exploitable firmware coming as the default... I mean, regarding this specific vulnerability only of course, new ones could be discovered.
Similar threads
- Poll