How the Nintendo Switch Security was defeated | MVG

Modding systems is more important than ever before.
Especially now...
As backwards compatibility is being thrown to the wayside and digital storefronts (3DS, Wii, and Wii U) go permanently offline.

megacide

Security is one of those amazing things. You can spend millions securing a system and forget the most simple of access points.
Like adding bars to windows but having the gap large enough to get through.

TheInternetHelpdeskPlays

You forgot a really important aspect of the story. Docs contained in the gigaleak reviled that Nintendo knew about the exploit before the switch was released to the market and was working on a patch with Nvidia.

balika

Nintendo's security model for the Wii and Switch are actually extremely advanced. The Wii had the Starlet, a dedicated security ARM coprocessor that would moderate all Wii hardware accesses in 2006. For comparison, Intel ME released in 2008, AMD PSP released in 2013, and the Apple T1 chip released in 2016.

Unfortunately, their implementation of RSA had a critical bug that completely nullified the security aspects of the Starlet for all intents and purposes. Even when the Trucha Bug was patched, AHBPROT was discovered which made it possible to restore the bug and it was ultimately futile.

As for the Nintendo Switch, well, current versions of Horizon OS (that is the internal name of the Nintendo Switch firmware) are the first of Nintendo's to have 100% flawless security on the software side. Unlike other console firmwares which are usually based off of FreeBSD, Nintendo's Horizon OS was fully developed in-house with a microkernel design. Even the hardware drivers run sandboxed as regular userspace programs, massively reducing the attack surface and making it possible to write a kernel that can perfectly maintain core OS security under every scenario, since the range of possibilities have been kept small enough at the core to make testing every single possible input to the security engine in depth (including testing all possible invalid inputs) a reasonable endeavor. This microkernel has been completely reverse-engineered, every single function and instruction has been combed through and deeply analyzed by the community, and there are zero vulnerabilities on it. This isn't zero known vulnerabilities, there are no software vulnerabilities, period. The sandbox simply cannot be broken once established using current available software and hardware methods and technologies. So finding bugs in games and even hardware drivers is useless, because there's no privilege escalation without a bug in privileged code, and no privilege escalation, no full system takeover.

Unfortunately (or rather fortunately for us), NVIDIA made three oopsies while designing the Tegra X1 that would go on the Switch and the NVIDIA bootROM Nintendo had to rely on. The first is fusée-gelée. The second is exposing the button pin that gets the bootROM in RCM state on the right Joycon rail so people wouldn't have to open up the console and do microsoldering to enter RCM mode. And the third oopsie and final nail in the coffin for Nintendo's security model is the CPU itself being vulnerable to voltage glitching, a physical manipulation of the Switch's power circuit where a very controlled electrical spike can make the CPU skip lines of code much like how an old car CD player would skip when you hit a bump in the road. These were all abused by hackers to skip right past the initial bootloader signature check and load a custom boot manager, breaking the security model extremely early in the Switch's startup sequence, long before any Horizon OS firmware code is ready to execute, and even longer before it could set up its perfect, impenetrable barriers.

But the story doesn't end here. And I hate that this next part doesn't get told more often. As it turns out, Horizon OS 5.0.0 would include a hardware exploit from Nintendo themselves, a curveball designed to counter fusée-gelée and prevent its use for piracy. They changed their key derivation processes, and then significantly modified the TSEC firmware code to halt the CPU if a modified version of Horizon OS was detected. It is impossible to run modern versions of Horizon OS without the TSEC or on the old TSEC firmware, because it needs the derived hardware keys the new TSEC firmware provides to decrypt all sorts of data. And hackers wouldn't be able to write a custom TSEC program, since the signature check for its firmware was actually never broken. This wouldn't stop modders from running other operating systems on the Switch with a fully disabled TSEC, but it was an effective patch against the unpatchable that would've stopped people from booting stock firmware > 5.0.0 under fusée completely... If the private Nintendo signature required to sign a Switch TSEC firmware with hadn't leaked to SciresM through an unknown channel. Truly a 'my uncle works at Nintendo' moment. If not for that, the Switch security model would still be fairly rigid on all fronts, and Horizon OS homebrew (not to mention piracy) on the system would still be extremely limited and practically nonexistent. As part of the microkernel research efforts, SciresM has written a reimplementation of the whole thing. This is a testament to both the Nintendo hacker community's stubbornness, and the microkernel itself being small enough for a single person to be able to wrap their head around it in its entirety. This custom kernel, now named mesosphére, is the default kernel used by the Atmosphére custom firmware. Atmosphére by itself doesn't provide any means to override the DRM enforced when running official Switch software. That job is left to the aptly named sigpatches, a set of separate, additional binary patches that the user has to install and which Atmosphére has no involvement with.

Modern Nintendo security is less about their own technical failures, and more about the extremely determined nature of their attackers, the obsessive, unstoppable fanbase they have.

lHckrCmfr

Previously: Nintendo vs Tweezers
Now: Nintendo vs Paperclips

DETahaX

The total cost for adding a modchip has dramatically dropped recently (at least in China) thanks to the recent discovery that PIO on RP2040 (a general purpose chip that's extremely cheap) can reliably glitch the CPU, and open-source firmware has been released.

HarryChengv

With Nintendo being backwards with preservation this was a good thing

EastyyBlogspot

Pitty they have not been so quick to resolve the pro controller and joy con drift

Chris-ycmm

If I got a nickel every time a Nintendo console was cracked using a paperclip I would have 2 nickels. Which isn't a lot, but it's funny that it happened twice

AniviaS

3DS has a VERY interesting hacking history. I hope I see it one day in this channel!

diegoamv

I love how the Wii was compromised with a pair of tweezers and the Switch with a paperclip.

gudenau

Absolutely love these kinds of videos from you. Love seeing how companies locked down their systems and how the fanbase blew the doors wide open again.

cedwardsmedia

"All the way back in April 2016"... Still feels like yesterday tho. 7 years and counting😮

Tommy-zhko

The first 5 seconds of an MVG video hit so nostalgic. Like an oldschool keygen song that's blasting max volume out of your speakers

Electriksoda

A small inaccuracy - Mariko/Red Box Switches were not the first time the RCM exploit was patched. It was patched soon after release by including an updated bootrom from the factory that simply disabled USB access in RCM. (so called iPatched switches)
But it was Mariko that fixed it properly, by fixing the vulnerability that allowed unsigned code to be ran in the first place. Still, both variants of patched units have yet to have their RCM mode exploited so it seems both are equally secure.

Jdbye

It’s funny how absolutely brutal Nintendo are on the homebrew and preservation community, in frankly unwarranted way, how easy they make exploiting each of their systems.

johndanielwood

Finally a new security video. Please make more of these and piracy videos too. They are the best!

SimX

the best series returned!! i simply love these security/mistakes were made series!! keep it up mate!

Xandergre

as someone who isn’t tech savy at all & doesn’t understand a lot of terms in each video it fascinates me how smart people are with devices & able to work around any parameters in their way. I just know if I was educated more in it I would appreciate that much more

makuIa

The Nintendo Switch security measures are fascinating. I wish you had spoken more about the anti-hombrew measures within the OS and online. My first hacked Switch got banned from accessing any Nintendo servers online, and therefore I was banned from making purchases on the eShop. Seems counterintuitive to me, but clearly effective as a deterrent.

spaceshipnayib