Unpatchable hardware exploit leaves Nintendo facing security nightmare

Hackers get Linux running on Switch but Nvidia Tegra X1 flaw opens the gates to modders and cheats in Nintendo's online games

Nintendo is facing a security nightmare after two unpatchable exploits in the Switch hardware were publicly released this week.

The hacks -- revealed by Kate Temik and hacking group fail0verflow -- exploit a bootrom flaw in the console's Nvidia Tegra X1 processor.

There's not currently much utility for the exploit, and it will likely take some time for a homebrew toolchain to appear that can run natively on the Switch OS.

However, unlimited access to game software allows for alterations which could see a tide of cheats and mods appear in Nintendo's online games.

Around three months before releasing the exploit, the hackers reportedly disclosed the nature of the ROM bug to Google, Nintendo, and Nvidia.

"Choosing whether to release an exploit or not is a difficult choice," said fail0verflow in a blog post. "Given our experiences with past consoles, we've been wary of releasing vulnerability details or exploits for fear of them being used primarily for piracy rather than homebrew."

fail0verflow added that the boot ROM bug was so obvious that multiple people had discovered it independently.

"A release by other homebrew teams is inevitable," said the group. "While at worst, a certain piracy modchip team might make the first move... The bug will be made public sooner or later, likely sooner, so we might as well release now along with our Linux boot chain and kernel tree, to make it very clear that we do this for fun and homebrew, and nothing else."

According to hardware expert and Digital Foundry technology editor Richard Leadbetter, Nintendo's options for containing the exploit are limited.

Nintendo could attempt to shore up the OS at a software level but it can only make it harder to reverse engineer the elements, not stop alterations entirely.

"Unfortunately though, the reality is that any software-level fix from Nintendo can be undone if hackers put in the time and effort to roll back changes Nintendo introduces to the OS," said Leadbetter.

"In the longer term, Nintendo can only lock out the hack completely by changing the Tegra X1 processor itself, patching out the bug that makes these exploits possible... along with the possibility of a RAM bump to 8GB from the existing 4GB.

"But in the shorter term, Nintendo has its work cut out doing all it can at the OS level, in the knowledge that any measures it introduces on the console itself can almost certainly be circumvented with via the low-level access granted by the exploit."

More stories

Nintendo's Doug Bowser comments on "distressing" Activision reports, calls on ESA to strengthen stance

Exec says Nintendo has "taken action" concerning Activision Blizzard and is "assessing others"

By James Batchelor

Nintendo partners with Panda Global to launch Super Smash Bros. circuit

First-ever officially licensed championship tournament in North America to take place next year

By Jeffrey Rousseau

Latest comments (1)

Klaus Preisinger Freelance Writing 3 years ago
Anything but a new hardware revision would surprise me.

Then again, this is Nintendo, where Youtube videos about how to make your emulator download directly from their webstore are par for the course. So as long as nobody ports any homebrew fangames, Nintendo might not consider patching this ever. More developers seem to complain about Steam visibility than PC piracy these days anyway.
0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.