Hacking Question Will Switch piracy be possible? If it is, will it work like the 3DS/Wii U

aykay55 · Oct 30, 2017

mendezagus said:
Thank you so much for the explanation. I thought we (obiously not me) already were at the bootrom level. They "dumped" it last week (there´s a thread about it) could a hack in the bootrom allow for piracy of games in any firmware?? I asume no, as no one on this thread seems very optimistic about the posibbility of piracy...

Dumping bootrom doesn't mean anything. It's like dumping water from one bucket to another; it doesn't do anything. I can dump a game, but without a tool to run it, it's as good as if I didn't dump it (at that time). There might not even be a bootrom exploit, meaning dumping it didn't do anything.

I know you can argue against my points with 'It did something! Now we know there isn't a bootrom exploit!' but I'm just looking at the reality of things.

Risingdawn · Oct 30, 2017

mendezagus said:
Thank you so much for the explanation. I thought we (obiously not me) already were at the bootrom level. They "dumped" it last week (there´s a thread about it) could a hack in the bootrom allow for piracy of games in any firmware?? I asume no, as no one on this thread seems very optimistic about the posibbility of piracy...

No you can't hack the bootrom yet, as it is you can dump it and it helps in understanding how things work but right now that's about it.

lv0 is generally the holy grail as that's where you find the private encryption keys which means CFW. That's normally all you need, it's also the hardest to get to though, it will come if ever long after a kernel hack.

teelo · Oct 31, 2017

I do indeed think it is entirely possible to dress up in a switch costume and attempt to board another person's ship. Whether you survive or not, I cannot guarantee.

anhminh · Oct 31, 2017

Flashcart could still be possible though.

machinoman · Oct 31, 2017

Let's put it this way, another console that uses eFuses is the Xbox 360. I got one when it first came out, and checked another part of this board to see if it can be soft moded. The answer 12 years later? Not yet.

mendezagus · Nov 1, 2017

aykay55 said:
Dumping bootrom doesn't mean anything. It's like dumping water from one bucket to another; it doesn't do anything. I can dump a game, but without a tool to run it, it's as good as if I didn't dump it (at that time). There might not even be a bootrom exploit, meaning dumping it didn't do anything.

Since the bootrom dump was so celebrated last week i thought it was something big. Maybe hacers expected to be exploitabe and it wasn't? Maybe they are still working on it...

TheCyberQuake · Nov 1, 2017

mendezagus said:
Since the bootrom dump was so celebrated last week i thought it was something big. Maybe hacers expected to be exploitabe and it wasn't? Maybe the´re still working on it...

Dumping it is an achievement in and of itself, but that only means that they can now search it for vulnerabilities. If doesn't guarantee vulnerabilities exist though.

mendezagus · Nov 1, 2017

TheCyberQuake said:
Dumping it is an achievement in and of itself, but that only means that they can now search it for vulnerabilities. If doesn't guarantee vulnerabilities exist though.

But if the vulnerability exists it could lead to piracy of >3.0.1 games, right? I mean, we got to the "core" of the death star, if we find the proper place to shoot...

aykay55 · Nov 1, 2017

This might be something:

Got arbitrary rw in Switch kernel. A lot of work went into this. Thanks to everyone involved. 🐙🐙🐙
— plutoo (@qlutoo) October 31, 2017

--------------------- MERGED ---------------------------

Right?

mendezagus · Nov 1, 2017

aykay55 said:
This might be something:

https://twitter.com/qlutoo/status/925502507228508162

--------------------- MERGED ---------------------------

Right?

Seems hackers weren't working on the bootrom...

A7MAD · Nov 1, 2017

I personally think it will be like the vita, not in the way it got cracked at the end of its lifetime but in the way it took a couple of years for that to be done.

Paiuand · Dec 16, 2017

I am sorry to bump this thread but i am having a hard time deciding whether to update or not, my main reason to stay on 3.0 is piracy.
Is it worth waiting or will it take too long and if it does happen will i only be able to play 3.0 or less games?

8BitWonder · Dec 16, 2017

Paiuand said:
I am sorry to bump this thread but i am having a hard time deciding whether to update or not, my main reason to stay on 3.0 is piracy.
Is it worth waiting or will it take too long and if it does happen will i only be able to play 3.0 or less games?

I think the idea is that yes, you will only be able to play 3.0.0 and below games. Unless a strong enough hack comes out for a higher firmware, and at that point you would just update to that firmware.

If you have other consoles and games to play while waiting for potential piracy then go for those, if you're really wanting to play newer switch games then go ahead and update.

EDIT: I'll add that, you may want to wait on updating until after we see what qlutoo and friends are presenting at 34c3 this year.

Paiuand · Dec 16, 2017

Is 34c3 really such a game changer? I was thinking on waiting until then too but i feel like its just not happening.

8BitWonder · Dec 16, 2017

Paiuand said:
Is 34c3 really such a game changer? I was thinking on waiting until then too but i feel like its just not happening.

In the past enough information had been presented that kernel exploits were developed or released for the 3DS (and WiiU too I believe), so it's not out of the question that something major might come from it. Though at the same time there is no guarantee either, so it's up to you really if you want to hold out for it or not.

VashTS · Dec 16, 2017

at least info will be presented at this years 34c3 - how far will it get anyone? that is a great question and you just have to wait and see

remember back when they revealed they RE'd the Wii U gamepad sync feature and played the Dolphin emulator using it live on stage? yeah i still haven't seen anything come from that.

but also remember when fail0verfl0w revealed the sony private key was flawed? jackpot <3

Paiuand · Dec 16, 2017

I have already waited this long, i will wait another couple weeks.

naddel81 · Dec 16, 2017

I have a spare switch on the shelf. should I take it and charge the battery someday?

weatMod · Dec 16, 2017

Risingdawn said:
PS3 had a lv0 hack, which meant everyone had access to the master keys and could decrypt updates then sign and encrypt a CFW based on that update version, as lv0 is boot level, right after the boot loader in fact and before every FW module you could basically do whatever you wanted to everything except the bootloader. You have to remember though that PS3 did not have efuses.

What I don't know is if the efuses are checked even before lv0, maybe at bootloader, god maybe even the bootrom does the check, you'd need the big boys for that level of information.

Regardless though to better understand the hack needed for any type of CFW to bypass the efuses you need, at least, a hack after both Userland and Kernel, essentially:
userland<kernel<lv0<bootloader<bootrom.
^--we are here
we need to be----------^here.

This is why you can't emunand the Switch and then update that, emunand comes after boot and lv0, the fuses don't match.
You need CFW, and for that to run a 3.0.1+ game that needs to be from a decrypted resigned FW and to do that you need the lv0 keys, on a 3.0.1+

You can see how much extra work is needed to even play a 3.0.1+ game, let alone piracy which is another story.

However they wouldn't be called hackers if they followed the rules now would they, and anything could happen.

if i remember we were able to play all titles before the lv0 hack was released through patched eboot files and CFW patching in the new syscalls
lv0 just made it easier for scene release groups ,but it was a very late in the game development ,like B9s is to the 3Ds scene

also i thought that efuses are just for preventing FW downgrading

the xbox360 used them and i thought hr PSP did too (but i might be wrong about this)

also how many consoles released to date have successfully stopped "piracy"
by my count , 1 ,besides the switch
xboxone is the only one afaik , ps4 has it sort of
every other console also has a way to play backups

Seelbreaker · Dec 16, 2017

aykay55 said:
All former Nintendo consoles (meaning the 3DS and Wii U) would store game licenses locally, not connected to the ID. However, the Switch stores the licenses online, connected to your Nintendo Account ID (NAID) so you can login on any console and activate that console with your NAID. And the transfer process no longer required an SD, it's all server based. Since the 3DS /Wii U stored them locally, you could download any game through say WUP Installer or FBI with no problem, but the Switch will store it online, so does that mean the console can't download games whose license is not connected with any Nintendo Account on the Switch system? Will it download and crash on launch? The Wii U had some games with piracy protection such as Minecraft which would crash when booted, but that used Microsoft's own server/system/thing. So will Switch piracy ever be possible? Will it require CFW? Will it work the same way as before?

So we just need a copy of the database and the certificate to validate the communication and reroute our switch to our Server.

Gg Boys and girls

Hacking Question Will Switch piracy be possible? If it is, will it work like the 3DS/Wii U

Professional Idiot

Tempallica

Well-Known Member

Pirate since 2010

Well-Known Member

Well-Known Member

Certified Geek

Well-Known Member

Professional Idiot

Well-Known Member

Well-Known Member

Well-Known Member

Small Homebrew Dev

Well-Known Member

Small Homebrew Dev

Beat it, son

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum