Separate names with a comma.
Discussion in 'Switch - Console, Accessories and Hardware' started by baselhamad, Dec 9, 2016.
Honestly, I won't give a fuck about piracy if we get Android one day.
//Sent from my glorious OnePlus X
I doubt we'll see Android ported to it.
Otherwise it would've already happened on previous consoles/handhelds.
Given that it can work much like a tablet I could see android being ported to it however I wouldn't hold my breath as I honestly think it'd be a waste of time. I doubt it would run the best but then since only Nintendo knows the kind of power there will be to work with I can't say.
Well, there are barely ARM consoles that are technically (RAM and performance) able to run it, or to make it worth porting.
//Sent from my glorious OnePlus X
Number 1 and 2 is fine with me but I do not care about number 3. I never used online at all.
We're decent hackers, we can do it.
Nintendo don't really like doing this so they shield their system. We need to find a workaround for this shield to get in, which takes a while.
What if it requires removing a physical chip (inside the soc) that monitors all your instructions and create errors whenever you execute things beyong a certain bound? Some smartphones already had this.
The Wii had that, so did the Wii U and the 3DS.
There is that, but I didn't say we can't do it.
But what if it sits above the kernel this time? And being put inside the soc made this a lot harder.
IOSU on the Wii U is literally what you're describing
How do you even bypass it if the kernel don't give you access? Unless we hijack other things.
That's outside my knowledge. I'm guessing there's probably an oversight where IOSU reads something and instead of responding and eliminating it just bugs out
That idea is closer to a hypervisor than anything else, to be honest. Enforcing memory permissions with an NX bit has been a feature since ARMv6 and is almost a requirement in modern devices (even 3DS has it). It's also a CPU feature so can't be removed. With Wii U's IOS, NX was provided by an external controller in the die.
If the RAM is part of the SoC then that would eliminate any chances of RAM dumping early on (which is the only reason the DSi was remotely hacked, 3DS probably would have happened eventually but happened sooner with RAM dumping).
If the 3DS didn't have gspwn it would have been much more difficult to have homebrew to the extent it is at now, since you would need kernel access to write to executable memory. This is the case with Wii U, but Nintendo doesn't seem to care much for the Wii U and hasn't patched any of the existing vulnerabilities which have existed on the latest firmware for months. Wii U also has a JIT area which at least made things a bit easier. With 3DS, very few ARM11 kernel exploits have been found, and fewer ARM9 privilege escalation exploits exist.
My guess for even just a decent homebrew environment in userland would be a few years. The 3DS didn't have the worst security (though it made some critical mistakes), and the Wii U was ~OK in PPC, but pretty decent with IOSU, and the Switch should only get better. Luckily webkit is basically a given if it's a portable, so bypassing ASLR should be feasible. Actually going from ROP to real code execution will be the hard part.
EDIT: Actually I guess code execution could be doable if there's a JIT area like with Wii U, but it didn't exist on 3DS so whether it'll be included is a mystery. Could also go full iOS where there's a JIT area, but it's actually secure.
The big reason the 3ds got hacked was the ability to dump FCRAM from hardware. That lead to userland exploitation and that led to all the rest.
It will likely be much more difficult given the high probability the switch's RAM will be embedded in its SOC.
TBH, the first "disadvantage" in the OP isn't really a disadvantage to me. Every device takes time to be hacked. That's the fun about it. For example, the 3DS is nearing the end of its lifespan. Of course, Nintendo will still release software updates and patches, but ultimately it will be really easy to find new vulnerabilities and create exploits. If Nintendo were to just give up and completely stop releasing software updates for the 3DS, where is the fun in that? There is no purpose in hacking a console at all. So, when the switch is released, of course it will take another year to hack it, but that's what makes hacking fun: Discovering vulnerabilities, creating exploits, Nintendo patches the vulnerabilities, and repeat the process.