Hacking news things are reporting on the hardware exploit

[Deleted User]

lol
they say its a hardware exploit that cant be fixed then go on to say its a thing that can be fixed by changing the code
but still
kinda interesting how they are actually reporting on a expliot for a gaming console and mention a hacking group by name
even though i know they are just doing it for ad money
http://us.tomonews.com/security-flaw-makes-every-nintendo-switch-at-risk-3598758

 

[Deleted-442439]

lol
they say its a hardware exploit that cant be fixed then go on to say its a thing that can be fixed by changing the code
but still
kinda interesting how they are actually reporting on a expliot for a gaming console and mention a hacking group by name
even though i know they are just doing it for ad money
http://us.tomonews.com/security-flaw-makes-every-nintendo-switch-at-risk-3598758

Even Forbes reported on it, always fun to read the non tech journalists try to explain this stuff lol. But yeah its a big thing not just for Switch but all other T210 devices so it should be reported.

 

[WiiUBricker]

The problem is the flaw is unpatchable as the issue is with the hardware on the Tegra X1 chips.

This means that millions of Switches will be permanently open to attack. Only new consoles with the code fixed at the factory will be safe from the exploit, according to TechCrunch.

Where did they say the exploit can be fixed?

 

[Deleted-442439]

Where did they say the exploit can be fixed?

End of the article, just bad writing. The flaw cant be fixed at the factory all the fuses are blown a new SoC (Mariko) using the T214 will patch it they just did bad research.

 

[BL4Z3D247]

Where did they say the exploit can be fixed?

Only new consoles with the code fixed at the factory will be safe from the exploit, according to TechCrunch.

 

[The Real Jdbye]

Well, they're not wrong. It can be fixed in code at the factory.

 

[Resaec]

Next time they wont burn the patch_en fuse to "make sure we can patch any bootrom problems". I will shit myself

 

[Deleted-442439]

Well, they're not wrong. It can be fixed in code at the factory.

No they already burned all the patch fuses its impossible lol they would need to replace the chip

 

[Draxzelex]

I knew news media wouldn't fork over the chance of overinflating a security flaw that's harder to implement in real life than it sounds

 

[dubbz82]

Well, they're not wrong. It can be fixed in code at the factory.

Not really. There's exactly zero code changes that could be done to correct it, it would have to be a hardware revision.

 

[The Real Jdbye]

Not really. There's exactly zero code changes that could be done to correct it, it would have to be a hardware revision.

The bootrom is updatable. They just used up all the available space before the Switches were even sent out to customers. I guess the update area is write-once.

 

[dubbz82]

I guess it really depends then on if they actually NEED everything that's currently in the bootrom or not. If they do, it would have to be a hardware revision. If not, then it may be doable via software, I guess.

 

[Deleted-442439]

I guess it really depends then on if they actually NEED everything that's currently in the bootrom or not. If they do, it would have to be a hardware revision. If not, then it may be doable via software, I guess.

Need everything in the bootrom? When u patch the bootrom in the factory a fuse is burned disabling the ability to right to that segment again. Nintendo used all the fuses before sending it out thus impossible to even patch at the factory.

 

[Deathscreton]

Need everything in the bootrom? When u patch the bootrom in the factory a fuse is burned disabling the ability to right to that segment again. Nintendo used all the fuses before sending it out thus impossible to even patch at the factory.

When they're saying that they can patch it at the factory, they're talking about new units, not existing ones.

 

[WiiUBricker]

-snip-

Read again. Fixing an exploit at the factory is not the same as fixing currently vulnerable units with code changes, which the OP claimed that the article said just that.

 

[Deleted User]

Read again. Fixing an exploit at the factory is not the same as fixing currently vulnerable units with code changes, which the OP claimed that the article said just that.

i did not claim they said existing
the wording of it makes it sound like a hardware side problem can be fixed with a line of code

 

[BL4Z3D247]

Where did they say the exploit can be fixed?

Only new consoles with the code fixed at the factory will be safe from the exploit, according to TechCrunch.

You asked where it said it can be fixed, I showed you the quote from the article.

Read again. Fixing an exploit at the factory is not the same as fixing currently vulnerable units with code changes, which the OP claimed that the article said just that.

You read again, I never said what, where or how they can fix it. All I did was show you where they said it can be fixed in the article.

 

[TerraPhantm]

Next time they wont burn the patch_en fuse to "make sure we can patch any bootrom problems". I will shit myself

It would be a double edged sword though. If they left that fuse unburned and then the RCM vulnerability was discovered, the patching function could have been used to permanently bypass signature checks.

 

[reminon]

Read again. Fixing an exploit at the factory is not the same as fixing currently vulnerable units with code changes, which the OP claimed that the article said just that.

Read again, the OP said no such thing.

 

[Deleted User]

They make it sound like it is a "risk" to own a switch. it isn't like a PC, where accidentally installing/downloading a virus is a huge issue. Nobody is going to accidentally stick a paper clip in to accidentally short pin 10 to accidentally connect the switch to the computer to accidentally run a binary they accidentally downloaded from a website they accidentally found