Hacking Question Who screwed up? (Switch security)

[Deleted User]

With CFW coming out I'm quite curious to know who fucked up the Switch's security.

You can argue that Nintendo fucked themselves up by using a Tegra chip which is well documented and apparently has a lot of security bugs. Some guy on YouTube said Nintendo should have opted for a custom version of the chip rather than a stock version. Nintendo rushed the Switch and their 1.0 firmware was a beta firmware and with it came a number of security issues (which have since been patched).

We can also put the blame on Nvidia for not making their Tegra chip more secure in the first place.

I don't expect any key players in the scene to respond to this thread; they're busy writing CFW rather than answering noob questions.

 

[YugamiSekai]

With CFW coming out I'm quite curious to know who fucked up the Switch's security.

You can argue that Nintendo fucked themselves up by using a Tegra chip which is well documented and apparently has a lot of security bugs. Some guy on YouTube said Nintendo should have opted for a custom version of the chip rather than a stock version. Nintendo rushed the Switch and their 1.0 firmware was a beta firmware and with it came a number of security issues (which have since been patched).

We can also put the blame on Nvidia for not making their Tegra chip more secure in the first place.

I don't expect any key players in the scene to respond to this thread; they're busy writing CFW rather than answering noob questions.

Nvidia honestly. Their chip shouldn't have been that buggy in the first place.

 

[punderino]

NVIDIA. It's their chip not Nintendos. They might have made a shitty choice in picking a NVIDIA chip but it's NVIDIAs chip that's the issue.

 

[The Real Jdbye]

I don't think we can blame Nintendo for not using something custom this time around because using something custom has never worked in their favor before. No one knew the Tegra chip had a fundamental flaw like this, so we can only blame the people who unknowingly created this flaw, that being Nvidia themselves.
The Tegra X1 was thought to be secure and that was only disproven after the Switch was already released.

 

[TheCyberQuake]

It was both tbh. Nintedo at first with the original pegasus browser bug which allowed basic homebrew to start, and now NVIDIA for really dropping the ball and having the bootrom bug

 

[delete12345]

NVIDIA. It's their chip not Nintendos. They might have made a shitty choice in picking a NVIDIA chip but it's NVIDIAs chip that's the issue.

Assuming prior to Nvidia chip being exploitable. Nintendo knows Nvidia chips is bad, how would Nintendo find a chip manufacturer that would easily handle both tablet <--> TV switching?

 

[The_Baron]

I believe it's fully Nvidia that's under the bus on this one, I can't imagine Nintendo could have ever expected such an obvious flaw in a consumer-ready chip. That being said, I am very curious what Nvidia is doing/saying to Nintendo in order to make it better.

 

[natinusala]

Vulnerabilities like this aren't known until someone finds them. The Tegra X1 has a pretty bad bootrom vulnerability, bummer. With another chip, it could have been anything else.

 

[Deleted User]

It's pretty much universally agreed it's NVidias fault on this one. Even the hackers said Ninty did an amazing job with securing down the Switch.

 

[sarkwalvein]

I am feeling a dejavu. I think I already saw this same topic some weeks ago. And I feel like I already replied the same thing I am about to reply... kind of crazy.

In security there is a saying... "System security should not depend on the secrecy of the implementation or its components.", find the actual source for the quote on this article.

I mean, it is a logical and correct decision from Nintendo IMHO to use a well known and tested technology, they didn't fuck up because of this, they did it right this time. You shouldn't seek security in obscurity, but in actually well tested and known implementations. The blame falls completely on NVIDIA this time.

 

[Ghassen-ga]

Does it matter as long as we getting some "haxx"?

Gbatemp is starting to feel like a circlejerk with this kind of threads tbh..

 

[RyanTheArchivist]

With CFW coming out I'm quite curious to know who fucked up the Switch's security.

You can argue that Nintendo fucked themselves up by using a Tegra chip which is well documented and apparently has a lot of security bugs. Some guy on YouTube said Nintendo should have opted for a custom version of the chip rather than a stock version. Nintendo rushed the Switch and their 1.0 firmware was a beta firmware and with it came a number of security issues (which have since been patched).

We can also put the blame on Nvidia for not making their Tegra chip more secure in the first place.

I don't expect any key players in the scene to respond to this thread; they're busy writing CFW rather than answering noob questions.

I'd say Nvidia seeing they made the chip and apparently this exploit was very obvious

 

[sarkwalvein]

Does it matter as long as we getting some "haxx"?

Gbatemp is starting to feel like a circlejerk with this kind of threads tbh..

I think it is a perfectly fine topic to be interested in. Why does it bother you?
It can also even be related to the topic I presented in my previous post above, regarding the old concept of "security by obscurity".

I don't see how this could be related to any kind of circlejerking really.

 

[Ghassen-ga]

I think it is a perfectly fine topic to be interested in. Why does it bother you?
It can also even be related to the topic I presented in my previous post above, regarding the old concept of "security by obscurity".

I don't see how this could be related to any kind of circlejerking really.

The same topic has been brought up and circle-jerked too many times on here and reddit already... "hurrdurr - rubs hands together- nintendo fucked up, big N is dumb , etc etc.."
I think we should all just move on and start making some actually useful and more interesting threads.

 

[DarkenedMatter]

It's Nvidia's fault but it doesn't make it a bad choice that they picked Nvidia. It was actually a very smart move. The real issue here is they didn't have a custom chip made or at least one that wasn't littered with flaws.

 

[sarkwalvein]

You're being narrow minded.

 

[ov3rkill]

Both. But the ultimate hardware flaw is on Nvidia, so it's on them.

 

[SomeSHET]

You can argue that Nintendo fucked themselves up by using a Tegra chip which is well documented and apparently has a lot of security bugs. Some guy on YouTube said Nintendo should have opted for a custom version of the chip rather than a stock version. Nintendo rushed the Switch and their 1.0 firmware was a beta firmware and with it came a number of security issues (which have since been patched).

We can also put the blame on Nvidia for not making their Tegra chip more secure in the first place.

I guess even if Nintendo knew about the Tegra chip's flaws from Nvidia's documentation, it was probably cheaper to use these already designed chips rather than customizing the chip. Nintendo did not know that the Switch would be as successful as it was (I think they initially planned 10 million within its first year) so perhaps it was probably wiser in a business sort of sense.

 

[leonmagnus99]

I am feeling a dejavu. I think I already saw this same topic

oh trust me bruv, I'm getting this "deja vu" with almost every 2nd switch thread these days XDD

 

[13_Switch_Hacker_37]

I did it. I fucked up.

Enjoy the hacks.

Yours truly,
Steve "the man" Scott, CTO