Hacking Question How stupid is Nintendo?

[Vipera]

This post has been removed due to the staff's corruption to money and other people.

 

[Apache Thunder]

Keep in mind PS4/Xbox One are pretty much PC's now. They also don't have as many exclusives now a days as they used to in past console generations. So of coarse Nintendo's console will continue to garner more interest because they are really the only game in town in terms of producing unique hardware. Sure you can argue over whether or not they should have used better specs and such, but you can't argue their hardware was been more interesting to look at/hack then the other consoles.

 

[TheCyberQuake]

Keep in mind PS4/Xbox One are pretty much PC's now. They also don't have as many exclusives now a days as they used to in past console generations. So of coarse Nintendo's console will continue to garner more interest because they are really the only game in town in terms of producing unique hardware. Sure you can argue over whether or not they should have used better specs and such, but you can't argue their hardware was been more interesting to look at/hack then the other consoles.

Also Nintendo games are pretty much console exclusives (if you don't count those mobile games, which no one would really call a full fledged game). So if you want to play Nintendo games you have to buy their console. Most games on the other two systems can be purchased on pc anyway. It's the reason I have pc and Nintendo instead of just pc or Xbox/playstation

 

[MadMageKefka]

This is a bad thread.

Nintendo's consoles are actually on par, security wise, with other modern ones -- the Switch has a pretty beautiful cryptosystem, actually, that would allow Nintendo to recover from up to 32 arm9loaderhax-style breaks or far, far more trustzone breaks and still be able to lock hax out of future firmwares (and prevent them from accessing new content). Their security system is not bad, not in the slightest.

Nintendo, like every other company, makes exploitable implementation mistakes that are just that -- mistakes. They don't really happen any more frequently than in other consoles/other contexts.

What you see -- that Nintendo stuff gets hacked faster -- is actually because Nintendo consoles drive a lot more interest than the others; very few people with the relevant skills are trying to hack the PS4, but I can think of >20 talented people interested in hacking the switch off the top of my head. It's no wonder, then, that when nintendo's code is subject to far, far higher levels of scrutiny that its mistakes are noticed more quickly.


They didn't "decide" to only check part of the signature -- they made a totally reasonable mistake in forgetting to remove a debugging fallback path from their signature parsing code prior to 1.0.0 from the image burnt into the hardware, and we found a way to exploit the parser into using the debug path by brute forcing a signature that signaled to the bootrom parser appropriately. Big difference.

Please do give more examples, I'd be happy to refute them.

Thank you for the information. As I said I don't really know this stuff, so its nice to be educated. That being said, since you asked for more examples, how about when they tried to remove the HBC from Wii's by updating the boot2? They ended up bricking tons of innocent people's Wiis because (from what I've heard) their shoddy update code was crashing part way through, even on legit, non-hacked systems. I understand why they would want to try to patch out the HBC, but releasing that sort of update without a quality check costs them tons of money. I'd call that a bad choice.

Either way, don't take what I say out of context. I've been a Nintendo customer since I was 4 years old and have every system they have ever released, I was just saying that some of their decisions seem bad to me sometimes. Not security related, but this new phone chat app for the switch is a PERFECT example of how stupid they can be sometimes...

 

[Selver]

...Why isn't Nintendo able to protect their hardware?

every big company mistake is usually tied to hard decisions, budget planning and trade-offs. ...

Why? Because they are creating a complex system. For example, a deep look into TrustZone, and the cracks in the armor start to show. For example, from http://www.openvirtualization.org/open-source-arm-trustzone.html:
All of the bus masters (any that could write to memory) have to be TrustZone aware, so that a rogue driver cannot DMA to a trusted memory location. For instance, if an entire AXI is not aware of TrustZone, a 'rooted' GDMA driver could try to access protected memory even though the ARM core does not allow the code to directly access the secure region. Therefore, all bus masters must follow TrustZone directives.

Translating this: Anything that does DMA, if it has a bug, could compromise the entire system. The above strongly suggests that TrustZone does not protect the memory directly, but rather simply prevents ARM-based access. Now, if only there were a bug with a DMA-enabled component, such as the network chipset having a firmware that could be pwn'd... Oh, wait... the NIC firmware did have a serious take-over-the-firmware bug....

 

[lebrawurschd]

ps4 was hacked long ago

--------------------- MERGED ---------------------------

 

[goldensun87]

I'm not a hacker, but I know that nothing is completely unhackable. Playstation and XBox are rarely hacked, because there is little to no reason to hack them. Why waste countless hours, days, and years hacking a console whose game library is already mostly on PC? In my experience, the primary catalyst for Nintendo console hacking, is the main Pokemon series. Before X/Y launched, hackers did not care to hack the 3DS, and some people foolishly assumed that the 3DS was "unhackable". And now it is more or less blown wide open, just like the DS was, and just like the Switch will be, in a matter of time.

 

[Noctosphere]

The devs already do that as fast as they can. It shouldn't be the devs responsibility to tell you quickly. If you want to hack your switch you should by default not update until you get the all clear.

the actual problem is if their exploit is on 4.5-6.0, not updating would be a problem if theres no game with this firmware included in it

 

[mariogamer]

Redirect to this: https://gbatemp.net/threads/switch-...tection-with-fuses.478820/page-2#post-7473613

Also I don't think this thread is useful now... @Cyan @BORTZ

 

[MadMageKefka]

Redirect to this: https://gbatemp.net/threads/switch-...tection-with-fuses.478820/page-2#post-7473613

Also I don't think this thread is useful now... @Cyan @BORTZ

Look at the title of this thread... was it ever useful? Just a place for discussion. I know I personally learned something from it, so it cant be COMPLETELY useless.

 

[mariogamer]

Look at the title of this thread... was it ever useful? Just a place for discussion. I know I personally learned something from it, so it cant be COMPLETELY useless.

You're right but I think everything was already sai'd.

Also for the boot2 thing, are you sure? (Wasn't in the wii scene, was too young)