Hacking Suggestion [IMPORTANT] Possible Nintendo server changes to block web applets from working

[Deleted-442439]

So... If I understand all of this correctly.

There is no way to tell if a 3.01 - 5.01 Switch has been affected or not at this time.

You COULD tell if a 3.0.0 Switch has been affected by setting up a fully offline web server hosting the exploit and trying to run it that way. If you can still run it.... Successful exploit = Not affected

Am I missing anything?

Basically yes, if u try to run the webapplet on a patched console on outdated FW it will ask ask for a update, a localhost payload should be safe on non patched systems.

 

[OkazakiTheOtaku]

Mine is on 4.0.1 and the applet works just fine. Just thought I'd throw that out there.

 

[Deathscreton]

So why is this a big problem? If it's patchable in the future, that means all users who are affected will have to use a Hardmod/Jig at least ONCE, then patch the console/run CFW and they'll be able to patch the OFW so they can use the applets again. It doesn't change anything and Ninty is just wasting manpower at this point.

 

[notimp]

Just to underline the idiocy of that corporate approach.

You'll get most people to update through an inability to handle delayed gratification anyhow.

You'll get most of the rest through online lockouts and nags.

What Nintendo is achieving by locking people out from using the web browser on their platforms, via a silent bit switch is the following:

I HEREBY SOLEMNY SWEAR, that if I was effected by Nintendos outreach into the hardware I baught - while never having accepted their terms and conditions, or creating an online account with them - I WILL INVEST EVERY LIVING HOUR this community is active - to serve as a conduit to get AS MANY PEOPLE AS POSSIBLE to buy and use modchips for whatever reason.

I'll support them in all their efforts, I'll answer all their worries, so for every ME Nintendo just fucked over, there at least will be 200 new modchip users as a result.

Fair?

Talking about diminishing returns.

This my friends, is a corporation making freaking insane decisions.

Also - under which legal premise is Nintendo changing the eprom content of my Switch? If I've made sure not to agree to their terms and services as a "legal" person, and having the knowledge, that shrinkwrap contracts are illegal where I am living. Any lawyers in here?

--------------------- MERGED ---------------------------

So why is this a big problem? If it's patchable in the future, that means all users who are affected will have to use a Hardmod/Jig at least ONCE, then patch the console/run CFW and they'll be able to patch the OFW so they can use the applets again. It doesn't change anything and Ninty is just wasting manpower at this point.

Oh, the problem really is this: Piss off a group of maybe 200-500 people, by bricking their use cases for whatever time it takes to find their modus operandi. And changing your image as Nintendo from "acquiring informed consent" to sneaking into a 12+ year olds bedroom, and changing the function of the product he bought, without him or her getting to know it.

F*ck - sure sounds illegal to me, ... N.

 

[notimp]

Lets do a little advocacy here.

Flip your bit back at Nintendo - become a modding guide for someone who has difficulties getting there.


If Nintendo just made sure, that you cant use the Switch in the way you used it in the past - with really nothing you could do about it - make sure, that at least ONE other person will get a modchip installed in their Switch, because of you.

Return the favor.


Help your friends with their questions, provide them with guidelines for easy product acquisition. Help them with soldering, do what you can. It doesn't take much, it helps everyone out, and it makes sure, Nintendo doesn't remotely change code and functionality on our systems in the future, without users being informed.

FYI this is a new thing they are pulling, and you where there, when they started.


If everyone affected by their current approach gets a modchip, and convinces at least ONE friend to get one as well - their tactic backfires.


Tell a friend, be friendly - and flip your bit back at Nintendo.


Dear Mr. Kimishima - we hope this message will reach you.

Declaration: We see Nintendos action of finding a way into our systems and changing their functionality remotely, without our knowledge or consent, as an aggressive act and a qualitatively new breach of a preexisting red line, trying to keep your customers in a walled garden ecosystem. Your acts were unprovoked, your actions are unjustified and the legality of your approach is questionable.

The Switch is an unsubsidized hardware platform and we have the expectation to own what we bought, after we have paid for the device in full. If you want to retroactively change core functionality (remove access to a web browser - for everyone that doesn't want to update to your latest firmware) - and do so in a covert approach designed not to grab media attention - expect us to look at you with different eyes, than those of a five year old Labo customer.

Sincerely,

A voice from the scene

 

[willdunz]

Have Sony and Microsoft ever done anything like this?

 

[Zris96]

I don't know about programming and stuffs like that... but what if someone emulate a DNS with a fake 5.0.2 firmware authentication to confuse Nintendo's servers? So that way we could get our switch's NeedUpdateVulnerability value set to 0 again... I don't know if something like that is possible ...

 

[Maximilious]

I don't know about programming and stuffs like that... but what if someone emulate a DNS with a fake 5.0.2 firmware authentication to confuse Nintendo's servers? So that way we could get our switch's NeedUpdateVulnerability value set to 0 again... I don't know if something like that is possible ...

That is likely protected Nintendo IP (intellectual property) and would be very difficult to reverse engineer to flip the switch back to 0 through a publicly hosted webserver. Not to mention, you would have to redirect your DNS entry from the Switch to somehow point to said webserver like a host file in Windows. It would probably be easier for someone to create an applet in CFW that will allow the switch to be flipped back to 0 instead.

 

[Zris96]

That is likely protected Nintendo IP (intellectual property) and would be very difficult to reverse engineer to flip the switch back to 0 through a publicly hosted webserver. Not to mention, you would have to redirect your DNS entry from the Switch to somehow point to said webserver like a host file in Windows. It would probably be easier for someone to create an applet in CFW that will allow the switch to be flipped back to 0 instead.

But then... can we still use fusee gelee/shofEL2 with this value set to 1? (Sorry for being such a noob on the scene :s)

 

[PatrickJr]

I turned off my WiFi on my Switch a long time ago, I should be safe. I'll be leaving it off also.

 

[TerminatR]

It would be nice if someone could release some code to quickly check if Switch has been affected or not.

All we would need is some web code to throw into an offline server app that would see if redirection works when the switch connects.

 

[Maximilious]

But then... can we still use fusee gelee/shofEL2 with this value set to 1? (Sorry for being such a noob on the scene :s)

FG is a hardware exploit, so any flag set in the console or any version you're running does not matter. I'd encourage you to read this post for more info - https://gbatemp.net/threads/fusee-gelee-faq-by-kate-temkin.500599/

 

[D34DL1N3R]

Ban hammer incoming for anyone who has gone online after having ran exploits. LoL.

 

[TerminatR]

Ban hammer incoming for anyone who has gone online after having ran exploits. LoL.

I hadn't even considered that. Oi.

 

[BL4Z3D247]

Can someone kindly explain what this would mean to someone with a 1.0.0 console that never ran any hax on it, basically what is affected in terms of exploits and such not working?

I saw HBL and SwitchBruDNS but what about PegaSwitch, Fake News, etc?

(Sorry if I sound like a noob, not sure what is or isn't a web applet and literally just found time to get my Switch all up and running for homebrew.)

 

[notimp]

Can someone kindly explain what this would mean to someone with a 1.0.0 console that never ran any hax on it, basically what is affected in terms of exploits and such not working?

I saw HBL and SwitchBruDNS but what about PegaSwitch, Fake News, etc?

You know where all those hacks (and all software entry points currently being worked on) open a browser window?
Nintendo, doesn't allow you to get access to the browser anymore, if you are not on the most current firmware. Instead you get a popup that tells you to update.
-

By all intents and purposes Nintendos behavior should be illegal, if they are pulling it off in Europe as well. US customers, as always are out of luck, because their rights can be sold away on a virtual piece of napkin, that no one has to read.

First: Here are the different "license agreements" for both regions:

The european one does not even have to be read, you can skip it in the setup progress without acknowledging that you have read it. Nintendo simply asks you to, but you don't have to - so you are not entering into an interpersonal contract with them at that point.

Also - the european text doesnt remove their responsibility to inform you of the update or to ask for your consent. Nintendo should also have a hard time arguing, how what they are doing is covered by any of the reasons they list for being allowed to update software automatically -

and as they are putting up another usage restriction, and are not "removing content" (they are flipping a bit, adding a 1), no potential action of theirs is covered in the last paragraph. Also "may render the Software unplayable" is stated passively and should not cover them "hacking into your console" and adding a usage restriction.

So by any of the quasi legal texts they include with the platform in Europe, they shouldn't be allowed to do what they are currently doing.

US users on the other hand are effed, because they dont have consumer protection laws, that wouldnt allow any EULA to sign away their rights. EULAs to them are literally laws, as in that they cant negotiate them, and that to them they are legally binding even if they dont really read them, and whats inside conflicts with their state law.

Other interpretations are welcome.

Would be interesting to know if some of the known bit switches happened for european customers as well.

 

[Dr.doom]

We were sold out .

 

[ut0pia]

I'm not even mad about not going online, fair enought but the problem is some game won't start unless i update.
Is it safe to say a solution will show up later or is better to update now and stick with current live fw (loosing potential sw exploit, i'm on 4.1) ?

 

[BL4Z3D247]

You know where all those hacks (and all software entry points currently being worked on) open a browser window?
Nintendo, doesn't allow you to get access to the browser anymore, if you are not on the most current firmware. Instead you get a popup that tells you to update.
-

By all intents and purposes Nintendos behavior should be illegal, if they are pulling it off in Europe as well. US customers, as always are out of luck, because their rights can be sold away on a virtual piece of napkin, that no one has to read.

First: Here are the different "license agreements" for both regions:

The european one does not even have to be read, you can skip it in the setup progress without acknowledging that you have read it. Nintendo simply asks you to, but you don't have to - so you are not entering into an interpersonal contract with them at that point.

Also - the european text doesnt remove their responsibility to inform you of the update or to ask for your consent. Nintendo should also have a hard time arguing, how what they are doing is covered by any of the reasons they list for being allowed to update software automatically -

and as they are putting up another usage restriction, and are not "removing content" (they are flipping a bit, adding a 1), no potential action of theirs is covered in the last paragraph. Also "may render the Software unplayable" is stated passively and should not cover them "hacking into your console" and adding a usage restriction.

So by any of the quasi legal texts they include with the platform in Europe, they shouldn't be allowed to do what they are currently doing.

US users on the other hand are effed, because they dont have consumer protection laws, that wouldnt allow any EULA to sign away their rights. EULAs to them are literally laws, as in that they cant negotiate them, and that to them they are legally binding even if they dont really read them, and whats inside conflicts with their state law.

Other interpretations are welcome.

Would be interesting to know if some of the known bit switches happened for european customers as well.

So basically what you're telling me is I'm fucked for now as far as getting homebrew up and running on my Switch tonight.

Damn.

 

[notimp]

For moral support - so am I.

People presumably are now sniffing the network traffic of their consoles to see how Nintendo could connect to them (and ALL of them) without going through the usual update servers - could be a domain that lay dormant and never popped up in logs of the Switch talking to Nintendo before, could be a baked in return channel, that directly communicates to an IP, and circumvents DNS resolving, ...

Once they've found it, we can block it. Presumably once they've found it, they also will analyze the part of their software where the "command and control" pipe comes in to hopefully have a better chance of preventing them to do this in the future.

If they have flipped he bit on your console, "we" can reverse what they have done - but not without considerable effort on the part of everyone who wants to do so. Making syspartition backups and writing to them via linux on the switch primarily. And in the end, they wont be able to prevent the hardware assisted exploits.

So depending on how long folks take to find out what exactly N is doing, this might be an entirely useless storm in the waterglass, that does nothing for N apart from pissing off the most technically savvy users.

If this turns out to take longer than expected - everyone on 3.0.0 should look for the esp8266 method of launching HBL from a local "mini server" that costs about 7USD.

Less convenient, but not really slower, or more complicated.

Of course - using the locally hosted exploit, still blocking the Switches Internet access entirely - is only possible - if the bit hasn't already been switched (the access restriction for the browser enabled). At least until the method to flip the bit back is released. (Which shouldnt take long, but let devs reside on the side of caution there).

Nintendo just made sure TX and others sell a few more modchips today. Not sure if that was in their interest...