Hardware Mig Switch on Switch 2

[dolpf]

So where does the Switch then gets Firmware Updates from? Because it is still possible to update a banned Switch online (!).

Through a special server «atum». When banned, only server «dAuth» is blocked, which processes eShop content, online games, and updates for games.

 

[bth]

So where does the Switch then gets Firmware Updates from? Because it is still possible to update a banned Switch online (!).

Atum doesn't require dauth verification as there's no rightsid encryption involved (rightsID being nintendos word for drm/"digital rights management"

there's dauth/edgeauth/edgetoken requirements for the parts that are "rightsid encrypted", which is an AWS security feature.

Game files are treated differently in switch hierarchy, and require a combination of edgetoken received from dauth, alongside latest master key, but atum will not require an edgetoken, nor latest master key, as it needs to be backwards compatible with potential console units that have been in store, or been offline for a long time.

The same reason as to why the exfat/fat32 titleid/nca are only encrypted by master_key_00, while rest of firmware is always encrypted by the latest master_key (and said nca also contains the master_kek_source / mariko_master_kek_source which it derives master_kek from, which it in turn uses to derive the latest master key, by using master_key_00 to open said NCA)

 

[bth]

It would absolutely make sense for Nintendo to let banned console still Download gamekeycard games, like they do with FW updates, to avoid legal issues.
Afaik, there is no one that tested this on Switch 2 with proof.

Make sense? No that's wishful thinking, and there is proof.

The proof is literally on the switch 1, entirely reverse engineered. They reused the same OS, again, especially the cryptographic methodology....

lack of knowledge and/or ignorance is not going to alter reality, unfortunately.

even game updates are rightsid encrypted, though nintendo appends the titlekey for that to the public ticketbin (not signed), whereas game files themselves are appended signed to the private ticketbin.

your "sigpatches" remove the signature validation of the ticketbins, letting you insert rightsid titlekeys yourself to the public ticketbin, which means we have as we got the certificates and ticket by querying nintendos servers themselves pre-dauth* and after dauth, that is how you can install games that you haven't paid for in first place on the switch 1.

(* pre-dauth == edgetoken system wasn't initially implemented, it was implemented after widespread use of some guy named thomleg's ssl certificate (your "prodinfo") to download game files, without a titlekey, in large scale by users, using what used to be called nut, on their pcs, alongside game updates, without any protection, aside from the obvious rightsid encryption, which updates gives you automatically, but game files required others to "share it with them", i.e. shared titlekey list from others who bought it)

(this is why you don't receive game updates on a banned switch, they are rightsid encrypted, thus locked behind edgetoken/edgeauth/dauth requirement)

also subsequent note; several people including myself, have attempted to prod at the switch 2 AWS endpoints, and sacrificed one nintendo switch 1 ssl certificate in doing so, to verify that it is indeed the same, and they didn't change much. Unfortunately it only yields metadata and not actual files( in other words, the switch 1 can query for switch 2 game titles, but will only receive metadata information about them, i.e. the kind of data you see in eshop, the description and pictures)

 

[Inaki]

Make sense? No that's wishful thinking, and there is proof.

The proof is literally on the switch 1, entirely reverse engineered. They reused the same OS, again, especially the cryptographic methodology....

lack of knowledge and/or ignorance is not going to alter reality, unfortunately.

even game updates are rightsid encrypted, though nintendo appends the titlekey for that to the public ticketbin (not signed), whereas game files themselves are appended signed to the private ticketbin.

your "sigpatches" remove the signature validation of the ticketbins, letting you insert rightsid titlekeys yourself to the public ticketbin, which means we have as we got the certificates and ticket by querying nintendos servers themselves pre-dauth* and after dauth, that is how you can install games that you haven't paid for in first place on the switch 1.

(* pre-dauth == edgetoken system wasn't initially implemented, it was implemented after widespread use of some guy named thomleg's ssl certificate (your "prodinfo") to download game files, without a titlekey, in large scale by users, using what used to be called nut, on their pcs, alongside game updates, without any protection, aside from the obvious rightsid encryption, which updates gives you automatically, but game files required others to "share it with them", i.e. shared titlekey list from others who bought it)

(this is why you don't receive game updates on a banned switch, they are rightsid encrypted, thus locked behind edgetoken/edgeauth/dauth requirement)

also subsequent note; several people including myself, have attempted to prod at the switch 2 AWS endpoints, and sacrificed one nintendo switch 1 ssl certificate in doing so, to verify that it is indeed the same, and they didn't change much. Unfortunately it only yields metadata and not actual files( in other words, the switch 1 can query for switch 2 game titles, but will only receive metadata information about them, i.e. the kind of data you see in eshop, the description and pictures)

Thank you again for the detailed knowledge. Wishful thinking ( I also wish the same, nintendo leting banned Switches download stuff ) and all, I think he was referring to the fact that it would make sense for nintendo so that banned people would still pay for games and also in legal terms in the EU...

 

[a_username_that_is_cool]

[From https://www.techadvisor.com/article...-2-users-have-had-their-accounts-blocked.html]
This is uninformed news article LOL. No it's not a way to get around storage restrictions, the switch HAD an SD card slot. It was pirac- I MEAN PHYSICAL GAME CART BACKUPS. But yea I think the detection also flags your console.

 

[bth]

[From https://www.techadvisor.com/article...-2-users-have-had-their-accounts-blocked.html]
This is uninformed news article LOL. No it's not a way to get around storage restrictions, the switch HAD an SD card slot. It was pirac- I MEAN PHYSICAL GAME CART BACKUPS. But yea I think the detection also flags your console.

It sends questionable telemetry to nintendo, nintendo sees the questionable telemetry, knows exactly which console sent said questionable telemetry, as it receives a constant stream of it from it, identified by both your logged in account, and the unique ssl certificate which it uses to initiate https communication.

after they have determined you are doing something they don't like, they simply blacklist your ssl certificate, and send you a return package containing your ban notice, which your console then stores in a system save, which tells the user of the console "you are restricted from online service", etc etc, all because of telemetry.

there's no "flag", per say, if one is to be entirely technical about it.

 

[bth]

Thank you again for the detailed knowledge. Wishful thinking ( I also wish the same, nintendo leting banned Switches download stuff ) and all, I think he was referring to the fact that it would make sense for nintendo so that banned people would still pay for games and also in legal terms in the EU...

the EU is on nintendos side in this specific context, but fr*nce as example, they might not be entirely onboard, but after a few rounds in court with lawyers, they would bend over as the DMCA has provisions for this already, this is settled law, so it most likely also would just get tossed out of court (even in fr*nce).

Nintendo can literally prove you are misusing their console and their gameTPM, etc etc, no EU court would side with consumer, they have the telemetry with all the data needed to make judge toss the case, or if they don't, you are bound to lose. You could try to GDPR "delete request" the data, but one of the stipulations of the GDPR deletion request, is that the data cannot, should not, and will not be deleted, if the data is subject of a court case.

so GG

 

[xFlesk]

do you think is safe to update mig to latest firmware using switch 2 ? or do i need switch 1 (which i gave away) ?

 

[PureFallen]

do you think is safe to update mig to latest firmware using switch 2 ? or do i need switch 1 (which i gave away) ?

As reading previous posts in this thread should have made clear, using Mig Switch on a Switch 2 will almost certainly get you banned. If not immediately, then after a short delay.

 

[a_username_that_is_cool]

It sends questionable telemetry to nintendo, nintendo sees the questionable telemetry, knows exactly which console sent said questionable telemetry, as it receives a constant stream of it from it, identified by both your logged in account, and the unique ssl certificate which it uses to initiate https communication.

after they have determined you are doing something they don't like, they simply blacklist your ssl certificate, and send you a return package containing your ban notice, which your console then stores in a system save, which tells the user of the console "you are restricted from online service", etc etc, all because of telemetry.

there's no "flag", per say, if one is to be entirely technical about it.

thx for more info. i was told it "flags" your console. i guess the telemetry could be considered a "flag"?

 

[PureFallen]

thx for more info. i was told it "flags" your console. i guess the telemetry could be considered a "flag"?

Basically. Think of it as some type of "marker" that stains your console as one that used Mig Switch before.
Those Telemetry however are also created when offline and submitted once going online, and persist even a factory reset. So yeah, the moment you use Mig Switch on a Switch 2 your console is technically already banned, either from you submitting the Telemetry to Nintendo Servers or having to stay permanently offline until the end of time which has the same effect.

 

[apologeta62]

Does anyone know trustfull resellers for the MIG?

 

[Locutus73]

Does anyone know trustfull resellers for the MIG?

 

[RyH2]

Interested in seeing confirmation about whether Game Key Cards still work on banned consoles. If they don't then I think Nintendo have strayed over the line legally in the EU. At the very least it would be in question enough that consumer agencies would likely take it up (unlike just a regular online service ban).

 

[Tunrake]

From reddit

 

[pofehof]

If they don't then I think Nintendo have strayed over the line legally in the EU. At the very least it would be in question enough that consumer agencies would likely take it up (unlike just a regular online service ban).

Highly doubtful. It would be similar to how a user can't access their digital games anymore. As long as Nintendo can prove that the user broke the ToU/ToS that warranted the console ban, the EU will side with them over the consumer.

 

[bth]

Interested in seeing confirmation about whether Game Key Cards still work on banned consoles. If they don't then I think Nintendo have strayed over the line legally in the EU. At the very least it would be in question enough that consumer agencies would likely take it up (unlike just a regular online service ban).

Core concept, they don't. And no you are misinterpreting the law / making up nonsense, unfortunately. They wont work in banned consoles, there's confirmation of the contrary. Just based off of how dauth is configured. (i described in detail in previous posts)

your wet dreams about consumer agencies taking this battle up for you is delusional, as the DMCA strictly protects this. The only european country that has laws that somewhat contradict the DMCA in some venues, is fr*nce

basically, it's a wishful (and incorrect) expectation that the law is on your side in this case.

 

[weatMod]

Ok, thank you for clarifying; that, added to the fact that a lot of games will be using key cards, marks a clear difference from other console bans. As I said, they are limiting essential functionality here, this is no longer "just banned from online" and we all know it...

I came to ask this but has it actually been 100% confirmed by someone with a mig ban who actually tried to DL data after purchasing and inserting a "physical" key card post ban?

 

[bth]

I came to ask this but has it actually been 100% confirmed by someone with a mig ban who actually tried to DL data after purchasing and inserting a "physical" key card post ban?

There's no need for that, because of how dauth is configured to interface with AWS (the cloud service owned by amazon, that nintendo pays to host their infrastructure), game files require not being banned ("blacklisted") from dauth, to get the edgetoken required for the download to initiate.

(as i already described in previous posts)

 

[RyH2]

Core concept, they don't. And no you are misinterpreting the law / making up nonsense, unfortunately. They wont work in banned consoles, there's confirmation of the contrary. Just based off of how dauth is configured. (i described in detail in previous posts)

your wet dreams about consumer agencies taking this battle up for you is delusional, as the DMCA strictly protects this. The only european country that has laws that somewhat contradict the DMCA in some venues, is fr*nce

basically, it's a wishful (and incorrect) expectation that the law is on your side in this case.

Not my battle, both my consoles are fine and I have no intention of buying a Mig Switch. I'll just always support consumers over billion dollar companies.

And no, there's no confirmation of anything just your speculation. Also why the hell are you censoring the word France