Hacking Stop CDN downloading.

[AlphaSapphire]

Simply put, you could say it's a "downloader" of eshop content using your PC, your switch ID and the content ID.

so free games basically?

 

[Maximilious]

so free games basically?

It's how and where eShop games and DLC are downloaded to your console. Without a way to use the raw content, it's useless.

 

[lukhart]

so free games basically?

Yeah you could use it that way if you want it... and get a plausible ban in the future

BTW, I think that even by downloading content that you already own on your switch may cause the same risks, but I'm not 100% sure about this part, maybe someone knows better

 

[AlphaSapphire]

Yeah you could use it that way if you want it... and get a plausible ban in the future

BTW, I think that even by downloading content that you already own on your switch may cause the same risks, but I'm not 100% sure about this part, maybe someone knows better

that means i can download hyrule warriors, pokken, botw all on my switch for free

 

[cagycee]

The quote I highlighted MAYBE could have something to do with it.
Now of course he got banned. It's not like he was perfectly mimicking the system and he still got caught. Whatever testing he was involved into, caught a lot of attention and Nintendo acknowledged it.

Imagine I changed the "Title Name" of a game, for example "Mario Kart 8" to "FUCK YOU NINTENDO JHAHAHA I'M PLAYING YOUR VIDYAGAMEZ", and I get banned days later from using that game online. You wouldn't say that playing roms online gets you banned, that's not exactly what happened. My actions raised a flag.

10/10 Reply *claps*

 

[NightsEkim]

Downloading something once from CDN like a year ago wouldn't get you banned now.

That's what I said when I botted an MMO, didn't get banned for a year, and had that in my mind "Ah it's too late now they won't ban me after a year" huge ban wave rolls, guess who got banned for botting a year ago.

My point is, it's not unheard of for companies to continuously log whos been abusing their services for a good long time then when they finally push a ban wave they get EVERYONE including the people that did something wrong a year ago.

 

[punderino]

Yes, Nintendo here, the last thing we'd want is for people to just download all updates from our servers and be able to decrypt and download them on the fly, so let's just passively let people download whatever they want and just ban them for it 9 months later when the damage is already done. Sounds like a great idea!

 

[NightsEkim]

Yes, Nintendo here, the last thing we'd want is for people to just download all updates from our servers and be able to decrypt and download them on the fly, so let's just passively let people download whatever they want and just ban them for it 9 months later when the damage is already done. Sounds like a great idea!

That's the thing, if they are consistent and ban right after they do something wrong it's very easy to tell what they did wrong, vs if they stagger the bans or do big ban waves months away from when the original infraction occurred it's a lot harder to tell what you did to get banned which means people will keep doing the same thing because "well what if it wasn't that and it was this" and Nintendo can keep banning people with hacked/modified consoles.

As I said before this is not the first time a company has done something like this when someone has exploited their services and it certainly won't be the last time.

 

[the_randomizer]

Hacker: Downloads games through CDN, has a modded console and goes online
Nintendo: Bans said console
Hacker: Wonders why he gets banned

Really? Is this that newsworthy?

 

[Darklinkreturns]

 

[cots]

Funny that the anti-piracy people where the first to get banned.

They have to hide behind not supporting piracy so that they aren't sought after, but we all know better.

 

[the_randomizer]

They have to hide behind not supporting piracy so that they aren't sought after, but we all know better.

What did they expect would happen, immunity?

 

[TR_mahmutpek]

@SciresM wont download pirated games from cdn downloaders, so he really messed with that. And its easily detectable by Ninty. But if you only send redownload request (way way secure and safe), maybe they cant detect but again, if they log what you got/bought, you cant do anything (a.k.a gg)

Also side not, I detected strange thing. @shinyquagsire23 said on his tweet; he cant access eshop but download game updates. Dont switches use eshop for game update downloading? If it is, even we banned, we can still download from cdn apps (you passing the e shop barrier, directly accessing the servers!) (but its only an opinion)

 

[Maximilious]

@SciresM
Dont switches use eshop for game update downloading? If it is, even we banned, we can still download from cdn apps (you passing the e shop barrier, directly accessing the servers!) (but its only an opinion)

Those requests could easily come and go over a different port. The eShop front end could use HTTP or HTTPS while download uses port 8564 or something obscure. Also, Nintendo would want you to keep your games up to date to fix for vulnerabilities, think back to 3DS with Cubic Ninja or that other eShop only game they were pushing heavily that ended up being vulnerable at release with the same type of save game exploit as CN.

 

[Shrike]

So in theory: If I buy a new switch, take its licence (key, whatever), use it to download games via CDN, and after that send the console back to the store and get my money back.
Now if I would use for example TX SX to run those games on my OTHER switch .. am I safe ? (Not playing online)

 

[Maximilious]

So in theory: If I buy a new switch, take its licence (key, whatever), use it to download games via CDN, and after that send the console back to the store and get my money back.
Now if I would use for example TX SX to run those games on my OTHER switch .. am I safe ? (Not playing online)

That would be entirely evil of you, since you would 100% ban the next owner by continuing to use the certificate of the returned Switch. It would be possible, but seriously sickening to me if you or anyone else ended up doing that.

 

[worm28]

So in theory: If I buy a new switch, take its licence (key, whatever), use it to download games via CDN, and after that send the console back to the store and get my money back.
Now if I would use for example TX SX to run those games on my OTHER switch .. am I safe ? (Not playing online)

WOW your an evil genius!

 

[KanterZ]

I wonder. hmm...

 

[Joom]

That would be entirely evil of you, since you would 100% ban the next owner by continuing to use the certificate of the returned Switch. It would be possible, but seriously sickening to me if you or anyone else ended up doing that.

Are you sickened by the action or by the fact that Nintendo's ineptitude allowed it? Don't hate the player, hate the game.

 

[FAST6191]

Are you sickened by the action or by the fact that Nintendo's ineptitude allowed it? Don't hate the player, hate the game.

Other than Nintendo's ineptitude, or perhaps negligence, in allowing their device to be blown wide open is there much ineptitude on the part of Nintendo here? I can't think of an obvious fix for this issue -- you have to take returns and if the other machine is hacked enough to run the data the returned machine got (and said returned machine was hacked well enough to get it in plaintext if that is a thing here) then it is going to happen.

Short of seeding the torrents themselves to make such a method redundant then yeah.

Hacker: Downloads games through CDN, has a modded console and goes online
Nintendo: Bans said console
Hacker: Wonders why he gets banned

Really? Is this that newsworthy?

First hacking related bans, much less ones issued before hacks are truly widespread*, would seem to fall under the banner of newsworthy.

*if Nintendo can just download the hacks themselves and analyse them for weaknesses/detection methods then that is one thing, for them to have done this without that speaks to them being better than they have historically been.

If it ends up like the 360 where a given keyvault had an expected maximum lifetime of a day or two at most (more realistically was a few hours by the time it got going) then yeah that fails to be newsworthy. First bans, new ban waves, indicators that the ones doing the banning have stepped up their game, indicators that they have backed off for the time being, and unexpected bans from incomplete hacks or something ("don't use ?/update ? if you want to stay online" sort of thing) all very much fall under the banner of things we call news around here. I don't necessarily find it surprising in this instance, nor would anybody versed in IT security, but it is still news.