Hacker News new | past | comments | ask | show | jobs | submit login

Really? Already? Is this for the purposes of alerting Nintendo to vulnerabilities or is it just part of a quest to run "homebrew and definitely not pirated ohh no not at all" games on the Switch?



The vulnerability used is a very well-known one in WebKit from last year. Additionally, news articles about this vulnerability being present were already out there, so we saw no harm in releasing this.

I can't speak for others, but I have no intention of enabling piracy in any way; I just want Linux on it. Others will most likely abuse this for piracy at some point, which I personally find sad, but I don't control others.


The mildly unfortunate part is that you disclose the details of the exploit which only serves to allow Nintendo to patch it faster, without them having to invest the time to reverse engineer it themselves. Odds are this method of rooting won't survive the Switch's first patch release, and someone else will have to find a new loophole. If you had kept the exploit private, we may have gotten away with 2-3 patches' worth of time.

Whether the details are published by the developers of the exploit themselves or by a 3rd party, it's frustrating to see the hubris of proving one's ability to explain the exploit winning out over actually helping the users hold onto the ability to root for as long as possible.


I think you may be misunderstanding this -- greatly. The details of the exploit (that is, the part that Nintendo cares about -- the vulnerability) have been public since May of last year. The fact that the Switch is vulnerable to it (and it's being actively exploited by people) has been known by the public for at least two days. We decided to release this once the vulnerability was already going to be dead, not to accelerate its demise.

Additionally, this isn't a root, nor is it even close. This is the first stepping stone to be used by researchers to get deeper into the Switch and find new bugs. In no way will this impede the homebrew community; it will only serve to empower it.


We didn't though, a few others before us did and published GitHub repos for it already. Also, we're already in the first patch (2.0).

EDIT: Clarification, a few others already gave exploit code to use the Pegasus webkit exploit, and it's been going around the "news" sites. We just gave a prettier/easier to use implementation now that it was obvious Nintendo already saw it.


The Webkit bug used is well known and not new https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-4657

It's really Nintendo's fault for shipping an insecure version of Webkit.


The purpose can be "if there is DRM, it should be broken, so you can run whatever you want on hardware you paid for".

Of course it's not about practical reasons, since if you really need it, you can just get a normal Tegra based hardware without locks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: