Hacker News new | past | comments | ask | show | jobs | submit login
Console Security – Nintendo Switch [video] (ccc.de)
162 points by moepstar on Dec 29, 2017 | hide | past | favorite | 98 comments



Beyond preventing the distribution of pirated games, why do console manufacturers put so much effort into preventing unvetted code from running on their hardware?

Does Nintendo actually stand to lose anything if a homebrew community evolved?

Shouldn't we put time limits on DRM like we do on copyright so that eventually owners of these devices are allowed to use them however they like?

My sony PSP and nintendo DS are collecting dust because I already played all the licensed games I was going to on them. Now these devices are worthless to me and get tiny prices on the 2nd hand market. If their owners released firmware signing keys, these devices could have a new lease on useful life as homebrew machines, but instead their owners tell us no, they'd rather the devices became prematurely useless and that we can't get any use out of them unless they can cash in on it... It's weird now that I think about it.


It's a perceptual argument I think.

If publishers like EA and Ubisoft lose faith in the system's ability to protect against piracy, they're less likely to go out of their way to develop for it. This is especially true for Nintendo that requires (for varying reasons) special porting/development.

For the sake of argument its easy to assume that PC, Xbox and PS4 roughly being equivilent to develop for. (this is totally cutting the gordian knot but...) They're essentially all X86_64 architecture with similar third party modules present (nVidia, AMD). So development on these systems is a lot easier.

For Nintendo, you have to develop within the limitations of typically not as powerful hardware. (Take a look at WWE2K18 between PS4 and Switch.. they struggle with that). Which means that you have to not necessarily spend more, but spend extra to get it working on Switch properly (I.E, its not quick and cheap).

Therefore if the piracy rates are high or perceived to be high because of a flourishing and popular homebrew community (false equivalency but I'm confident that it happens.) then the desire the expend that extra effort will go down. Espeically if the return is expected to be low.

Also emulators are easy these days and that just totally erodes the Virtual Console Market. Around the Wii they discovered the HUGE proportional market for virtual console (Near 0 development cost/effort, huge returns, relatively)

One of the first things that will come from this is a port of RetroArch. Which is cool but not what big N wants to see.


I would separate PC and XB/PS in that analogy. They're very different both in terms of how you write performant code and what the support profile looks like.

Back when I worked on them getting PC stuff up and running marginally was pretty easy. X360 and PS3 took a ton more work to do properly(PS3 only would allow only allow a very small number of open file handles just to name one of many things).


> If publishers like EA and Ubisoft lose faith in the system's ability to protect against piracy, they're less likely to go out of their way to develop for it.

This was part of what killed the Dreamcast. It became very easy to burn CDs of games, rampant piracy, developers dropped out.


That is not totally true. EA never comitted to the Dreamcast and its death was due to all SEGA's past mistakes that burnt consumer and developers alike. Piracy was never an issue with the Dreamcast in that it didn't hurt the system.

Someone did a pretty in dept analysis of the Dreamcast console and games sales. https://www.youtube.com/watch?v=7hGK2ep3gJI&feature=youtu.be

Sega was strapped for cash and couldn't compete with Sony's hype and deep pockets. The Dreamcast was dead out of the gate unfortunately.

edit:// Seamus Blackley the CTO of the Xbox and person who came up with the idea that Microsoft needed to get into the console market and pushed the company to do it, is quoted as saying "If I had known how powerful Sony and Nintendo were, I would have probably given up on there wouldn't be an Xbox"

That should give you and idea of what the console business is like. Even with Microsoft's deep pockets its a hell of a challenge.


> This was part of what killed the Dreamcast. It became very easy to burn CDs of games, rampant piracy, developers dropped out.

The original Playstation also could run pirated games rather easily, even without chipping it. All that was needed was an action replay/game shark and using the swapping trick. What made this even more appealing was the fact that the console was region locked and these methods allowed to bypass the region lock.

Which was a pretty big deal back then because it wasn't a given that games got released in every region (no Final Fantasy Tactics for Europe) and if they were then there was often a delay of several months until it ended up in certain regions (Europe). So chipping the Playstation had several advantages for an avid game player.

As a result, there was a very lively schoolyard market of burned PlayStation games being traded, back then I didn't know anybody who didn't have their PlayStation chipped/used swapping trick and didn't have a massive collection of burned games downloaded from the www or straight up copied from rental places.

Did that kill the PlayStation? Nope, it still ended up being one of the most successful consoles. So I'm not sure that console piracy is really that big of a factor for a consoles success or lack of success.


I don't buy the added development cost argument. Firstly because AAA dev kits already have out of the box support for the Switch, secondly because sony and xbone put just as much effort into preventing unsigned code execution as nintendo does.

Then is it just about protecting the emulation market? For nintendo I'd agree. For sony I'd say maybe. For microsoft? They don't really have an emulation market to speak of, but they still dump a lot of resources into DRM.

So is it all about the perceived threat of piracy, or is there more?

But to my earlier point, piracy stops being a factor a decade or two after the release of a console. Why don't we put time limits on DRM like we do with copyright and patents so that the manufacturers are forced to allow full use of the devices eventually.


Re: Development cost. I think we probably just have different perceptions on what that cost will be. I'm happy to disagree with you here, but I think we'll talk around the lack of any facts here. (Read: I have nothing I can present to concretely prove my point or disprove yours so I'm abandoning that line and will take your point as given as much as I feel mine (should be?) is :D)

I would however still argue that its the perception of piracy and those costs rather than any reality of it.

In regards to the idea of time-limited DRM. The argument here is what does that ultimately give Nintendo? The device is EOL and from their point of view the goodwill of the small community of us who like poking around the devices isn't worth even the relatively small amounts of effort to implement that model of DRM. Especially when Homebrew development happens within a console lifetime to begin with.

Essentially, the work hours for homebrew is bought and paid for by these folk here. Nintendo has to do nothing and they get that Homebrew warm-fuzzies from a small group of folks.

However the perceptual loss of faith from someone like EA would cause a huge and immediate impact to the life-cycle of in the In-life console. (Think of the Polygon,IGN and other articles that would come out if EA so much as sniffed at the idea of the Switch being to much of a piracy-risk)

So no, I don't think there is more to it than a perception. Which sadly I think is overweighted in the argument. But already in this post, there are some weird equivalencies between user features and OS security being made which has a lot of value for people (not saying they're wrong in their valuations, just maybe the placement) so perception counts an awful lot for a lot of folks.


Agreed. I guess the core of the question is 'what does that ultimately give nintendo?'.

And that's where I think the government needs to step in as it did with copyright and patents, and ask an additional question: 'what does that ultimately give to society?'. The answer is decreased environmental impact and decreased cost of living. The console manufacturers are passing on costs to consumers that consumers shouldn't have to bear - and don't have to bear when it comes to patents and copyrights. Imagine if patents were perpetual like DRM is and rocket engine technology would forever belong to a single manufacturer with the license..?


Totally agree, but the chance of that happening is pretty low. There isn't perceived to be a problem in that area at the moment that Governments worldwide really need to fix.

To the copyright point. Standard copyright will still apply to all the works produced (which is what, 75 years after last publication) but considering that Video games as a somewhat mainstream endeavor is only at absolute best 40-50 years old, were unlikely to get a test of that any time soon, and thats before republication through virtual console and GOG may actually constitute a refresh on the copyright period.

I think its more likely that consumer pressure to do an ID style of things whereby they opensource their older stuff is the likely fix to our problems.


There's increased development costs on multiple fronts.

Common AAA engines don't support multiple platforms seamlessly, each platform has it's own input devices, asset formats, etc. that need to be supported.

When I worked on a team using the Wii U's Unity3D environment, Wii U builds required a special version of Unity3D, obviously needed to support the specialized form factor of the Wii U's input devices (I'm sure Nintendo has new guidelines on what each game has to support when Joycons are attached and detached). There were even guidelines on how the home button was handled across platforms or how long you could spend loading assets.

Not to mention many large AAA studios are using their own engines (Nintendo had a third tier of development tools reserved for them, that allowed native access and did nothing to support cross platform development) that aren't built to support the Switch without an investment that's greater than on the fairly similar Xbox and PS4.


The business model of consoles is selling hardware at discounted price which is not profitable, then selling games at a premium price. All the game sales give a cut to the console company.

This only works if there isn't a lot of piracy or 3rd party content.

If consoles were an open platform, they would have to raise the price of the console itself. Very few would pay $1000 for a console.


Nintendo goes to more trouble than most to lock down their consoles (and they always have), and they also never sell their hardware at a loss (though this may have briefly been untrue after they lowered the price of the 3DS shortly after launch).


Just because they don't sell their hardware at a loss, it doesn't mean they want to give up software licensing fees.


True, and I'm sure that's a factor, but Nintendo's history leads me to believe that it's more of a cultural/ethical thing than a financial thing.


The Nintendo Switch is basically a nVidia Jetson TX1 (4xA57@1GHz) with some additional parts and a nice plastic packaging. That's comparable to a RasPi 3 except for the GPU. The costs are probably a bit more then 30$ of a raspi but it's not 1000$.


> Why do console manufacturers put so much effort into preventing unvetted code from running on their hardware?

Piracy is the most enduring reason.

Second, regular players should expect a level field when playing online multiplayer - so no risk of battling against someone with modded software.

Beyond that, supporting software and hardware failures is easier if you can assume everyone is running on a stock platform.


That second point can be mitigated by not allowing unsigned code to run in parallel with a game, and generally sequestering games and unsigned code so they cannot mix. I'd consider that a fair tradeoff.

I mean, it may open up another vector for attack running unsigned code without any protections by the console, but... well, those already exist right now. The Switch, for <=3.0, is already broken (rohan[0], which is not yet publicly available).

[0]: https://reswitched.tech/rohan


Or they could just lock down the system and prevent all of these problems with less effort... which is what they did.


> why do console manufacturers put so much effort into preventing unvetted code from running on their hardware?

Because they want to prevent a repeat of the circumstances that led to the great video game crash of 1983 (https://en.m.wikipedia.org/wiki/Video_game_crash_of_1983).

The first generation of home consoles didn’t have any restrictions on what they could run. The result was a flood of shoddy, low-quality games, which ruined the reputation of those consoles and nearly killed the entire market for home gaming.


Can this even happen again? Look at PCs. The cost to produce a very low quality game has never been cheaper, and the infrastructure to spread it has never been better. But there isn't really a problem. We now have marketplaces that have some level of curation in them that prevents this from being a major problem. It isn't a perfect system, but there is no threat of it crashing the video game industry.

Social expectations of games, knowledge about games, information sharing about games, and platforms that allow this knowledge to propagate have made it so I can't see this as being any threat at all.

Add in that we are talking homebrew, so its not like the content will have Nintendo's stamp of approval on it nor accessible to the average user, and the line of reasoning seems completely invalid.

Though it wouldn't be the first time a company did something for reasons that were no longer valid.


I think this is pretty spot on.

The market back in the 80s was an experimental fledgling market that was prone to crashing and loss of faith. This was largely solved through licensing however rather than technical drm (Nintendo lockout chips not withstanding).

There was after that, an expectation and an assertion of quality. From the user side of things, this was the Nintendo Seal of Approval. That meant to the buyer that it was at least a working somewhat playable game. We could argue the relative merits of that program but I think largely speaking it did the job.

These days, Gaming is a form of entertainment that is completely mainstream, I would argue that it is immune to abandonment and major crashes much like other forms of entertainment. (Keeping in mind that Video games thrive during recessions due to low dollar per hour of entertainment ratios.) Void some completely destructive force (Major War, that derails most normal avenues of business) it won't crash out anymore than books, TV or Film. (It may modify and change delivery mechanisms, but none of these are going away any time.)

So I don't necessarily agree that protection against low quality efforts is something that is compelling Console security, though its often what is said.


Yeah but PC gamers are a different breed, and typically know what they're doing way more than the console market (generally speaking)..

Consoles are more of a known quantity, and "Sony", "Microsoft" or "Nintendo" on the hardware box represents a seal of quality (up to a point), both with the hardware and the software that will run on it.

This gives uninformed buyers (i.e. grandma - just to stick with a known stereotype) confidence that they're not buying something awful for their grandchild.

Before the pedants jump in, I know this is an over-simplification and there are bad games on consoles, yes yes..

But that's the general idea.. It's like the Apple App Store (minus the sheer volume of available software), it's a walled garden so there's an implied level of review and quality that is supposed to give consumers some confidence about the products, both hardware and software.

Also, less now than before, hardware manufacturers don't make money on the machines, they make money on the licensing for the software.

Console makers aren't interested in making devices that sell at super thin margins and provide zero incremental revenue because they get bought by a homebrew crowd that won't buy into the ecosystem.


In the "old days", there used to be a big genre separation between PC and consoles. Prior to consoles being powerful enough to drive FPS games, they were generally the best way to play arcade ports, Japanese RPGs and communal multiplayer games.

The lines started to really blur (imo) with the Xbox 360, when people really started playing FPS on TVs in very big numbers.

On the other hand, the types of games that kept me buying consoles (fighting games like Street Fighter and Tekken) are now released day and date with consoles. Thanks to the availability of these games and high frequency of huge discounts on Steam, I no longer foresee any reason for myself to ever buy a new console in the future.

Consoles are still great for fans of certain franchises and genres (like Zelda, Mario Kart and Rock Band) that don't make it to PCs, but for everyone else, I'm not so sure.


Even if console gamers are a different breed, I feel like the homebrew crowd is even more different from console gamers than console gamers are from pc gamers.

>Console makers aren't interested in making devices that sell at super thin margins and provide zero incremental revenue because they get bought by a homebrew crowd that won't buy into the ecosystem.

But are they really a threat, and are they a big enough threat to be worth spending the time and money to lock out?


The two most important electronic marketplaces for games today are probably Steam and the iOS App Store (not necessarily in that order).

Neither of these is as wide-open as the first-gen consoles were. Despite this, both are absolutely flooded with crap, to the point where the most common complaint I see from developers about both is how easy it is for a good game to get lost in the noise — if Valve/Apple don’t feature your title on the store’s home page, you basically have no hope of being found.

So I do think this is a valid concern, though perhaps not quite so dire a threat as the platform owners think it is.


I think this might be a valid concern for any app store, or market as a whole. I'm thinking of Akerloff's "Market for Lemons" paper here, about the difficulty of assessing quality in advance.

Games have a sunk cost of time installing and getting started, often including a tutorial and introduction. This applies even if the game has no monetary cost. If a player finds too much of their time is wasted by bad games, they'll become more conservative and not try new games unless strongly recommended by friends.

The big games continue to do OK, but the "long tail" gets a steeper inflection point - the middle tier of games is hollowed out and the rest of the tail becomes trash and knockoffs.


> Can this even happen again? Look at PCs.

PCs are precisely where you should look to see it happening. The torrential influx of shovelware on steam has made it crazy hard to dig for indie games, to the point where I’ve stopped bothering


I don't have much issue finding them on steam.

Sometimes I look through new releases, and if I see something I like, try it out and review it. Yes, this is often filled with lots of bad games. Other times I look through new games on a given category, and only pay attention to the ones positively rated. This gets rid of all the shovel ware.

But most often when I am looking at a new indie game, I have gotten the recommendation from somewhere else. Often friends or reddit.

I can't think of a better system that would allow something like alpha Minecraft of Dwarf Fortress while stopping shovel ware. I've even found some RPG maker games that were great, but can be impossible to tell apart from all the bad ones. Maybe it exists, but centralized curation is not it.

Also, the current system allows those who want centralized curation to have it. You just follow self appointed curators you like. The benefit is that if you stop liking them or want to follow more than one, you are free to. You can't just pretend all the games they don't curate don't exist, which is what happens if there was a centralized curation in place.


You could rely on word-of-mouth recommendations.

For instance, I think you should try "West of Loathing", by Asymmetric.


> rather the devices became prematurely useless

Then you have to buy a next-gen device and re-buy your games. Good for the manufacturer.

I'd love to see this happening but can't see it happening without political action directed against premature obsolescence for environmental reasons.


But they don't always release a next gen device. And a lot of people who own a <brand> device will automatically buy next gen <brand> when it comes out. And then only a comparatively small fraction of games is typically re-sold without modification.

You think the return on the tiny percentage intersection of those conditions justifices the cost to society in terms of wasted materials and labour to do that? Does it even justify the manufacturer's development costs to create that lockout in the first place..?


> justifices the cost to society in terms of wasted materials and labour to do that?

Probably not, but ..

> Does it even justify the manufacturer's development costs to create that lockout in the first place..

I feel it must do, or they wouldn't keep doing it.


Because Nintendo completely failed at DRM on the Wii U. Pirates can actually download games directly from Nintendo's official store and load them onto a hard drive to play.


It's even worse on the 3DS, pirates get an on-device store browser and install things directly. To my knowledge on the WiiU you still need to download and move it over via SD card.


And with FBI and the title DB, you don't even need freeShop. Things can be installed on a 3DS with custom firmware using the front camera and QR codes.


> Pirates can actually download games directly from Nintendo's official store and load them onto a hard drive to play.

I hear its the same with PS3 those days. Pirate app you install on your cracked console that allows you to browse, download and run games from Sony's servers without paying for anything.


A big part of is ensuring that unsigned code isn't run to cheat in multiplayer games. A lot of times there will be games that come out on Xbox and PC, and the PC one will have rampant cheating, and the Xbox version will not.


>Beyond preventing the distribution of pirated games, why do console manufacturers put so much effort into preventing unvetted code from running on their hardware?

It is to prevent piracy. If you could run any code on a retail console then all you need is to get an image of a game, stripped of authenticity checks ("cracked"). This is how piracy on PC and other open platforms works.


IIRC the PSP has been busted so wide open that Sony may as well have released the keys. It started with quite complex hacks like 'Desperto del cemetario' (I think) but became as simple as sticking something on a memory card and running it.

But yes, it is very counterintuitive - spending so much time and effort to make sure your machine is as limited as you can possibly make it.


"Despertar del cemetario", that's the one...


> My sony PSP and nintendo DS are collecting dust because I already played all the licensed games I was going to on them. Now these devices are worthless to me and get tiny prices on the 2nd hand market. If their owners released firmware signing keys, these devices could have a new lease on useful life as homebrew machines

Where have you been for the past couple of decades? This is literally planned obsolescence, you need to buy the new hardware and discard the old one. According to manufacturers, you shouldn't have any electronic device older than 1-2 years, or any car older than 5. Any ideas of a homebrew around any device are viewed as dangerous...


It's important to understand the history and context of the industry that Nintendo operates in.

The 1983 video game crash was very real and devastating (at least in North America). In 2 years, revenue in the industry dropped by 97 percent. A number of problems were identified as causes -- like most things there is no single cause. But among them was poor quality control of games produced by third parties all producing an unlimited number of games. If 90% of everything is crap, in 1983, 99% of what was produced was crap because there was, at least up to 1983, no incentive to produce quality. In 1986 Hiroshi Yamauchi, the president of Nintendo at the time said, "Atari collapsed because they gave too much freedom to third-party developers and the market was swamped with rubbish games."

Nintendo, in 1983, had just released the Famicom and also was struggling with unlicensed games produced by third parties with poor quality control.

When Nintendo decided to, against all apparent sanity, sell into the North American market in 1985, they made several key platform changes:

1) The Famicom changed from a "video game system" to a home entertainment and computing toy and was shown at trade shows with accessories from keyboards to robots and no joystick in sight. To exhausted and bruised retailers this enabled them to position it differently than Atari's previous products.

2) They fenced in 3rd parties with strong licensing agreements, limited publishing rights (only 5 games per publisher per year), centralized control of product manufacturing (Nintendo made the cartridges and the publishers had to eat whatever cost Nintendo sold them at and a host of other restrictions. Any publisher who couldn't agree to this either went separate ways (Namco was a famous case) or was sued out of existence by a very litigious Nintendo of America.

3) They enforced the agreement with a lockout chip (10NES).

4) They rigorously playtested all published games for strict QC. It doesn't mean unfun games were released, but games released for the U.S. NES tended to be generally free of major bugs.

5) Games were reviewed from content. Pornographic, overly violent, religious themed games or items in games had to be modified.

With this strategy, Nintendo hit the market in '85 and basically single handedly revived the entire North American market. There were a handful of unlicensed 3rd parties (Tengen, Color Dreams, etc.) but none of them became major players at the time.

While some of these 5 points have eroded a bit over time, they formed the basic business framework for competitors to either adopt or attempt to exploit. For example, the basic licensing model, QC and content provisions became Sega's framework for the Megadrive/Genesis while they relaxed the content provisions a bit to drive marketing during certain game fads (Mortal Kombat).

Sony famously used a similar model, but then one-upped Nintendo on licensing deals and manufacturing costs to lure major third parties away during the N64/Playstation 1 era leaving Nintendo with a set of very 3rd rate 3rd parties and expensive to produce cartridges. The Playstation on the other hand had over 2500 games.

In Japan, NEC adopted a very open publishing platform with the PC-FX, which basically turned into a platform for pornographic anime FMV games and died a quick death. Back in the West, the CD-i and 3DO platforms attempted completely different strategies and also died quickly and Atari gasped for life a few times before their own poor QC killed them off. All of these cases provided more data points that Nintendo's basic framework was prudent and any modern strategy should be variations off of that work.

The large number of games for the PS1 caused its own set of problems as Sony also was starting to deal with QC problems by the PS2 era (which had almost 4,000 games released for it). However, Sony's response has been less focused than Nintendo, part of that is because the modern industry has more viable competition and consumers can "jump ship" so to speak between a handful of equivalent consoles. By the PS3 the game count was down again to PS1 levels (the PS4 is at about the same).

Microsoft has their own variation which is more of a response to Sony than Nintendo. By the Gamecube era, Nintendo was seen as an also-ran, stuck with a hard-lined approach to the industry that had benefited but no longer needed the 5 point approach Nintendo had used to resurrect the industry.

For the Wii, Nintendo finally learned, opened up and while still requiring licensing agreements, set a tone more like the first generation Playstation and ending up with over 1500 games for it. However, quality among 3rd parties dropped precipitously.

Nintendo bungled the Wii U, and despite similar library sizes, the Wii had earned a reputation for really unfun shitty licensed tie in games and consumers moved away.

It appears that Nintendo is returning to some other strategy with the Switch. Top-tier 1st party hits, great 3rd party games at the top end. And then filling out the lower tiers, casual games, indie games, multiplatform games and so on. There's already almost 600 games for the platform and it has a reputation for high quality titles -- correcting perceptions around the Wii.

So the basic premise is that if console makers are struggling with crap in their libraries now, they can't tolerate the abysmal piles of pornographic garbage that will clog up store shelves if they don't attempt to control their platforms because that lesson was learned in '83 and again in the 90s (with the PC-FX, 3DO and CD-i). Lockout chips partnered with legal protections like the DMCA build protections they feel will keep their industry viable and history has shown that in the console market at least this is critical.

The PC market has no such controls of course, but the consumer type is very different even if it looks superficially the same.


> Sony famously used a similar model, but then one-upped Nintendo on licensing deals and manufacturing costs to lure major third parties away during the N64/Playstation 1 era leaving Nintendo with a set of very 3rd rate 3rd parties and expensive to produce cartridges. The Playstation on the other hand had over 2500 games.

I'm glad you brought this up, because I remember very vividly looking up the lists of games when I was younger and being startled at just how small the N64 library was by comparison.


The N64 library at the top-end is dominated by Nintendo 1st party games and Nintendo 2nd party games (mostly Rare). Almost all other top-tier publishers had moved onto Sony platforms due to better economics for licensing and publishing. Bizarrely, most of the "top" 3rd party publishers for the N64 were Western developers who pushed out mountains of sports games and arcade conversions.

One of the few Japanese companies who stuck with Nintendo was Konami, who may have had favorable publishing deals based on past relationships with Nintendo. But basically everybody else was sick and tired of dealing with Nintendo's helicoptering and incredibly high licensing and manufacturing costs -- even Konami finally just quit and dedicated themselves elsewhere.

Square and The Final Fantasy Series was one of the famous defections, having for years been an exclusive publisher on Nintendo consoles, Square pulled out completely for the N64. I might be misremembering, but I believe Square even had a major RPG in the works for the SNESCD and when Nintendo bungled that platform had to scramble to fit the game onto a SNES cartridge, further souring the relationship.


PSP depending on model is completely owned. The DS never really had enough power, there's some flash carts that have an extra CPU.


Yeah, I have a flash cart for my 3DS with all my old DS games on it. I can't leave it in the 3DS or it will drain my battery, because it's basically just another entire mini-console running in the 3DS.


> Does Nintendo actually stand to lose anything if a homebrew community evolved?

Piracy was the #1 reason why people think that the Dreamcast failed. There was no security on the Dreamcast, and no one bought games for it

Instead, everyone downloaded .iso files, wrote them to a disc, and ran games for free.


>Beyond preventing the distribution of pirated games,

Well, yeah; that would be why. If you open it up you're also opening yourself up for this. Why do they need another reason?


In the past, Nintendo would likely not have had as much to worry about, as Nintendo has a habit of always selling their hardware at a profit. That said, I think the status quo of the industry means that every console manufacturer has to take security very seriously, for the following reasons.

- Back catalog sold on newer platforms. Nintendo sells access to old games on new platforms. They want to charge you a few bucks to play the original Zelda, and for each additional game, not just allow you to throw on an emulator and hundreds of games and be done for free.

- Available games and game developer targets. Developers choose what markets they want to target. Many already forego the Nintendo markets because they are generally underpowered compared to current gen hardware, and/or the cost benefit doesn't work out because there are less buyers for that type of game for Nintendo consoles. The gamer that wants to buy Dark Souls and has a Switch probably also has either a PS4 or an X-Box. Not preventing piracy of games makes this an even worse cost-benefit ratio, as you may end up subsidizing your game being wildy popular but largely unbought on Nintendo platforms if they don't. Look into the history of the Dreamcast.

- For other console manufacturers, there's also the issue of recouping production cost. Licensed games pay a few bucks back the console manufacturer for each game sold, and they rely on this and sell the systems at a loss to help with market penetration. If a PS4 costs $350 to produce and sells for $300, you don't want people finding alternate uses or running unlicensed software (that doesn't kick back money) on them. You really don't want someone to produce some interesting free software that catches on so people start buying them just to run that software. That's money streaming out the door (I'm not sure if the PS4 or Xbox One are sold under cost at this point in the current generation, but I suspect not. Usually there ar later hardware revisions that make them more profitable to sell outright).

So, really, it's just market economics and incentives. I do agree that limits on DRM would be in all our interests though. The only way I think the game companies would get on board with this (or more likely support it if forced to) would be to completely separate the "official" system and bios from the "general purpose" hardware access mode. That would still probably give hackers and crackers some clues about how to exploit the firmware, but may allow people to develop customized game console operating systems to run all the homebrew you want. Semi-useful for roo based systems, but actually fairly useful for mobile systems like the PSP, DS and Switch.


Hasbro was kind enough to do exactly that for the Atari Jaguar.


This is really cool stuff!

I think it's a particularly novel idea of using on-die fuses to prevent firmware downgrade. I don't know how common that is in the console security world, but the amount of actual firmware updates vs. software updates in any given device would be pretty low and from what I've read the number of fuses is large enough they're never really going to run out of it.

But I also absolutely love the use of the uninitialized PID argument value to be PID 0. There's a poor engineer sitting at Nintendo looking at that slide and just going "well... shit."


> the number of fuses is large enough they're never really going to run out of it.

"640K ought to be enough for anybody!"

But seriously, in the 3DS world, they've been going back and forth with hackers for a long time. There are a lot of updates for that system:

http://en-americas-support.nintendo.com/app/answers/detail/a...

Any time you see "Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience," it's them closing an exploit vector. That would be a lot of fuses to blow.

I wonder how many of these systems have secure enclaves and some ability to have a WORM-style hardware incrementer. The SoC version of an odometer.


Yeh there are a lot of updates. But (and this has come up elsewhere) people call every update a firmware update and its not.

Not every update is a firmware update. But every update is a software update.

Firmware in this context is (most likely from what I can tell) 2nd stage bootloader that exists in EFI. It's pretty rarely updated. This is Package1 that they talk about here and http://switchbrew.org/index.php?title=System_Versions here. Even less if we're talking about firmware updates that burnt a fuse (bottom of this page http://switchbrew.org/index.php?title=Fuse_registers#FUSE_RE...)

So despite 11 Software updates, there has only been five firmware updates.

When we're talking about fuses odm_reserved has 256 bits to play with. Assuming that one bit is 1 fuse. Then they can do 256 firmware updates before they're in trouble.

Firmware is a pretty horribly misused term these days.


Fair point! Thanks for correcting me and giving more detail.


There's a cheap/easy/reliable hardware exploit now, so Nintendo has given up on patching things for the 3DS. In fact, their latest firmware even opens up a new bug.


> I think it's a particularly novel idea of using on-die fuses to prevent firmware downgrade. I don't know how common that is in the console security world

As far as I know, it's been standard practice ever since consoles started having firmware updates. They don't necessarily blow fuses in the update procedure, but they'll generally fuse off anything below the version that a given unit shipped with.


Don't you think Nintendo would prefer that when a product like a Switch goes EOL that it finds a new life generations later through the homebrew community?

Honestly, if I hadn't been able to play roms in college 8 years after I had packed my 8bit Nintendo away I would not have purchased anything on virtual console for the Wii.


I think we as users would prefer that Nintendo prefers this. But no, Nintendo wants you to buy the next console that has the Virtual console of all those games you'll emulate through homebrew.

Abandonware has ceased to exist in the console world. Especially for Nintendo.


I've read a conspiracy theory that Nintendo is wising up a bit to this, but can't do so openly, which is why the SNES classic was just as easy to hack as the NES classic even though a few simple changes could've made it much harder. They know the number of people who would pay $15 for a 15 year old game that hasn't aged well except for nostalgia is limited (assuming they even have the rights to sell it), but the market for hardware that would let them emulate them with a better (perhaps not better but more nostalgic) experience than the simple PC emulator setup is wide open. Thus the NES and SNES classic.

As I said, it is just a conspiracy theory, but leaving the power port to transfer data as well as power in the SNES classic after the same design allowed massive hacking of the NES classic does give a slight nod towards the theory.


Yeh this sounds plausible.

I have felt that the virtual console prices are way to high for what they are. But stuff it in $10 worth of largely OSS and off the shelf hardware with a pretty case and sell it for $60 and I'm all in.

I think given that emulation is a pretty well known thing within the target audience for the classic systems, protecting against it is a lost cause. The market for the classics are nostalgia driven game folks which is different from the switch, which is broader. They have to convince Mum and Dad of

Shelly the 12yo that there is something there. Of course if Mum and Dad happen to see a game from their childhood that they've forgotten about on the Eshop, so much the better. Plus that entire teenage market isn't as susceptible to nostalgia purchases as the 30-40 market is right now. We'll see another wave of those kinds of devices in 20 years :D.

Given the low numbers of the classic systems available, it just had all the ear markings of a small group's side project that may or may not have worked, rather than a complete exec buy in to be the "next-big-thing".


Didn't they actually leave some text file in the filesystem with some kind of "happy hacking" note on (S)NES Classic?



eFuses were first used to prevent downgrades on Xbox 360 actually.


Oh cheers! I had no idea. Thanks for the pointer :D



It's probably being replaced with a more complete file, since the original one had its ending cut by mistake.

There's always the raw recording if somebody needs to watch it right now: https://streaming.media.ccc.de/34c3/relive/8941


The embedded video here[1] is removed too. I have a feeling there's something more to this.

[1]: http://wololo.net/2017/12/29/nintendo-switch-kernel-exploit-...



It's back.




The demo and Q&A section is missing on this video and on YouTube, but you can watch it here: (demo starts at around 01:08:00) https://streaming.media.ccc.de/34c3/relive/8941


I have reported it to c3voc and they just said they're going to recut it :) Thanks for mentioning!


I hope it's in the final release of the video.


Most secure OS, but no lock screen, cloud backup, or “find your Switch” option. If somebody steals your Switch or you lose it, you can forget about it—which is why I protect mine like a newborn child.


The two have nothing to do with one another. Everything you list as missing are user convenience features. Not OS security features.

There is no (or very little) perception of user sensitive data being stored on the switch itself, so from that perspective you don't need user data security protections.

But you do need protections against code execution that eventually leads to piracy and loss of faith in the system from publishers.

The security of game consoles is developed not for the user, but for the customers of the platform, which are the publishers.


The missing features decrease the overall security, especially the missing lock screen. It may be a different aspect as e.g. application-level security, though.


Really great security systems manage to offer a high level of security without sacrificing user experience. For example, how Apple devices sync secrets with end-to-end encryption.


I don't disagree with the statement, but it is still missing the point.

This is still equating user features with fundamental operating system security choices and presenting it as an either/or option.

1. They are two wildly different things. The Core Security design is not for you as a consumer of the device. It is for publishers and developers and Nintendo themselves to have trust in the system. What is being argued here is user features. Nice to have's (and I agree, REALLY nice to haves) but not MUST haves for the consoles success. Publishers aren't walking away from the switch in droves and game sales aren't endanger of being eroded because there isn't "Find my switch."

2. It's not a set in stone decision. The core security design has to be competent and hardened from Day 1. You're running against console homebrewers and hackers who will say things like "Stay on Firmware 3.0.0". Knowing full well that you will never be perfect, you have to be reasonably resistant to a webkit exploit that leads to code execution. The success of the security design is measured in days to code execution. The features that are being talked about in this particular thread can be added (and removed: see Sony and otheros without the legal argument) at any time they want.

We (consumers) may very well get the user-conveinence features being talked about here.. someday.

But the Switch's security model has been defeated as of Firmware 3.0.0 and it is unlikely that it'll ever fully recover. (If a 1st or 2nd stage bootloader exploit is discover, then s/unlikely/never.)


>update to 3.0.0 and stay there

fun fact: the mentioned kernel/trustzone bugs only exist in 1.0.0...


"We're great at protecting our data, but you're on your own"


This is not about protecting the users from remote attacks via the console, this is about protecting the console from game piracy.


It's more about "protecting" it from unlicensed publishers in general, irrespective of whether they're producing unauthorized copies. Indeed, recent schemes have made it markedly easier to copy games without authorization than to publish original games without authorization. The former only requires subverting a protocol used to decide whether a copy is authorized (e.g. by altering optical drive firmware or outright replacing the drive with an emulator); the latter requires breaking the platform's crypto services.


Nobody has "found" their anything when it was stolen by thieves. You file a lost report and go home. You don't go knocking on the door of a thief and expect them to hand it to you.


I'm getting a page not found. Did it die?


I bought a couple of games from ebay once. I thought it would be the serial codes to input in the store, but the seller had me create a new Nintendo account and send him the name.

They added funds to the account and bought the games themselves and told me to play from other accounts. Then I realized it might had been carding.

The games downloaded and worked fine. After some weeks the bad account has an admiration sign in it's icon and I can't log into the store with it, but the games still work and even get updates.

IIRC, the 3DS had the record of which games were bought tied to the console instead of the account, which made it easy for pirates to download the games once the console was jailbroken. It seems to be the same route for the Switch.


Funny how the first item in an exploit chain is always WebKit for.. those devices.


Browsers are extremely complex pieces of software for everything they can do today

Likely it's simply prohibitive (and a poor user experience) to track WebKit upstream and deploy firmware updates every time a vulnerability in the engine is patched


The "bypass the SMMU" part was so funny :)


I wished these guys would use youtube for videos. The streaming sucks.


interesting video, but man that website hates 21:9 monitors.



Thanks!


Surely you don't browse maximized?


Typically not, as it does tend to shove all my content to the left.

The problem is that when you attempt to make the video fullscreen, it still fails to scale to the monitor.

So after fullscreen failed, I then attempted to view the video in a maximized browser but it still scaled it beyond the vertical limits of my monitor.


??? Why wouldn't anyone browse maximized?


If your monitor is larger than your field of vision, having anything maximised is just a pain.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: