The Nintendo Switch was recently hacked, and it's already clear this particular exploit is a tremendous pain for the Big N. Unlike most hacks, a simple patch delivered over a Wi-Fi connection won't solve the issue. That's because the exploit (which was conducted by console hackers "fail0verflow) cracks the Switch's hardware.
fail0verflow's crack utilizes the Fusée Gelée Tegra Coldboot exploit discovered by hacker Kate Temik. The exploit bypasses crucial lock-out operations using the Tegra X1's USB recovery mode, and fail0verflow has already posted footage of Linux running on a cracked Nintendo Switch. Since the Tegra system on a chip (SoC) powers the Switch, the core-level hack creates a "security nightmare" for Nintendo, according to Digital Foundry.
fail0verflow explained its reasoning for publicizing the exploit in a blog post that went up today. The Tegra X1 recovery bug has reportedly been common knowledge amongst hackers for quite some time, and fail0verflow says notices to Google (which uses the Tegra X1 in many Android devices) have gone unacknowledged.
"The Tegra bootrom bug is so obvious that multiple people have independently discovered it by now; at best, a release by other homebrew teams is inevitable, while at worst, a certain piracy modchip team might make the first move," the blog post by "switch_enthusiast" reads. "90 days ago, we begun the responsible disclosure process with Google, as Tegra chips are often used in Android devices. The disclosure deadline has now lapsed. The bug will be made public sooner or later, likely sooner, so we might as well release now along with our Linux boot chain and kernel tree, to make it very clear that we do this for fun and homebrew, and nothing else."
Digital Foundry's Richard Leadbetter lists numerous ways Nintendo and Nvidia can temporarily patch the problem, but ultimately, it's only a matter of time before software-based fixes are undone. The only permanent fix for the exploit involves changing the Tegra X1 processor.
"Options are limited in how [Nintendo] can respond and it almost certainly begins a game of cat and mouse between hackers and the platform holder: Firmware updates issued with new security patches, followed by custom firmware alternatives that once again allow unsigned code to run," writes Leadbetter. "Despite the advance warning given to Nintendo, the current Switch firmware remains vulnerable—with the limited routes forward available to Nintendo, it'll be fascinating to see how it responds."