
Indie Game Removed from Switch After Dev Reveals It Has a Hidden Code Editor - laurex
http://www.nintendolife.com/news/2019/04/indie_game_removed_from_switch_eshop_after_dev_reveals_it_contains_a_hidden_code_editor
======
jdietrich
_> The narrative that has played out online is exactly what's wrong with this
trashcan fire of a world.

>Everyone is an armchair expert. Everyone thought the worst. You've seen that
I've been called a dick, idiot, and everything in between. Because
sensationalised news sells. If the narrative was 'I added a sandbox to A Dark
Room that lets you mod the game and provide a medium for kids to code (and
technical parents to show their kids what they do),' it would have gone
unnoticed._

This is just desperate. Nintendo are notoriously protective of their platforms
and their IP. It has been an essential part of their business model for over
30 years, going back to the NES10 chip. Expecting Nintendo to disregard their
own Terms of Service because this specific breach is well-intentioned is
utterly naive.

Rajan says: _" I snuck it in assuming that plugging in a USB keyboard and
pressing the "~" key wasn't part of the test plan"_. He intentionally deceived
Nintendo as to the nature of his app by including a hidden feature that allows
for arbitrary code execution. He announced the existence of that feature on
social media. What else did he expect to happen?

~~~
praptak
The fact that Nintendo were always like this does not mean it is okay. If
there's anything wrong with this story it's how everyone seems to silently
accept it is okay for a company to tell you what you can run on the hardware
that you "buy" but not really own.

~~~
jdietrich
That's not the story at all. Rajan entered a voluntary agreement with
Nintendo, through which his game would be distributed on their platform. He
deliberately deceived them about the presence of a potentially security-
critical feature, thereby breaching that agreement; Nintendo took the
perfectly reasonable decision to remove his game from their platform.

There is a perfectly reasonable debate to be had about bootloader unlocking,
sideloading and consumer choice, but this is not that debate. The issue here
is fundamentally about someone intentionally deceiving a business partner.

Sidebar: There are no shortage of tablet-ish computers that will run arbitrary
code. The Joy-Con controllers are class-compliant and will work with any
Bluetooth host. There are open alternatives, but a lot of people buy the
Switch specifically because it offers a curated experience with clear age
ratings and effective parental controls.

To meaningfully contribute to the debate on walled gardens, it is first
necessary to acknowledge their relative popularity compared to open platforms.
If walled gardens were universally and unconditionally bad, it is implausible
that they would have such broad market acceptance. In the case of Nintendo,
this issue is particularly acute - many informed observers credit the NES10
chip and the Nintendo Seal of Quality with saving the video games industry.

~~~
xkcd-sucks
So all one needs to do to make exploits/jailbreaks/backup loaders for switch
is to get a Nintendo developer account? Sounds like a win

~~~
Jasper_
... and buy separate devkit hardware (relatively cheap compared to Wii U days,
but still), make an actual game (devkit does not play retail games, and retail
console cannot install dev-signed apps), get it through TRC/lotcheck, pay the
fees to publish the game, give trailers/launch material to Nintendo, never
once mention its secret purpose as a jailbreak, and then secretly share it
with all your friends without any bit of the hacker community finding it out.
Extremely easy.

~~~
kuzehanka
> never once mention its secret purpose as a jailbreak

The switch is completely thoroughly irreversibly jailbroken at the hardware
level already. I don't think the secret purpose was to be a jailbreak.

~~~
beefhash
> The switch is completely thoroughly irreversibly jailbroken at the hardware
> level already.

This has been fixed in hardware revisions since about a year ago. Getting a
unit that is vulnerable to the so-called RCM exploit has become increasingly
difficult.

(The boot9strap exploit against the 3DS, on the other hand, was never fixed.
One wonders why.)

------
saidajigumi
The narrative in the article also misses the following point, which I've seen
many times over the years, in both game dev and non-game dev shops:

 _It is massively unprofessional to ship an Easter Egg without broad consent
to do so._ Planning a fun "secret" for your users? Great! Surprising people
involved in _the publishing pipeline_ , esp. in a "will I get caught" way? Not
so great. That's where Rajan went off the rails.

~~~
ppseafield
Indeed. Although this isn't sexually explicit, it reminds me of the trouble
Rockstar got in after the Hot Coffee fiasco. Their publisher had to pay out
hundreds of millions of dollars.

(Edit: pkroll is correct, the final penalties were $21 million.)

[https://en.wikipedia.org/wiki/Hot_Coffee_mod](https://en.wikipedia.org/wiki/Hot_Coffee_mod)

~~~
CobrastanJorji
Everything about that scandal was stupid. In an M rated game (recommended for
17 and older), the protagonist could date women, be invited into their homes,
and then the player would hear the sounds of the characters having sex. Fine,
whatever. The game also allowed the player to sleep with prostitutes on the
street to regain health, which would either cost them money or, if the player
completed missions to become their pimp, earn them money.

The revelation that, in addition to those kinds of sex, a crude sex minigame
could be revealed, if one made a bit flip to a config file with the help of
third party software or hardware, led to:

* $21 million in penalties.

* The city of Los Angeles suing the company.

* A class action lawsuit whose initial plaintiff was a lady who bought the game for her 14 year old grandson, which would end with 2700 claimants being compensated.

* Hillary Clinton calling on the FTC to "take immediate action."

* Senator Lieberman, working with Clinton, proposed a law making the sale of violent games to children a federal crime.

~~~
ppseafield
I agree, the reaction was completely, 100% nuts.

But such an Easter egg could put Nintendo in a similar situation, and I can
see why they can't let developers get away with hidden content like this. It
would set a bad precedent.

------
ggggtez
I wasn't able to find their developer policy, but I'd assume this is a pretty
cut and dry case of violating the policies he agreed to when he submitted the
game for review.

Nintendo is very protective of running pirated or unofficial games, ever since
the late 80's, when knock-off games were rampant and leading up to today with
DRM. I'm sure it's against their policies to sell a game where users are
allowed to write arbitrary games/code without Nintendo approval.

It would be different if the game was sold as a Ruby interpreter, because then
they could at least verify it's capabilities and make an informed judgement
about whether they should allow it.

~~~
naikrovek
[https://developer.nintendo.com/](https://developer.nintendo.com/)

To get an account there, you must agree to a few things, one being an NDA, and
to get a Switch dev kit you must agree to a few more things, as well as go
through a case-by-case evaluation of your game idea, if you are not an
established game developer.

We won't be seeing the agreement(s) that were likely broken, and if you can
see them, you are under NDA.

------
robrtsql
> The apps would be tied to the game itself, and would only be able to run
> when loading up that game, but you can see why Nintendo would take issue
> with its implementation.

I have a few guesses, but no, I don't see why Nintendo took issue with this.
Is it because users could damage their devices with access to something like
this? Is it because this could somehow be used to undermine Nintendo's DRM or
cheat in online games?

~~~
kro92kfmrzz
There’s definitely an argument to be made about how this dev should only be
shipping to hundreds, thousands, or millions of personal devices via
Nintendo’s infra only what’s printed on the tin.

My hacker nerd side is all giggly.

My security and consumer conscious sides bristle at the idea some dev thought
it was a great little in-joke to ship this to unsuspecting users.

~~~
sucrose
> dev should only be shipping to hundreds, thousands, or millions of personal
> devices via Nintendo’s infra only what’s printed on the tin

That's a very long-winded way of saying, "He should only sell what was
advertised."

> unsuspecting users

Nobody is forcing anyone to find or access Easter Eggs. It wasn't malicious
nor annoying, it wasn't even accessible unless you attached a keyboard. I
haven't seen any backlash from "unsuspecting" buyers, only Nintendo.

I see the potential worries from a security perspective, but as an
"unsuspecting" consumer, why would you care?

------
droithomme
_> you can see why Nintendo would take issue with its implementation_

Actually, I don't see why. The interpreter only runs inside his game. It
doesn't root the machine. Why would anyone object to this?

~~~
roblabla
The implementation is based on mruby, which is riddled with bugs. I spent some
time reversing A Dark Room before it got removed. I am confident that there
are bugs allowing ROP, from which point getting CFW is a matter of privesc. We
have privesc to bootrom on every firmware version up to 7.x (inclusive).

This is obviously bad for nintendo.

~~~
baroffoos
The games themselves run in a sandbox and should not have access to the
greater OS, hypervisor or arm trustzone which are on the switch.

~~~
xena
Assuming the jar has no holes. The jar apparently has holes and the brain
inside it can peek out.

~~~
baroffoos
I haven't seen any exploits from application level getting access to the OS.
There is basically one exploit being used on the switch which uses a bug in
the nvidia chip at boot which gives you a higher level of access than the OS
and all of the security checks. Its such a powerful exploit that can only be
fixed by a hardware change that no other exploit is needed.

~~~
roblabla
You didn’t look too hard then. Deja vu got released recently. It’s a chain
from unprivileged to bootrom. Got fixed in 8.0.0, the very latest firmwares.
Look it up at
[https://switchbrew.org/wiki/Switch_System_Flaws](https://switchbrew.org/wiki/Switch_System_Flaws)

It’s currently the only known chain, and might be the only one in existence.
And yet it’s a big threat. In practice, A Dark Room isn’t a particularly
interesting entrypoint due to requiring an usb keyboard (web browser is easier
to open). But it's understandable that Nintendo would want to keep those
entrypoint to an absolute minimum. Especially since newer hardware revision
exist which fixed Fusee-Gelee, the BootROM bug you talked about.

------
phaedryx
I follow him on Mastodon, where this all played out:
[https://ruby.social/@amirrajan](https://ruby.social/@amirrajan)

His explanation:
[https://ruby.social/@amirrajan/101991299426077446](https://ruby.social/@amirrajan/101991299426077446)

He did security checks:
[https://ruby.social/@amirrajan/101986725826245184](https://ruby.social/@amirrajan/101986725826245184)

~~~
59nadir
> He did security checks:
> [https://ruby.social/@amirrajan/101986725826245184](https://ruby.social/@amirrajan/101986725826245184)

This is worth nothing to Nintendo and should be worth nothing to other people.
This should've been done as a collaboration with Nintendo in order to actually
bring Ruby to the Switch, not snuck in.

------
kennywinker
A Dark Room is a _very_ good game. It’s available on many other platforms -
highly recommend you check it out!

~~~
giancarlostoro
NGL I am not huge on Ruby (dont hate it just do more with Python) but I would
buy that game just to code in Ruby in the game as weird as that sounds. I love
out of the box easter eggs.

------
tluyben2
I love the amount of control we are using over our devices. It is not like
people can do anything malicious with it.

Anyway; so like Apple (less and less luckily), Nintendo forbids editable code
to run on their devices? Or is it allowed if there is a gaming aspect
involved? Or just not at all?

~~~
Wowfunhappy
You can purchase a BASIC interpreter on the 3DS eShop. It's called SmileBASIC,
and it's pretty full featured.
[http://smilebasic.com/en/](http://smilebasic.com/en/)

It doesn't make intuitive sense to me why a BASIC interpreter would be
allowed, but not a Ruby interpreter. The difference is likely that Nintendo
was never informed about the Ruby interpreter.

While I wish everything was user-modifiable, I'm generally okay with game
consoles being locked down, because they don't bill themselves as general-
purpose computing devices. I can't run my own software on my BluRay player
either.

~~~
kevin_b_er
It was the deception by the developer. He chose to hide it from all reviews
and gave a false description of what the product to sell on the platform was.

~~~
Dylan16807
I really don't think an easter egg like this is enough for "false description
of the product".

Is Excel 97 not a spreadsheet program?

~~~
Wowfunhappy
Was Excel 97 submitted to a separate authority for testing and validation
prior to release? It was, don't you think the authority should have been
informed of any hidden functionality or easter eggs?

~~~
Dylan16807
It was submitted to a lot of stores with harsh requirements for shelf space,
acting partly on testing and partly on trust. I'd say the authority there is
comparable, and no they didn't need to be informed as long as the program
admirably performed its job with no malicious code.

------
erikpukinskis
I have often wondered...

Could you make a video game for these platforms, Nintendo or iOS, where there
is a fully... is endogenous the word? virtual machine in the game world that
you could program on? Like, the registers and compute cycles weren't real
ticks, they actually happen within the game loop?

Like, if I made a space sim¹, and the flight computer ran on PICO-8², and
there were actual transistors in the spaceship model, and there was a terminal
with actual wires that go to them, would that get banned from the app stores?

¹ (similar to what 0x10c was intended to be)

²
[https://www.lexaloffle.com/pico-8.php](https://www.lexaloffle.com/pico-8.php)

~~~
mebo
Nintendo does tend to allow things that let users "code" their own games, as
long as it's well-checked and the devs are upfront about it. See
SmileBasic([http://smilebasic.com/en/](http://smilebasic.com/en/)), a
commercial BASIC interpreter for 3DS that let's you make simple games,
condoned by Nintendo and sold on the eShop. Coincidentally, it led to 2
separate exploit chains that allow for native code execution - Nintendo
doesn't want any of that and it's understandable that they want to avoid any
possibility of it happening, especially if the groundwork for such an exploit
is getting snuck in as a legitimate game without even telling them about it.
People will always find their way around sandboxes and limitations, especially
on a highly targeted system like the switch.

------
Lowkeyloki
What about people who already bought it? Does it stay installed on their
consoles? And if they uninstall it, can they download it again?

It's probably moot because I'd expect Nintendo to demand a patched version of
the game with Ruby removed to replace the existing version for those who
bought it even if Nintendo decides not to allow it up on the store again.

~~~
strangecasts
I can't remember them pulling games off consoles - when people discovered
games allowing code execution on the 3DS, Nintendo either marked patches as
mandatory as soon as they were ready (so you couldn't play without updating)
or attempted to block the exploit on the OS side (as they did with _Cubic
Ninja_ , since the studio behind it shuttered)

------
jplayer01
Well, this was to be expected. I was wondering when it was announced how long
it would take for Nintendo to drop the hammer.

------
miki123211
In what way was that code editor malicious? Did it allow i.e. creating your
own games, modifying other games etc? I don't think so, since I'd expect apps
on such platforms to be totally sandboxed. If you could only enter data into
it via a keyboard, you couldn't even use it to download programs off the
internet, except doing it the 80s "let's retype those ten pages of code into
my computer" style.

~~~
crooked-v
If it's a full implementation with OS-level access, a USB device that fakes
keyboard input could do all kinds of spyware-like stuff with only brief access
to the hardware, and without most users even knowing it's possible.

~~~
nacs
It doesn't allow OS-level access -- its limited to the game/app sandbox.

Also Nintendo does have a full BASIC interpreter available for sale on their
app store.

------
0815test
There goes my idea of porting Core War to the Nintendo Switch. Ah well.

~~~
crooked-v
The 3DS has a sandboxed BASIC implementation available complete with exporting
and loading programs ([http://smilebasic.com/en/](http://smilebasic.com/en/)),
so other programming-in-a-VM games would probably be fine, presuming the
developer was actually upfront about that at the time so proper security and
content-rating testing could be done.

------
politician
That's wild because Super Mario Bros contains a built-in code editor (via
arbitrary code execution easter eggs), and Nintendo is OK with that.

[https://www.youtube.com/watch?v=OPcV9uIY5i4](https://www.youtube.com/watch?v=OPcV9uIY5i4)

~~~
httpsterio
Isn't that a bug though and not a feature? Also running the inputs to generate
compileable code isn't feasible on the original console because of the
required precision of the inputs and only possible on emulators?

~~~
ihuman
No, a person can do it on a real console
[https://www.youtube.com/watch?v=hB6eY73sLV0](https://www.youtube.com/watch?v=hB6eY73sLV0)

~~~
httpsterio
Thank you, I stand corrected.

------
mimixco
Another recent post here on HN is from the app developer himself. Only hours
ago, he told detractors "not to worry" about Nintendo's response. And now
this.

------
everyone
I will never understand why people buy consoles. By doing so, rather than
getting some kind of pc, you are doing nothing but paying a lot more in order
to greatly restrict your options and make all your gaming utterly beholden to
some corp. It used to be the case that consoles were more convenient and
faster to play games on. Now the opposite is true. To run a console game you
have to make and sign into an account, be online, it will need to update its
OS, then update the game, and loading times are enormous.

~~~
bobthepanda
For me at least, the appeal is that the Switch is capable of being handheld on
things like the commute and flights. PC gaming is not as convenient or
portable, and mobile gaming is not nearly as pleasant of an experience.

You don't have to be online to run a Switch. And the Switch uses solid state
memory so loading times are pretty good.

------
logicallee
I read every word of the post (including quotations) and watched every second
of the video. I've played on a Switch (owned by someone else).

Can someone ELI5 what the issue is here or why there's any reason for remorse?
Since it's a text adventure game, what's the difference between the game as
allowed (text adventure) and the sandboxed bundled ruby? What's the difference
between those 2 things? (A sandboxed ruby seems strictly equivalent to a text
adventure game to me.) Not trying to be obtuse, just don't get it.

~~~
govg
One issue that can easily crop up - the sandbox has bugs that allow access
outside the game. This makes the game suddenly more than just an adventure
game, and could be exploited. This is what Nintendo is trying to prevent here.

~~~
logicallee
Oh okay. That's surprising to me because Ruby is a web language, so you would
think that no, it wouldn't really have any known bugs like that. And again, if
you're talking about potential bugs I'd think the text adventure game (or any
game) might have bugs too. I still don't get it though because isn't it the
user's hardware?

Is there some more context here? I'm still confused.

------
crankylinuxuser
And this is what happens when people don't _own_ the hardware they buy.
Instead, they get awful DRM'ed bullshit, with a monopolistic store 'owner'
digitally forcing whatever they say on their fiefdom.

The first computer I had access to had BASIC built in. Having control of a
computer of what runs and not is an absolute basic right of ownership.

And from these computers called "game consoles", you the purchaser have none
of that.

~~~
Kim_Bruning
What surprises me is the number of people who seem to be agreeing with
Nintendo in this case.

I guess the Overton window is shifting away from a position of software
freedom; which is unfortunate. :-/

~~~
kbenson
Well, there's two separate issues at play, and then how they combine.

There's whether you should be able to run your own code on your own device,
which I think most people here are on board with.

Then there's whether you should be able to misrepresent what you've agreed to
ship through someone's network when you've presumably signed contracts and
made statements about that end up being untrue. I think most people would
agree that Nintendo should have the ability to control what they allow in
their store.

Finally, there's how these interact, because you can only really run stuff on
the switch that Nintendo allows in their store, which makes the issue much
more complicated.

Which part of the issue someone focuses on will likely inform how their
comment is formed, but also how they interpret other people's comments,
whether they are really focusing on the same aspect of the issue or not.

~~~
pubutil
My sentiments exactly. To branch a little bit, Nintendo has been historically
focused on preventing piracy. It makes sense given their consoles tend to be
the easiest to hack of the big 3.

If you remember what happened on the 3DS with Cubic Ninja [0], that game’s
level editor allowed the console to run homebrew code. That was inevitably
another vector for piracy at a time where Nintendo was already grappling with
the for-profit piracy enabler that was Gateway.

Based on this I can’t personally say if Nintendo is against homebrew running
on their consoles or if they’re trying their hardest to prevent piracy, at the
expense of homebrew. I do think that the feature included in A Dark Room would
have had better chances of staying if the dev hadn’t kept it a secret through
the publishing process, though.

[0]
[https://wikipedia.org/wiki/Cubic_Ninja#3DS_homebrew_exploit](https://wikipedia.org/wiki/Cubic_Ninja#3DS_homebrew_exploit)

------
Creationer
Looks like this new platform is getting flooded, and Nintendo's quality
control is not keeping up. A game like this should have never been allowed a
release - just from the poor visual quality alone.

