
Console Security – Nintendo Switch [video] - moepstar
https://media.ccc.de/v/34c3-8941-console_security_-_switch/
======
saguro
Beyond preventing the distribution of pirated games, why do console
manufacturers put so much effort into preventing unvetted code from running on
their hardware?

Does Nintendo actually stand to lose anything if a homebrew community evolved?

Shouldn't we put time limits on DRM like we do on copyright so that eventually
owners of these devices are allowed to use them however they like?

My sony PSP and nintendo DS are collecting dust because I already played all
the licensed games I was going to on them. Now these devices are worthless to
me and get tiny prices on the 2nd hand market. If their owners released
firmware signing keys, these devices could have a new lease on useful life as
homebrew machines, but instead their owners tell us no, they'd rather the
devices became prematurely useless and that we can't get any use out of them
unless they can cash in on it... It's weird now that I think about it.

~~~
resonanttoe
It's a perceptual argument I think.

If publishers like EA and Ubisoft lose faith in the system's ability to
protect against piracy, they're less likely to go out of their way to develop
for it. This is especially true for Nintendo that requires (for varying
reasons) special porting/development.

For the sake of argument its easy to assume that PC, Xbox and PS4 roughly
being equivilent to develop for. (this is totally cutting the gordian knot
but...) They're essentially all X86_64 architecture with similar third party
modules present (nVidia, AMD). So development on these systems is a lot
easier.

For Nintendo, you have to develop within the limitations of typically not as
powerful hardware. (Take a look at WWE2K18 between PS4 and Switch.. they
struggle with that). Which means that you have to not necessarily spend more,
but spend extra to get it working on Switch properly (I.E, its not quick and
cheap).

Therefore if the piracy rates are high or perceived to be high because of a
flourishing and popular homebrew community (false equivalency but I'm
confident that it happens.) then the desire the expend that extra effort will
go down. Espeically if the return is expected to be low.

Also emulators are easy these days and that just totally erodes the Virtual
Console Market. Around the Wii they discovered the HUGE proportional market
for virtual console (Near 0 development cost/effort, huge returns, relatively)

One of the first things that will come from this is a port of RetroArch. Which
is cool but not what big N wants to see.

~~~
donatj
> If publishers like EA and Ubisoft lose faith in the system's ability to
> protect against piracy, they're less likely to go out of their way to
> develop for it.

This was part of what killed the Dreamcast. It became very easy to burn CDs of
games, rampant piracy, developers dropped out.

~~~
Grazester
That is not totally true. EA never comitted to the Dreamcast and its death was
due to all SEGA's past mistakes that burnt consumer and developers alike.
Piracy was never an issue with the Dreamcast in that it didn't hurt the
system.

Someone did a pretty in dept analysis of the Dreamcast console and games
sales.
[https://www.youtube.com/watch?v=7hGK2ep3gJI&feature=youtu.be](https://www.youtube.com/watch?v=7hGK2ep3gJI&feature=youtu.be)

Sega was strapped for cash and couldn't compete with Sony's hype and deep
pockets. The Dreamcast was dead out of the gate unfortunately.

edit:// Seamus Blackley the CTO of the Xbox and person who came up with the
idea that Microsoft needed to get into the console market and pushed the
company to do it, is quoted as saying "If I had known how powerful Sony and
Nintendo were, I would have probably given up on there wouldn't be an Xbox"

That should give you and idea of what the console business is like. Even with
Microsoft's deep pockets its a hell of a challenge.

------
resonanttoe
This is really cool stuff!

I think it's a particularly novel idea of using on-die fuses to prevent
firmware downgrade. I don't know how common that is in the console security
world, but the amount of actual firmware updates vs. software updates in any
given device would be pretty low and from what I've read the number of fuses
is large enough they're never really going to run out of it.

But I also absolutely love the use of the uninitialized PID argument value to
be PID 0. There's a poor engineer sitting at Nintendo looking at that slide
and just going "well... shit."

~~~
timdorr
> the number of fuses is large enough they're never really going to run out of
> it.

"640K ought to be enough for anybody!"

But seriously, in the 3DS world, they've been going back and forth with
hackers for a long time. There are a _lot_ of updates for that system:

[http://en-americas-support.nintendo.com/app/answers/detail/a...](http://en-
americas-support.nintendo.com/app/answers/detail/a_id/231/~/system-menu-
update-history)

Any time you see "Further improvements to overall system stability and other
minor adjustments have been made to enhance the user experience," it's them
closing an exploit vector. That would be a lot of fuses to blow.

I wonder how many of these systems have secure enclaves and some ability to
have a WORM-style hardware incrementer. The SoC version of an odometer.

~~~
resonanttoe
Yeh there are a lot of updates. But (and this has come up elsewhere) people
call every update a firmware update and its not.

Not every update is a firmware update. But every update is a software update.

Firmware in this context is (most likely from what I can tell) 2nd stage
bootloader that exists in EFI. It's pretty rarely updated. This is Package1
that they talk about here and
[http://switchbrew.org/index.php?title=System_Versions](http://switchbrew.org/index.php?title=System_Versions)
here. Even less if we're talking about firmware updates that burnt a fuse
(bottom of this page
[http://switchbrew.org/index.php?title=Fuse_registers#FUSE_RE...](http://switchbrew.org/index.php?title=Fuse_registers#FUSE_RESERVED_ODM7))

So despite 11 Software updates, there has only been five firmware updates.

When we're talking about fuses odm_reserved has 256 bits to play with.
Assuming that one bit is 1 fuse. Then they can do 256 firmware updates before
they're in trouble.

Firmware is a pretty horribly misused term these days.

~~~
timdorr
Fair point! Thanks for correcting me and giving more detail.

------
austinpray
Uhoh. Page 404ed.
[https://webcache.googleusercontent.com/search?q=cache:https:...](https://webcache.googleusercontent.com/search?q=cache:https://media.ccc.de/v/34c3-8941-console_security_-
_switch/)

~~~
seba_dos1
It's probably being replaced with a more complete file, since the original one
had its ending cut by mistake.

There's always the raw recording if somebody needs to watch it right now:
[https://streaming.media.ccc.de/34c3/relive/8941](https://streaming.media.ccc.de/34c3/relive/8941)

~~~
ktta
The embedded video here[1] is removed too. I have a feeling there's something
more to this.

[1]: [http://wololo.net/2017/12/29/nintendo-switch-kernel-
exploit-...](http://wololo.net/2017/12/29/nintendo-switch-kernel-
exploit-34c3-presentation-nvidia-backdoored/)

------
fotcorn
The demo and Q&A section is missing on this video and on YouTube, but you can
watch it here: (demo starts at around 01:08:00)
[https://streaming.media.ccc.de/34c3/relive/8941](https://streaming.media.ccc.de/34c3/relive/8941)

~~~
seba_dos1
I have reported it to c3voc and they just said they're going to recut it :)
Thanks for mentioning!

------
SimeVidas
Most secure OS, but no lock screen, cloud backup, or “find your Switch”
option. If somebody steals your Switch or you lose it, you can forget about
it—which is why I protect mine like a newborn child.

~~~
resonanttoe
The two have nothing to do with one another. Everything you list as missing
are user convenience features. Not OS security features.

There is no (or very little) perception of user sensitive data being stored on
the switch itself, so from that perspective you don't need user data security
protections.

But you do need protections against code execution that eventually leads to
piracy and loss of faith in the system from publishers.

The security of game consoles is developed not for the user, but for the
customers of the platform, which are the publishers.

~~~
BillinghamJ
Really great security systems manage to offer a high level of security without
sacrificing user experience. For example, how Apple devices sync secrets with
end-to-end encryption.

~~~
resonanttoe
I don't disagree with the statement, but it is still missing the point.

This is still equating user features with fundamental operating system
security choices and presenting it as an either/or option.

1\. They are two wildly different things. The Core Security design is not for
you as a consumer of the device. It is for publishers and developers and
Nintendo themselves to have trust in the system. What is being argued here is
user features. Nice to have's (and I agree, REALLY nice to haves) but not MUST
haves for the consoles success. Publishers aren't walking away from the switch
in droves and game sales aren't endanger of being eroded because there isn't
"Find my switch."

2\. It's not a set in stone decision. The core security design has to be
competent and hardened from Day 1. You're running against console homebrewers
and hackers who will say things like "Stay on Firmware 3.0.0". Knowing full
well that you will never be perfect, you have to be reasonably resistant to a
webkit exploit that leads to code execution. The success of the security
design is measured in days to code execution. The features that are being
talked about in this particular thread can be added (and removed: see Sony and
otheros without the legal argument) at any time they want.

We (consumers) may very well get the user-conveinence features being talked
about here.. someday.

But the Switch's security model has been defeated as of Firmware 3.0.0 and it
is unlikely that it'll ever fully recover. (If a 1st or 2nd stage bootloader
exploit is discover, then s/unlikely/never.)

~~~
slipstream-
>update to 3.0.0 and stay there

fun fact: the mentioned kernel/trustzone bugs only exist in 1.0.0...

------
Toast_25
I'm getting a page not found. Did it die?

------
0throwaway42
I bought a couple of games from ebay once. I thought it would be the serial
codes to input in the store, but the seller had me create a new Nintendo
account and send him the name.

They added funds to the account and bought the games themselves and told me to
play from other accounts. Then I realized it might had been carding.

The games downloaded and worked fine. After some weeks the bad account has an
admiration sign in it's icon and I can't log into the store with it, but the
games still work and even get updates.

IIRC, the 3DS had the record of which games were bought tied to the console
instead of the account, which made it easy for pirates to download the games
once the console was jailbroken. It seems to be the same route for the Switch.

------
bugmen0t
Funny how the first item in an exploit chain is always WebKit for.. those
devices.

~~~
IntelMiner
Browsers are extremely complex pieces of software for everything they can do
today

Likely it's simply prohibitive (and a poor user experience) to track WebKit
upstream and deploy firmware updates every time a vulnerability in the engine
is patched

------
mariusmg
The "bypass the SMMU" part was so funny :)

------
juancn
I wished these guys would use youtube for videos. The streaming sucks.

------
cheschire
interesting video, but man that website hates 21:9 monitors.

~~~
tjoff
Surely you don't browse maximized?

~~~
neilsimp1
??? Why wouldn't anyone browse maximized?

~~~
pjc50
If your monitor is larger than your field of vision, having anything maximised
is just a pain.

