How the Nintendo Switch Security was defeated | MVG

Security is one of those amazing things. You can spend millions securing a system and forget the most simple of access points.
Like adding bars to windows but having the gap large enough to get through.

Modding systems is more important than ever before.
Especially now...
As backwards compatibility is being thrown to the wayside and digital storefronts (3DS, Wii, and Wii U) go permanently offline.

Nintendo's security model for the Wii and Switch are actually extremely advanced. The Wii had the Starlet, a dedicated security ARM coprocessor that would moderate all Wii hardware accesses in 2006. For comparison, Intel ME released in 2008, AMD PSP released in 2013, and the Apple T1 chip released in 2016.
Unfortunately, their implementation of RSA had a critical bug that completely nullified the security aspects of the Starlet for all intents and purposes. Even when the Trucha Bug was patched, AHBPROT was discovered which made it possible to restore the bug and it was ultimately futile.
As for the Nintendo Switch, well, current versions of Horizon OS (that is the internal name of the Nintendo Switch firmware) are the first of Nintendo's to have 100% flawless security on the software side. Unlike other console firmwares which are usually based off of FreeBSD, Nintendo's Horizon OS was fully developed in-house with a microkernel design. Even the hardware drivers run sandboxed as regular userspace programs, massively reducing the attack surface and making it possible to write a kernel that can perfectly maintain core OS security under every scenario, since the range of possibilities have been kept small enough at the core to make testing every single possible input to the security engine in depth (including testing all possible invalid inputs) a reasonable endeavor. This microkernel has been completely reverse-engineered, every single function and instruction has been combed through and deeply analyzed by the community, and there are zero vulnerabilities on it. This isn't zero known vulnerabilities, there are no software vulnerabilities, period. The sandbox simply cannot be broken once established using current available software and hardware methods and technologies. So finding bugs in games and even hardware drivers is useless, because there's no privilege escalation without a bug in privileged code, and no privilege escalation, no full system takeover.
Unfortunately (or rather fortunately for us), NVIDIA made three oopsies while designing the Tegra X1 that would go on the Switch and the NVIDIA bootROM Nintendo had to rely on. The first is fusée-gelée. The second is exposing the button pin that gets the bootROM in RCM state on the right Joycon rail so people wouldn't have to open up the console and do microsoldering to enter RCM mode. And the third oopsie and final nail in the coffin for Nintendo's security model is the CPU itself being vulnerable to voltage glitching, a physical manipulation of the Switch's power circuit where a very controlled electrical spike can make the CPU skip lines of code much like how an old car CD player would skip when you hit a bump in the road. These were all abused by hackers to skip right past the initial bootloader signature check and load a custom boot manager, breaking the security model extremely early in the Switch's startup sequence, long before any Horizon OS firmware code is ready to execute, and even longer before it could set up its perfect, impenetrable barriers.
But the story doesn't end here. And I hate that this next part doesn't get told more often. As it turns out, Horizon OS 5.0.0 would include a hardware exploit from Nintendo themselves, a curveball designed to counter fusée-gelée and prevent its use for piracy. They changed their key derivation processes, and then significantly modified the TSEC firmware code to halt the CPU if a modified version of Horizon OS was detected. It is impossible to run modern versions of Horizon OS without the TSEC or on the old TSEC firmware, because it needs the derived hardware keys the new TSEC firmware provides to decrypt all sorts of data. And hackers wouldn't be able to write a custom TSEC program, since the signature check for its firmware was actually never broken. This wouldn't stop modders from running other operating systems on the Switch with a fully disabled TSEC, but it was an effective patch against the unpatchable that would've stopped people from booting stock firmware > 5.0.0 under fusée completely... If the private Nintendo signature required to sign a Switch TSEC firmware with hadn't leaked to SciresM through an unknown channel. Truly a 'my uncle works at Nintendo' moment. If not for that, the Switch security model would still be fairly rigid on all fronts, and Horizon OS homebrew (not to mention piracy) on the system would still be extremely limited and practically nonexistent. As part of the microkernel research efforts, SciresM has written a reimplementation of the whole thing. This is a testament to both the Nintendo hacker community's stubbornness, and the microkernel itself being small enough for a single person to be able to wrap their head around it in its entirety. This custom kernel, now named mesosphére, is the default kernel used by the Atmosphére custom firmware. Atmosphére by itself doesn't provide any means to override the DRM enforced when running official Switch software. That job is left to the aptly named sigpatches, a set of separate, additional binary patches that the user has to install and which Atmosphére has no involvement with.
Modern Nintendo security is less about their own technical failures, and more about the extremely determined nature of their attackers, the obsessive, unstoppable fanbase they have.

You forgot a really important aspect of the story. Docs contained in the gigaleak reviled that Nintendo knew about the exploit before the switch was released to the market and was working on a patch with Nvidia.

MISTAKES WERE MADE.

Previously: Nintendo vs Tweezers
Now: Nintendo vs Paperclips

The total cost for adding a modchip has dramatically dropped recently (at least in China) thanks to the recent discovery that PIO on RP2040 (a general purpose chip that's extremely cheap) can reliably glitch the CPU, and open-source firmware has been released.

3DS has a VERY interesting hacking history. I hope I see it one day in this channel!

Absolutely love these kinds of videos from you. Love seeing how companies locked down their systems and how the fanbase blew the doors wide open again.

If I got a nickel every time a Nintendo console was cracked using a paperclip I would have 2 nickels. Which isn't a lot, but it's funny that it happened twice

I love how the Wii was compromised with a pair of tweezers and the Switch with a paperclip.

The first 5 seconds of an MVG video hit so nostalgic. Like an oldschool keygen song that's blasting max volume out of your speakers

A small inaccuracy - Mariko/Red Box Switches were not the first time the RCM exploit was patched. It was patched soon after release by including an updated bootrom from the factory that simply disabled USB access in RCM. (so called iPatched switches)
But it was Mariko that fixed it properly, by fixing the vulnerability that allowed unsigned code to be ran in the first place. Still, both variants of patched units have yet to have their RCM mode exploited so it seems both are equally secure.

the best series returned!! i simply love these security/mistakes were made series!! keep it up mate!

It’s funny how absolutely brutal Nintendo are on the homebrew and preservation community, in frankly unwarranted way, how easy they make exploiting each of their systems.

Finally a new security video. Please make more of these and piracy videos too. They are the best!

Pitty they have not been so quick to resolve the pro controller and joy con drift

The Nintendo Switch security measures are fascinating. I wish you had spoken more about the anti-hombrew measures within the OS and online. My first hacked Switch got banned from accessing any Nintendo servers online, and therefore I was banned from making purchases on the eShop. Seems counterintuitive to me, but clearly effective as a deterrent.

I'll be interested to see how the hacking scene develops for the later hardware revisions. It's unfortunate that there seems to be little effort going towards hacking those simply because the launch model exists.

The process for jailbreaking Nintendo consoles reminds me of the Lockpicking Lawyer breaking into his hotel room using nothing but a "Do Not Disturb" card.

To protect your privacy, you should willingly route all of your internet traffic through a random company's proxy servers. That way, you can have peace of mind that your ISP isnt spying on you, instead, we are.

Security and piracy: definitely my favourite MVG subjects!

The original unpatched Switches will forever hold a special place in homebrewing history.

I do secretly still hope that one day there will be a software based exploit for the Switch Lite even though that seems like a far away dream. That device just begs to be an amazing retro emulator.

Nintendo attempts to silence this video in 3... 2... 1...

I'll deal with the Switch the same way I did for Wii U- and it will depend on whether Nintendo provides forward compatibility support for their next Switch console. I have like a mini Steam collection of paid for games on Switch- if they jerk us around like they did for Wii U (expecting us to rebuy launch games again during the transition period at full price instead of offering an actual discount), I'll go ahead and defeat the security during my next winter break and download everything else I haven't purchased yet.

Users should never need to hack their own hardware. What you own shouldn't be locked nor controlled by the manufacturer

Im always more interested not only HOW the exploit works but WHY & how did they FIND the exploit? If possible could you try including the path taken to finding various console exploits? Im just curious of the mentality of the hackers who search for these treasures.

The nVidia Tegra family bootroms were part of the chip designs. Each would read some on chip fuse bits (PROM) to decide if and what digital signature to require on the first off-chip code loaded into on chip boot RAM .
The details were never properly documented, thus making it difficult to do recovery repairs on Tegra based phones and tablets from LG, Acer etc. I remember struggling for days to work around damaged flash sectors in a friends Acer tablet (even though the formula for converting its hardware serial number into the secret boot key had been published years earlier).

crazy you can emulate switch this early getting 1400p over 60 on pc

Kinda funny to think about how the amount of stock Nintendo Switch units and Wii U units that are softmod-ready are roughly the same (~15 million Switches vs. all 13.56 million Wii Us)

Any chance you could do a mini-update to this video and talk about Nintendos “software fix” to their hardware issue with their use of e-fuses?
I initially thought this is what you were going to chat about.
These exploits are always a game of cat and mouse. Don’t want you to risk your channel as I know how Nintendo can be. Would just love your impression on their attempt to software patch the hardware issue.
Lots of groups gave Nintendo massive props for even being able to do it! 😊

Should've called it Operation Paperclip.

Such a great security video as always!
Makes me feel like lucky one having unpatches switch.

I happened to get one of those RCM vulnerable units, and it’s served me very well with all the homebrew ports and emulation I could ever want in a tablet. Of course, I do have switch games on cartridges because I had this unit before the exploit was disclosed, but thanks to a decently sized MicroSD card I have gone more digital thanks to the eShop and retro community

Tired of paying for premium youtube and still have ads in video. 1:20

I still highly believe we are going to find a software exploit again in the future. We just haven’t found it yet.

MVG you have no idea how excited I am to hear about "How the Nintendo *Switch 2* Security was defeated"

Nintendo hates piracy but does nothing to better their consoles to fight against it.

Now waiting how Switch V2 and Oled security was defeated

the paperclip exploit was such a lucky mistake hackers exploited

i can remember buying a first gen switch about a year ago. i asked the poor guy in the shop to bring out all the switch they had in stock and i was stood there, checking all the serial numbers of each switch till a found one that was unpatched, and to this day i still have that switch and wont be selling it any time soon. its my portable retro gaming console, runs retroarch and thats about it

Joined this cannel because of the history of videogames security have been breaken, and here we are again. Without doubt this is the best content of the channel.

If I knew without a shadow of a doubt I wouldn't get banned I'd do this to my switch in a heartbeat. Certain things like backing up Pokemon Scarlet/Violet save data in the event of a corrupted save are huge benefits.

Then the Atmosphere became clear

Finally!! I really love all your videos on security. The old school strange anti piracy all the way up to the most "secure" heavy handed DRM methods. Thanks for finally covering the switch. Now let's pray Nintendo doesn't try to crap on it.

It's insane the amount of effort Nintendo put into the security of the Switch.
If only I could say the same about Joycon drifting...

I hope he covers the Modchip glitch hack for the switch in detail in the future, I know you mentioned it in passing but it might be interesting to showcase how it works in detail like how you did with describing the original Bootrom exploit.

And here I am with two OG Switches with me that were never hacked.

Great Video MVG! Video game preservation is becoming so important as physical copies of games are going by the wayside. Digital backup is an absolute must.

I think the biggest problem with the switch has been emulation. We never seen a console getting emulated so quickly and so well. 2 year after release games were already playable, with some even working well, and in 3 most games already working as intended.

if i had a nickel for every time a nintendo consoles security was bypassed by a small piece of metal , i would have two nickels, which isnt alot but its weird its happened twice

I loved modding my switch, but my switch is so old that it's started having serious issues, so I can't really play it much anymore. I wish it was easier to mod current year switches, like the OLED, without having to open the thing up and install a mod chip, because I'd love to have my OLED modable

Seeing gaming corporations repeat the same greedy, short-sidedness is disappointing and in the long run they lose brand loyalty that could make them so much more money.

The real scare came from hoping you did not ruin your joycon rail with the tinfoil

The best part of all this is that Nvidia used Comic Sans for their Tegra technical documentation

I held a presentation of this topic in my it class and got an A+ for it

Tonight I found out my Switch is one of those Lucky 15 million.

Some white box switches were patched like mine. Mistake you made.

When you hear that music in the intro .. you know the video is gonna be legendary.

The Switch OLED would be an emulation dream whenever they find an easier way to hack it

9:04 the mighty paper clip STRIKES AGAIN!

Okay, if nintendo name is in a video talking about security and home brew,
This means I will download this video before it gets deleted. 😂😂

I dont tend to mod my systems until they've reached the end of their life cycle. Generally too much hassle for not enough pay off, at least for me. The mini consoles were a nice change of pace because there were no system updates and they provided a nice hardware organization for my backup ROMs. 😊

Glad I got to see this before the inevitable Nintendo DMCA

The S in Nintendo stands for security

I don't know about "saving them from total disaster." The vast majority of people are simply going to buy a Switch and buy games legally. The effort required to run a modified Switch, keeping it up to date, and keeping your online capable sysnand and pirating capable emunand completely separate is just too much for your average user. There is a lot of technical know how that goes into keeping everything patched and up to date including Atmosphere, HOS, firmware, sigpatches, bootloaders, etc and so on. I just can't believe that this is something simple enough for most users.. especially to the level to be some type of catastrophic threat to Nintendo. This isn't something like the Dreamcast where literally zero technical know how is required. In that instance, the only thing you need is a copied game disc which you just pop into the tray and that's it. Yes, the process of ripping games and trimming them down to size was a bit technical but the majority of people could either just download a patched ISO from a release group and burn it or have one of their tech minded friends provide a copy for them. The Nintendo Switch situation is nowhere close to as simple as that.

Still rocking my launch switch! Don't plan on breaking it until the next Console is on the way.

i bought my switch knowing this was coming. kept it on 3.0.0 and offline. now i’ve got a first gen switch running current HOS on emuMMC with 3.0.0 still on the sysMMC with no efuses blown. feels like owning a unicorn.

It's always interesting to watch security related videos. Thanks for this one! 👌

the background music fits really well in all of these types of videos. great video overall well done MVG!

While a lot of people are happy keeping their launch Switch consoles and working homebrew on them, I feel like in the future people are going to find a soft mod method for all Switch revisions. Don't know how or if it's even actually going to happen (I'm not knowledgeable enough to say "yes" for certain), but people are stubborn enough to find a backdoor.

Gary Bowser was released from prison a few weeks ago. Can't wait for his next release lol

funny how almost every major security issue on the switch is the fault of nvidia

Still to this day, I can not believe that Team Xecuter leader turned out to be a man named Gary Bowser.

Nintendo doesn’t focus on game preservation is why there’s lots of motivation for hackers to mod their consoles since Nintendo is limiting their ability to play old games legally! My friend was to mod the Switch lite because he wants to add more games like from the GameCube that never got rereleased!

Even though I've heard this of course before along with every other mod that has happened throughout the years hearing you tell it, especially when you do a video on it, I always learn something new you have the best console mod TH-cam channel out there man. Im always thoroughly entertained by your descriptions! 🎉

The wii U was unsuccessful because most people thought it was an expensive accessory and not a whole new console. I just want to play the games I buy on my pc so that I can get a stable 60 fps and no stuttering.

The guys who discovered this exploit shouldn't have told anything to nintendo, it's hardware you own, you should be able to do whatever you want with it...

In my opinion, this is still the funniest way of jailbreaking a console yet.

"Security Researchers" Quite a fancy way to describe hackers.

Make a video on how the Steam Deck security was defeated.
- "there's none" *rolls credits*

I'm surprised there hasn't been an SD card exploit like the Wii, Wii U, DS, etc etc.

The 3DS held out for years before it was hacked, for actual 3DS games. What's funny about the switch is how fast a fully blown emulator came out. No new console in sight and yet we've been able to play Switch games on PC for over a year with very few problems AND they look much better! There's no point in even having a switch anymore. Plus the game run insanely fast. I have to lock them in at 60FPS because too many of them play over 200FPS which is way too fast.

you are missing new data on the MIG Switch and the upcoming UnlockSwitch , there is missing data on how they managed to get to the point of creating "real cart"

YEAH UNPATCHED V1 SWITCHS AND ATMOSPHERE CFW ON TOP!

I bought an RCM clip online that is way more reliable than a paper clip for $5 and it has worked flawlessly for 3 years. Even when I accidentally updated my switch to 16.0.0, I just redid the process and it still works. The only caveat is your switch has to be an older model also my console got permanently banned from online lol but it's still worth it as I wasn't playing online games anyway.

Be hackable is a feature, not a total disaster

The way the Switch was hacked reminds me of the Scene in LotR Two Towers when the Hornberg's wall was blown up.

It’s so crazy to me that something as simple and small as a paper clip got past the switch security

Stop buying consoles that only allow you to purchase games via digital store fronts while at the same time preventing the user from modding the console to allow backups. Stop supporting corporations that do this if you want to see change in the marketplace. Otherwise these companies are only going to get worse and worse to the point where you will have to pay a weekly fee just to turn the console on.

How I've missed Mistakes Were Made!

Funnily enough, I knew a decent amount about the Nvidia Shield K1 tablet, the general model line for the Switch, before the NX was even announced, as it was an option I was considering for a cheap portable gaming alternative as well as a useful tablet I would need for my schooling (since I no longer had a functional laptop I could use what with my craptop's keyboard giving out). The Switch made that idea obsolete, though, and I wound up just borrowing an old laptop to use for a while. It was awful.

Having a modded Switch is pretty neat, I really like being able to play game mods and unofficial software. As for piracy, just things that aren't being sold anymore or are being sold as an overpriced or inferior version. I don't pirate recent games personally, but I don't condemn doing so (besides indies) because I get it. Many of my fondest memories are of playing games on my Wii through CFG, and an R4 cart on my DSi. My family wasn't struggling financially (I was a bit spoiled if anything) but video games are expensive. So yeah, modding is cool for many reasons.

I recently got a Switch OLED and put my launch model switch into retirement. I'm thinking about using it to experiment with homebrew stuff and will be revisiting some of your older videos, MVG.

I think the game card slot is the angle of attack honestly.
I keep seeing game cards that have exposed tracers and wonder what it would take to rig something like a game genie then card that pretends to be legit then whatever card is plugged into that .
I'm sure youd need some sig key or some shit.

It's always the damn paperclip.

This is one of my favorite channels. It makes me so happy to hear you talk about hacking these consoles. I grew up buying Gamesharks and Action Replays for my Gameboys, N64, and Gamecube (all of which I still have because Game Stop wouldnt buy them from me, thank god). I think the original Xbox was my first console hack, doing the Mech Assault Soft Mod so that I could mod Halo 2. I was addicted. Since then I've added PSPs, PSVita, X360, PS3, (never modded my XB1 though), GameCube, DS, 3DS, all of my phones, and finally my Switch. Watching these gives me the weirdest nostalgia.

i swear i saw one person wrote about nintendo switch security being defeated by a paperclip.. and yet here it is

I'm all for people being able to run custom code on their machines. However, using these exploits for piracy is bad for all of us. If you like a game, support the people making it. If you are running emulation for things that aren't available, that's a whole different story.