March 15, 2017
Share

What happens now that the Nintendo Switch has been hacked?

Just a few weeks after the release of the Nintendo Switch, an iOS hacker who goes by the name qwertyoruiop posted a photo claiming that he has hacked the newest game console by Nintendo. The photo released was of Nintendo Switch with its screen open, displaying the hacker’s name and the word “Done”. The hack was made possible with a simple browser exploit as qwertyoruiop revealed.

Inside Image_switch2

The hacker claimed that it was a fairly easy task: he just modified a hack originally used to “jailbreak” Apple iOS 9.3 devices and removed the iOS specific code from it. This was further corroborated by hacker LiveOverflow, who confirmed that the hack works and a proof of concept was released to the public. The hacker qwertyoruiop was said to be a hacker specializing in security circumventions of various versions of iOS and the Playstation 4 1.76 version hack.

the first line of defense against hacking has fallen. Now that there’s a precedent for it being hacked, hackers will be able to explore more easily the Switch’s OS for further exploits.

What’s surprising about this is that the Nintendo Switch wasn’t supposed to have a fully functional browser—at least none that an average consumer would know of. But, in order for the device to have access to WiFi networks with required registration, a sort of HTTP access is still needed and so it’s in this instance that the hidden browser appears. There are tools that can be used to hijack this hidden browser and divert it to other websites.

A widening hole

The hidden browser is based on popular Webkit technology, and Nintendo apparently used a dated and vulnerable codebase that has since been patched. Still, the first line of defense against hacking has fallen. Now that there’s a precedent for it being hacked, hackers will be able to explore more easily the Switch’s OS for further exploits.

The extent of the exploit is limited as Webkit hacks only allow access to “userland” where unofficial code can be executed but without tools to generate code. There’s no low-level access so the hack won’t really lead to custom firmware or piracy.

But with a user-level exploit, hackers are free to explore the Switch’s OS in detail, giving them an understanding of how the OS operates and to go even further, how it can be compromised.

Nintendo will likely respond to this with tightening their security through updates and patches to solve the problem. But the hack has given hackers a hole they can simply widen so we don’t know what exactly this means for the new device. It’s fairly possible for other parties to infringe on Nintendo’s intellectual property rights regarding the console’s source code and the various games that could be played on the device.