Hackers show Nintendo Switch with graphical Linux interface

Hackers show Nintendo Switch with graphical Linux interface.

The failOverflow group already has several console hacks to their name, and if you’ve been following the news lately, you probably also know that the team found a bug in the Nintendo Switch’s bootrom. The team published in a photo last week that the exploit can be used to run Debian Linux on the Nintendo Switch. In addition, it would be a coldboot exploit, which would make it impossible for Nintendo to fix the bug with a software update.

Nintendo Switch with Linux

In a new video, we see that the team behind failOverflow has now also gotten the graphical interface working. We get to see how the hackers use a browser on the Switch, start an application to demonstrate hardware 3D acceleration and also the brightness of the screen can be changed. The team previously announced that they are using a bootrom bug for the coldboot exploit. That would mean that all Nintendo Switch consoles are vulnerable and Nintendo can only fix the bug with a new hardware overhaul, which will likely include a modified Tegra X1 soc from Nvidia.

Code execution is all the rage these days, but can your Switch do * this *? 😉 #switchnix pic.twitter.com/NMnBq61tOM

– fail0verflow (@ fail0verflow) February 17, 2018

Much information about the hack is not yet available and it remains unclear whether there are also plans for a public release of the hack. Should that happen, there is a good chance that homebrew will appear for the Switch, although at the same time it could also result in piracy. In any case, the hack does not require a modchip, which means that users of the Switch can probably easily perform such a hack themselves, provided it is made public.

More hacks in development

FailOverflow is not the only group that is working on a hack for the Nintendo Switch. Hacker Plutoo claims he will soon be releasing a launcher to enable homebrew on the Switch. Incidentally, the hack will not work on every Switch, because Nintendo has fixed the vulnerabilities after version 3.0.0. If you are still running an old firmware and want to use the hack, it is wise not to update your Nintendo Switch.

At the Chaos Communication Congress (34C3) in Leipzig, the hackers Plutoo, Derrek and Naehrwert showed how the various security methods of Nintendo have been circumvented. The full presentation can be seen on YouTube and explains how previously discovered exploits were used as a wedge to dig deeper into the Switch’s firmware. At one point, the hackers managed to figure out the timing of an important security check through the Switch’s memory bus. In addition, a field-programmable gate array (FPGA) was soldered to the Switch’s ARM chip to decrypt the secret key that can unlock all encrypted binaries.

The hackers also discovered that the ‘custom chip from Nvidia’ in the Switch is almost an exact copy of the standard Nvidia Tegra X1. By purchasing the $ 700 Jetson TX1 development kit, the hackers gained insight into the Switch’s hardware. There is also a section in the documentation for the X1 on how to bypass the SMMU (System Memory Management Unit). Based on this information, the hackers created a method to copy and write a modified kernel to the Switch’s working memory.