[userbinator]

In the FAQ, Temkin says she has previously notified Nvidia and vendors like Nintendo about the existence of this exploit, providing what she considers an "adequate window [for Nvidia] to communicate with [its] downstream customers and to accomplish as much remediation as is possible for an unpatchable bootROM bug."

Why would you even want to do that...? Money? Fame? As I've heard it said memorably, "would you tell someone who takes you hostage and locks you up, that the lock is actually trivial to open?" This is just further evidence of a fact I've noticed for a long time: a lot of security researchers are pro-DRM, pro-corporatocracy authoritarians, and their vision of "more secure" is a dystopian nightmare.

I still remember the good old days, when the hacking/cracking scene was entirely composed of people doing it for the freedom, with no do-gooding snitches to worry about...

10 years ago, if you shared a way to bypass a DRM scheme in the right places, it would live on for a long time. Now, it's more likely that some bastard is going to report it and get it patched in days to weeks.

[asiekierka]

The exploit concerns most Tegra chips currently on the market, not just the Nintendo Switch. Those are used in, for example, cars. I believe that was part of the reason.

Not to mention, it's not patchable without a hardware revision, so sharing it privately before sharing it publicly, while strongly hinting at that it's not patchable without a hardware revision (which has been done) has the same effect in practice for those wanting to escape Nintendo's jail, while letting those who use the Tegra in security-sensitive environments prepare adequately.

[Someone1234]

This exploit has nothing specifically to do with DRM, and compromises the entire root of trust chain on devices impacted (including devices which aren't locked down).

[userbinator]

Given that the DRM is precisely about stopping owners from controlling their devices fully, I'd say it's pretty relevant to this exploit being able to bypass that.

[dsfyu404ed]

>I still remember the good old days, when the hacking/cracking scene was entirely composed of people doing it for the freedom, with no do-gooding snitches to worry about...

>10 years ago, if you shared a way to bypass a DRM scheme in the right places, it would live on for a long time. Now, it's more likely that some bastard is going to report it and get it patched in days to weeks.

From the article it looks like someone else was trying to sell it so she put it in the open for free.

>The release also seems to be partially a response to Team Xecuter, a separate team that is planning to sell a modchip exploit that can allow for similar code execution on the Switch. Temkin writes that she's opposed to Xecuter's explicit endorsement of piracy and efforts "to profit from keeping information to a few people."

[userbinator]

If she truly wanted to make it free, why secretly tell Nintendo and nVidia first?

It's a cat-and-mouse game, and this mouse wants to tell the cat how to catch the other mice. In the old scene, you'd be branded a traitor for doing that.

[Jonnax]

"Why disclose this at all? Why not hold onto this in order to increase the number of affected Switch consoles?

Unfortunately, this bug affects a significant number of Tegra devices beyond the Switch, and beyond even the X1 included in the Switch. I can tell you, it wasn't fun to find a bug with such a broad impact; it significantly complicated the ethics involved.

In the end, given the potential for a lot of bad to be done by any parties who independently discover these vulnerabilities, I thought it best to disclose this immediately and under terms that ensured that the vulnerability reached the public quickly."

At the end of the day Tegra is used in a lot of places. Even cars. If there's a risk that someone could conduct a crime through through a firmware hack then that presents an ethical dilemma.

10 years ago there were few portables that you could run your own code on. Now there's things like the GPD Win.

All this homebrew stuff is a bit of fun and games at the end of the day. Calling someone a traitor because they decided to responsibly disclose a vulnerability is just childish.

[userbinator]

Even cars. If there's a risk that someone could conduct a crime through through a firmware hack then that presents an ethical dilemma.

If it was a remote exploit, I'd certainly agree about the ethical dilemma, but everything I've read suggests that this requires physical access.

As for being used in cars... don't get me started on what manufacturers are doing these days to stop repairs and modifications... just search "John Deere tractor hacking" to get a taste of what I mean (some articles and good discussion here on HN too.)

Calling someone a traitor because they decided to responsibly disclose a vulnerability is just childish.

It shows they cannot be trusted, and that they support the actions of companies who want to lock out users from the devices they own.

[Jonnax]

Sure. But at the end of the day Nintendo aren't some bad actor company that's forcing people to spend thousands in repair fees.

They make video games.

------

Trusted by whom? Essentially it's a group of internet hackers that are doing it for internet fame. Or in the case of others to make money off selling any hardware tools required.

"actions of companies who want to lock out users from the devices they own."

This doesn't really matter. When someone buys a Nintendo Switch they are aware that you can only use software from an official channel from the manufacturer.

It's not a sneaky action by them nobody is forced to use a Switch and its primary functionality is consuming entertainment products.

It's not like a router or tv set top box that you are forced to use.

Open hardware (in the sense of OS/software) is cheap and available today. If you don't want to be locked out of doing what you want to a device, then don't buy a locked down device.

[monocasa]

I mean, it's unpatchable in current systems, and the vendor would have it figured out quickly anyway. There's no reason not to go through responsible disclosure.

[DanBC]

For Nintendo to fix this they need to replace the IC.

They'd need to recall all the sold switches and replace the IC. And they need to specify a new IC for all future production, with some cost implication for new drawings and getting rid of stock.

[khedoros1]

Because the plan wasn't to make it free until she saw that someone else was planning to profit from it. I doubt she wanted it free; she wanted to spite the other group.

[fjsolwmv]

You can't be a traitor to someone you have no allegiance to.