Nintendo Switch: Fail0verflow confirm boot exploit works on all existing units, no release announce
A few weeks ago, hacking team fail0verflow demonstrated they have a boot exploit on the Nintendo Switch. This is different from the upcoming 3.0.0 homebrew platform that was recently announced by Derrek et.al.
Today, Fail0verflow have given more details on that exploit, by confirming that it cannot be patched by Nintendo on existing models. In other words, all currently produced Nintendo Switch consoles are vulnerable to this hack and exploitable, and although Nintendo could potentially fix existing models (after the hack is disclosed) without a hardware revision, they apparently wouldn’t be able to release a patch online.
In case it wasn’t obvious, our Switch coldboot exploit:
* Is a bootrom bug
* Can’t be patched (in currently released Switches)
* Doesn’t require a modchip to pull offhttps://t.co/LLadlEmm44
— fail0verflow (@fail0verflow) January 16, 2018
However, Fail0verflow have not provided any release date for the hack. It’s actually very possible that they have no intention to release anything. In the past, Fail0verflow have been very careful to distance themselves from any release that could lead to piracy. For example for the PS4, they released patches in order to run Linux on the console about ayear ago, but without the kernel exploits required to actually run unsigned code. Late in 2016, they gave details on a kernel exploit for firmware 4.05, but that had been patched a long time ago by Sony, and not applicable to the latest firmware.
Therefore it would be a dramatic change of direction form Fail0verflow if they released this exploit. One scenario I could imagine is if some other group breaches the console’s latest firmware (for example Team Xecuter have promised a Nintendo Switch modchip to come for Spring), at which point Fail0verflow might feel it’s ethically ok to release their own.