May 7th, 2018, 21:21 Posted By: wraggster
An article from Eurasia which is sensible in these times of mega releases for the Switch:
This morning, after waking up a bit groggy, I checked my Twitter feed and it was like watching fireworks in reverse consisting of leaks, exploits, rushed releases and rage quitting hackers. You might wonder what triggered it all, so lets start with a little recap. Yesterday the Tegra X1 BootROM was released for Switch along with IDC debug info for IDA Pro, and various hackers started to play around with this including myself.
A few hours after this, not sure about the time frame, a bug for Tegra X1 was posted anonymously on pastebin.com (mirror). Quote: 'Tegra X1 RCM forgets to limit wLength field of 8 byte long Setup Packet in some USB control transfers. Standard Endpoint Request GET_STATUS (0x00) can be used to do arbitrary memcpy from malicious RCM command and smash the Boot ROM stack before signature checks and after Boot ROM sends UID. Need USB connection and way to enter RCM (Switch needs volume up press and JoyCon pin shorted).' Apparently this isn't just any bug, it's in hardware, and actually not possible for Nintendo to patch without releasing new console hardware.
The bug info somehow opened the floodgates; teams and individuals previously holding information regarding Switch suddenly released everything they had in a flurry. To name a few; plutoo, SciresM, ktemkin, and last but not least fail0verflow. The leaks and releases are still ongoing."
For more information and downloads, click here!
There are 0 comments - Join In and Discuss Here