>I still remember the good old days, when the hacking/cracking scene was entirely composed of people doing it for the freedom, with no do-gooding snitches to worry about...
>10 years ago, if you shared a way to bypass a DRM scheme in the right places, it would live on for a long time. Now, it's more likely that some bastard is going to report it and get it patched in days to weeks.
From the article it looks like someone else was trying to sell it so she put it in the open for free.
>The release also seems to be partially a response to Team Xecuter, a separate team that is planning to sell a modchip exploit that can allow for similar code execution on the Switch. Temkin writes that she's opposed to Xecuter's explicit endorsement of piracy and efforts "to profit from keeping information to a few people."
If she truly wanted to make it free, why secretly tell Nintendo and nVidia first?
It's a cat-and-mouse game, and this mouse wants to tell the cat how to catch the other mice. In the old scene, you'd be branded a traitor for doing that.
"Why disclose this at all? Why not hold onto this in order to increase the number of affected Switch consoles?
Unfortunately, this bug affects a significant number of Tegra devices beyond the Switch, and beyond even the X1 included in the Switch. I can tell you, it wasn't fun to find a bug with such a broad impact; it significantly complicated the ethics involved.
In the end, given the potential for a lot of bad to be done by any parties who independently discover these vulnerabilities, I thought it best to disclose this immediately and under terms that ensured that the vulnerability reached the public quickly."
At the end of the day Tegra is used in a lot of places. Even cars.
If there's a risk that someone could conduct a crime through through a firmware hack then that presents an ethical dilemma.
10 years ago there were few portables that you could run your own code on. Now there's things like the GPD Win.
All this homebrew stuff is a bit of fun and games at the end of the day. Calling someone a traitor because they decided to responsibly disclose a vulnerability is just childish.
Even cars. If there's a risk that someone could conduct a crime through through a firmware hack then that presents an ethical dilemma.
If it was a remote exploit, I'd certainly agree about the ethical dilemma, but everything I've read suggests that this requires physical access.
As for being used in cars... don't get me started on what manufacturers are doing these days to stop repairs and modifications... just search "John Deere tractor hacking" to get a taste of what I mean (some articles and good discussion here on HN too.)
Calling someone a traitor because they decided to responsibly disclose a vulnerability is just childish.
It shows they cannot be trusted, and that they support the actions of companies who want to lock out users from the devices they own.
Sure. But at the end of the day Nintendo aren't some bad actor company that's forcing people to spend thousands in repair fees.
They make video games.
------
Trusted by whom? Essentially it's a group of internet hackers that are doing it for internet fame. Or in the case of others to make money off selling any hardware tools required.
"actions of companies who want to lock out users from the devices they own."
This doesn't really matter. When someone buys a Nintendo Switch they are aware that you can only use software from an official channel from the manufacturer.
It's not a sneaky action by them nobody is forced to use a Switch and its primary functionality is consuming entertainment products.
It's not like a router or tv set top box that you are forced to use.
Open hardware (in the sense of OS/software) is cheap and available today. If you don't want to be locked out of doing what you want to a device, then don't buy a locked down device.
I mean, it's unpatchable in current systems, and the vendor would have it figured out quickly anyway. There's no reason not to go through responsible disclosure.
For Nintendo to fix this they need to replace the IC.
They'd need to recall all the sold switches and replace the IC. And they need to specify a new IC for all future production, with some cost implication for new drawings and getting rid of stock.
Because the plan wasn't to make it free until she saw that someone else was planning to profit from it. I doubt she wanted it free; she wanted to spite the other group.
>10 years ago, if you shared a way to bypass a DRM scheme in the right places, it would live on for a long time. Now, it's more likely that some bastard is going to report it and get it patched in days to weeks.
From the article it looks like someone else was trying to sell it so she put it in the open for free.
>The release also seems to be partially a response to Team Xecuter, a separate team that is planning to sell a modchip exploit that can allow for similar code execution on the Switch. Temkin writes that she's opposed to Xecuter's explicit endorsement of piracy and efforts "to profit from keeping information to a few people."