Downgrade prevention has been a cat-and-mouse game between consumers and companies since the inception of remote updates. The Nintendo Switch adopts a worrisome-strategy of preventing firmware downgrades by permanently modifying your device every time it updates. While this isn’t a new concept (the Xbox 360 was doing it back in 2007), it is part of a greater effort to prevent end users from modifying their devices to their liking.
The Nintendo Switch use an Nvidia Tegra X1 SoC, which comes with a fuse driver. This allows it to programmatically blow fuses^aEURS-^aEURSpermanently modifying the device, making it impossible to revert to a previous state.
Despite being used in an anti-consumer manner, the technology is fascinating.
Every time someone say that a vulnerability is unpatchable I die a little.
Is a boot sector, you can update boot sectors remotely, they were saying it about the PlayStation 3, well, that happened , Xbox? done as well.
emuboy,
Yea, when Thom said “the technology is fascinating”, I expected the article to contain a lot more detail than it does.
As described in the article, the software is programmed to block it’s own execution if too many fuses are blown, but there’s no mention of what’s actually enforcing that those checks occur. I’d speculate that there’s some kind of cryptographic “chain of custody” where every piece of system code is signed by the preceding piece.
Assuming no implementation faults, cryptographic protections are effective and only code signed by the private key could be booted. However a real system often has implementation faults as was the case with the switch. Also, if we allow for hardware mods, virtually every secure implementation could be broken.
The way to make hardware attacks extremely difficult is to encrypt everything, including the hardware bus signals.
I think it’s BS that a company can legally implement a method of (remotely) damaging something you bought & own if they disagree with how you use it. There are other ways for companies to protect their interests aside of physically causing damage to your property. While we’re at it, updates of any kind should be optional, not forced. It’s not pro-piracy to say when people buy things they should have basic rights. Companies who make products people buy should never have a legal right to dictate what/where/when/how you use the things you buy. This kind of crap isn’t `anti-consumer`, it’s out-right hostile and selling booby-trapped products should be illegal.
What’s next, my car refusing to turn on because I was speeding? Consequences for using a steak knife to cut a sandwich instead of a steak?
Well, that’s the thing. The internet and strong crypto have been great for innovation, but corporations are using this technology to maintain control of products even after they’ve been sold. Since there’s no regulation to protect consumers in this area, it is dramatically changing our effective property rights. More and more we are buying devices that we are not given the keys for and cannot control. Because this is going unchecked, it will continue to get worse.
I’m afraid that legislators don’t have consumer interests at heart, and at least in the US, many are working for the corporations.
This issue REALLY gets under my skin, and I expect exactly nothing to be done about it for the reasons you mentioned. I’m a firm believer in `if I buy it, I own it` and the idea that some company can legally damage or exert control over my property if I don’t use `their` product exactly as they dictate, is infuriating. The fact that our elected representatives put bribes, payoffs and corporate interests first is infuriating. The idea that `if you don’t like it, vote them out` AKA replace one corrupt politician with another, is any kind of solution is a total joke (on us). I wish more people would stand up against this kind of abuse.
Systems of governance are, ultimately, largaly reflections of their populations …how many people would say “no” if given a chance to participate, get their slice of the cake?
Boy, it would be really fascinating if this went to trial (it probably won’t). Does using fuses as a form of write-once-read-many memory storage for bits constitute destruction of property? What if they instead used a tiny CD-R recorder locked in a box that got destroyed when opened or exposed to air?
Anyway, I always wondered why console manufacturers don’t just follow the TiVo model of owning the hardware and putting some of the price of the hardware in the online service subscription. They are already taking a loss selling the hardware.
Those devices are content delivery terminals basically.
Edited 2018-05-01 23:10 UTC