Despite only launching around a week ago, the Nintendo Switch has already been hacked by an enterprising coder.
Hacker ‘qwertyoruiop’ has posted an image of what appears to be a Webkit (more on that later) exploit running on the Nintendo Switch. That’s not bad considering that the Nintendo Switch has only been available since March 3, and the fact that the console has suffered from severe stock limitations.
So how does it work? Well, developer LiveOverflow has published a proof of concept file that confirms there’s a sneaky way to break into the Nintendo Switch.
As some of you may be aware, the Nintendo Switch doesn’t have a proper web browser – at least, not one users can readily access. However, there is a secret built-in web browser that’s there for captive portal logins. That’s the browser that pops up when you’re trying to get on Wi-Fi at certain public hotspots in airports or hotels, allowing you to enter additional details.
This secret web browser is built on Apple’s open-source WebKit engine, which is the same engine that powers Apple’s Safari browser on Mac and iOS. The Nintendo Switch uses the same version that shipped with iOS 9.3, which was vulnerable to an existing exploit. Apple fixed this in iOS 9.3.5, but the Switch is still using an exploitable version.
Hackers have been able to tweak this existing Webkit exploit to offer an entry point into the Nintendo Switch internals. They’ll be able to use the browser to start examining the software and firmware make-up of the console. If hackers can get to the point where they can dump firmware libraries, it’s may be only a matter of time until someone finds a way to escalate privilege in the console and gain full access to the machine.
Once that happens, there’s a chance we could see Nintendo Switch game piracy, or possibly even security risks as a result of malware.
Related: Nintendo Switch vs PS4 vs Xbox One
What do you think of the Nintendo Switch? Let us know in the comments.