The Nintendo Switch Already Hacked Through A Known Vulnerability
The Nintendo Switch launched as a closed system without a preloaded web browser, which clearly means hackers are definitely trying to find a tricky way to jailbreak the device. And two hackers - @liveoverflow and @qwertyoruiopz - have published their work to break into the Switch and execute their own code. Their entire effort hinges on an unpatched WebKit exploit.
According to The Verge, the Switch supports Wi-Fi and relies on WebKit to load "captive portal" web pages that give users access to public networks. Those captive portals are what people see when they try to log onto airplane Wi-Fi or a Starbucks network; they require some sort of login or acceptance of terms.
Given that this is the one clear place the Switch redirects to an external web page, these hackers recognized it as an area rife for poking around. They found that the Switch is running an outdated version of WebKit with an already publicly disclosed vulnerability, which only requires them to compromise that captive portal page to execute their own code.
As per VentureBeat, The hacker posted an image which shows a Nintendo Switch with a screen on it with qwertyoruiop's name and the word "Done." The Switch is sitting atop a laptop with some code on the screen. The breach was reportedly done via the browser that is on the Switch but currently hidden from users.
The attack shouldn't scare users too much because if a hacker were able to compromise a Switch, they wouldn't really gain much in the form of data. Still, they could theoretically turn it into a surveillance device. As @qwertyoruiopz emphasizes on their Twitter, this exploit is merely a proof of concept that requires more research. Maybe one day soon you'll be able to jailbreak peoples Switch and use it like the Android gaming tablet you've always wanted.
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!