Just ahead of Xectuers SX OS launch ScriesM warns users that Nintendo beefed up piracy detection on the Switch

[Master Disaster]

In an incredibly detailed Reddit post Switch hacker ScriesM (the guy making the public CFW) has warned users that Nintendo isn't messing around when it comes to piracy detection on Switches that are connected to the internet. If you pirate software on your console while it's connected to the internet Nintendo will know about it.

Quote

Hey, all.

 

After doing some research earlier today into how the Switch gains authorization to play a given game online, I learned that Nintendo has implemented some very strong anti-piracy measures in this regard -- they can actually perfectly detect whether a digital copy of a game has been legitimately purchased. I figured I'd make a post explaining the process, since it's pretty technically interesting.

So the first step is simple, your console pings a Nintendo server to check for a response, there's no point continuing if there's no internet access.

Quote

This step is pretty self-explanatory, but I'm including it for the sake of being thorough. Your console periodically connects to "ctest.cdn.nintendo.net", and checks the response for a special header -- "X-Organization: Nintendo". If that header is present, your console concludes it has access to the internet. Otherwise, it decides it doesn't -- it's really straightforward.

Before we proceed any further it's important to note that most of Nintendos online servers now require request authorisation via the users client certificate which is burned in at the factory and console unique.

Quote

On the Switch, only bugyo is unauthenticated -- every other server authenticates requests, and will reject any requests lacking the right client certificates. In addition, client certificates are now console-unique, and burned in at the factory. Client certificate private key data is stored encrypted using keydata only available to TrustZone (an isolated security-focused cpu core, which provides a cryptography API), and the ssl module retrieves it on boot by interfacing with the settings service to retrieve the encrypted data and then requesting that the spl module pass it to TrustZone for decryption via the "GenerateAesKek" and "DecryptPrivk" commands.

 

Note that unlike the 3DS, this means that Nintendo can tell what console makes a given request. This means Nintendo can block misbehaving user's certificates, leaving them permanently unable to use any of Nintendo's network.

Next is the point in the chain where banning actually occurs, Nintendo's servers determine if your user certificate is genuine and that the server is willing to issue a device authorisation token. If you get banned this is point where your console will be rejected.

Quote

This is one of the meatier bits of the online connection process. Nintendo has a special server for handing out device authorization tokens -- "dauth-lp1.ndas.srv.nintendo.net" (Device AUTHorization, and lp1 is the "live production" environment for retail online services). One thing that's important to note is that these tokens don't blanket-authorize all system operations -- they are handed out to specific parts of the system, specified by a client id in the token request. With that out of the way, here's how device authorization works:

 

    1)Your console connects to the dauth "/challenge" endpoint, sending up a "key_generation" argument informing the server what master   key revision your console is using.
   2)Dauth sends back as a json a random "challenge" string, and a constant "data" string.
    3)Your console treats the "data" string, decoded as base-64, as a cryptographic key source, and uses the SPL services to transform it with TrustZone only keydata and load it into an AES keyslot.
    4)Your console generates its authorization request data -- this is done by formatting the string "challenge=%s&client_id=%016x&key_generation=%d&system_version=%s" with the challenge string, the client ID requesting a token, the master key version, and the current system version digest.
    5)Your console calculates an AES-128 CMAC using the trustzone-only key it derived over its authorization request, appends "&mac=%s" to the request data (formatting with the url-safe base 64 encoded CMAC), and fires the request off to the "/device_auth_token" endpoint.
    6)If all goes well, dauth returns a token for your console. (If your console is banned, as one of mine is, you will instead receive an error message informing you that your console is not allowed to use online services).

 

This is a pretty effective custom scheme -- it requires, in order to get a token, that the requester be able to perform TrustZone-only cryptographic operations for the current system version. Provided TrustZone isn't compromised on the latest firmware, this is totally safe. TrustZone is, for better or worse, compromised on all system versions due to shofusel2, though. This means the only real benefit here is that dauth provides an ideal place for console bans to be implemented -- almost all interesting online functionality requires a dauth token of some kind, including purchasing and installing new games from the eShop, so consoles that get blocked here can't do much besides install system updates.

Next your online account credentials are checked, nothing to interesting here.

Quote

This is actually somewhat uninteresting, too -- there is nothing Switch unique here. Your console performs pretty bog-standard oauth authorization talking to "api.accounts.nintendo.com" -- this is the same process performed on a PC, and so I won't go into it in detail here.

 

The only meaningful upshot to this component is that it allows Nintendo to block specific accounts, and because all requests require a client certificate, any blocked account can be immediately associated to a console.

Now comes the important step, this is the one that allows Nintendo to check if your account is licensed to play the game you're playing and is very clever.

Quote

This is the really interesting component -- and it's where Nintendo's strongest security measure lies.

 

Like dauth, Nintendo has a special server for this -- "aauth-lp1.ndas.srv.nintendo.net" (Application AUTHorization). Going online in a game requires getting a token from the "/application_auth_token" endpoint. Here's how that works, at a high level:

 

    1)Your console gets a device authorization token from dauth for the aauth client ID.
    2)Your console retrieves its certification to play the title it's trying to connect online with, and sends that to aauth.
    3)If all goes well, aauth returns an application authorization token.

 

Now, that's not too complicated. But what's really interesting is the bit where your console retrieves its certification to play the title it's trying to connect online with.

 

Let me explain that in more technical detail for both cases:

 

Gamecarts

• If you are playing a gamecard, your certification is your gamecard's unique certificate. This is signed by Nintendo using RSA-2048-PCKS#1 at the time your gamecard is written, and contains encrypted information about your gamecard (this includes what game is on the gamecard, among other, unknown details).
• In the gamecard case, the data uploaded to aauth is "application_id=%016llx&application_version=%08x&device_auth_token=%.*s&media_type=GAMECARD&cert=%.*s", formatted with the title ID for the game being played, the version of the game being played, the token retrieved from dauth, and the gamecard's certificate (retrieved from FS via the "GetGameCardDeviceCertificate" command), formatted as url-safe base64.
• This code lives at .text+0x7DE1C for 5.0.0 account.

Digital Games

• Your certification for a digital title is your console's ticket. For more technical details on what's inside a ticket, see my previous post on the eShop/CDN (linked up above). The important details are that tickets contain the Title ID of the game they certify, the Device ID of the console they authorize, the Nintendo Account ID used to purchase them, and are signed by Nintendo using RSA-2048 (cannot be forged).
• In this case, your console talks to the "es" service, and sends a command to retrieve an encrypted copy of the relevant ticket along with the encryption key. This encryption is AES-128 CBC, using a key randomly generated via cryptographically-secure random number generation. The key itself is encrypted using RSA-OAEP 2048. To skip over some technical details, this is a one-way encryption which only Nintendo can reverse, so even if you obtained the output of the es command you would not be able to determine the encryption key being used (and thus couldn't decrypt the ticket).
• The data uploaded to aauth in this case is "application_id=%016llx&application_version=%08x&device_auth_token=%.*s&media_type=DIGITAL&cert=%.*s&cert_key=%.*s", formatted with the title ID for the game being played, the version of the game being played, the token retrieved from dauth, the encrypted ticket encoded with url-safe base64, and the encrypted key encoded with url-safe base64.
• This code lives at .text+0x7DE98 for 5.0.0 account.

And that's that (with the additional case where if the console fails to find a certificate, a special "NO_CERT" request is sent, but this is pretty irrelevant because sending a NO_CERT request gets your console banned). In both relevant cases, aauth validates the certification, and returns a token only if the certification is valid.

And the conclusion of all that is

Quote

These are extremely strong anti-piracy measures -- Nintendo did a great job, here.

 

In the gamecard case, Nintendo can detect whether or not the user connecting has data from a Nintendo-authorized gamecard for the correct title. This solves the 3ds-era issue of gamecard header data being shared between games. Additionally, there's a fair amount of other, unknown (encrypted) data in a certificate being uploaded -- and certificates are also linked to Nintendo Accounts when gold points are redeemed. Sharing of certificates should be fairly detectable, for Nintendo.

 

In the digital game case, Nintendo actually perfectly prevents online piracy here. Tickets cannot be forged, and Nintendo can verify that the device ID in the ticket matches the device ID for the client cert connecting (banning on a mismatch), as well as that the account ID for the ticket matches the Nintendo Account authorizing to log in. Users who pirate games definitionally cannot have well-signed tickets for their consoles, and thus cannot connect online without getting an immediate ban -- this is exactly how I would have implemented authorization for digital games, if I were them.

 

tl;dr: Don't pirate games

So there you have it folks, don't think Nintendo are gonna let what happened on Wii, DS & Wii U repeat again on Switch.

 

With all the cool homebrew coming out for Switch there's no need to pirate anyway, remember to pay for what you play.

 

[Master Disaster]

Why does the embedded link show the entire Reddit post?

[AskTJ]

Steps in the right direction.

[Master Disaster]

13 minutes ago, huilun02 said:

The DRM is strong with this one.

Will the Switch effectively be a brick if it has no internet access?

It can play offline and can still receive updates but cannot play online or access the eShop at all.

[Froody129]

Good for them. I think homebred should be allowed but unfortunately it often comes with piracy. Nintendo games are usually fairly priced and don't feel like you're bing milked for money so I strongly believe in supporting devs that create good games. Look at TW3 for example 

[Sauron]

What I want to know is, what about homebrew games and programs that aren't signed by nintendo? Are those detected as piracy too?

[Master Disaster]

10 minutes ago, Sauron said:

What I want to know is, what about homebrew games and programs that aren't signed by nintendo? Are those detected as piracy too?

I'm not 100% sure but I'd imagine the answer would be yes.

[Sauron]

4 minutes ago, Master Disaster said:

I'm not 100% sure but I'd imagine the answer would be yes.

So then the takeaway isn't "don't pirate" but rather "Nintendo are being stupid again".

[Master Disaster]

55 minutes ago, Sauron said:

So then the takeaway isn't "don't pirate" but rather "Nintendo are being stupid again".

Well I guess they got annoyed by the fact on DS and Wii U pirates were literally downloading games from Nintendos E Shop servers, patching them then installing them direct to the console as if they'd paid for them. Nintendo had no way of knowing if the user was licensed to play the game they were playing and no way of stopping them going online with pirated software either.

 

 

[Brooksie359]

1 hour ago, Sauron said:

So then the takeaway isn't "don't pirate" but rather "Nintendo are being stupid again".

Trying to stop people from pirating or at least punishing the ones that do is not really them being stupid. I mean that would be the equivalent of saying that cops are stupid for trying to stop crimes or arrest the ones that commit them. 

[Kukielka]

1 hour ago, Sauron said:

So then the takeaway isn't "don't pirate" but rather "Nintendo are being stupid again".

I have a feeling both of you havn't read the reddit post.

They can detect what game is running and whether the certificate of the specific game is already in use or not. They can also detect homebrew, however, they are aware that not all homebrew is piracy.

[Sauron]

1 hour ago, Brooksie359 said:

Trying to stop people from pirating or at least punishing the ones that do is not really them being stupid. I mean that would be the equivalent of saying that cops are stupid for trying to stop crimes or arrest the ones that commit them. 

If they punish you for running a homebrew game the equivalent would be arresting everyone in a shop because someone in it may or may not be a thief. Sure, you're going to catch the thief... but at what cost?

41 minutes ago, Kukielka said:

I have a feeling both of you havn't read the reddit post.

They can detect what game is running and whether the certificate of the specific game is already in use or not. They can also detect homebrew, however, they are aware that not all homebrew is piracy.

Are they? Their past actions wouldn't indicate that, and if they ignored games they don't recognize then all pirates would have to do is to change the game's identifiers - that's nothing new and basically just a crack. If they are going to differentiate I'd love to know how. The post doesn't mention it and as far as I can tell the method employed can't tell the difference between a pirated game and a homebrew app - they'd both be considered unsigned games and banned.

1 hour ago, Master Disaster said:

Well I guess they got annoyed by the fact on DS and Wii U pirates were literally downloading games from Nintendos E Shop servers, patching them then installing them direct to the console as if they'd paid for them. Nintendo had no way of knowing if the user was licensed to play the game they were playing and no way of stopping them going online with pirated software either.

Which is fine, but wouldn't excuse them for banning someone who runs homebrew apps.

[Kukielka]

3 minutes ago, Sauron said:

Are they? Their past actions wouldn't indicate that, and if they ignored games they don't recognize then all pirates would have to do is to change the game's identifiers - that's nothing new and basically just a crack. If they are going to differentiate I'd love to know how. The post doesn't mention it and as far as I can tell the method employed can't tell the difference between a pirated game and a homebrew app - they'd both be considered unsigned games and banned.

In the reddit post jump to "Gamecards" and "Digital games".

Most likely then can check whether a game identifier is already in use or not.

[ravenshrike]

2 hours ago, Sauron said:

What I want to know is, what about homebrew games and programs that aren't signed by nintendo? Are those detected as piracy too?

If the game/program you're trying to run doesn't attempt to either go online or just connect to Nintendo's servers(I'm unclear as to whether going online at all first requires authenticating with Nintendo servers) then it is not reported to Nintendo. Of course, they could easily figure out a way to run updates that regularly check all program certificates on the Switch, but at this point that's not what they're doing.

[Sauron]

2 minutes ago, Kukielka said:

In the reddit post jump to "Gamecards" and "Digital games".

Most likely then can check whether a game identifier is already in use or not.

Yes, I saw that. Are you telling me all I need to do to avoid the check is to say "hey, I don't have an identifier because I'm a totally legit homebrew app with definitely no piracy involved!"? What's far more likely is that anything that isn't signed by Nintendo will be rejected as piracy, which is dumb, and if not then this is completely ineffective (sure, you won't be able to play online with a pirated game, but you won't get banned for connecting the console to the internet...).

[Sauron]

1 minute ago, ravenshrike said:

If the game/program you're trying to run doesn't attempt to either go online or just connect to Nintendo's servers(I'm unclear as to whether going online at all first requires authenticating with Nintendo servers) then it is not reported to Nintendo. Of course, they could easily figure out a way to run updates that regularly check all program certificates on the Switch, but at this point that's not what they're doing.

Some parts of the post seem to indicate this happens periodically, although it's not clear whether the full check is performed every time - either way that wouldn't take much.

[Master Disaster]

12 minutes ago, Sauron said:

If they punish you for running a homebrew game the equivalent would be arresting everyone in a shop because someone in it may or may not be a thief. Sure, you're going to catch the thief... but at what cost?

 

Are they? Their past actions wouldn't indicate that, and if they ignored games they don't recognize then all pirates would have to do is to change the game's identifiers - that's nothing new and basically just a crack. If they are going to differentiate I'd love to know how. The post doesn't mention it and as far as I can tell the method employed can't tell the difference between a pirated game and a homebrew app - they'd both be considered unsigned games and banned.

 

Differentiation is easy, each game bought from the shop is issued a ticket which contains information such as the games ID code. These tickets are signed by Nintendo and as such cannot be faked though it is possible to boot Switch software that doesn't have a valid ticket using CFW.

 

Any homebrew software ran on the Switch has no ID code or ticket and therefore Nintendo can easily see it's unofficial.

 

4 minutes ago, ravenshrike said:

If the game/program you're trying to run doesn't attempt to either go online or just connect to Nintendo's servers(I'm unclear as to whether going online at all first requires authenticating with Nintendo servers) then it is not reported to Nintendo. Of course, they could easily figure out a way to run updates that regularly check all program certificates on the Switch, but at this point that's not what they're doing.

No one knows exactly what they're doing and it's unlikely we ever will. We know for a fact that tickets and certificates contain information we simply cannot decipher which must be getting used for something. Plus it's not exactly difficult to write every ID that's booted to a local DB then simply send the entire DB off for analysis if the console ever goes online.

[Sauron]

9 minutes ago, Master Disaster said:

Differentiation is easy, each game bought from the shop is issued a ticket which contains information such as the games ID code. These tickets are signed by Nintendo and as such cannot be faked though it is possible to boot Switch software that doesn't have a valid ticket using CFW.

 

Any homebrew software ran on the Switch has no ID code or ticket and therefore Nintendo can easily see it's unofficial.

What if I were to remove the ticket and ID code from the pirated game? I couldn't forge one but I definitely could remove one.

[mynameisjuan]

52 minutes ago, Sauron said:

If they punish you for running a homebrew game the equivalent would be arresting everyone in a shop because someone in it may or may not be a thief. Sure, you're going to catch the thief... but at what cost?

More like everyone in a shop wearing a large coat. Your metaphor would be to brick everyones switch, homebrew or not.

 

Im sorry but stereotyping is part of human nature. If most homebrew devices pirate games, then sorry to whoever homebrews legitimately. But blame the people pirating not nintendo. If people would stop stealing (and do not bring up the whole theft vs pirating argument) from developers, we would need this drastic of DRM. 

[Master Disaster]

2 hours ago, Sauron said:

What if I were to remove the ticket and ID code from the pirated game? I couldn't forge one but I definitely could remove one.

I'm really no expert, tbh I don't even know if my explanation was 100% accurate but I believe that games are hardcore to require a ticket before they'll boot at all.

 

The way the current piracy method works is you first signature patch the OS (remove the sig check so the OS will run games with invalid signatures) then you hit the eShop and download a free game or demo game. Next you get your ROM dump and place it on the SD card then you edit the ticket file of your free game and hex edit the game ID inside of it to match the game ID of your dump, this invalidate the certificate but that doesn't matter because of the sig patch. Now when you launch the free game on your console the CFW redirects it to the dump files on the SD and the switch plays the backup. AFAIK this is essentially exactly what SX OS also does only it's automated and the user doesn't have to edit tickets but I could be wrong, no one outside of Xecuter has ever seen SX OS let alone knows how it works.

 

It's important to understand that process, without the ticket the game simply won't load at all because it's coded into the game to check the ticket and certificate before launching.

 

When people create homebrew they just omit all the ticket and license code so it boots without one.

 

I still can't answer you about how Nintendo will treat homebrew though, only time will tell on that one (though they have already banned 3 homebrew devs including the creator of this reddit thread for using their console certificate to send unauthorised requests to Nintendo eShop download servers so yeah).

[Master Disaster]

On 18/06/2018 at 3:35 PM, Sauron said:

What if I were to remove the ticket and ID code from the pirated game? I couldn't forge one but I definitely could remove one.

Well we now have the answer to both your questions:

 

First to the one I quoted, you run an application with no certificate or an invalid certificate and connect to Nintendo's server you get banned, within 12 hours.

 

The question about how Nintendo will handle homebrew, well I can't say definitively however given Nintendo are banning games with no valid certificate information it's a fair assumption they'll also ban homebrew that has no certificate at all.

 

It does seem as though Pirates are getting slightly different ban types though. The homebrew devs who got banned for messing with Nintendo's CDNs reported not being able to connect to online games or the eShop while the pirates are saying they're banned from online but can still access the eShop fine.

 

GBATemp is blowing up from users who received SX OS yesterday, immediately took pirated software online and are now banned, it's kinda funny tbh.

 

[Sauron]

On 6/20/2018 at 9:58 AM, Master Disaster said:

The question about how Nintendo will handle homebrew, well I can't say definitively however given Nintendo are banning games with no valid certificate information it's a fair assumption they'll also ban homebrew that has no certificate at all.

 

It does seem as though Pirates are getting slightly different ban types though. The homebrew devs who got banned for messing with Nintendo's CDNs reported not being able to connect to online games or the eShop while the pirates are saying they're banned from online but can still access the eShop fine.

I figured as much, which means that homebrew devs are getting punished harder than pirates...?

[Master Disaster]

On 18/06/2018 at 3:17 PM, ravenshrike said:

If the game/program you're trying to run doesn't attempt to either go online or just connect to Nintendo's servers(I'm unclear as to whether going online at all first requires authenticating with Nintendo servers) then it is not reported to Nintendo. Of course, they could easily figure out a way to run updates that regularly check all program certificates on the Switch, but at this point that's not what they're doing.

Source? ScriesM himself has stated no one knows exactly how Nintendo are handling the online system and we probably never will. If you don't know for a fact what you're saying is true then don't say it, spreading false information is how people get banned.

 

To answer your question yes, connecting to Nintendo authenticates using the consoles certificate. When game carts connect online it authenticates using the games certificate. By using 2 different certificates it allows them to ban user accounts, eShop access or individual games all independently from each other as well as detect if games are pirated as a dump uploaded to the internet will have a certificate that Nintendo can blacklist and any user using that certificate is using pirated software. It's a very secure system imo.

 

11 minutes ago, Sauron said:

I figured as much, which means that homebrew devs are getting punished harder than pirates...?

About the same really. The devs that got banned all tried to figure out how to download titles directly from Nintendos eShop server using a valid console certificate they dumped from their own consoles. It makes sense Nintendo would ban them from accessing the eShop.

 

Assuming Nintendo can detect homebrew (and the truth is we're not 100% sure then can or do yet) it's likely they'll receive the same ban as pirates do, online play only. It's entirely possible they'll choose to ignore homebrew as long as it doesn't try to interfere with Nintendo online. It's too early to know yet.

[Trik'Stari]

On 6/18/2018 at 4:13 AM, Master Disaster said:

It can play offline and can still receive updates but cannot play online or access the eShop at all.

I foresee a DDOS in Nintendo's future lol

 

 

Take down the authentication system and boom everyone on the switch is screwed for online multiplayer.