Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Piracy Emulation (Games) Nintendo

Nintendo Hits 127 Switch Piracy Tutorial Repos After 'Cracking' URL Encryption (torrentfreak.com) 28

An anonymous reader quotes a report from TorrentFreak: A popular GitHub repo and over 120 forks containing Switch emulation tutorials have been targeted by Nintendo. While most forks are now disabled, the main repository has managed to survive after being given the opportunity to put things right. Whether Nintendo appreciated the irony is unclear, but it appears that use of encoding as a protection measure to obfuscate links, was no match for the video game company's circumvention skills. [...] The Switch Emulators Guide was presented in the context of piracy, something made clear by a note on the main page of the original repo which stated that the tutorial was made, in part, for use on the /r/NewYuzuPiracy subreddit. Since the actions of Yuzu and its eventual demise are part of the unwritten framework for similar takedowns, that sets the tone (although not the legal basis) in favor of takedown.

When asked to provide a description and URL pointing to the copyrighted content allegedly infringed by the repos, Nintendo states that the works are the 'Nintendo Switch firmware" and various games protected by technological protection measures (TPM) which prevent users from unlawfully copying and playing pirated games. The notice states the repos 'provide access' to keys that enable circumvention of its technical measures. "The reported repositories offer and provide access to unauthorized copies of cryptographic keys that are used to circumvent Nintendo's Technological Measures and infringe Nintendo's intellectual property rights. Specifically, the reported repositories provide to users unauthorized copies of cryptographic keys (prod.keys) extracted from the Nintendo Switch firmware," Nintendo writes.

"The prod.keys allow users to bypass Nintendo's Technological Measures for digital games; specifically, prod.keys allow users to decrypt and play Nintendo Switch games in unauthorized ways. Distribution of keys without the copyright owner's authorization is a violation of Section 1201 of the DMCA." Nintendo further notes that unauthorized distribution of prod.keys "facilitates copyright infringement by permitting users to play pirated versions of Nintendo's copyright-protected game software on systems without the Nintendo Technological Measures or systems on which Nintendo's Technological Measures have been disabled." Since the prod.keys are extracted from the Nintendo Switch firmware, which is also protected by copyright, distribution amounts to "infringement of Nintendo Switch firmware itself."

Given that the repo's stated purpose was to provide information on how to circumvent Nintendo's technical protection measures, it's fairly ironic that it appears to have used technical measures itself to hinder detection. "The reported repositories attempt to evade detection of their illegal activities by providing access to prod.keys and unauthorized copies of Nintendo's firmware and video games via encoded links that direct users to third-party websites to download the infringing content," Nintendo explains in its notice. "The repositories provide strings of letters and numbers and then instruct users to 'use [private] to decode the lines of strings given here to get an actual link.' The decoded links take users to sites where they can access the prod.keys and unauthorized copies of Nintendo's copyright-protected material." The image below shows the encoded links (partially redacted) that allegedly link to the content in question on third-party sites. To hide their nature, regular URLs are encoded using Base64, a binary-to-text encoding scheme that transforms them into a sequence of characters. Those characters can be decoded to reveal the original URL using online tools.

This discussion has been archived. No new comments can be posted.

Nintendo Hits 127 Switch Piracy Tutorial Repos After 'Cracking' URL Encryption

Comments Filter:
  • Until the next key rotation. You ARE using a rotating keystore, right?
    • by GuB-42 ( 2483988 )

      The keys are updated for new game titles and new firmwares, but existing keys will always be able to decrypt existing games and firmwares.

      Extracting new keys is easy with a hacked Switch because of a variety of hardware vulnerabilities, it can't be fixed except by retiring vulnerable hardware.

    • The Nintendo Switch does have a rotating "keystore" [switchbrew.org]. Essentially, it's 32 encrypted keyblobs that were written at the factory. Each one using a unique constant as part of it's decryption process, and each one having more additional keys than the previous. While retaining the older ones. Nintendo doesn't use these at random. Rather, only one blob is in use at any given time, and it's set during boot. This allows Nintendo to push out updates that move to a new keyslot without loosing support for older titles.
      • Is possible to crack down and prevent some files from being (reasonably easily) distributed on the internet, but only if said files are big enough to require expensive infrastructure or lots of seeders, but here we're taking about a sub 100 kB text file that anyone can copy paste on every pastebin, forum post, attach in email, drop in discords...

        It's game over. The only potentially effective strategy would be to flood the internet with fake prod.keys to hide the real one, but good luck with that too.

  • On the other hand... (Score:4, Informative)

    by sabt-pestnu ( 967671 ) on Tuesday June 04, 2024 @08:13PM (#64523631)

    1) Cryptographic keys are not copyrightable. There can be no copyright interest in them.
    2) Publishing such keys is a first amendment issue. While Universal City Studios, Inc. v. Reimerdes [wikipedia.org] ruled that publishing "a software device" for circumvention is not allowed, publishing the key is different.
    3) even with the above, is that the hill you wish to die on? Lawsuits are expensive, and Nintendo can afford one.

    • Nintendo probably won't pursue it. They've tried before with the NES lockout chip and bailed out hard once the judge gave indication that their method's patent wouldn't be upheld to avoid setting precedent.

      Although that was with patents, a similar issue would come up here with copyright. The underlying material isn't copyrightable, just as the underlying patent in the NES case wasn't patentable. That degrades it to a property rights issue. Which Nintendo would also loose* as the keys in question are hard-
  • This made me wonder- I haven't heard of anyone publicly breaking or bypassing the Xbox One (or later) encryption yet. Is it the only major console still standing, or am I just way behind on my news? (I know the Xbox 360 and earlier were broken already.)

  • Who do not understand how the DMCA works. And continue to weaponize it inappropriately without repercussions. There needs to be legitimate punishments for failed, or straight up wrong, usages of the DMCA. Currently, any random person can generate a DMCA. The recipients may not scrutinize it that closely (though they definitely should), especially if they don't have the money to fight a perceived real DMCA.

I THINK MAN INVENTED THE CAR by instinct. -- Jack Handley, The New Mexican, 1988.

Working...