Nintendo Hits 127 Switch Piracy Tutorial Repos After 'Cracking' URL Encryption (torrentfreak.com) 28
An anonymous reader quotes a report from TorrentFreak: A popular GitHub repo and over 120 forks containing Switch emulation tutorials have been targeted by Nintendo. While most forks are now disabled, the main repository has managed to survive after being given the opportunity to put things right. Whether Nintendo appreciated the irony is unclear, but it appears that use of encoding as a protection measure to obfuscate links, was no match for the video game company's circumvention skills. [...] The Switch Emulators Guide was presented in the context of piracy, something made clear by a note on the main page of the original repo which stated that the tutorial was made, in part, for use on the /r/NewYuzuPiracy subreddit. Since the actions of Yuzu and its eventual demise are part of the unwritten framework for similar takedowns, that sets the tone (although not the legal basis) in favor of takedown.
When asked to provide a description and URL pointing to the copyrighted content allegedly infringed by the repos, Nintendo states that the works are the 'Nintendo Switch firmware" and various games protected by technological protection measures (TPM) which prevent users from unlawfully copying and playing pirated games. The notice states the repos 'provide access' to keys that enable circumvention of its technical measures. "The reported repositories offer and provide access to unauthorized copies of cryptographic keys that are used to circumvent Nintendo's Technological Measures and infringe Nintendo's intellectual property rights. Specifically, the reported repositories provide to users unauthorized copies of cryptographic keys (prod.keys) extracted from the Nintendo Switch firmware," Nintendo writes.
"The prod.keys allow users to bypass Nintendo's Technological Measures for digital games; specifically, prod.keys allow users to decrypt and play Nintendo Switch games in unauthorized ways. Distribution of keys without the copyright owner's authorization is a violation of Section 1201 of the DMCA." Nintendo further notes that unauthorized distribution of prod.keys "facilitates copyright infringement by permitting users to play pirated versions of Nintendo's copyright-protected game software on systems without the Nintendo Technological Measures or systems on which Nintendo's Technological Measures have been disabled." Since the prod.keys are extracted from the Nintendo Switch firmware, which is also protected by copyright, distribution amounts to "infringement of Nintendo Switch firmware itself."
Given that the repo's stated purpose was to provide information on how to circumvent Nintendo's technical protection measures, it's fairly ironic that it appears to have used technical measures itself to hinder detection. "The reported repositories attempt to evade detection of their illegal activities by providing access to prod.keys and unauthorized copies of Nintendo's firmware and video games via encoded links that direct users to third-party websites to download the infringing content," Nintendo explains in its notice. "The repositories provide strings of letters and numbers and then instruct users to 'use [private] to decode the lines of strings given here to get an actual link.' The decoded links take users to sites where they can access the prod.keys and unauthorized copies of Nintendo's copyright-protected material." The image below shows the encoded links (partially redacted) that allegedly link to the content in question on third-party sites. To hide their nature, regular URLs are encoded using Base64, a binary-to-text encoding scheme that transforms them into a sequence of characters. Those characters can be decoded to reveal the original URL using online tools.
When asked to provide a description and URL pointing to the copyrighted content allegedly infringed by the repos, Nintendo states that the works are the 'Nintendo Switch firmware" and various games protected by technological protection measures (TPM) which prevent users from unlawfully copying and playing pirated games. The notice states the repos 'provide access' to keys that enable circumvention of its technical measures. "The reported repositories offer and provide access to unauthorized copies of cryptographic keys that are used to circumvent Nintendo's Technological Measures and infringe Nintendo's intellectual property rights. Specifically, the reported repositories provide to users unauthorized copies of cryptographic keys (prod.keys) extracted from the Nintendo Switch firmware," Nintendo writes.
"The prod.keys allow users to bypass Nintendo's Technological Measures for digital games; specifically, prod.keys allow users to decrypt and play Nintendo Switch games in unauthorized ways. Distribution of keys without the copyright owner's authorization is a violation of Section 1201 of the DMCA." Nintendo further notes that unauthorized distribution of prod.keys "facilitates copyright infringement by permitting users to play pirated versions of Nintendo's copyright-protected game software on systems without the Nintendo Technological Measures or systems on which Nintendo's Technological Measures have been disabled." Since the prod.keys are extracted from the Nintendo Switch firmware, which is also protected by copyright, distribution amounts to "infringement of Nintendo Switch firmware itself."
Given that the repo's stated purpose was to provide information on how to circumvent Nintendo's technical protection measures, it's fairly ironic that it appears to have used technical measures itself to hinder detection. "The reported repositories attempt to evade detection of their illegal activities by providing access to prod.keys and unauthorized copies of Nintendo's firmware and video games via encoded links that direct users to third-party websites to download the infringing content," Nintendo explains in its notice. "The repositories provide strings of letters and numbers and then instruct users to 'use [private] to decode the lines of strings given here to get an actual link.' The decoded links take users to sites where they can access the prod.keys and unauthorized copies of Nintendo's copyright-protected material." The image below shows the encoded links (partially redacted) that allegedly link to the content in question on third-party sites. To hide their nature, regular URLs are encoded using Base64, a binary-to-text encoding scheme that transforms them into a sequence of characters. Those characters can be decoded to reveal the original URL using online tools.
Re: (Score:2)
I'm sure they're crying rivers having already received your money.
That said, at least not buying any more from them is a start. If people were truly upset about this they'd stop buying anything Nintendo. Just like if people were truly upset at Amazon they'd stop using it to buy things.
Re: (Score:2)
Dumping a platform controlled by a problematic publisher is a reasonable reaction. He's not going to be tempted to buy a Switch game ever again.
Re: (Score:3)
And selling it and the games second-hand might have decreased Nintendo by a sale or two. It's as close as you can get to unbuying something.
Re: (Score:2)
Why exactly is Nintendo problematic? Because it defends the investments of its shareholders and its partnering software houses?
Re: All of Nintendo's actions have caused me to (Score:5, Insightful)
That's the difference between being technically right and morally right.
Nintendo is technically right, and it'd say that regarding to yuzu and switch emulation, there's an argument to be made that they are morally right, since it's current hardware.
Where they are problematic and mostly wrong is when they go after fangames, especially when they leave them alone for years of development just to kill the project just before or after release.
When they shut down stores and servers for older hardware, making it impossible to access your purchases, unless you downloaded them before. And leaving you out of luck if/when your hardware dies.
When they go aggressively after emulation of obsolete hardware, without providing a legal way to play the games apart from tracking down an original snes and copy of the game (and learning Japanese because they were never arsed to localize that game anyway), from which they wouldn't make a dime anyway.
Re: All of Nintendo's actions have caused me to (Score:2)
1 and 3, yeah, we're talking about why Nintendo are assholes in general. The fact they act morally wrong in lots of areas means they lost lots of goodwill and thus don't get any support in cases where they may be morally right like here.
2. About the "large chunk" of games on NSO:
80 nes games out of 1386.
71 snes games out of 1738.
26 gb/gbc out of 1961.
17 gba games out of 1538.
34 n64 games out of 388.
45 megadrive out of 880.
That's not one would call a "large chunk". It's also not buying games, only renting th
Re: (Score:2)
How it relates to "defending investments" I have no idea.
Making a walled garden and curating the software side of the ecosystem allowed Nintendo to make sure that the video game crash of 1983 that almost killed Atari 2600 and harmed a multitude of serious developers that made games for it won't happen again. And yes, it is "defending investments", of developers and end users alike.
I'm not saying that walled gardens for computers are a good thing. But in the Apple case, when you're making computers for "the rest of us" it at least makes some sense.
Re: (Score:2)
So to clarify, you were totally a loyal Nintendo supporter and not pirating (infringing copyright, whatever) before. But now that they are cracking down on piracy, you have decided to be one.
Yeah, sure. Okay.
Key disclosure should be a short term problem (Score:2)
Re: (Score:2)
The keys are updated for new game titles and new firmwares, but existing keys will always be able to decrypt existing games and firmwares.
Extracting new keys is easy with a hacked Switch because of a variety of hardware vulnerabilities, it can't be fixed except by retiring vulnerable hardware.
Re: (Score:2)
Re: Key disclosure should be a short term problem (Score:2)
Is possible to crack down and prevent some files from being (reasonably easily) distributed on the internet, but only if said files are big enough to require expensive infrastructure or lots of seeders, but here we're taking about a sub 100 kB text file that anyone can copy paste on every pastebin, forum post, attach in email, drop in discords...
It's game over. The only potentially effective strategy would be to flood the internet with fake prod.keys to hide the real one, but good luck with that too.
Re: (Score:2)
This is a good start:
https://radicle.xyz/ [radicle.xyz]
Re: (Score:2)
Darknets can be easily stopped, if governments have the will for that.
Citizen, we noticed a large flow of data from your laptop that we couldn't identify. Until you provide us with the needed keys/passwords/software/whatever to access the data and ensure that it doesn't violate the law, you're staying in jail/being tortured/harvested for organs to cover our expenses . You don't have the keys? Too bad, now you have only yourself to blame for what will be done to you. Publicly, of course, to deter the next wo
On the other hand... (Score:4, Informative)
1) Cryptographic keys are not copyrightable. There can be no copyright interest in them.
2) Publishing such keys is a first amendment issue. While Universal City Studios, Inc. v. Reimerdes [wikipedia.org] ruled that publishing "a software device" for circumvention is not allowed, publishing the key is different.
3) even with the above, is that the hill you wish to die on? Lawsuits are expensive, and Nintendo can afford one.
Re: (Score:2)
Although that was with patents, a similar issue would come up here with copyright. The underlying material isn't copyrightable, just as the underlying patent in the NES case wasn't patentable. That degrades it to a property rights issue. Which Nintendo would also loose* as the keys in question are hard-
Other consoles (Score:1)
This made me wonder- I haven't heard of anyone publicly breaking or bypassing the Xbox One (or later) encryption yet. Is it the only major console still standing, or am I just way behind on my news? (I know the Xbox 360 and earlier were broken already.)
More Idiot Lawyers (Score:2)
Who do not understand how the DMCA works. And continue to weaponize it inappropriately without repercussions. There needs to be legitimate punishments for failed, or straight up wrong, usages of the DMCA. Currently, any random person can generate a DMCA. The recipients may not scrutinize it that closely (though they definitely should), especially if they don't have the money to fight a perceived real DMCA.