GossiTheDog,
@GossiTheDog@cyberplace.social avatar

Pretty funny - Nintendo Network shut down today finally and Wii U and 3DS device support ended.

Pretendo, an effort to keep devices online via homebrew, kept quiet an SSL bug which enables them to spoof being Nintendo Network via just a DNS server change 🤣🫡
https://mastodon.pretendo.network/@pretendo/112238381209517548

asie,

@GossiTheDog The wild part is that this exploit was introduced in a firmware update in 2021, with seemingly no actual usecase other than to be exploited?

https://github.com/PretendoNetwork/SSSL/

"As of 5.5.5, CA's crafted in a specific way may take a newly introduced alternate path for verification. This allows for a CA's signature to not be verified correctly. Instead, the Wii U simply checks if the CA matches one already known by the system, but not the signature or contents of the CA. We have no idea why this change was made, as it does not benefit Nintendo at all. It almost feels intentional."

tomw,
@tomw@mastodon.social avatar

@GossiTheDog This is interesting because I bet Nintendo would still want to patch this, but also just turned off its capability to do so

Edit: this is a little speculative though as we can't be sure that the online services and OS update mechanism was so tied together as that

phi1997,

@tomw
Considering that they left Pokémon Bank on so you can transfer your Pokémon to Switch, I'm going to assume they still left patching on too.
@GossiTheDog

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • Durango
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • tacticalgear
  • khanakhh
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • everett
  • ngwrru68w68
  • kavyap
  • InstantRegret
  • megavids
  • cubers
  • GTA5RPClips
  • cisconetworking
  • ethstaker
  • osvaldo12
  • modclub
  • normalnudes
  • provamag3
  • tester
  • anitta
  • Leos
  • JUstTest
  • lostlight
  • All magazines
    •