Skip to main content

Nintendo Switch’s secret browser has a flaw that could lead to a jailbreak

Nintendo Switch’s secret browser has a flaw that could lead to a jailbreak

Share this story

The Nintendo Switch launched as a closed system without a preloaded web browser, which means hackers are definitely trying to find a way to jailbreak the device. Two hackers — @liveoverflow and @qwertyoruiopz — have published their work to break into the Switch and execute their own code. Their entire effort hinges on an unpatched WebKit exploit. Yes, you read that right. WebKit. Switch. Huh?

The Switch supports Wi-Fi and relies on WebKit to load “captive portal” webpages that give you access to public networks. Those captive portals are what you see when you try to log onto airplane Wi-Fi or a Starbucks network; they require some sort of login or acceptance of terms.

Given that this is the one clear place the Switch redirects to an external webpage, these hackers recognized it as an area rife for poking around. They found that the Switch is running an outdated version of WebKit with an already publicly disclosed vulnerability, which only requires them to compromise that captive portal page to execute their own code.

What’s really worth keeping in mind here is that Nintendo could have avoided this attack by just keeping up with Apple’s security updates. The company already patched this particular bug, but Nintendo built the Switch with the vulnerable WebKit version.

The attack shouldn’t scare you too much because if a hacker were able to compromise a Switch, they wouldn’t really gain much in the form of data. Still, they could theoretically turn it into a surveillance device. As @qwertyoruiopz emphasizes on his Twitter, this exploit is merely a proof of concept that requires more research. Maybe one day soon you’ll be able to jailbreak your Switch and use it like the Android gaming tablet you’ve always wanted.