Heads up, Nintendo Switch fans — you soon might be able to run custom ROMs on your Switch, or back up games to your own hard drives.
That's because the ReSwitched project thinks it has found an unpatchable security vulnerability in Nvidia Tegra chips that would let users run unauthorized code on the Switch. To get it to work, you'd need to short out one of the pins on the right Joy-Con connector, which forces the Nintendo Switch into USB recovery mode. At this point, you'd load the exploit.
The leader of the ReSwitched project, hardware hacker Kate Temkin, calls the hack "Fusée Gelée," French for "frozen rocket." That's because this is a "cold boot" exploit which involves injecting code just as the Switch starts up. Temkin plans to reveal all the details by June 15.
Temkin and the ReSwitched crew have been working on Fusée Gelée for some time, announcing the name of the hack more than two months ago. But today (April 23), Temkin posted further details about the hack on, noting that it's unlikely that existing Switches, or other devices that use older versions of Nvidia Tegra chips, can be patched. (Here's Temkin's FAQ about the hack.)
Temkin noted that she and her crew have fully notified Nvidia of the vulnerability, and that a rival Switch hacking group called Team-Xecuter were also working on the hack. She also responded on Twitter to a couple of joke photos of devices that could, in theory, put a Switch into USB recovery mode, including a piece of wire and what looks like a plastic paper clip.
Temkin is also working on a custom ROM for the Switch that she's calling "Atmosphère" (again with the French). Once it and the full version of Fusée Gelée are publicly revealed, it'll be open season on Mario.