Some fallout from the early leak of The Legend of Zelda: Tears of the Kingdom appears to be taking place. As players are loading the game into emulators and playing them unofficially on their computers, prior to the launch date, Nintendo is taking action to prevent that from happening. Lockpick and Lockpick_RCM are homebrew tools that allow users to dump unique keys from their Nintendo Switch console, which are required for numerous Switch hacking-related programs, including the Ryujinx and Yuzu Switch emulators. While Lockpick has been around for years, Nintendo has reportedly decided to go after it, by issuing a DMCA takedown to the GitHub project page, igniting concern and discussion within the community.

At the time of writing, Lockpick_RCM's repository is still active, it could be due to GitHub providing a grace period following a DMCA notice. Twitter user Simon Aarons was made aware of the takedown, after forking Lockpick, and allegedly receiving an email from GitHub, on behalf of Nintendo of America's legal team, who asserts that Lockpick is "circumvention software that infringes Nintendo’s intellectual property rights. Specifically, the reported repository provides Lockpick to users. The use of Lockpick with a modified Nintendo Switch console allows users to bypass Nintendo’s Technological Measures for video games; specifically, Lockpick bypasses the Console TPMs to permit unauthorized access to, extraction of, and decryption of all the cryptographic keys, including product keys, contained in the Nintendo Switch. The decrypted keys facilitate copyright infringement by permitting users to play pirated versions of Nintendo’s copyright-protected game software on systems without Nintendo’s Console TPMs or systems on which Nintendo’s Console TPMs have been disabled. Trafficking in circumvention software, such as Lockpick, violates the Digital Millennium Copyright Act of the United States (specifically, 17 U.S.C. §1201), and infringes copyrights owned by Nintendo."

Shortly after this, Skyline Emulator, a Switch emulator for Android devices, made the decision to shut down development, via a post on their Discord Server. Since you need the keys dumped from Lockpick in order to run Skyline, the team behind the emulator is concerned that it means Nintendo will target them for also violating their copyright.

It is with great sadness that we bring you this news. Recently, Nintendo has issued a DMCA takedown notice against Lockpick RCM which will likely come into effect on Monday, Lockpick is a core part of legally dumping keys from the Switch. They claim that it circumvents their copy protection (TPMs) and therefore violates their copyright. We find ourselves in a position where we are potentially violating their copyright by continuing to develop our project, Skyline, by dumping keys from our own Switches.

The Skyline team will be making their incomplete source code public, at the very least, and will keep the emulator's GitHub page active. Other homebrew projects are rumored to have been hit with DMCA notices as well. Ryujinx's emulator team stated that they will not be shutting down, following worries after Skyline.

 

[godreborn]

Nintendo started to pay to hackers for discover the exploits since late 3DS gen in 2016, however fusee exploit cannot be patched.

I haven't hack my PS4 yet because I'm on latest firmware and I haven't established yet, it means I don't know about risks consequences, such as console ban and account ban, but I use Save Wizard to resign the saves and inject the edits in save files.

My last hack with Sony console was PS3 in 2011 but stopped install CFW after save resigners came out.

Sony removed the USB save transfer in PS5 (for PS5 games), so it means save resigners for PS5 would be unlikely unless we find a way, such as hack in backup storage or jailbreak the console.

My hacking with Switch has been established and I know about risks and consequences, such as rely on ban protection feature that Atmosphere provided to send error codes to SD card instead of NAND and run CFW offline, but when compared to PS4, I don't know about what would happen and I would need to learn.

You are welcome to teach me about hacking with PS4.

did you even read my last post? I'm not going to be dragged into a debate other this shit. I'm now ignoring you.

 

[JeepX87]

did you even read my last post? I'm not going to be dragged into a debate other this shit. I'm now ignoring you.

What? I'm not debating with you at all and I don't disagree with you on everything, but want to let you know about Nintendo started to pay to hackers in 2016, several months before launch of Switch and said about fusee exploit cannot be patched that is occurred in less than 16% of Switch out of 122 millions.

I'm definitely not few of other members that continue to object you multiple of times. *shrugs*

After all, it is your forum account and that's your decision, anyway.

 

[TomSwitch]

There are money that is theirs to loose ( don’t screw up too much and it’s theirs ) and there are money that no matter what they do they can’t win over. Lucky for them that people who complain loudly belongs to both group. There isn’t much they do that is going to change how much money they can earn from them. Don’t do anything and they will continue to earn from those who complain and still buy the game. The other group will never buy the game even when they can’t pirate it

As to having CFW it is actually good for Nintendo. I know a number of people who have many units of Switch, I suppose they won’t have that many units if CFW were not possible and they probably buy more game because of CFW too.

According to Google Switch attach ratio is 7.4, people with CFW is probably either well above that or zero. Those zero is going to be zero with or without CFW for those people

 

[ELY_M]

Nintendo is tasting their own medicine!!!!!!!!! I still wont buy their new zelda game.

 

[Henx]

Can we please stop using Github, owned by Microsoft - an US corporation? It is getting ridiculous at this point.

List of alternatives;
https://codeberg.org/ - Germany
https://framagit.org/ - France (by Framasoft)
https://gitee.com/ - China. Good luck taking this one down. Shitendo can't do sh*t against China
https://gitflic.ru/ - Russia. Good luck with this one also

GitLab is not an alternative, since it is US based.

 

[Marc_LFD]

Can we please stop using Github, owned by Microsoft - an US corporation? It is getting ridiculous at this point.

List of alternatives;
https://codeberg.org/ - Germany
https://framagit.org/ - France (by Framasoft)
https://gitee.com/ - China. Good luck taking this one down. Shitendo can't do sh*t against China
https://gitflic.ru/ - Russia. Good luck with this one also

GitLab is not an alternative, since it is US based.

Well, in that case might also want to avoid France and Germany due to their governments.

That leaves two options some may not like... China and Russia.

Speaking of Russia, there was a Russian torrent website I'd look for stuff and it was really good, but seems it was shutdown. It was "torlook" (I turned on a Russian VPN location and it's still down).

 

[Slluxx]

Can we please stop using Github, owned by Microsoft - an US corporation? It is getting ridiculous at this point.

List of alternatives;
https://codeberg.org/ - Germany
https://framagit.org/ - France (by Framasoft)
https://gitee.com/ - China. Good luck taking this one down. Shitendo can't do sh*t against China
https://gitflic.ru/ - Russia. Good luck with this one also

GitLab is not an alternative, since it is US based.

As much as you dont like it, it is the number 1 place to host your code, followed by gitlab. Telling people to host their code and releases somewhere else is basically asking them the equivalent of "Hey, do you want to have less features and a smaller pool of possible clients and contributors?" It simply doesnt make sense, especially if you have nothing to hide/fear.

So no, we can not.

Also, the only way you should distribute your sourcecode if you even remotely think you could get DMCA'd is hosting your own git instance, for example using Gitea, and not using some shady ass git service that might sell your login data or gets breached or whatever.

 

[Henx]

Well, in that case might also want to avoid France and Germany due to their governments.

That leaves two options some may not like... China and Russia.

Speaking of Russia, there was a Russian torrent website I'd look for stuff and it was really good, but seems it was shutdown. It was "torlook" (I turned on a Russian VPN location and it's still down).

DMCA is different in EU, not as easy to enforce as someone would think. Also emulation is legal. See:
https://gbatemp.net/threads/sys-patch-sysmod-that-patches-on-boot.633517/post-10381693

As much as you dont like it, it is the number 1 place to host your code, followed by gitlab. Telling people to host their code and releases somewhere else is basically asking them the equivalent of "Hey, do you want to have less features and a smaller pool of possible clients and contributors?" It simply doesnt make sense, especially if you have nothing to hide/fear.

So no, we can not.

Also, the only way you should distribute your sourcecode if you even remotely think you could get DMCA'd is hosting your own git instance, for example using Gitea, and not using some shady ass git service that might sell your login data or gets breached or whatever.

Remind you that open-source code is already public. The only data they can have on you is log your IP and your username.
As for the features, you are trading longevity with capabilities. It is up to the developers to assess how much they care about their code not being removed vs having less features.

In regards to self-host, I don't think every developer out there should host their own code ironically for the reasons you mentioned. Because there is no community, but also it takes time away from development (along with more costs). For teams like Yuzu that had the funds perhaps so, even then I would argue they should not do it. For everyone else is a bad advice.
Don't forget self-hosting must be done outside jurisdictions that enforce DMCA, which is also not an easy task.

 

[Slluxx]

Remind you that open-source code is already public.

Yeah? I dont really know what to make of this cause to me this sentence doesnt make much sense. Projects don't start as open source. Someone decides it, makes a repository and uploads the code. Obviously projects that currently are open source are already public lmfao. The negative points still apply if you switch platforms and are even worse when you start out on a lesser known one.

The only data they can have on you is log your IP and your username.

Wrong. They see your operating system, what browser you use, what plugins your browser has, which cpu you have, which gpu you have, battery percentage, what page you came from before visiting their site, they can measure your download/upload speed, to an extend see what socialmedia you are logged into, check your gyro and measure if you are walking or the phone is flat on a table, timezone, screen size, system fonts, and much more, creating a unique fingerprint of your device. (Here, a great example of the things that can be collected)

Aside from those things, they will also get all the data you provide on the login process, which might or might not contain your email, username, password and what not and even if they don't sell your data, you simply dont know how safe it is on their service.

but also it takes time away from development (along with more costs). For teams like Yuzu that had the funds perhaps so, even then I would argue they should not do it. For everyone else is a bad advice.

It takes literally 10 minutes to set up and has no cost (aside from electricity) if you host it on your own machine. Even a raspberry pi can handle it. You don't need a big server and you also have no cost of maintanance. All in all i can tell that you have no clue about this stuff.

I don't think every developer out there should host their own code ironically for the reasons you mentioned.

Nice strawman argument. I never said "every developer out there should host their own code". This is dumb and was never a point. I said you should host your own code if you fear DMCA, which only a fraction of projects out there do. If you host it yourself or decide to host it on an unknown platform in russia or china makes no difference in the people you will reach though. Completly invalid point. However the fear of breach or sold data is real.


BTW: The Digital Millennium Copyright Act is United States only. However copyright laws are international. WIPO (which DMCA is based on) protects intellectual property worldwide (191/193 (depends on the source) countries, except East Timor, Marshall Islands, Micronesia, Nauru, Palau, Solomon Islands & South Sudan). So you can't go around and host illegal code somewhere because it can still get taken down. DMCA's like nintendo sends out on github however have no legal relevancy in Germany etc.

https://en.wikipedia.org/wiki/Notice_and_take_down

In most EU countries at the national level, there are no explicit rules regarding notice of infringement, take-down process or counter notice and put back (statutory rules exist in smaller countries like Hungary and Finland). Where explicit rules do not exist (e.g. Germany), some aspects of notice requirements can be derived from common principles of law.[18] By nature, this lack of explicit rules results in a lack of clarity and legal certainty when compared to legal regimes with statutory rules (e.g. United States).

There obviously are rules against infringement but thats out of this scope.

 

[MaxiBash]

long winded discussions like these that aren't related to the core of the news is the reason why I'm glad the unwatch button exists.

 

[Henx]

Yeah? I dont really know what to make of this cause to me this sentence doesnt make much sense. Projects don't start as open source. Someone decides it, makes a repository and uploads the code. Obviously projects that currently are open source are already public lmfao. The negative points still apply if you switch platforms and are even worse when you start out on a lesser known one.

What doesn't make sense is what you wrote. So you want to collaborate without open-sourcing your code? You can, but I don't see any example of a public project doing it that way. Good luck with that. Might as well use pen and paper with travelling Pidgeons.

Wrong. They see your operating system, what browser you use, what plugins your browser has, which cpu you have, which gpu you have, battery percentage, what page you came from before visiting their site, they can measure your download/upload speed, to an extend see what socialmedia you are logged into, check your gyro and measure if you are walking or the phone is flat on a table, timezone, screen size, system fonts, and much more, creating a unique fingerprint of your device. (Here, a great example of the things that can be collected)

Again this is irrelevant. You are talking about data that is collected locally in your browser, which you can and should control. Use TOR, extensions in your browser (uBlock has filters for leaks like those you mention), etc. I also recommend CanvasBlocker, which protects you from fingerprinting many APIs.
EFF has suggestions for these (e.g. PrivacyBadger), you can have a look.

More importantly this data is already collected at the CDNs, which is used by all these. You better protect yourself anyway, and not relying on the goodwill of the server provider. Decentraleyes protects you from these (or the fork LocalCDN which is even better).
This unique fingerprint you are talking is an aggregation of many APIs used to query the browser. It is not an ID as in the social media cookies use to track you. And it is everywhere. Up to you to take steps to protect from it. Github is culprit of this too obviously, any suggestion otherwise and you are just being delusional!

You should familiarise yourself with the concepts before throwing shade on other people. PS: I work in infrastructure daily as sysadmin/SRE.

BTW: The Digital Millennium Copyright Act is United States only. However copyright laws are international. WIPO (which DMCA is based on) protects intellectual property worldwide (191/193 (depends on the source) countries, except East Timor, Marshall Islands, Micronesia, Nauru, Palau, Solomon Islands & South Sudan). So you can't go around and host illegal code somewhere because it can still get taken down. DMCA's like nintendo sends out on github however have no legal relevancy in Germany etc.

https://en.wikipedia.org/wiki/Notice_and_take_down



There obviously are rules against infringement but thats out of this scope.

You just confirmed what I said

 

[Slluxx]

What doesn't make sense is what you wrote. So you want to collaborate without open-sourcing your code? You can, but I don't see any example of a public project doing it that way. Good luck with that. Might as well use pen and paper with travelling Pidgeons.


Again this is irrelevant. You are talking about data that is collected locally in your browser, which you can and should control. Use TOR, extensions in your browser (uBlock has filters for leaks like those you mention), etc. I also recommend CanvasBlocker, which protects you from fingerprinting many APIs.
EFF has suggestions for these (e.g. PrivacyBadger), you can have a look.

More importantly this data is already collected at the CDNs, which is used by all these. You better protect yourself anyway, and not relying on the goodwill of the server provider. Decentraleyes protects you from these (or the fork LocalCDN which is even better).
This unique fingerprint you are talking is an aggregation of many APIs used to query the browser. It is not an ID as in the social media cookies use to track you. And it is everywhere. Up to you to take steps to protect from it. Github is culprit of this too obviously, any suggestion otherwise and you are just being delusional!

You should familiarise yourself with the concepts before throwing shade on other people. PS: I work in infrastructure daily as sysadmin/SRE.


You just confirmed what I said

Wowzers, ive never seen someone try so hard to deliberately misunderstand everything.

So you want to collaborate without open-sourcing your code?

No. Never said that.

Again this is irrelevant. You are talking about data that is collected locally in your browser, which you can and should control.

Can i remember you what you said initially?
"The only data they can have on you is log your IP and your username."

The data your browser sends them is part of that and counts just as much. Yes, you can avoid it but its not common practice to do so. Making snowflake cases doesnt change the point.

More importantly this data is already collected at the CDNs, which is used by all these. You better protect yourself anyway, and not relying on the goodwill of the server provider. Decentraleyes protects you from these (or the fork LocalCDN which is even better).
This unique fingerprint you are talking is an aggregation of many APIs used to query the browser. It is not an ID as in the social media cookies use to track you. And it is everywhere. Up to you to take steps to protect from it. Github is culprit of this too obviously, any suggestion otherwise and you are just being delusional!

Thanks for solidifying my point about NOT hosting somewhere else but hosting it on your own.

You should familiarise yourself with the concepts before throwing shade on other people

I dont see why. Nothing of that (specifically) had anything to do with anything we talked about previously. All you do is trying to sound smart and do whats called framing to not actually have to talk about the things i said (for example you having no clue about hosting git software or your awesome strawman argument).


Sorry but thats all of the attention im going to give you, since you are clearly trying to decieve and frame instead of actually accepting that the things you say are only half as smart as you think

 

[Dark_Ansem]

have the codes been re-hosted somewhere else?

 

[Subtle Demise]

Repeal the DMCA now

 

[smf]

Also emulation is legal.

"emulation is legal" doesn't help.

driving is legal, so why do you need traffic cops?