Tegra X1

You've probably seen in the mainstream news this week that a serious security flaw has been found in the way most modern CPUs work. Devices are already being patched, but come with a cost of a performance loss.

The exploits have been confirmed by Apple to affect both their Intel based devices and ARM-based iOS devices. With Nintendo Switch's Nvidia Tegra X1 system also using an ARM-based CPU, it seems to be likely that Nintendo Switch will be vulnerable to the techniques.

Essentially both exploits dubbed "Meltdown" and "Spectre" allow an attacker to read parts of the system memory that they ordinarily wouldn't be allowed to read. This is possible through clever manipulation of a CPU feature known as "speculative execution" which is common across many different CPU designs.

The bug happens when a set of instructions are sent to a CPU and it speculates the result of one instruction, so it can jump ahead and execute the next. These branch predictions are cached for speed and essentially "predict" outcomes to save time. Those caches are then vulnerable to attack, allowing attackers to gain access to things such as security keys. In the case of Nintendo Switch, these exploits could help hackers understand how Switch's security works and make things easier to run homebrew software.

Whilst this is primarily an issue for servers, it likely affects consumer devices too. Google, who discovered the vulnerabilities, along with other companies such as Apple and Microsoft have already issued updates to protect against these attacks. You can read about this on Anandtech.

The company behind the Nintendo Switch CPU, Nvidia, are currently preparing appropriate fixes:

Nvidia’s core business is GPU computing. We believe our GPU hardware is immune to the reported security issue and are updating our GPU drivers to help mitigate the CPU security issue. As for our SoCs with ARM CPUs, we have analyzed them to determine which are affected and are preparing appropriate mitigations.

When news first broke about the issue, speculation was that the fixes would potentially have a large performance loss, with some predicting up to 30% loss. However, more official responses have been given by both Apple and Google who both downplay this saying "[Meltdown] no measurable reduction in the performance of macOS and iOS", "[Spectre] impact of less than 2.5% on the JetStream benchmark" and  "deployed it on Google’s systems, where we have observed negligible impact on performance" respectively.

Whilst we're not claiming to have a definitive answer on the subject, it appears more than likely that the exploit will affect Nintendo Switch; however, the fear of it having a significant performance hit on games is a lot less likely.