It's a cat-and-mouse game, and this mouse wants to tell the cat how to catch the other mice. In the old scene, you'd be branded a traitor for doing that.
Unfortunately, this bug affects a significant number of Tegra devices beyond the Switch, and beyond even the X1 included in the Switch. I can tell you, it wasn't fun to find a bug with such a broad impact; it significantly complicated the ethics involved.
In the end, given the potential for a lot of bad to be done by any parties who independently discover these vulnerabilities, I thought it best to disclose this immediately and under terms that ensured that the vulnerability reached the public quickly."
At the end of the day Tegra is used in a lot of places. Even cars. If there's a risk that someone could conduct a crime through through a firmware hack then that presents an ethical dilemma.
10 years ago there were few portables that you could run your own code on. Now there's things like the GPD Win.
All this homebrew stuff is a bit of fun and games at the end of the day. Calling someone a traitor because they decided to responsibly disclose a vulnerability is just childish.
If it was a remote exploit, I'd certainly agree about the ethical dilemma, but everything I've read suggests that this requires physical access.
As for being used in cars... don't get me started on what manufacturers are doing these days to stop repairs and modifications... just search "John Deere tractor hacking" to get a taste of what I mean (some articles and good discussion here on HN too.)
Calling someone a traitor because they decided to responsibly disclose a vulnerability is just childish.
It shows they cannot be trusted, and that they support the actions of companies who want to lock out users from the devices they own.
They make video games.
------
Trusted by whom? Essentially it's a group of internet hackers that are doing it for internet fame. Or in the case of others to make money off selling any hardware tools required.
"actions of companies who want to lock out users from the devices they own."
This doesn't really matter. When someone buys a Nintendo Switch they are aware that you can only use software from an official channel from the manufacturer.
It's not a sneaky action by them nobody is forced to use a Switch and its primary functionality is consuming entertainment products.
It's not like a router or tv set top box that you are forced to use.
Open hardware (in the sense of OS/software) is cheap and available today. If you don't want to be locked out of doing what you want to a device, then don't buy a locked down device.
They'd need to recall all the sold switches and replace the IC. And they need to specify a new IC for all future production, with some cost implication for new drawings and getting rid of stock.
