Nintendo has been tackling videogame piracy for a very long time but a lot of water has gone under the bridge since the simplicity of the SNES-based Super Wild Card.
These days Nintendo has multiple attack vectors to cover, from bringing down commercial groups such as Team-Xecutor to blocking sites that distribute pirated Switch ROMs.
As a result, the Japanese gaming giant often finds itself taking action under the DMCA but as a case from late last week shows, that isn't necessarily straightforward. It involves so-called 'sigpatches', software tools that play an enabling role in defeating access controls.
Custom Firmware & Sigpatches – How We Got There
Firmware is a type of software that resides in non-volatile memory, with a PC's BIOS chip being an obvious example. Without reliable firmware, sophisticated computers, smartphones and consoles are unable to carry out their most basic functions, including the ability to boot up.
From a regular customer's perspective, firmware should be imperceptible and totally reliable. From a manufacturer's perspective, solid firmware means control and, when that company is Nintendo, control means the prevention of piracy and repurposing of hardware. When hackers remove original firmware and replace it with their own 'custom' firmware (CFW) containing new features, those usually include the ability to play code that hasn't been sanctioned by Nintendo.
Depending on technical ability and model owned, Nintendo Switch gamers have had numerous CFW options over the years, notably SXOS from Team Xecuter. While SXOS was popular, it was also protected by DRM. Atmosphère, on the other hand, is completely open source so can be built upon and improved over time.
So Atmosphère is a Piracy Tool? Not Quite
The philosophy of Atmosphère is easily misunderstood. On the one hand, it patches original Nintendo firmware to achieve its goals. On the other, its developers (SciresM, TuxSH, hexkyz, and fincs) don't promote Atmosphère for piracy but present it as an educational and 'ethical homebrew' project.
Despite this, many gamers see Atmosphère as a fast pass to piracy, but it's not that simple. Unlike SXOS, Atmosphère does not make it easy to run pirated Switch game files downloaded from the internet. Instead, users have to download additional files called signature patches (sigpatches) and load them into Atmosphère. When these components are positioned in tandem, Nintendo's signature checks are rendered useless and unsigned code can be run on the Switch.
Of course, nothing in the console modding world is straightforward. It will come as no surprise that people can get in a pickle with their sigpatches due to the need to keep them regularly updated, oftentimes in response to software on their devices getting updated.
Downloading sigpatches can be as simple as visiting a website and downloading a new batch or using an automatic tool such as Sigpatch-Updater by ITotalJustice. But again, console modding is not straightforward – especially when Nintendo is on the prowl.
ITotalJustice Gets DMCA Treatment From Nintendo
In addition to their updater tool, ITotalJustice also had a repo on Github offering .zip files of the latest sigpatches and compatibility advice. The files were very small considering their powerful functionality and very simple to download.
But after a pretty free run, this particular venture on Github has been brought to an end. In a DMCA notice sent by Nintendo of America to Github, the videogame company explains why the repo infringes its copyrights.
"The reported repository offers and provides access to circumvention software that infringes Nintendo's intellectual property rights. Specifically, the reported repository provides SigPatches to users," Nintendo writes.
"The use of SigPatches with a modified Nintendo Switch console allows users to bypass Nintendo's Technological Measures for downloaded digital games; specifically, SigPatches allow users to bypass the signature verification in the Game TPMs when a downloaded digital game is started."
Github redacted some details from the DMCA notice but it appears that Nintendo cited a statement from a different repo (AIO-Switch-Updater) to show that sigpatches "are patches required to launch unofficial .NSPs…", with NSPs being video game files for the Nintendo Switch.
"Trafficking in circumvention software, such as SigPatches, violates the Digital Millennium Copyright Act of the United States (specifically, 17 U.S.C. §1201), and infringes copyrights owned by Nintendo," the notice concludes.
As the above shows, Github took the repo down in response to the DMCA notice. Interestingly, however, it seems there may have been a slight difference of opinion, not over whether the repo should be taken down for infringement, but over the specific grounds on which it should be taken down.
Do Sigpatches Breach The DMCA's Anti-Circumvention Provisions?
"While GitHub did not find sufficient information to determine a valid anti-circumvention claim, we determined that this takedown notice contains other valid copyright claim(s)."
The above is a note from Github, posted together with Nintendo's DMCA takedown notice. Nintendo's legal team included a wall of text in the notice which lays out their claims for the removal of the sigpatches repo under 17 U.S.C. §1201. Why Github wasn't completely convinced based on the supplied information is unknown but it's not difficult to picture arguments for both sides.
Nintendo describes sigpatches as "circumvention software" and states that the distribution of sigpatches amounts to trafficking in circumvention devices, a violation of 17 U.S. Code § 1201(2).
Under § 1201(a)(2)(a) it could be argued that sigpatches are designed for the purpose of circumventing a technical measure controlling access to a work. Used in conjunction with Atmosphère they can indeed "avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner."
The owner in this case is Nintendo and the technical measure relates to Nintendo signature checks under 'Horizon', the codename for the Switch's system software. It's worth noting that sigpatches don't tamper with games directly but are tools that Atmosphère is able to use. In turn, however, Atmosphère needs Nintendo code to function and that code too is protected by 'technical measures'.
Under § 1201(a)(2)(b), the question is whether sigpatches have "only limited commercially significant purpose or use" other than to circumvent Nintendo's technical measures. Sigpatches are needed to launch .NSP files, the 'Nintendo Switch Package' format used by Nintendo for downloaded games, so the bigger question to be argued is what else can they do, other than defeat Nintendo's signature checks?
Under § 1201(a)(2)(c), there's a question to be answered in respect of intent. Are the sigpatches being marketed for use in circumventing a technological measure that effectively controls access to Nintendo's copyright works?
While these appear to be straightforward questions, the Nintendo Switch modding scene is one of organized chaos, with ad hoc groups attempting to solve all kinds of puzzles. For example, over on GBATemp there's a discussion on how users can create their own sigpatches (so in theory there would be no 'trafficking') but even that process requires other acts that could have implications under the DMCA.
Finally, it's worth remembering that if a recipient of a DMCA notice believes that notice was sent in error, they are entitled to file a counternotice to have the content reinstated. That raises another interesting question regarding this specific case.
Nintendo sent the takedown notice claiming a violation of anti-circumvention measures for which there is no counternotice provision. According to Github, however, the notice was processed on other grounds, which might mean that ITotalJustice is able to file to have the repo reinstated and then fight against Nintendo in court.
Of course, that's not going to happen so it seems likely that Nintendo will keep trying to take sigpatches down and the cat-and-mouse game will continue.
From: TF, for the latest news on copyright battles, piracy and more.
Over the past year, a group of independent movie companies filed a series of lawsuits 
No comments:
Post a Comment