Nintendo Hits 127 Switch Piracy Tutorial Repos After ‘Cracking’ URL Encryption

Home > Anti-Piracy > DMCA >

A popular GitHub repo and over 120 forks containing Switch emulation tutorials have been targeted by Nintendo. While most forks are now disabled, the main repository has managed to survive after being given the opportunity to put things right. Whether Nintendo appreciated the irony is unclear, but it appears that use of encoding as a protection measure to obfuscate links, was no match for the video game company's circumvention skills.

nintendo-lock-sDriven by views, likes, and in some cases, a reasonable level of fame, around 2016 emboldened YouTubers threw caution to the wind with their ‘content acquisition’ tutorials.

Where there had once been a nod-and-a-wink, many ventured into the full-blown piracy tutorial arena. For good measure, they also marketed them as such.

While some claimed protection based on freedom of speech, many underestimated the implications of exercising that right on YouTube, a platform they did not own. The majority failed to appreciate the importance of framing and intent and, as predicted in 2018, YouTube’s 2021 response was inevitable.

Piracy Tutorials in 2024

On May 31, a popular GitHub repo containing Switch emulation tutorials found itself targeted by Nintendo.

According to a just-published DMCA notice, Nintendo’s main target was the Switch-Emulators-Guide repo and, by extension, over 120 forks.

A note from GitHub confirms that since most or all of the forks were infringing to the same extent as the parent repo, it processed the notice against 127 repos in total.


The Switch Emulators Guide was presented in the context of piracy, something made clear by a note on the main page of the original repo which stated that the tutorial was made, in part, for use on the /r/NewYuzuPiracy subreddit.

Since the actions of Yuzu and its eventual demise are part of the unwritten framework for similar takedowns, that sets the tone (although not the legal basis) in favor of takedown.

Violations of DMCA’s Anti-Circumvention Provision

When asked to provide a description and URL pointing to the copyrighted content allegedly infringed by the repos, Nintendo states that the works are the ‘Nintendo Switch firmware” and various games protected by technological protection measures (TPM) which prevent users from unlawfully copying and playing pirated games. The notice states the repos ‘provide access’ to keys that enable circumvention of its technical measures.

“The reported repositories offer and provide access to unauthorized copies of cryptographic keys that are used to circumvent Nintendo’s Technological Measures and infringe Nintendo’s intellectual property rights. Specifically, the reported repositories provide to users unauthorized copies of cryptographic keys (prod.keys) extracted from the Nintendo Switch firmware,” Nintendo writes.

“The prod.keys allow users to bypass Nintendo’s Technological Measures for digital games; specifically, prod.keys allow users to decrypt and play Nintendo Switch games in unauthorized ways. Distribution of keys without the copyright owner’s authorization is a violation of Section 1201 of the DMCA.”

Nintendo further notes that unauthorized distribution of prod.keys “facilitates copyright infringement by permitting users to play pirated versions of Nintendo’s copyright-protected game software on systems without the Nintendo Technological Measures or systems on which Nintendo’s Technological Measures have been disabled.”

Since the prod.keys are extracted from the Nintendo Switch firmware, which is also protected by copyright, distribution amounts to “infringement of Nintendo Switch firmware itself.”

Repo ‘Encrypts’ Links to Circumvention Tools

Given that the repo’s stated purpose was to provide information on how to circumvent Nintendo’s technical protection measures, it’s fairly ironic that it appears to have used technical measures itself to hinder detection.

“The reported repositories attempt to evade detection of their illegal activities by providing access to prod.keys and unauthorized copies of Nintendo’s firmware and video games via encoded links that direct users to third-party websites to download the infringing content,” Nintendo explains in its notice.

“The repositories provide strings of letters and numbers and then instruct users to ‘use [private] to decode the lines of strings given here to get an actual link.’ The decoded links take users to sites where they can access the prod.keys and unauthorized copies of Nintendo’s copyright-protected material.”

The image below shows the encoded links (partially redacted) that allegedly link to the content in question on third-party sites. To hide their nature, regular URLs are encoded using Base64, a binary-to-text encoding scheme that transforms them into a sequence of characters. Those characters can be decoded to reveal the original URL using online tools.


This type of encoding has increased in popularity in recent years since it’s believed that automated DMCA notice systems are more likely to pass by when no obvious URL exists in a web page. While in some cases that may still be true, it’s beyond clear that Nintendo’s notice here is the work of humans, even if a machine was responsible for finding the repo with the words ‘switch’ and ’emulators” in the title.

Repo Modifications, Original Stays Up

In line with GitHub policy, the repo was allowed to put right its transgressions to stay up. A number of modifications were made, including the removal of all encoded URLs and the references to piracy made on various pages. Most if not all forks were unable to take action in a timely fashion, so these were disabled by GitHub.

Finally, it’s worth noting that this was not a regular DMCA takedown notice; Nintendo sent a DMCA anti-circumvention notice for which there is no official counternotice process available. While on many other platforms a notice like that can be instantly and permanently terminal, GitHub said that it did not find sufficient information to determine a valid anti-circumvention claim.

It did find other valid claims, however, and that led to the outcome detailed above.


Popular Posts
From 2 Years ago…