Here's the high level overview of the "updating a game on your console" process:
- Your console contacts Nintendo to see if there is an update available. It does this by contacting the "sun" (System Update Notification? Also a dual pun with the "beach/ocean" theme the servers have this time) and "aqua" servers, to see what the current system update for online is, and the required system updates are to go online. That these are different servers is why the "grace period" exists -- aqua updates a few days after sun, typically, and so even though your console knows there is a system update available it will not make you update to go online until aqua says you must.
- Once your console decides that it is allowed to go online, it contacts the "dauth" server (Device Authorization) in order to get an OAuth token required to use all of the other online services. This authentication process requires your console pass both the system version and a hardcoded, per-firmware hex string (?system_version=%08x&client_id=%s). These are both validated to be correct in order for your console to get a token.
- Once your console is authenticated, it contacts "pushmo", Nintendo's server for push notifications, downloading [your device ID].json. This describes new things that your console should download (updates, etc). Pushmo validates the token that gets sent to it.
- If there's an update (or if your console has specifically requested to update a title), your console will begin downloading it.
- Your console will download the CNMT (CoNtent MeTadata -- it's the equivalent of a TMD for the 3ds, but stored inside of an NCA) for the update from the "atum" server.
- Your console will decrypt and parse the CNMT, which lists the other NCAs. If an update has previously been downloaded, it will download a number of "Delta" NCAs, which will describe how to transform the already downloaded NCA content into the new NCA content (Because updates will often share the same titlekey, this can lead to some minor bandwidth savings. However, when new masterkeys release, they typically change the titlekey to a new one which causes this to be kinda pointless. You win some, you lose some). If an update has not been previously downloaded, the plain NCAs for the new content will be downloaded.
- Your console will check the NCA headers to see what Rights IDs are required to play the update. Rights IDs are essentially "handles" to titlekeys -- every rights ID corresponds exactly to one titlekey, globally. Typically, there is one Rights ID per (title ID, master key revision) combination. I'll also observe that that's pointless because titlekeys get transformed by master key-derived data when decrypted *anyway*, so they don't actually need to change the Rights IDs, but whatever.
- Your console will request from the CDN the tickets for those Rights IDs -- first it will try to obtain a common ticket, and then if that fails it will try to obtain a "personalized" ticket from "ecs" (ECommerce Services). Once both the contents are downloaded, and the tickets are downloaded, the update is installed.
Cool, so that's the process. Let's see why this thread is not possible:
First, your console must decide for itself that it's allowed to go online. sun and aqua both require your console's unique client cert to talk to, and use SSL -- you would need to
patch the SSL module to interfere with this process. But let's suppose that the author of the thread has done so, with some secret 4.1.0 hax that he has that I don't know about, for the sake of argument.
Your console must then successfully authenticate with the dauth server. This requires it to know secret information stored in sysmodule NSOs in the sysupdate. Thus, for you to do this, you would need to have both
patched the SSL sysmodule to disable verification, and
patched the system's authentication code to send the correct data and user agents. This would require you to have
dumped the code for the latest system update. You'll understand, I hope, if I simply do not believe you have done those things.
If you've done that patching correctly, the rest of the process should go totally smoothly -- you'd run into problems with "ecs", but since all updates use common tickets you don't have to worry about that.
However, your process is
not one you're claiming is based on secret 4.1.0 haxx. I do not believe you have developed the relevant system patches, nor that you've dumped the 5.x sysmodule code required to know the secrets you need to authenticate. Hence: this thread's claims are not possible.