Hacking Nintendo Switch bootrom dumped.

leonmagnus99

leonmagnus99

Well-Known Member
Member
Level 12
Joined
Apr 2, 2013
Messages
3,704
Trophies
2
Age
33
Location
Seinegald
XP
2,875
Country
Iraq
Super.Nova said:
For anybody bitching about this or any other similar, non-release news....
How about you waste your free time for a couple of years at a time over something you'll offer to countless people for free??
Or maybe donate to such developers so they could actually "develop?"

Besides, if you find this type of news bothersome, you're completely free not to waste more of your precious and highly valued time over it.

Also, you can't count to 10 without starting with zero and up from there.
This may very well be a 3 or 4 on this example but it's important progress nonetheless.
Click to expand...

very well put , well said my dude.
we should give the devs. more credit..

(btw. funny location edit ,suppression.. XD)
 
Joom

Joom

 ❤❤❤
Member
Level 16
Joined
Jan 8, 2016
Messages
6,067
Trophies
1
Location
US
Website
mogbox.net
XP
6,077
Country
United States
Super.Nova said:
For anybody bitching about this or any other similar, non-release news....
How about you waste your free time for a couple of years at a time over something you'll offer to countless people for free??
Or maybe donate to such developers so they could actually "develop?"

Besides, if you find this type of news bothersome, you're completely free not to waste more of your precious and highly valued time over it.

Also, you can't count to 10 without starting with zero and up from there.
This may very well be a 3 or 4 on this example but it's important progress nonetheless.
Click to expand...
You seem to misunderstand that the relationship between developers and the masses is symbiotic. This kind of work is for the developer and them alone. It looks great on a resume, and the byproduct of that is the kiddies get their toys at some point. My point is that they don't care about the whining, and white knighting for them is redundant. The developer benefits way more than the people you're trying to ward off.
 
Last edited by Joom,
V

V-Temp

Well-Known Member
Member
Level 8
Joined
Jul 20, 2017
Messages
1,227
Trophies
0
Age
34
XP
1,342
Country
United States
Joom said:
You seem to misunderstand that the relationship between developers and the masses is symbiotic. This kind of work is for the developer and them alone. It looks great on a resume, and the byproduct of that is the kiddies get their toys at some point. My point is that they don't care about the whining, and white knighting for them is redundant. The developer benefits way more than the people you're trying to ward off.
Click to expand...

With the way a lot of the Switch checks are burned in at the factory (or updates later) and cuniq, a lot of the work the scene does may never be all that useful for the kiddies. At least not in the way they were used to or expecting from from the days of the WiiU/3DS... unless they want to get blacklisted permanently.

The switch will be a great(!) emulator for all sorts of older software, it will be a great brick for new stuff/online.

These updates are great for those who want to poke, but a lot of posters are hoping for things they may never have and every update that isn't that or every time they are reminded that 3.0.1+ is closed off along with its software, the more angry some of them become because they were spoiled by expectations from the 3DS/WiiU.
 
Last edited by V-Temp,
  • Like
Reactions: Istolla, TheCyberQuake, Joom and 1 other person
V

V-Temp

Well-Known Member
Member
Level 8
Joined
Jul 20, 2017
Messages
1,227
Trophies
0
Age
34
XP
1,342
Country
United States
peteruk said:
Based on that comment, are you ruling out completely discoveries working on newer firmwares Or is it simply a case of it just being too early to know atm ?
Click to expand...

The problem is that these low-level breaks still need a high-level 'open-door' so to speak. We're able to get deep into the system because lower firmware (1.0.0 especially, though now very limited) are so compromised that they basically have a revolving door. This is on the same sort of stage as "we have a kernel dump". Its great!... but we need to find things that are useful in it to make it actually useful. The kernel dump is really the most important achievement but its also months old, because it means we can find potential compromises that run upward (though can still be potentially fixed) but you also have to break the walls down around the kernel to get at a lot of things. The bootrom is a big one too (if there's stuff that isn't locked behind TZ, which no doubt will be... like the key encryption algo) but you'd need a way to leverage it on higher fw, otherwise you're still coming in from the top-down and then exploiting what you learn from the bootrom to inject yourself somewhere along the boot.

And, again, the Switch has a lot of hard-burned 'identity' that is console unique. That means Nintendo knows what is trying to access their servers, so they can always blacklist it permanently, and no one is going to give you their cuniq string (which is encrypted with keys in TZ).

Your general user isn't about to hotwire their switch to start injecting compromises through the USB-C, after all.

And, again, remember that daeken remains very negative on higher fw compromises!
 
Last edited by V-Temp,
  • Like
Reactions: Masterwin and peteruk
peteruk

peteruk

Well-Known Member
Member
Level 18
Joined
Jun 26, 2015
Messages
3,003
Trophies
2
XP
7,344
Country
United Kingdom
V-Temp said:
The problem is that these low-level breaks still need a high-level 'open-door' so to speak. We're able to get deep into the system because lower firmware (1.0.0 especially, though now very limited) are so compromised that they basically have a revolving door. This is on the same sort of stage as "we have a kernel dump". Its great!... but we need to find things that are useful in it to make it actually useful. The kernel dump is really the most important achievement but its also months old, because it means we can find potential compromises that run upward (though can still be potentially fixed) but you also have to break the walls down around the kernel to get at a lot of things. The bootrom is a big one too (if there's stuff that isn't locked behind TZ, which no doubt will be... like the key encryption algo) but you'd need a way to leverage it on higher fw, otherwise you're still coming in from the top-down and then exploiting what you learn from the bootrom to inject yourself somewhere along the boot.

And, again, the Switch has a lot of hard-burned 'identity' that is console unique. That means Nintendo knows what is trying to access their servers, so they can always blacklist it permanently, and no one is going to give you their cuniq string (which is encrypted with keys in TZ).

Your general user isn't about to hotwire their switch to start injecting compromises through the USB-C, after all.

And, again, remember that daeken remains very negative on higher fw compromises!
Click to expand...

Thanks for replying to me, I really enjoy reading your posts, I find them very interesting and look forward to the future of where all this is leading to, as long as I can hold off updating for Maro Odyssey.
 
Polopop123

Polopop123

Banned!
Banned
Level 4
Joined
Aug 21, 2017
Messages
271
Trophies
0
XP
367
Country
Ireland
XxShalevElimelechxX said:
I hope you're kidding, because if not, change your credit card info immediately.
Click to expand...
Im not, he’s a real trustworthy guy. He told me to download something from thisisnotavirus .com and now my computer is running slow but I’d say it’s just a coincidence. I also downloaded RAM from him and he only charged $50 a GB which is hella cheao
 
  • Like
Reactions: nobody231, Vorde, RitchieRitchie and 9 others
XxShalevElimelechxX

XxShalevElimelechxX

Well-Known Member
Member
Level 7
Joined
Mar 30, 2016
Messages
446
Trophies
0
Age
22
XP
1,163
Country
Israel
Polopop123 said:
Im not, he’s a real trustworthy guy. He told me to download something from thisisnotavirus .com and now my computer is running slow but I’d say it’s just a coincidence. I also downloaded RAM from him and he only charged $50 a GB which is hella cheao
Click to expand...
I've downloaded an 8K monitor and 128GB DDR5 RAM, and let's not talk about my 10EB of storage. :tpi:
 
  • Like
Reactions: nobody231 and BlastedGuy9905
Subtle Demise

Subtle Demise

h
Member
Level 13
Joined
Sep 17, 2009
Messages
2,583
Trophies
2
XP
3,805
Country
United States
V-Temp said:
Would require the Switch to boot the cart before the NAND, which just isn't a reality in the way the Switch works and goes into cart-ignoring RM before anything else. People really need to stop thinking about the 3DS.
Click to expand...
It'd be cool if there was a backdoor like there was on the 3DS. Not to mention the Dreamcast and PS3. It's not beyond the realm of possibility, however very unlikely this time around.
 
  • Like
Reactions: BlastedGuy9905
kevin corms

kevin corms

Well-Known Member
Member
Level 9
Joined
Feb 21, 2015
Messages
1,015
Trophies
0
Age
40
XP
1,780
Country
Canada
Subtle Demise said:
It'd be cool if there was a backdoor like there was on the 3DS. Not to mention the Dreamcast and PS3. It's not beyond the realm of possibility, however very unlikely this time around.
Click to expand...

There's always a backdoor, only Apple has claimed their devices didnt have one (Apple kind of does what they want to an extent). That being said, it doesnt mean the backdoor is easily found.
 
Last edited by kevin corms,
  • Like
Reactions: TotalInsanity4

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Crosscode Hacking thread

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

switch change sd card, but android start fail

General chit-chat
Help Users
  • No one is chatting at the moment.
    K3Nv2 @ K3Nv2: Lmao that sold out fast +1