Almost All Flash Kits Blocked Permanently

YayMii

YayMii

hi
Member
Level 5
Joined
Jun 24, 2009
Messages
4,916
Trophies
0
Age
28
Location
that place
XP
758
Country
Canada
Dimensional said:
I don't understand what they mean by IC. Integrated Chip? What do they mean by have Save IC and without save IC, and the burning of the FPGA board?

While I don't understand, I could understand why the SC DS2 isn't blocked. With it's own built in CPU, the moment you give it power it starts working. You don't need the DS to access the code on there manually. Turn the system on, card gets power, and starts workin on it's own. That means as soon as the 3DS powers up and starts reading the card, the DS2 is getting power and starting up on it's own. In those milliseconds, the 3DS is pinging and reading the responses from the card. All other cards can't fake the responses, and that's how they would be blocked. However, the DS2's CPU would receive those signals, and with it's own bios, it would be programmed to respond in a timely fashon and with the proper 'challenge responses' to trick the 3DS. The CPU gives the DS2 a hardware method of near 0-day bypassing.

Anyways, can I please be told what they meant by the IC and the burning of the FPGA board? Did the 3DS manage to find a way to overload the flashcarts, making them useless on every system?
Click to expand...
I don't really know much about the technicalities of how flashcarts work, but the way I'm interpreting it as is this:

1. Most cards don't have a proper bypass chip on them, so they can't function on the new 3DS firmware ever.
2. Many that do have said chip on them can't be rewritten due to the data being fixed by the "main control program", and this could only be changed by the manufacturer.
And this would mean all flashcarts are blocked save for the DStwo and whatever R4 clones that do have proper rewritable bypass chips.
 
Aurora Wright

Aurora Wright

Well-Known Member
Member
Level 14
Joined
Aug 13, 2006
Messages
1,550
Trophies
3
XP
4,500
Country
Italy
YayMii said:
Dimensional said:
I don't understand what they mean by IC. Integrated Chip? What do they mean by have Save IC and without save IC, and the burning of the FPGA board?

While I don't understand, I could understand why the SC DS2 isn't blocked. With it's own built in CPU, the moment you give it power it starts working. You don't need the DS to access the code on there manually. Turn the system on, card gets power, and starts workin on it's own. That means as soon as the 3DS powers up and starts reading the card, the DS2 is getting power and starting up on it's own. In those milliseconds, the 3DS is pinging and reading the responses from the card. All other cards can't fake the responses, and that's how they would be blocked. However, the DS2's CPU would receive those signals, and with it's own bios, it would be programmed to respond in a timely fashon and with the proper 'challenge responses' to trick the 3DS. The CPU gives the DS2 a hardware method of near 0-day bypassing.

Anyways, can I please be told what they meant by the IC and the burning of the FPGA board? Did the 3DS manage to find a way to overload the flashcarts, making them useless on every system?
Click to expand...
I don't really know much about the technicalities of how flashcarts work, but the way I'm interpreting it as is this:

1. Most cards don't have a proper bypass chip on them, so they can't function on the new 3DS firmware ever.
2. Many that do have said chip on them can't be rewritten due to the data being fixed by the "main control program", and this could only be changed by the manufacturer.
And this would mean all flashcarts are blocked save for the DStwo and whatever R4 clones that do have proper rewritable bypass chips.
Click to expand...
It's simpler: according to yellows8 the firmware now checks if the inserted card has a save chip (eeprom). Saves are hold on these chips on a retail card, and most flashcards don't have it, they patch the game executable to save directly to the microSD.
 
  • Like
Reactions: 2 people
Dimensional

Dimensional

Well-Known Member
Member
Level 11
Joined
Dec 7, 2008
Messages
1,008
Trophies
1
Age
34
Location
Texas
XP
2,792
Country
United States
YayMii said:
I don't really know much about the technicalities of how flashcarts work, but the way I'm interpreting it as is this:

1. Most cards don't have a proper bypass chip on them, so they can't function on the new 3DS firmware ever.
2. Many that do have said chip on them can't be rewritten due to the data being fixed by the "main control program", and this could only be changed by the manufacturer.
And this would mean all flashcarts are blocked save for the DStwo and whatever R4 clones that do have proper rewritable bypass chips.
Click to expand...
Ah. That would make sense. The CPU would count as the proper chip but it's rewritable, at least the bios is. All it would need is an update to the bios and a data file that the bios would link to at startup. The CPU is able to trick 3DS into thinking it has EEPROM.
 
KidIce

KidIce

Smart Ass
Member
Level 11
Joined
Dec 22, 2005
Messages
969
Trophies
1
XP
2,505
Country
United States
Dimensional said:
I don't understand what they mean by IC. Integrated Chip? What do they mean by have Save IC and without save IC, and the burning of the FPGA board?

While I don't understand, I could understand why the SC DS2 isn't blocked. With it's own built in CPU, the moment you give it power it starts working. You don't need the DS to access the code on there manually. Turn the system on, card gets power, and starts workin on it's own. That means as soon as the 3DS powers up and starts reading the card, the DS2 is getting power and starting up on it's own. In those milliseconds, the 3DS is pinging and reading the responses from the card. All other cards can't fake the responses, and that's how they would be blocked. However, the DS2's CPU would receive those signals, and with it's own bios, it would be programmed to respond in a timely fashon and with the proper 'challenge responses' to trick the 3DS. The CPU gives the DS2 a hardware method of near 0-day bypassing.

Anyways, can I please be told what they meant by the IC and the burning of the FPGA board? Did the 3DS manage to find a way to overload the flashcarts, making them useless on every system?
Click to expand...

IC stands for integrated circuit. Pretty much any chip you can think of is one. Think about laying out all the transistors and such needed for a chip on a bread board, those would not be integrated because they are not contained in one package. An integrated circuit in today's age has them all in silicon in one package.

It sounds like most flash cart manufacturers have not built the saver IC's into their FPGA's, and the unprotected space left is for not enough to create a saver IC there... When programing an FPGA you can chose what real estate is protected and what is not, most flash cart makers these days leave some of it unprotected so that you can flash it to combat updates from Nintendo. Thing is, most have probably only left what they felt was the minimum required unprotected. These are the carts that are blocked forever as they no longer have enough alterable real estate to build in the saver IC. Even if there is enough protected real estate, or some could be re-purposed to create the saver, only the manufacturer can alter protected space, hence the claim that the carts would need to be sent to the factory. Even if you have a JTAG you are going to need the keys to properly alter the protected space.

Apparently the SC team either has already created the saver IC on their FPGA or they left enough unprotected space to create one. My logic says the in-built CPU probably has nothing to do w/ it or the R4 that still works wouldn't. The problem is I see another way for Nintendo to block those carts that do have a saver IC on the FPGA, but I won't share... I don't want to give them ideas. I will say this, there is a finite list of exploitable games and if their next move is my idea (if they haven't already implemented it), that list just shrank a lot. Ultimately black listed headers coupled w/ the other two factors will pretty much kill DS flash carts on the 3DS if there is not enough unprotected real estate on their FPGA's.
 
  • Like
Reactions: 8 people
mysticwaterfall

mysticwaterfall

Streamforce Supreme Commander
Member
Level 5
Joined
Aug 11, 2008
Messages
1,874
Trophies
0
Location
Right behind you
XP
668
Country
United States
It's actually a preatty simple while very effective soloution. You have to wonder why they never tried it before.

Glad I upgraded to the DS2 when I got the 3ds. Even though I'm sure we will see new flashcards with the extra chip/space needed.
 
  • Like
Reactions: 1 person
Hells Malice

Hells Malice

Are you a bully?
Member
GBAtemp Patron
Level 20
Joined
Apr 9, 2009
Messages
7,122
Trophies
3
Age
32
XP
9,271
Country
Canada
Thank god there's no reason to even update the 3DS. Would be a pain if there was.
I think I last updated my 3DS about a month after I bought it...and I don't even know why I did it then either.
 
2ndApex

2ndApex

Well-Known Member
Member
Level 4
Joined
Jul 12, 2012
Messages
677
Trophies
0
XP
419
Country
United States
Hells Malice said:
Thank god there's no reason to even update the 3DS. Would be a pain if there was.
I think I last updated my 3DS about a month after I bought it...and I don't even know why I did it then either.
Click to expand...

There's the eShop, but most people don't use it for anything but demos.
 
TripleSMoon

TripleSMoon

GBAtemp's Umbran Witch in [T]raining
Member
Level 12
Joined
Feb 13, 2012
Messages
6,444
Trophies
2
Age
34
Location
Central NC
Website
twitter.com
XP
3,326
Country
United States
Hm... I sold my SuperCard DSTwo a while ago in favor of an R4 Gold, but never got around to it. Now I'm wondering if it's even worth it...

That said, I've been considering grabbing a DSLite for GBA games and easy flashcart use without any update mess anyway.
 
  • Like
Reactions: 1 person
NightsOwl

NightsOwl

Pays For Avatar Art (For some reason)
Member
Level 4
Joined
Jul 8, 2012
Messages
397
Trophies
0
Age
30
XP
391
Country
United States
Well, I've wanted to start buying all the stuff I've been pirating for all these years.

I'm gonna take this opportunity to do so. I'm too lazy to pay for a new card. I'll keep my Original R4 on my Lite for homebrew. Beat all the games I care about anyway.
 
N

nl255

Well-Known Member
Member
Level 11
Joined
Apr 9, 2004
Messages
3,000
Trophies
2
XP
2,802
Country
Dimensional said:
I don't understand what they mean by IC. Integrated Chip? What do they mean by have Save IC and without save IC, and the burning of the FPGA board?

While I don't understand, I could understand why the SC DS2 isn't blocked. With it's own built in CPU, the moment you give it power it starts working. You don't need the DS to access the code on there manually. Turn the system on, card gets power, and starts workin on it's own. That means as soon as the 3DS powers up and starts reading the card, the DS2 is getting power and starting up on it's own. In those milliseconds, the 3DS is pinging and reading the responses from the card. All other cards can't fake the responses, and that's how they would be blocked. However, the DS2's CPU would receive those signals, and with it's own bios, it would be programmed to respond in a timely fashon and with the proper 'challenge responses' to trick the 3DS. The CPU gives the DS2 a hardware method of near 0-day bypassing.

Anyways, can I please be told what they meant by the IC and the burning of the FPGA board? Did the 3DS manage to find a way to overload the flashcarts, making them useless on every system?
Click to expand...

Saver IC = the eeprom/flash chip that games used to store saved games.
FPGA = Field Programmable Gate Array, basically a CPU that can be completely reprogrammed (even with a completely different instruction set) with firmware updates.

From what I understand, if the game used (say, Danny Phantom) has a certain save chip (like 1M Flash) then the 3DS will check to see if the cart actually has a 1M flash save chip before allowing it to boot.
 
  • Like
Reactions: 1 person
Bowser-jr

Bowser-jr

Well-Known Member
Member
Level 2
Joined
Nov 27, 2008
Messages
342
Trophies
0
Age
31
Website
Visit site
XP
196
Country
United States
I have an R4 GOLD 3DS that supports the Wood firmware. I'm sure they'll come up with update soon. I mean, they did show a video of proof right? We don't really have much to worry about.
 
N

notmeanymore

Well-Known Member
Member
Level 5
Joined
Nov 29, 2009
Messages
2,700
Trophies
1
XP
711
Country
United States
Well now two of my friends are screwed because I talked them into buying AceKards some months back. I doubt a SCDS2 is in either one's budget so what exactly is a "xxx r4"?
 
MelodieOctavia

MelodieOctavia

Just your friendly neighborhood Transbian.
Former Staff
Level 15
Joined
Aug 29, 2008
Messages
6,258
Trophies
2
Age
39
Location
Hiatus Hell
Website
yourmom.com
XP
4,692
Country
Djibouti
  • Like
Reactions: 8 people
N

notmeanymore

Well-Known Member
Member
Level 5
Joined
Nov 29, 2009
Messages
2,700
Trophies
1
XP
711
Country
United States
jalaneme said:
Another World said:
don't forget the dsi, dsi xl, and 3ds systems running 4.3.0-10.

-another world
Click to expand...

only difference is on the dsi and dsixl there is no auto update, on the 3ds there is, well done to the clever peeps who kept their dsi's and lites.
Click to expand...

There's no auto update on 3DS either. It annoys me every time I open my 3DS because it asks if I want to update, but it doesn't go beyond that.
What would be nice right now (assuming that a CFW is not in the near future and that there really are only a few kits left that work and can't be fixed) is a smaller exploit that would allow for a modified eShop that doesn't have an update check.
 
  • Like
Reactions: 3 people

Site & Scene News

Go to forum More news

Popular threads in this forum

Wii U and 3DS online services shutting down today, but Pretendo is here to save the day

Nintendo Switch firmware update 18.0.1 has been released

The first retro emulator hits Apple's App Store, but you should probably avoid it

Delta emulator now available on the App Store for iOS

TheFloW releases new PPPwn kernel exploit for PS4, works on firmware 11.00

Nintendo takes down Gmod content from Steam's Workshop

A prototype of the original "The Legend of Zelda" for NES has been found and preserved

Anbernic reveals specs details of pocket-sized RG28XX retro handheld

General chit-chat
Help Users
  • BakerMan
    I rather enjoy a life of taking it easy. I haven't reached that life yet though.
    BakerMan @ BakerMan: Update on my brother: He's home now, tired and hungry, obviously, but other than that, seems to...