Hacking And this is exactly why we need a true modchip.

[andijames]

PI Zero would be perfect for this. That along with a small powerbank will do the trick nicely. Just have the python script running on boot and when it detects the right USB handshake then trigger the payload

 

[sarkwalvein]

PI Zero would be perfect for this. That along with a small powerbank will do the trick nicely. Just have the python script running on boot and when it detects the right USB handshake then trigger the payload

It should work, certainly... and what does it cost? $10?
(well, I would add a stylish mini case or something, so a little more)

But it would be great if there was a way to extract power from the same USB-C on the Switch, so you don't depend on the Powerbank.

 

[andijames]

Interestingly a pi zero runs on loopback from a laptop (just connect the usb port to the laptop and it powers and doubles up as a local loopback) it powers it AND talks over it. Might be worth a pop at trying this on switch although i'm not sure the power is two way. I highly doubt it in fact :/

Even if that's the case it's just a small powerbank that's needed which you can get for 10 quid

--------------------- MERGED ---------------------------

Ideally what we'd have is essentially a modchip / payload that enables a bootloader of sorts which then you can decide where to go. Similar to how the 3DS did it back in the day

 

[guily6669]

Well too much devices, it would be million of times better just using any android smartphone that almost everyone already has and you carry all day 4 everywhere already...

FailOverflow even stated that saying that android is possible but they leave that to a reader who wants to make that project of carrying it to android, the problem is really the Xhci which I think all old devices without usb 3.0 dont have it .

 

[tech3475]

Well too much devices, it would be million of times better just using any android smartphone that almost everyone already has and you carry all day 4 everywhere already...

FailOverflow even stated that saying that android is possible but they leave that to a reader who wants to make that project of carrying it to android, the problem is really the Xhci which I think all old devices without usb 3.0 dont have it .

It may also be possible on older devices with kernel patches, so we’re likely looking at custom recovery and limited to certain device ala ps3 jailbreak.

 

[guily6669]

Yeah like on the Linux, but thats not something I would do in my both perfect devices Xperia Z2 and Nvidia Shield tablet, they have everything I need that I didnt even bother rooting them.

Now if I had my old Wiko Bloom working I would totally change its rom and mess with the kernel as the phone had nothing, its the only one I ever rooted because it was bad to begin with...

Its my first android device, however I have it in pieces from when I was pissed with my girlfriend (sadly same happened to my lovely Nokia N95, both went Fusee Gelee against a wall )

 

[efishta]

Again, if I'm not playing I dont want the console wasting my precious battery juice while I'm zZZZ...

Just like I never use sleep\hibernation on any of my laptops or computers...

And after I see 99% of battery I just won't charge it again, I will cycle the battery all over again so I can get to 100% and play keeping at 100% again...

And if you are like my girlfriend with her phone charging and disconnecting all the time without really do full cycles on the battery in maybe 2 years the battery is completely screwed.

In fact even in 1 year on a brand new samsung the battery was already screwed, 2 years after its completely screwed, while my phones go way beyond 5 years still holding a lot of battery time.


My brother is the same, in a very small time his laptop batteries last less than a second, just disconnecting AC boom the laptop goes instantly OFF since he spend all day moving the laptop from room to room, then charge, then battery, then charge all day doing the same crap over and over again.

ps: And later if I could send the payload trough my android smartphone to the Switch, I wouldnt even care for a permanent method, I would add a button on the joy-con, it would be like press the button, connect to the phone and boom instant recovery mode and then a software on the android where we just tap a option and boom payload loaded into the switch, this would be awesome.

In other words, you're a slave to the battery instead of using it as it was meant, which is allowing use/gaming while away from power source. While you slave away at the maintenance aspects of any battery, the rest of us will enjoy our paid for product as it was intended: a portable, battery powered device.

 

[guily6669]

Actually no... If I use the battery then I just use it, but I don't enjoy leaving the Switch wasting its battery while I'm not actually enjoying anything...

And other thing I do, after it gets to low power I leave the console in the menu cooling down a few minutes before I fully turn it off to then charge when I can, I do this on all consoles. This was actually a big problem on Xbox 360 with the "ROD" as people tested turning it off right away the GPU cooler was so bad that the temps climb higher after turning off hot because the fans stop instantly and the metal was too little to cool it while still hot...

If you keep almost never doing cycles on the batter and just charge it like nuts a lot of times then the Switch soon will stop being a portable console as the battery won't last much and you either will have to replace it risking of paying a lot for a "real nintendo battery" on ebay to then find out its just a made in china copy that looks the same and with the same logos\letters and with like half the charge or you will have to keep it with a power bank.

ps: And other bad thing reported a lot of times is that the Switch sometimes drain battery to a point where the Switch may never wake up again, that has been reported by a lot of ppl... some can make it come alive, while some sadly have a black nintendo screen that wont turn on as the battery is way beyond the lower recommended voltage and the Switch wont turn on or charge(which probably can be fixed by externally charging the battery unless it died or replacing the battery, however this is way more dramatic with lipos, usually Li-ion will become alive easier than Lipos).

 

[Chrushev]

if a chip means its faster, untethered and reliable then I have no problem buying a chip. Anyone know if solder points on a switch are smaller than 360 (smaller than these https://imgur.com/a/BGjc6ln the big hole in picture is a screw hole for reference) ? I havent cracked a Switch open yet. If they are all that size or bigger then a solder job is a breeze, especially if none of the points are to caps or resistors.

 

[weatMod]

leads to piracy, not focused on piracy. Real CFW is not about piracy, it's about unlocking the full potential of a device and allowing it to be customized to do whatever the user wants. Both B9S and Sky3DS enabled piracy, however they couldn't be FARTHER from eachother in terms of potential

piracy IS part of the devices full potential

 

[annson24]

Again, if I'm not playing I dont want the console wasting my precious battery juice while I'm zZZZ...

Just like I never use sleep\hibernation on any of my laptops or computers...

And after I see 99% of battery I just won't charge it again, I will cycle the battery all over again so I can get to 100% and play keeping at 100% again...

And if you are like my girlfriend with her phone charging and disconnecting all the time without really do full cycles on the battery in maybe 2 years the battery is completely screwed.

In fact even in 1 year on a brand new samsung the battery was already screwed, 2 years after its completely screwed, while my phones go way beyond 5 years still holding a lot of battery time.


My brother is the same, in a very small time his laptop batteries last less than a second, just disconnecting AC boom the laptop goes instantly OFF since he spend all day moving the laptop from room to room, then charge, then battery, then charge all day doing the same crap over and over again.

ps: And later if I could send the payload trough my android smartphone to the Switch, I wouldnt even care for a permanent method, I would add a button on the joy-con, it would be like press the button, connect to the phone and boom instant recovery mode and then a software on the android where we just tap a option and boom payload loaded into the switch, this would be awesome.

It's actually much better to regularly charge your battery above critical levels. Charging the battery below critical level strains it, not that the battery couldn't handle it tho. You'll still get the normal battery life but regularly charging it above critical level will lengthen its life more since it doesn't experience heavy strains. I for one always charge my devices whenever I can, at the office during work, or I plug them right before going to bed; that way, I won't have to worry about my devices' battery level before I leave.

But yeah, you don't have to believe us. It's your life and your device. You can do whatever you want from it. But it's too bad that if this is actually a tethered exploit, then tough luck for you.

Edit: just realized this off topic is already getting long. Better to get back on topic then.

Sent from my SM-G950F using Tapatalk

 

[Selim873]

Kate's Bootrom Exploit Paired with Fusee still requires a PC to launch the payload, and the shorting every time the console reboots/power cycles making it a tethered exploit.

I could be wrong as I have not had confirmation yet from Team Xecuter, but being a long time beta tester (since the 90's) for them, I think its pretty safe to assume that the modchip itself will send the payload through a button cominbation or on/off switch of some sort which will enable it at will to boot from the SD card or extra NAND if thats the route they took. Therefor no computer required. Much better solution IMO.

@yardie

You don't have to short it every time. The joycon bent pin method can be permanent. That's how mine is, and the joycon still works wirelessly and in handheld mode just as it should. Nobody would notice it. If you can get it working on, let's say the RPi Zero, you could probably build an OS that can run the script at boot. So for example, as soon as the Pi turns on, it'll execute the script, then run "shutdown -h now" to turn it off, then flip the hard switch. Though I'd rather have a method of running it from Android using a C to C cable.

Yea it's tethered, but it's not iPhone tethered. It can definitely be made more convenient since it's just a Python script.

 

[guily6669]

And where did I said exactly that a full cycle for nowadays Li-ion batteries are from 0 to 100%... I guess the Switch warns for low battery for a reason... Li-ion can totally go to 0% on devices that are actually calibrated to show 0% as the safe cut-off voltage for Li-ion, else its just safer to charge at like around 10% battery for most devices since I bet at 0% they will surely be below the recommended safe voltage.

We should only let the battery drain completely for calibration purposes only...

And basically when I play outside I use the battery, if I'm not playing I just save my zelda game, stay in the menu a bit to cool down then press the power button for a few seconds until it completely shut off. When I get home then I just waste the rest of the battery until a certain amount of battery, save the game, let the switch cool down and then just charge it... After a complete charge I just completely turn it off by holding the button as a lot of ppl found out that turning off on Switch menu usually leave the console eating battery doing nothing at all (I had that problem too).

Also I don't even know when is the next time I will turn Switch ON, so If I would leave it in standby and forget it I might end with a Switch that won't come alive again if the Switch over-discharge the battery... I don't turn my Switch ON for weeks already... My 3DS is turned on from months to months only too so I just leave the battery at storage levels for Li-ion on it and just forget about the 3DS and even though I live it off like this since day one, incredibly its battery still have the same amount of time as when it was new, its probably because I barely used it anyway, I don't like 99% of its games .

 

[smf]

But it would be great if there was a way to extract power from the same USB-C on the Switch, so you don't depend on the Powerbank.

A usb to joycon cable that extracted the power for a raspberry pi, shorted the pins and worked as a console cable so you could see the boot messages would be pretty cool.

 

[andijames]

Just read the report - really interesting stuff.

Noticed these lines towards the bottom that describes how the RCM is initiated

[*]Ensure the Switch cannot boot off its eMMC. The most straightforward way to to this is to open the back cover and remove the socketed eMMC board; corrupting the BCT or bootloader on the eMMC boot partition would also work.
[*]Trigger the RCM straps. Hold VOL_UP and short pin 10 on the right JoyCon connector to ground while engaging the power button.
[*]Set bit 2 of PMC scratch register zero. On modern firmwares, this requires EL3 or pre-sleep BPMP execution

In particular note point 3 - set bit 2 of PMC scratch register zero. This basically is setting a flag to tell the bootrom to boot into rcm when it comes back up. We can't do that at the moment as we do not have EL3 or pre-sleep execution on later firmwares BUT once we have atmosphere we should have full access to horizon which means... we SHOULD only have to tether this ONCE when we install Atmosphere. Every subsequent time the device is turned off cold could easily write the value to PMC scratch and, possibly inject the payload into the given scratch too?

Might be wrong about that (in particular writing the vuln to scratch) - there the challenge would be where to store the payload to re-initiate the exploit once booted? We don't have SD Card access that early i don't think.

 

[Deleted-355425]

You can get a esp8266 with a battery built in if that’s of any use.

 

[guily6669]

Thats just good for FW 3.0.0 ...

And anyway its kinda pointless for now since with 3.0.0 ppl just install Fake News 4 now and run homebrew so they don't need any payload after as they can already run what most still want...

And its even less money by just not buying anything and just use a PC+router instead of buying a chip that does the same even though its not expensive...

 

[Deleted User]

piracy IS part of the devices full potential

No it's not. Piracy has no direct influence on a device. You can always buy your games legitimately and back them up to have the same functionality as pirates do. Then there's overclocking, hacking, modding, cheating etc and none of these have anything to do with piracy.

Yes, it's actually possible to have access to the full potential of a device while still supporting the developers. You're not forced into piracy.

 

[g00s3y]

"I want a simple solution because I don't like having to work for free shit"

 

[weatMod]

No it's not. Piracy has no direct influence on a device. You can always buy your games legitimately and back them up to have the same functionality as pirates do. Then there's overclocking, hacking, modding, cheating etc and none of these have anything to do with piracy.

Yes, it's actually possible to have access to the full potential of a device while still supporting the developers. You're not forced into piracy.

really i meant the ability for it , the ability to backup games
i always frown on digital if i do decide to buy a game i want physical media AND the ability to run games from onscreen menu and not have to bother with the meida