With the discovery of the TegraRCM exploit that allowed homebrew enthusiasts to run unsigned code on it, Nintendo responded by releasing new Nintendo Switch units codenamed 'Mariko'. While at first glance this newer model is barely distinguishable from the older one (save for the flashy all-in-red box), it features a better battery life and slightly altered CPU instructions to help with power management and consumption.

However this was at a cost as the boot ROM bug that allowed homebrew enthusiasts and tinkerers to tamper with their switches was fixed for good. This of course upset many owners of the newer Switch iterations, and left people wondering whether or not they could ever enjoy homebrew on their 'Mariko' Switches in the future.

That future might not be too far away as developer @SciresM has successfully managed to dump the keys of the firmware on said units. In his YouTube video he showcases how this process was achieved:

We have the Mariko firmware keys and fully label Mariko trustzone.

Even if slim, these early developments show that there is a possibility of running homebrew on the Nintendo Switch 'Mariko' units, and getting TrustZone access on the system.

Source

 

[Hambrew]

My Switch V2 is one step closer to actually being a fully-worthwhile device that I wouldn't regret throwing my New 2DS XL out for.

 

[veenx0704]

What's the advantage of this?

 

[Deleted member 512337]

What's the advantage of this?

One step closer to it being hacked?

 

[huma_dawii]

Okay so... i wonder how we will use this in the future....

 

[codezer0]

Okay so... i wonder how we will use this in the future....

For an end user? Probably not immediately useful. But for the likes of those making atmosphere and similar for homebrew and game loading, this is probably a big deal, since it means there will be a lot more eligible consoles able to run this stuff and be jailbroken.

 

[huma_dawii]

For an end user? Probably not immediately useful. But for the likes of those making atmosphere and similar for homebrew and game loading, this is probably a big deal, since it means there will be a lot more eligible consoles able to run this stuff and be jailbroken.

But they atill need to find an exploit for Mariko units right? Cause the jig stuff wont work I'm assuming.

 

[Xzi]

Nice. At some point once Switch hardware gets real cheap I'll have to pick up a second unit.

 

[Ryccardo]

But they atill need to find an exploit for Mariko units right? Cause the jig stuff wont work I'm assuming.

RCM works fine on new bootrom consoles (as long as you have a signed payload)

It's unlikely a way to sign them will be found, but
1- you only need to win the lottery once if you do it right
2- there may well be another entrypoint (as the existence of the new """TX""" chips provides supporting evidence for)

 

[CaptainSodaPop]

What about patched Switches?

 

[DbGt]

At 2:45:10, he says he expects the Mariko to have no software vulnerabilities, so probably you will still need a modchip

Plus if there was a software vulnerability, then why tx, who had this keys way before and for much longer is instead releasing a modchip over some soft solution?

 

[Bullseye]

Great news. It becomes a waiting game then! Bring it on!

 

[invwar]

I didn't watched the 3h video, but I have a simple question.
Did SciresM used TXs Modchip to get the keys or was he able to hack it without?

 

[xbmcuser]

How about this?
Fix a modchip in run sxos and then add some app to introduce a new sw solution to glitch on boot from sd.

Remove modchip, your patched switch then is permanently able to run cfw, say Atmosphere etc.

Would this work,?

This saves on cost of mod chip and sxos.

This will be run by installers.

 

[CompSciOrBust]

One step closer to it being hacked?

It is hacked with the mod chip.

But they atill need to find an exploit for Mariko units right? Cause the jig stuff wont work I'm assuming.

Since pretty much everyone with a lot knowledge of the Switch OS like SciresM, Hexkyz, and presumably the TX engineers (otherwise why waste a hardware solution on a smaller userbase when they can wait?) agrees the firmware has no useful bugs currently the only way to run CFW will be through the SX chips or clones of them.

What about patched Switches?

The SX Core works on all models (F-G, ipatched, and V2 / lite)

At 2:45:10, he says he expects the Mariko to have no software vulnerabilities, so probably you will still need a modchip

Plus if there was a software vulnerability, then why tx, who had this keys way before and for much longer is instead releasing a modchip over some soft solution?

One possible reason is that TX is a business and it's a lot harder to add DRM to a software solution, although a counter argument is that if they released a SW solution they could keep their chips and sell them to a larger userbase later.

I didn't watched the 3h video, but I have a simple question.
Did SciresM used TXs Modchip to get the keys or was he able to hack it without?

I haven't had a chance to look at the video either but the things he said on twitter strongly suggests that he used a TX chip.

How about this?
Fix a modchip in run sxos and then add some app to introduce a new sw solution to glitch on boot from sd.

Remove modchip, your patched switch then is permanently able to run cfw, say Atmosphere etc.
Would this work,?
This saves on cost of mod chip and sxos.
This will be run by installers.

This won't work because any code you add will be unsigned so the console won't boot, the same reason you can't just add code to a fusee-gelee hackable console to boot without a usb payload. If a software bug is found that requires editing data on the nand that is possible but unlikely to be the case.

 

[RedBlueGreen]

Nice. At some point once Switch hardware gets real cheap I'll have to pick up a second unit.

It should drop again soon enough. Won't be cheap, but people on eBay won't be able to ask $300+ USD for just the tablet anymore once Nintendo can get more out. Nintendo sells refurbs for $260 USD (with joycons, dock, and everything).

--------------------- MERGED ---------------------------

Nice. Can't wait till we can hack the new ones. Then people won't be charging extra for older Switch models.

 

[linuxares]

Nice!
@mattytrog we need your guidance how to make an opensource modchip :3

 

[legoinventeor]

Could this apply to switch lites?

 

[64bitmodels]

My Switch V2 is one step closer to actually being a fully-worthwhile device that I wouldn't regret throwing my New 2DS XL out for.

the hell??? why did you do that???







why the hell did you get a new 2ds xl over a 3ds xl?? the 3d effect is really nice yknow!

 

[BlastedGuy9905]

One step closer to it being hacked?

Isn't it, though? There's SX Core.