Hacking So without getting flamed to hell for this. Regarding why the 3ds isn't kernel haxed on 11.0

[Quantumcat]

I'm aware this was more of a WHY topic. a development of sorts and more of a general question about why 3ds development has halted pretty much.

I assume in part because of the new vita hack

You wouldn't consider this halted if you'd been around in the void between Gateway on 4.x and Smealum's 9.2 Ninjhax. A new secondary exploit comes out like every month nowadays.

 

[bbcali89]

You wouldn't consider this halted if you'd been around in the void between Gateway on 4.x and Smealum's 9.2 Ninjhax. A new secondary exploit comes out like every month nowadays.

I was around. lol
it was a LONG couple a years that's for sure lol.

 

[astronautlevel]

Well, memchunkhax 2.1 wasn't technically patched iirc, but it was made near-unworkable due to canaries being added into the kernel11.

In addition, the process9 checks mean that even with an arm11 kernel exploit, we won't be able to downgrade. There are already a number of arm11 exploits that have been discovered privately (my favorite being slowhax, which takes over an hour to execute). However, the developer has decided not to release these exploits yet as he wants to finish an arm9 exploit before he releases anything.

 

[bbcali89]

Well, memchunkhax 2.1 wasn't technically patched iirc, but it was made near-unworkable due to canaries being added into the kernel11.

In addition, the process9 checks mean that even with an arm11 kernel exploit, we won't be able to downgrade. There are already a number of arm11 exploits that have been discovered privately (my favorite being slowhax, which takes over an hour to execute). However, the developer has decided not to release these exploits yet as he wants to finish an arm9 exploit before he releases anything.

this is interesting news.

 

[Swiftloke]

Well, memchunkhax 2.1 wasn't technically patched iirc, but it was made near-unworkable due to canaries being added into the kernel11.

In addition, the process9 checks mean that even with an arm11 kernel exploit, we won't be able to downgrade. There are already a number of arm11 exploits that have been discovered privately (my favorite being slowhax, which takes over an hour to execute). However, the developer has decided not to release these exploits yet as he wants to finish an arm9 exploit before he releases anything.

Mmph! Thanks for showing me nedwills YouTube, subscribed.
Slowhax xD
But to contribute something useful, I can confirm that the actual time of check to time of use vulnerability is still unpatched, but as far as I know it's been made basically unusable with Ninty's meddling. (I don't know exactly how they did that, but I know they did.)

 

[N7Kopper]

You wouldn't consider this halted if you'd been around in the void between Gateway on 4.x and Smealum's 9.2 Ninjhax. A new secondary exploit comes out like every month nowadays.

Calling this a void is pretty silly, especially considering that - as discussed - we do have a downgrade exploit on current firmware. Just because it's TWL_FIRM and not NATIVE_FIRM, doesn't mean it's not latest firmware.

I kinda want to just show the scene of a few years ago how damn easy it is for me to jump from playing an out-of-region Federation Force into Mother 3 Fan Translation 1.2 and see them get green with envy... or get triggered because Samus isn't the protagonist of FedForce.

 

[rondoh70]

Ive been thinking about the hard coded list thing. Do we have enough control of the memory to change pointers or the values related to that list?

 

[Urbanshadow]

Ive been thinking about the hard coded list thing. Do we have enough control of the memory to change pointers or the values related to that list?

Nope. The memory where this values are is so obviously out of the user scope or the gspwn-able zone. Also, the memory portion must be accesed directly in physical memory addresses (arm9) and not pointers or virtual addresses mode (arm11/userland).

That's why it's easier to replace a firm to a lower one (which would not use said list) by a modified nand backup than to rewrite the list.

And, if you get to rewrite the list also means you have arm9 control, so a downgrade would not make any sense (just for a9lh installs) since you can already cfw.