Hacking Question switch updated to 3.0.2 ;(

[colt05]

I stupidly updated to 3.0.2
Is it possible that someone could create a fake switch update that is actually 3.0.0 in disguise?? DNS maybe?

 

[Alkéryn]

I stupidly updated to 3.0.2
Is it possible that someone could create a fake switch update that is actually 3.0.0 in disguise?? DNS maybe?

Are you retarded ?
For the quintillionth time : NO !

 

[8BitWonder]

I stupidly updated to 3.0.2
Is it possible that someone could create a fake switch update that is actually 3.0.0 in disguise?? DNS maybe?

No.
Even if you could downgrade to 3.0.0, the switch would "panic" and always shut off after seeing too many efuses have been burnt.

 

[colt05]

No.
Even if you could downgrade to 3.0.0, the switch would "panic" and always shut off after seeing too many efuses have been burnt.

i know, i thought the version number could be faked or something but apparently not

 

[8BitWonder]

Are you retarded ?
For the quintillionth time : NO !

Uncalled for, just answer the question.

 

[Sketchy1]

I stupidly updated to 3.0.2
Is it possible that someone could create a fake switch update that is actually 3.0.0 in disguise?? DNS maybe?

NO.

this was done on psp before, because the psp used a regular http call to get into contact with the update server. we can fake http, so we hosted it ourselves.
all Nintendo consoles use HTTPS, which we cant (for obvious reasons) spoof ourselves
not to mention the effuses get burnt to the console, to prevent downgrades

 

[Alkéryn]

i know, i thought the version number could be faked or something but apparently not

No it can't because then the checksum would change
and we don't have nintendo's keys so we can't sign it ourselves

--------------------- MERGED ---------------------------

Uncalled for, just answer the question.

Nah perfectly called, people that ask question answered hundreds time without even searching themselves before don't deserve people to answere softly
plus i'm not in a good mood atm

 

[colt05]

No it can't because then the checksum would change
and we don't have nintendo's keys so we can't sign it ourselves

NO.

this was done on psp before, because the psp used a regular http call to get into contact with the update server. we can fake http, so we hosted it ourselves.
all Nintendo consoles use HTTPS, which we cant (for obvious reasons) spoof ourselves
not to mention the effuses get burnt to the console, to prevent downgrades

ah ok didn't realize about the whole https thing, too bad we can't restrict the switch to http only by making it think it's the wifi or something XD

 

[TheCyberQuake]

No! If it were that easy to downgrade devs would already have been doing it. Unless we get the https keys (that's if we ever got them) we can't even send the system a legit update from our own servers, let alone a modified one. On top of that we would need to be able to modify and resign the firmware files, with keys we don't have. We don't even have that ability with 3ds technically, we just have a way to fakesign. Unless we had a similar fakesign vulnerability with switch, modifying the firmware directly would be impossible.

 

[colt05]

ok, thanks everyone.
is all hope lost for 3.0.2 even if i turn off wifi forever?

 

[Alkéryn]

ah ok didn't realize about the whole https thing, too bad we can't restrict the switch to http only by making it think it's the wifi or something XD

Even if you could spoof it into downloading a fake update
1st it would check if it is actually the next version
2nd it would blow efuse if you could force it to install anyway
3rd you can't make a fake rom modification because then it would change the file signature and the switch would know it isn't from nintendo
the only way would be to have nintendo's keys

 

[Sketchy1]

ok, thanks everyone.
is all hope lost for 3.0.2 even if i turn off wifi forever?

yep. or sell that switch online and use that money to get a new one

 

[TheCyberQuake]

ah ok didn't realize about the whole https thing, too bad we can't restrict the switch to http only by making it think it's the wifi or something XD

That sentence there showed you don't really understand the basics of network protocols, meaning you definitely don't understand what you are talking about. Please do research next time before posting an idea like this. You will get blasted by the community.
Even without research, it's pretty easy to tell if an idea is good or bad. If it seems like it would be easy to you but the devs aren't doing it, chances are they already thought about it long ago and it just isn't possible.

 

[colt05]

That sentence there showed you don't really understand the basics of network protocols, meaning you definitely don't understand what you are talking about. Please do research next time before posting an idea like this. You will get blasted by the community.
Even without research, it's pretty easy to tell if an idea is good or bad. If it seems like it would be easy to you but the devs aren't doing it, chances are they already thought about it long ago and it just isn't possible.

yeah, it was a random idea i had out of nowhere so..
guess i have to wait for a long time for a 3.0.2 hack. i just felt really bad that there isn't one..
i'm hoping that there will be one eventually like the 3ds

 

[g00s3y]

Might as well end it all now, life is meaningless on 3.0.2

 

[Jackson98]

I stupidly updated to 3.0.2

Your counting a lot of chickens, considering we cant do anything with smhax yet . I know one thing, if it was impossible to bypass efuses and I had to keep a switch at 3.0 permanently for homebrew. I wouldn't do it! Just unstable and doesn't offer enough. If your very unlucky and smhax is the sole portal to all homebrew on the switch its homebrew gets released soon, cfw is later updatable bypassing efuses, and no other hacks get released in the lifespan of the switch(1st division lotto odds lol). You can always just go on ebay/amazon and buy a 3.0 firmware console. Your losing sleep over something when you don't even know what its going to produce yet ;P.

 

[the_randomizer]

No it can't because then the checksum would change
and we don't have nintendo's keys so we can't sign it ourselves

--------------------- MERGED ---------------------------


Nah perfectly called, people that ask question answered hundreds time without even searching themselves before don't deserve people to answere softly
plus i'm not in a good mood atm

Really, you're gonna call the OP that word? That's called a douche move, buddy, and shows how immature people like you are. There are better ways of addressing mistakes, etc without being rude. Sheesh. Take a chill pill and stay off the internet for the next several hours.

 

[DarkOrb]

Hypothetically speaking, it would be possible to create a "fake 3.0.0" fw. You have to get access to the firmware files and you need the Switch private keys in order to be able to decrypt the files. Then you need to adjust the variable which holds the amount of required efuses and probably have to change some security stuff in the code (I don't even know of). Then you have to encrypt (sign) these files and find a way to install it on your Switch.

So, yes, it might be possible. But no, It's not possible in the near future, maybe never.

 

[GerbilSoft]

Hypothetically speaking, it would be possible to create a "fake 3.0.0" fw. You have to get access to the firmware files and you need the Switch private keys in order to be able to decrypt the files. Then you need to adjust the variable which holds the amount of required efuses and probably have to change some security stuff in the code (I don't even know of). Then you have to encrypt (sign) these files and find a way to install it on your Switch.

So, yes, it might be possible. But no, It's not possible in the near future, maybe never.

I only know of three times when private keys for consoles have been leaked:

• Atari 7800 - years after the original Atari went bankrupt, someone found a ton of Atari 7800 stuff in a dumpster, including the signing application for NTSC 7800s.
• Xbox Live - Private certificate for *.xboxlive.com was leaked. I don't think this is the same key used for software signing, though.
• PlayStation 3 - Sony used a weak RNG to generate the master keys.

I don't think any Nintendo private keys have ever leaked. (Note that I'm referring to asymmetric keys here. Keys like the 3DS Boot9 keys are symmetric, which means the same key is used for encryption *and* decryption.)

 

[colt05]

Is trying to find an exploit using the save files on the MicroSD card a bad idea?