Why the 3DS can't be downgraded on 11.4 "For Dummies" (A simple explanation for the rest of us)

Discussion in '3DS - Flashcards & Custom Firmwares' started by Swiftloke, Sep 11, 2016.

  1. LinkSoraZelda

    LinkSoraZelda GBAtemp Advanced Maniac

    Member
    1,968
    615
    Aug 12, 2015
    United States
    Land of the Rising Orange
    If a useful thread with relevant information to how the 3DS works as a whole is somehow irrelevant, why is Gateway and the 3DS - Hacking and Homebrew threads stickied? The latter was made when cfw was barely existent.
     
    Quantumcat likes this.


  2. Lilith Valentine

    Lilith Valentine GBATemp's Wolfdog™ Kneel before the Queen

    Member
    18,915
    18,816
    Sep 13, 2009
    Antarctica
    Between insane and insecure
    Actually looking at those threads again, they actually don't seem useful anymore.
     
  3. ih8ih8sn0w

    ih8ih8sn0w Koreaboo

    Member
    1,653
    715
    Aug 22, 2015
    United States
    Hell
    I would honestly be okay with it being put somewhere else that is accessible, but I'm positive that most people demanding for it to not be stickied would not have said to do that '_>'. GW shouldn't still be supported, and the OPs of those threads aren't even alive. Why have stuff that cannot be managed? We want noobs to be well informed, having a thread for gateway questions (OP says 9.5 is latest fw) sends people in the wrong direction, and emunand shit sends more in the wrong direction by thinking that they need it for some reason.
     
  4. Lilith Valentine

    Lilith Valentine GBATemp's Wolfdog™ Kneel before the Queen

    Member
    18,915
    18,816
    Sep 13, 2009
    Antarctica
    Between insane and insecure
    I actually went and read through those threads again after posting that and realize just how out of date they are.
     
    ih8ih8sn0w likes this.
  5. NoNAND

    NoNAND GBAtemp Advanced Fan

    Member
    658
    152
    Aug 22, 2015
    Ireland
    Pikachu City
    Somebody please update this thread
     
    GilgameshArcher likes this.
  6. LinkSoraZelda

    LinkSoraZelda GBAtemp Advanced Maniac

    Member
    1,968
    615
    Aug 12, 2015
    United States
    Land of the Rising Orange
     
    ih8ih8sn0w likes this.
  7. jt_1258

    jt_1258 GBAtemp Maniac

    Member
    1,278
    607
    Aug 21, 2016
    United States
    Ya know, it's just eratating reading through here. The thread has been updated to be relevant and if they looked through they would relise it has already been requested before for a change yet people still continued to ask. People can't even have the decency to even read a couple of comments back, so hasty to say their word before seeing if the request was already made and giving the post a like(I treat it like the yeah button on miiverse) to show that they agree. People are so childish and frustrating at times -.-
     
    Swiftloke likes this.
  8. goldensun87

    goldensun87 GBAtemp Regular

    Member
    143
    50
    Jan 24, 2017
    United States
    "oh who am I kidding it means piracy"

    Best part of the explaation :D .
     
  9. goldensun87

    goldensun87 GBAtemp Regular

    Member
    143
    50
    Jan 24, 2017
    United States
    "oh who am I kidding it means piracy"

    Best part of the explaation :D .
     
  10. aaronrpgi36

    aaronrpgi36 Newbie

    Newcomer
    7
    0
    Mar 6, 2015
    I don't understand the part which explains dsiware and hardmod downgrades, hardmod downgrade is patched? I'm thinking in hardmodding my N3DS with 11.3 fw but doesn't look good for me
     
  11. Tenshi_Okami

    Tenshi_Okami GBAtemp Maniac

    Member
    1,323
    530
    Nov 3, 2015
    Puerto Rico
    You can hardmod to have a NAND backup, but you can't do a downgrade, since NFIRM needs to be the latest, if you downgrade the NFIRM it will not boot the 3DS
     
  12. aaronrpgi36

    aaronrpgi36 Newbie

    Newcomer
    7
    0
    Mar 6, 2015
    Thanks for the help :)
     
  13. PoppaDre
    This message by PoppaDre has been removed from public view by BORTZ, Feb 22, 2017.
    Feb 21, 2017
  14. Laurengamer911
    This message by Laurengamer911 has been removed from public view by ProtoKun7, Apr 9, 2017, Reason: Hush now..
    Feb 28, 2017
  15. Tenshi_Okami
    This message by Tenshi_Okami has been removed from public view by ProtoKun7, Apr 9, 2017.
    Feb 28, 2017
  16. Vieax

    Vieax Advanced Member

    Newcomer
    64
    45
    Feb 24, 2017
    This is a very good explanation of the arm9 and the arm11 security :toot:
     
  17. maorninja
    This message by maorninja has been removed from public view by ProtoKun7, Apr 9, 2017.
    Mar 5, 2017
  18. Jonhyjp

    Jonhyjp Member

    Newcomer
    18
    1
    Jan 28, 2016
    Brazil
    Are there any homebrew programs that tell you, your privilege level? (Eg. Userland) that would be useful, say, if i found a new entrypoint to launch the hblauncher but im not sure what kind of access do i have.
     
  19. ThommyTheBoy

    ThommyTheBoy GBAtemp Regular

    Member
    203
    7
    Feb 2, 2008
    I don't even know! D:
    Don't misunderstand, I am a massive idiot who (although reading up on things) doesn't really know much about how most of these things work. But from what I understand the reason we can't downgrade at the moment is because we give a firmware < 11.3 to arm11 to install, and arm9 checks what we give to arm11 against a list it has built in with "things allowed to be installed" and has the final say on if the install is ok to do or not.

    Basically my question is this:
    Do we know exactly HOW arm9 checks this? And if yes, has anyone tried tricking it by giving a firm<11.3 but showing it as being a firm that is ON the list? (I assume firms >= 11.3 are on the list, but as I said, this IS the part I'm a bit fuzzy on...)
     
  20. Tenshi_Okami

    Tenshi_Okami GBAtemp Maniac

    Member
    1,323
    530
    Nov 3, 2015
    Puerto Rico
    Do you mean changing the version of an old FIRM to read like the current one? IIRC, if we do this it would make the FIRM not signed... making the need of a CFW to patch signature checks
     
  21. ThommyTheBoy

    ThommyTheBoy GBAtemp Regular

    Member
    203
    7
    Feb 2, 2008
    I don't even know! D:
    So installing unsigned firms would mean that the system would already need to be hacked...
    Alright then I think I understand. I was just wondering if that might have been possible, I was just running all the options through my mind and thought "But... wouldn't that be possible?" but clearly it isn't! Haha!

    I had two other ideas, but both of those are pretty stupid...

    In terms of the OP with the permissions, arm9 tell arm11 what to do when arm11 asks something. But if that means that when we give arm11 something to install it first goes to arm9 to ask for permission and depending on the answer arm11 does the installing. Would it be possible to intercept the back and forth between arm11 and arm9 so that whatever arm9 says, arm11 interprets it as a "alright, lets do this!" even if arm9 actually says "like hell we're doing that!". In that way basically completely bypassing arm9 to begin with.

    The other (kinda) logical thing I thought of was change the list itself. But to do that we would still need a arm9 exploit.

    I'm just thinking out loud here, which most of us do here on the internet.
    Do we know or do we have a list somewhere of things that HAVE been tried?
     
  22. brenoppr

    brenoppr Advanced Member

    Newcomer
    60
    5
    Jan 15, 2017
    Brazil
    Somewhere in Brazil
    I've got some questions
    First, couldn't nintendo modify something on bootrom to shut down a9lh?
    Secondly, we can install unsigned cias after installing a9lh. But how does that work? Arm9 tells arm11 to install the cia or arm9 install the cia by itself?
    And also, does arm9 only check if the title is signed by nintendo on the installation or when you run the file it checks the signature too? (An example would be installing a title with a9lh, then uninstalling a9lh and try to run the title)
     
    Last edited by brenoppr, Apr 6, 2017
  23. ih8ih8sn0w

    ih8ih8sn0w Koreaboo

    Member
    1,653
    715
    Aug 22, 2015
    United States
    Hell
    ROM is read-only memory.
    Signature checks are patched out, and a title installer has permissions to install CIAs.
    It is supposed to check signatures when the title is launched or on console boot (idr which). You need a cfw with sigpatches enabled in order to launch unsigned titles.
     
  24. CrispyCola

    CrispyCola GBAtemp Regular

    Member
    221
    37
    Feb 8, 2017
    United States
    Sand
    Safehax is now compatible with 11.3 (found here). This should (in my opinion) be updated to explain why the 3DS can't be downgraded on 11.4.
     
    Last edited by CrispyCola, Apr 12, 2017
  25. CupcakesForDinne

    CupcakesForDinne Newbie

    Newcomer
    3
    0
    May 17, 2012
    Apparently I had an account here and Chrome remembered it. Anyway I'm on 11.0.0-33E and all I get when I start Safehax is text that says "[!] PM INIT FAILED!" and you know it's serious because it's in red. Am I just stupid or am I missing something?