Hacking Would it be possible to modify the Nand Dump to downgrade the firmware and restore it?

[Spazturtle]

Do you really think they would exclude that from the signature check?

If the e-fuse check is done after the signature check then you just have to apply the patch after the signature check is done. If the e-fuse check is done before then you just do the patch, then undo the patch before the signature check.

 

[Jayro]

What would downgrading get you?

There is no point in downgrading. A fully working Emunand or CFW with signature patches is the best case scenario.

As has previously been stated the FW checks that the number of burnt efuses match the hardcoded figure in the firmware. If not a kernel panic and ensues and your switch is effectively dead.

Efuses are impossible to revert back to their unburnt state once tripped. There would be no benefit from running a downgraded OS anyway as you lose the ability to play game that require a newer FW.

Once Scires finishes Atmosphere we will see what benefits we get and where others can expand on the work.

That's what Luma3DS uses, right?

 

[sweatbox]

Well if I remember back to 3DS a9lh times, it was necessary to downgrade to 2.1 for otp dump. After getting this keys you had to go back installing the a9lh and could use cfw.

When i get it right the idea is, if cfw needs 1.0.0 for getting permanent/cold boot function it would be nice to downgrade.

It maybe will be possible to boot cfw in RCM mode, downgrade,install there a permanent cfw and update after that.
But thats all speculations. Just let us wait for what will come.

 

[TerraPhantm]

Well if I remember back to 3DS a9lh times, it was necessary to downgrade to 2.1 for otp dump. After getting this keys you had to go back installing the a9lh and could use cfw.

When i get it right the idea is, if cfw needs 1.0.0 for getting permanent/cold boot function it would be nice to downgrade.

It maybe will be possible to boot cfw in RCM mode, downgrade,install there a permanent cfw and update after that.
But thats all speculations. Just let us wait for what will come.

RCM mode allows us low level access to pretty much everything. So it'll never be necessary to downgrade for the sake of dumping data (and even if it was, RCM will allow us to temporarily boot into any firmware version). It will never be possible to cold boot into a firmware version that requires fewer burned fuses, unless a low level signature flaw is discovered (in which case you can change the number of fuses expected).

 

[BL4Z3D247]

The only good reason downgrading would be worthwhile would be to have the "holy grail" CFW(possibly 1.0.0 only) Kate had mentioned back in the Fusée Gelée FAQ.

 

[reminon]

I don't see 1.0.0 holding anything of value over other firmware in the future. Right now it has a full software exploit chain to boot cfw, but something will come that will untether cfw on all firmware for non-Mariko hardware. None the less, I'll still stay on 3.0.0 in the meantime for hbmenu, untill booting patched firmware becomes more readily available.