Let's say someone manages to crack the BOOTROM security someday. What would that allow us to do that we can't do even now? From what I heard it allows us to get the normal keys but idk what all of them would be useful for.
nothing else that a9lh doesn't already allow us to do.otp dumping a coldboot... nothing else.
No, it won't allow us to sign software, only real coldboot, loading code before the start of sysprot9, allowing us to dump otp at coldboot(thing that we'll not need anymore)Basically it would remove any remaining security allowing us to decrypt content without the 3ds and allowing us to "sign" software to run without the need for an exploit.
seriusly you think that the bootrom doesn't contain code?How do you expect to dump anything with a coldboot if you can't run code? With the bootrom broken and the keys used to sign the content available we should be able to decrypt abd reencrypt any part of the system modifying it as we please. If the bootrom protection is defeated all signing checks will mean nothing to developers. I'm certain of this statement.
Otherwise how could you load the 3ds kernel and firmware? LOLseriusly you think that the bootrom doesn't contain code?
you do know that the signing keys are no where on the 3ds, right ? the keys available are only for decryption, all signature would be invalid without the private signing keys in some nintendo bunkerHow do you expect to dump anything with a coldboot if you can't run code? With the bootrom broken and the keys used to sign the content available we should be able to decrypt abd reencrypt any part of the system modifying it as we please. If the bootrom protection is defeated all signing checks will mean nothing to developers. I'm certain of this statement.
Thanks for clearing this up guys. I thought it would allow for something cool like running a true cfw that is very different from nintendo's but that seems to not be the case.
Well that is possible you know. Everything besides the bootloader is replaceable.Thanks for clearing this up guys. I thought it would allow for something cool like running a true cfw that is very different from nintendo's but that seems to not be the case.
What about Linux?Thanks for clearing this up guys. I thought it would allow for something cool like running a true cfw that is very different from nintendo's but that seems to not be the case.
arm9 control does this. we've had that for a while.I'm well aware of this. I'm saying that to defeat the bootrom requires one of 2 things either you must exploit it it's self or manage to pass its signature checks regardless this would ultimately defeat all signature checks allowing us to do as we please to the device.
no, he does not mean to patch the ckecks, he means to remove the checks from the OS itself.arm9 control does this. we've had that for a while.
no, he does not mean to patch the ckecks, he means to remove the checks from the OS itself.