Hacking Switch Update 5.0.0 Released

[TheCyberQuake]

I understand the principal of a coldboot exploit and the strengths of it. I also understand the 3ds but I'm not referring to that right now - appreciate we do not know everything about it at this point but it gives you a permanent entry point in which you can exploit the target. We don't have the whole 9-11 handoff situation here we have essentially trustzone manipulation. If you have root at the start anything is potentially available (hardmod or not). The updates to the firmware are all mitigation tactics and not fixes. They're defensively coding against attack vectors. If this wasn't an issue i'd hazard a guess they would not have bumped a major version, blown a fuse and essentially made all new future software signed from the new key.

The bootrom vulnerability isn't an entry point at first. I keep using these examples because you aren't understanding that. In the 3ds, the bootrom is not an entry point until you use A SEPARATE entry point to install the bootrom exploit. Once the exploit is installed then yes it is an entry point. Once installed you have code execution at boot. But you need to install the exploit first, and then after you do that you have code execution at boot. Your fundamental understanding of how these things work is extremely flawed.
We don't have code execution at boot until we install the bootrom exploit, which in most cases requires code execution. And we don't get code execution at boot with bootrom until we install the exploit, meaning it will likely require code execution later in boot (ie with the browser after boot) in order to install the exploit and get code execution at boot.
Edit: most of this is talking about the 3ds exploit, and using it and basic understanding of electronics to explain why the exploit itself is patchable, but the method to access it and install it may be patchable (ie requiring any kind of code execution).
If it just had automatic code exec without requiring any previous code execution why would they still have been pushing for kernel and trustzone even after these bootrom exploits were known? Wouldn't bootrom have been the end all solution at that point?

 

[Kafluke]

The bootrom vulnerability isn't an entry point at first. I keep using these examples because you aren't understanding that. In the 3ds, the bootrom is not an entry point until you use A SEPARATE entry point to install the bootrom exploit. Once the exploit is installed then yes it is an entry point. Once installed you have code execution at boot. But you need to install the exploit first, and then after you do that you have code execution at boot. Your fundamental understanding of how these things work is extremely flawed.
We don't have code execution at boot until we install the bootrom exploit, which in most cases requires code execution. And we don't get code execution at boot with bootrom until we install the exploit, meaning it will likely require code execution later in boot (ie with the browser after boot) in order to install the exploit and get code execution at boot.

Yes and no. Example: The Wii u has an entry point through the browser that doesn't occurs at bootrom. I understand what you're saying though

 

[TheCyberQuake]

Yes and no. Example: The Wii u has an entry point through the browser that doesn't occurs at bootrom. I understand what you're saying though

Obviously you don't because that's not what I was saying. I was saying that the bootrom exploit is unpatchable, but may require methods of installation that are patchable, ie a browser exploit to install the bootrom exploit. We don't know the requirements to install, and thus shouldn't just update because "we have bootrom exploit"

 

[Kafluke]

Obviously you don't because that's not what I was saying. I was saying that the bootrom exploit is unpatchable, but may require methods of installation that are patchable, ie a browser exploit to install the bootrom exploit. We don't know the requirements to install, and thus shouldn't just update because "we have bootrom exploit"

Gotcha. Thanks for the clarification

 

[TheCyberQuake]

Gotcha. Thanks for the clarification

Sorry, just realized the first sentence may seem kinda aggressive, it wasn't intended as such. Hope you didn't take it that way

 

[Kafluke]

Sorry, just realized the first sentence may seem kinda aggressive, it wasn't intended as such. Hope you didn't take it that way

No worries. I dont get offended easily. I'm old school

 

[Testrak]

no

Yes you can at least for now. I am on 4.1 and updated Splatoon 2 today.

 

[Selim873]

Feel free to try. I do not have any archived SW, so I cannot test it but since it should work similar way (from home screen without e-shop), I would bet that it works. It just needs to be done before the next minor update.

Yep. Downloading archived software works as well! Using the ReSwitched DNS, and manually updated using the + menu. Software Updates > Re-Download Software. Good thing I chose to always archive my games. So much more convenient than going all the way back to the eShop to find then redownload my games.

 

[TheCyberQuake]

Yep. Downloading archived software works as well! Using the ReSwitched DNS, and manually updated using the + menu. Software Updates > Re-Download Software. Good thing I chose to always archive my games. So much more convenient than going all the way back to the eShop to find then redownload my games.

Except when the grace period ends and you no longer have access to your games. I just bought a massive SD card and buy physical when I can.

 

[Selim873]

Except when the grace period ends and you no longer have access to your games. I just bought a massive SD card and buy physical when I can.

Ah. I'll take advantage of this and download what I know I'll play for the next few weeks while I can then. I use a 64GB card in conjunction with the 32GB internal so it's enough for me. Though I plan to make the jump to 5.0.0 if we don't hear anything until South Park releases though. Since I planned to use the Switch clean in the first place. I'm only in it for translation patches to be honest. lol

 

[Onibi]

Ahough I plan to make the jump to 5.0.0 if we don't hear anything until South Park releases though. Since I planned to use the Switch clean in the first place. I'm only in it for translation patches to be honest. lol

Ah yes ... I have Doom, Xeno, Bayonetta IcE, Mario, BotW SP ALL waiting Southpark will be the next ...

I am in it for the retro gaming ... It's such a nice console for it Translation is nice too ^.^

The bootrom vulnerability isn't an entry point at first. I keep using these examples because you aren't understanding that. In the 3ds, the bootrom is not an entry point until you use A SEPARATE entry point to install the bootrom exploit. Once the exploit is installed then yes it is an entry point. Once installed you have code execution at boot. But you need to install the exploit first, and then after you do that you have code execution at boot. Your fundamental understanding of how these things work is extremely flawed.
We don't have code execution at boot until we install the bootrom exploit, which in most cases requires code execution. And we don't get code execution at boot with bootrom until we install the exploit, meaning it will likely require code execution later in boot (ie with the browser after boot) in order to install the exploit and get code execution at boot.
Edit: most of this is talking about the 3ds exploit, and using it and basic understanding of electronics to explain why the exploit itself is patchable, but the method to access it and install it may be patchable (ie requiring any kind of code execution).
If it just had automatic code exec without requiring any previous code execution why would they still have been pushing for kernel and trustzone even after these bootrom exploits were known? Wouldn't bootrom have been the end all solution at that point?

This leaves out the ability to use a Hardware trigger thou, which is what most people who updated to a point where too much was fixed in the code will likely eventually use. Otherwise correct thou.

 

[TheCyberQuake]

Ah yes ... I have Doom, Xeno, Bayonetta IcE, Mario, BotW SP ALL waiting Southpark will be the next ...

I am in it for the retro gaming ... It's such a nice console for it Translation is nice too ^.^



This leaves out the HW trigger, which is what most people who updated to a point where too much was fixed in the code will likely use. Otherwise correct thou.

My argument was for a software-based free entry, ie not the TX modchip or whatever the cost is to diy hardmod once it's open-source

 

[Onibi]

My argument was for a software-based free entry, ie not the TX modchip or whatever the cost is to diy hardmod once it's open-source

If you just re-read your post you don't really clarify that you mean SW only. That's why I wanted to clarify it. You argued that it is "not possible" - at that point you should at least mention HW so that people who just read your post know that nothing is lost forever on Rev.1

(Also JIY likely cost below 10 bucks ^^)

 

[TheCyberQuake]

If you just re-read your post you don't really clarify that you mean SW only. That's why I wanted to clarify it. You argued that it is "not possible" - at that point you should at least mention HW so that people who just read your post know that nothing is lost forever on Rev.1

(Also JIY likely cost below 10 bucks ^^)

It was clarified earlier in the string of replies between me and the other guy
But yes if you just read that post it would look like that.

 

[Jackson98]

5.0 has without a doubt added a bunch of new obstacles software wise to bypass, but the biggest concern should be if you don't already have a switch to pick one up soon. Like SciresM mentioned earlier its looking like Nintendo are going to release another console with an altered chip that is much more secure on a hardware level, then much larger problems arise.

 

[notimp]

In the field of psychology, the Dunning–Kruger effect is a cognitive bias wherein people of low ability suffer from illusory superiority, mistakenly assessing theircognitive ability as greater than it is. The cognitive bias of illusory superiority derives from the metacognitive inability of low-ability persons to recognize their own ineptitude; without the self-awareness of metacognition, low-ability people cannot objectively evaluate their actual competence or incompetence.[1]

https://en.wikipedia.org/wiki/Dunning–Kruger_effect

 

[T-hug]

Lots of name dropping in this vid!

 

[TheCyberQuake]

Lots of name dropping in this vid!

To bad some of his explanations are a bit off. Saw it earlier today, I'm subbed to him.

 

[notimp]

Video starts with the most idiotic statement possible. Video got that from this thread. Probably.

Statement reads: "Most people underwhelmed by 5.0.0 update, as it does nothing major "for us"."
5.0.0 in all likelyhood is a working attempt to get back to a closed system ecosystem for Nintendo. You know - nothing major...

If you are into the "updating thing" - because of all the "features" you get out of it, you havent understood a thing about software revisions and IT. If you want to suggest, that Nintendo should change their internal revision numbering, so externally it wouldnt signal something, that makes you think of features - because you were so indoctrinated by marketing to update because of features -- you... well, are wrong.

Probably shouldnt make youtube videos then, displaying your position. But who am I kidding here.. *rolleyes*

Also - that "name dropping thing"? Thats linkbait. Either tell us why you link this video - or dont. But don't hint at something thats not there. Or can be everything and anything at all.

"I subbed to him today."
Sure you did.
One person liked you subbing to him today.
Do it again tomorrow.

edit: Got bamboozled. Video creator did a bait and switch. He started with popular opinion of "whaaaa - no features", and then steered it into "actually one of the biggest updates Nintendo has ever done". Good for him. Hes "playing to his audience". Hes not wrong. I was. Because I paused earlier to post my "has everyone gone linkbaity mad?" epitaph.

edit: I take that "he is not wrong" part pack, the guy in the video is an idiot ("they have gone as far as changing the physical layout with that update, its ABSOLUTELY MASSIVE (and no - hes not talking about efuses)"). So why are people subbing and linking this crap, like its hot stuff?

 

[linuxares]

So many speculations. All we can do is wait for the big boys to say what can be done and not.