Hacking Firmware status

[g00s3y]

Is a switch with 1.0.0 still worth keeping, or a 3.0.0 more useful?

I have one of each, and have no need to keep both.

I don't care about playing online with it, that's what my main switch, with legally purchased games, is for. I just want whichever is actually more useful for homebrew/piracy/emulation.

 

[M7L7NK7]

Is a switch with 1.0.0 still worth keeping, or a 3.0.0 more useful?

I have one of each, and have no need to keep both.

I don't care about playing online with it, that's what my main switch, with legally purchased games, is for. I just want whichever is actually more useful for homebrew/piracy/emulation.

Obviously 1.0.0 has more vulnerabilities so just keep that

 

[g00s3y]

Obviously 1.0.0 has more vulnerabilities so just keep that

Yeah, I know all the obvious stuff. I haven't kept up with everything as so much is still developing. I'm not in any rush for it, I barely play my regular switch as it is.

I was mainly wondering about emulating the NAND. I remember at first it was only 1.0.0 would be able to do so, and now it's seems like it may be able to happen with any firmware, on the pre patched units of course.

 

[kkcheong]

With superban going on, is updating firmware the right thing to do before hacking?

 

[Hayato213]

With superban going on, is updating firmware the right thing to do before hacking?

For now probably yea, before you do any hacking, since 5.1.0 is hackable.

 

[aos10]

(cc/credit @DavidMarcec) If you're into Switch RE, you may want to consider picking up a copy of Bloons TD 5. :)

(Amusingly, the ELF is 340 MB...the entire rest of the game is <200. A majority of DL bandwidth for the game is this unstripped ELF.) pic.twitter.com/9w5Ywgka3j

— Michael (@SciresM) August 28, 2018

Tsk tsk tsk

@SciresM

 

[kkcheong]

For now probably yea, before you do any hacking, since 5.1.0 is hackable.

Thanks. Need to update before another is out. We never know what we gonna get.

 

[PolloDiablo]

"Mitigations against deja vu"
Does that means that Deja Vu still works on 5.1.0?
Can someone confirm this?

 

[M7L7NK7]

Yeah he posted it in the reswitched discord

 

[NoNAND]

I have a 5.1.0 switch am i too hopeless for coldboot and is it possible to downgrade to 5.0.0 even i already have burn fuses?

 

[Xyphoseos]

Can anyone tell me why switch hack are named with french word ?

 

[Draxzelex]

I have a 5.1.0 switch am i too hopeless for coldboot and is it possible to downgrade to 5.0.0 even i already have burn fuses?

So far, there are no other coldboot exploits confirmed to be theoretically possible for firmwares 3.0.2 and above. In the distant future, its possible another coldboot exploit is discovered that works on firmwares 5.X and below but there is no telling when such an exploit will be found or if its even possible. I should also mention that the current exploit is a type of coldboot.

Can anyone tell me why switch hack are named with french word ?

Most of the members of the ReSwitched team are French and they are the ones who discovered majority of the exploits, especially the unreleased warmboot ones.

 

[Lacius]

"Mitigations against deja vu"
Does that means that Deja Vu still works on 5.1.0?
Can someone confirm this?

We always knew that parts of Deja Vu still existed on 5.1.0, which is why the exploit chain has been kept private. People want to use Deja Vu to poke around future systems that aren't vulnerable to Fusée Gelée and are on 5.0.0 or higher. If 6.0.0 finishes off Deja Vu, then we might get an earlier release.

I have a 5.1.0 switch am i too hopeless for coldboot and is it possible to downgrade to 5.0.0 even i already have burn fuses?

It is possible for you to downgrade to 5.0.0, since 5.0.0 and 5.1.0 have the same number of expected efuses, but there's no point in doing so. 5.0.0 will probably never see a coldboot exploit. As far as anybody is aware, an untethered coldboot exploit is theoretically possible on 3.0.2 or lower, but it will probably be years before one is developed, if ever.

So far, there are no other coldboot exploits confirmed to be theoretically possible for firmwares 3.0.2 and above. In the distant future, its possible another coldboot exploit is discovered that works on firmwares 5.X and below but there is no telling when such an exploit will be found or if its even possible. I should also mention that the current exploit is a type of coldboot.

An untethered coldboot exploit is theoretically possible on 3.0.2, and if it weren't, 3.0.2 is easily downgradable to 3.0.1.

 

[Xyphoseos]

So far, there are no other coldboot exploits confirmed to be theoretically possible for firmwares 3.0.2 and above. In the distant future, its possible another coldboot exploit is discovered that works on firmwares 5.X and below but there is no telling when such an exploit will be found or if its even possible. I should also mention that the current exploit is a type of coldboot.
Most of the members of the ReSwitched team are French and they are the ones who discovered majority of the exploits, especially the unreleased warmboot ones.

I heard about "nouveau" on twitter, what's it ?

 

[Draxzelex]

An untethered coldboot exploit is theoretically possible on 3.0.2, and if it weren't, 3.0.2 is easily downgradable to 3.0.1.

I know what you are referring to but the firmware that SciresM stated has access to the untethered coldboot is on firmwares <3.0.2 meaning its firmwares 3.0.1 and below. If it was firmwares 3.0.2 and below, he would have used the less than or equal to sign not the less than sign.

Spoiler: Source

 

[Lacius]

I know what you are referring to but the firmware that SciresM stated has access to the untethered coldboot is on firmwares <3.0.2 meaning its firmwares 3.0.1 and below. If it was firmwares 3.0.2 and below, he would have used the less than or equal to sign not the less than sign.

Spoiler: Source

I don't remember where I read it, so that could be it. Regardless, 3.0.2 is still downgradable to 3.0.1 since they have the same number of expected burnt efuses.

 

[V-Temp]

My understanding was that Deja Vu was only confirmed to work <5.0.0, and it had not been thoroughly tested beyond that but it was known to have been broken in how it was executed <5.0.0 with 5.0.0, so the exploit exists but the execution chain no longer did as previously known. No other exploit chain had been tested/found but the underlying flaw persisted.

6.0.0 makes this even HARDER to execute and realize. The exploit still exists, as it appears to not be something that Nintendo can fix and is a flaw either in nVidia's work (again) or a quirk, but it is being made effectively inert. As of 5.0.0 it was 'inert' in that no exploit chain to leverage it remained publicly known, and now it is harder still to leverage it.

The subtle changes to Mariko in the firmware may even be related to fixing this outright.

 

[Amingo]

I don't remember where I read it, so that could be it. Regardless, 3.0.2 is still downgradable to 3.0.1 since they have the same number of expected burnt efuses.

Will upgrading from 3.0.0 to 3.0.1 burn any fuses? Because i really wanna play Super Mario Odyssey but stay on the lowest FW possible and still have a chance to go back to 3.0.0 later.

 

[Draxzelex]

Will upgrading from 3.0.0 to 3.0.1 burn any fuses? Because i really wanna play Super Mario Odyssey but stay on the lowest FW possible and still have a chance to go back to 3.0.0 later.

Yes.

Source: http://switchbrew.org/index.php?title=Fuses#Anti-downgrade

 

[Lacius]

Will upgrading from 3.0.0 to 3.0.1 burn any fuses? Because i really wanna play Super Mario Odyssey but stay on the lowest FW possible and still have a chance to go back to 3.0.0 later.

You can update to 3.0.1 (or 5.1.0) without burning any fuses using ChoiDujourNX, and as long as you keep AutoRCM installed, you will be able to downgrade back to 3.0.0 at any time.