Hacking Atmosphere out... Update now or wait for coldboot?

[noctis90210]

I read some articles that states they are waiting for atmosphere for coldboot,
and coldboot will only be possible on lower firmware (4.1.0 i think, correct me if im wrong).

i dont know if this is official statement by atmosphere developers or just a speculation by someone.

since atmosphere is already available, but in early stages yet and no coldboot function yet...
can we update to latest firmware and still able to apply coldboot once available?
or do we really need to wait for coldboot before updating to latest firmware?

hope developer @SciresM could give us info and help us what to chose...

anyway, thanks @SciresM and the rest of atmosphere team for great contribution to switch RE community...


EDIT: since i have to idea about warboot coldboot differences, what i mean on this topic is boot switch instantly to CFW once power on was pressed, no external hardware needed... no jig, no pc, no android, no usb... ... ... ... although jig might be acceptable...

 

[Kubas_inko]

They are more likely waiting for warmboot (cause coldboot might never happen, but is possible, currently, up to 3.0.1 I think).
Warmboot should work up to 4.1.0.
You can update via choidujourNX, while keeping your fuse count, so that you can later downgrade for the warmboot/coldboot.
And even after coldboot, updates might not be possible (only for EmuNAND).

 

[Draxzelex]

• We already have coldboot via Fusee Gelee which is the exploit used to currently launch Atmosphere
• Those articles were referring to the warmboot exploit known as Deja Vu which hasn't been fully patched out on higher firmwares but currently fully works on firmwares 4.1 and below
• You can update your firmware without burning fuses by using the homebrew application ChoiDujourNX which will allow you to downgrade back to your original firmware in the future when another exploit is released
• Tagging a developer not just once but twice will not make him answer your questions faster. In fact, he usually does not waste spending time answering random questions

 

[ShadowOne333]

I think he is referring to a tetherless coldboot exploit, aka no RCM aka no jig aka no injecting payload everytime.
That's what I'm looking forward to as well, a tetherless way to enter CFW directly from coldboot.
Besides, AutoRCM functions in such an odd way and it does bring a lot of cons instead of pros, to which I would much rather pass on.

 

[Asia81]

I think he is referring to a tetherless coldboot exploit, aka no RCM aka no jig aka no injecting payload everytime.
That's what I'm looking forward to as well, a tetherless way to enter CFW directly from coldboot.
Besides, AutoRCM functions in such an odd way and it does bring a lot of cons instead of pros, to which I would much rather pass on.

That's also what I want.
What's the name of b9s/a9lh for switch version?
warmboot? coldboot? I'm lost.

 

[ShadowOne333]

That's also what I want.
What's the name of b9s/a9lh for switch version?
warmboot? coldboot? I'm lost.

Coldboot.
Warmboot refers to a way of launching homebrew from waking up from sleep mode iirc.

 

[mikefor20]

• We already have coldboot via Fusee Gelee which is the exploit used to currently launch Atmosphere
• Those articles were referring to the warmboot exploit known as Deja Vu which hasn't been fully patched out on higher firmwares but currently fully works on firmwares 4.1 and below
• You can update your firmware without burning fuses by using the homebrew application ChoiDujourNX which will allow you to downgrade back to your original firmware in the future when another exploit is released
• Tagging a developer not just once but twice will not make him answer your questions faster. In fact, he usually does not waste spending time answering random questions

Correct me if I am wrong, haven't read everything in the last few days but.

The Cold boot referred to is the ability to turn on the system and have it boot straight in to CFW. While it may exist in private,up to 3.X, AFAIK we do not have it now public. There is a dongle or computer required at cold boot.

Warmboot Is the ability to initiate CFW booting without a dingle after boot. Start the system, run a channel or app (browser?) and it boots CFW. Also not released AFAIK

ChoiDuJourNX will update your system without fuses and install Auto RCM so Horizon can't burn your fuses, however, you can still burn your GC Slot fuse. Rendering it useless on 3.0.2 and below. Hekate has a NOGC patch (Atmo has it too) that disables the cart slot on these higher firmwares and prevents the GC Slot fuses from burning. SXOS has no protection for this. AFAIK even in EmuNAND you will burn this fuse if you boot in to firm over 3.X. Once the fuse is burned you will not have Game Cartridge Slot (GC SLOT) fuse and the slot will not work on 3.X or below. But with the patch to protect it you won't have the slot on 4.x or above.. This only matters if you are on a firmware lower than 4.0 of course.

While it may be true that bothering people rarely gets a response, trolling people for asking a valid question won't get you any props. Just saying.

I am fairly up to date. I haven't tried Atmo 7.0 yet and see no evidence that Cold or Warm boot was released with it. Know something that I don't? I am all ears.

I read some articles that states they are waiting for atmosphere for coldboot,
and coldboot will only be possible on lower firmware (4.1.0 i think, correct me if im wrong).

i dont know if this is official statement by atmosphere developers or just a speculation by someone.

since atmosphere is already available, but in early stages yet and no cold-boot function yet...
can we update to latest firmware and still able to apply cold-boot once available?
or do we really need to wait for cold-boot before updating to latest firmware?

hope developer @SciresM could give us info and help us what to chose...

anyway, thanks @SciresM and the rest of atmosphere team for great contribution to switch RE community...

To answer OPs Questions

Cold boot is only gonna work on Firmware below 4.0. someday,maybe.. So NO you can't update if you want cold-boot in the future.(At this point,never say never but who knows.)

No you do not need to wait if you don't want cold-boot. If you want cold-boot then Yes you need to wait to update.

NEVER update unless there is a good reason (SMO was mine) IMHO

Cheers!

 

[BL4Z3D247]

Coldboot.
Warmboot refers to a way of launching homebrew from waking up from sleep mode iirc.

I thought warmboot referred to launching CFW while already booted into Horizon, for example via the browser.

Actually, I do remember another warmboot senario involving waking up from sleep mode. I believe the OP is reffing to the warmboot regarding the booting of CFW.

 

[ShadowOne333]

I thought warmboot referred to launching CFW while already booted into Horizon, for example via the browser.

Actually, I do remember another warmboot senario involving waking up from sleep mode. I believe the OP is reffing to the warmboot regarding the booting of CFW.

Well yeah, waking up from sleep is one warmboot way of doing it, but there might be others, like deja vu and the Switch's browser applet, and perhaps others we are not sure.
I think the News method for 1.0.0 is another one.

But still, we don't have any proper coldboot method that doesn't require external hardware.

 

[M7L7NK7]

We need a sign that says "keep waiting and use ChoiDujour unless you like regrets"

 

[Mysuke]

An exploit without the need of external tools would be nice. However i don't see the point of holding back so i just made a nand backup and updated with ChoiDujourNX. Unless you got one of the patched units...

 

[mikefor20]

FYI. Cold boot is when you turn on the system and it boots directly in to CFW from a completely powered down, or cold, state.

Warm boot would be when you boot in to OFW (Horizon) normally first then run an app or something that triggers the CFW. Like running HEN through the browser on PS4. Or Gateway through the NDS profile back in the day. The CFW was loaded while the device was in a powered on, or warm, state.

I see this confused all the time here. No surprise really. CFW isn't really firmware. In most scenes it's a COS or custom operating system. The firm on firmware usually means it's low level instructions written to a chip. Seems to me, this is more of a custom OS.. But whatever I guess...

 

[bundat]

Isn't FG the "coldest" a cold boot can get?
It loads even before the read-only unupdatable bootloader, so that it can even be replaced.
I don't think it gets any "colder" than that.
I don't think we'll be getting any exploit that loads just as early (or at least, early enough to prevent fuse programming/burning).

It's just that it's tethered.

Isn't the only unreleased exploit we are waiting for, in the form of deja vu, an untethered warmboot exploit. Afaik, it involves injecting the exploit via a web page or something of the sort (which has to be done every time as well).

If Horizon has already loaded, and you even have a web browser available, that's a pretty "warm" entry point for a "boot". Definitely not early/"cold" enough to prevent burning fuses.

Getting another tetherless coldboot exploit for the Switch seems to be too hopeful... I think that would require another Tegra bug (and not a Nintendo/Horizon bug), which is quite unlikely imo.

 

[mikefor20]

Isn't FG the "coldest" a cold boot can get?
It loads even before the read-only unupdatable bootloader, so that it can even be replaced.
I don't think it gets any "colder" than that.
I don't think we'll be getting any exploit that loads just as early (or at least, early enough to prevent fuse programming/burning).

It's just that it's tethered.

Isn't the only unreleased exploit we are waiting for, in the form of deja vu, an untethered warmboot exploit. Afaik, it involves injecting the exploit via a web page or something of the sort (which has to be done every time as well).

If Horizon has already loaded, and you even have a web browser available, that's a pretty "warm" entry point for a "boot". Definitely not early/"cold" enough to prevent burning fuses.

Getting another tether-less coldboot exploit for the Switch seems to be too hopeful... I think that would require another Tegra bug (and not a Nintendo/Horizon bug), which is quite unlikely imo.

Tether-less cold boot is the holy grail, it has been said that a true cold-boot is possible up to 3.0.2 but might not happen. Several times. By BIG devs. Just sayin.

My real point was gonna be that Sleep mode is not cold boot I never got there. Happens.. Distracted.

Back to the topic! What firmware is the highest without losing functionality hacks wise? I am currently 3.0.1. I was told a couple weeks ago by some well established devs not to go past 3.0.2. People say not to update. My thing is IF I update with Choi/ Auto RCM ill burn that GC fuse. Or get stuck on free CFW with the slow NoGC patch. Is the NOGC patch still SLOWWW? I like SX OS enough, XCI is way better IMHO. What you guys think? Maybe SX will steal the NOGC or better yet someone will release EmuNAND and XCI loading for Atmosphere. I would be so happy.

 

[bundat]

Tether-less cold boot is the holy grail, it has been said that a true cold-boot is possible up to 3.0.2 but might not happen. Several times. By BIG devs. Just sayin.

Can you link me (i.e. to a twitter/reddit post or a GBATemp post)? I only know of deja vu being unreleased, so I'm HIGHLY interested in any other possible unreleased exploits.

however, you can still burn your GC Slot fuse. Rendering it useless on 3.0.2 and below. Hekate has a NOGC patch (Atmo has it too) that disables the cart slot on these higher firmwares and prevents the GC Slot fuses from burning. SXOS has no protection for this. AFAIK even in EmuNAND you will burn this fuse if you boot in to firm over 3.X. Once the fuse is burned you will not have Game Cartridge Slot (GC SLOT) fuse and the slot will not work on 3.X or below.

• GC firmware upgrade/downgrade is not actually an efuse block. Check out CTCaer's posts I quoted here:
  • https://gbatemp.net/threads/prevent...r-4-0-and-sx-os-question.516771/#post-8259379

• SX OS seems to have some sort of nogc functionality (although undocumented), see json's post here (and json seems to be a reliable source of info, having dissected SX OS emunand before hexkyz among other things):
  • https://gbatemp.net/threads/does-sx-os-prevent-updating-game-card-firmware.517892/#post-8285354

 

[Maupiti]

Coldboot already exists... with an internal modship...

 

[snoofly]

Coldboot already exist... with an internal modship...

good point. to all intents and purpose it gets the same result. it’s just not a software coldboot like b9s

 

[Creatable]

Coldboot already exists, it's just that we don't have a tetherless coldboot exploit. If you mean that, I would stay on 4.1.0.
Coldboot by definition is the ability to run your own code at boot, it doesn't mean automatically at boot.

 

[Maupiti]

good point. to all intents and purpose it gets the same result. it’s just not a software coldboot like b9s

I always prefered software solutions...more « elegant « to my point of view... but sometimes only hardware solutions are possible (my Fat Xbox360 Jtag...)

I’m on 4.0.1 (updated 5.1 with ChoiDujourNX) and will stay IF...

 

[solitaire4eva]

Just what I was thinking. Just put a chip in there or have someone install it for you. Just waiting for a free alternative is funny AF. It may come the end of this year or in the next few years. Then when it comes, what Firmware will it support? What firmware will the actual Nintendo Switch Be on and what firmware will the games require? Sounds silly as hell waiting for a cold boot, but each to their own. Good luck!

Coldboot already exist... with an internal modship...