Hacking Question Does making my EmuNAND "dirty" affect my SysNAND in any way?

[SavXL]

Not necessarily a switch noob (have done a lot of research) but I haven't tried anything from any guide yet. Lacking hands-on experience.

[Before I say/ask anything, I just want to make it extremely clear that I have not modified my switch in any way, shape, or form, as I currently do not have the means to do, yet.]

Currently on Firmware 12.0.1 on an unpatched, unmodified, and unbanned switch.

I'm well aware that modifications to the sysNAND can very well get you banned if you're not careful, and I don't plan to modify my sNAND as having Atmosphère on my sNAND doesn't really seem worth it.

I also know that when you create an EmuNAND, it copies everything that was on your sNAND at the time of it being made. Games, data, accounts, wifi configurations, everything.

Here's where my questions begin:
- If I configured 90DNS on my sNAND and then created an eNAND, does that mean that I'm able to go online on my eNAND (Only for homebrew stuff since the entire point of 90DNS is to block communications to and from Nintendo) while still being able to do clean stuff (and go online w/o 90DNS) on my sNAND?

- This sorta ties in with my first question, but does being online with 90DNS (with airplane mode on) while in eNAND offer more protection, or does it not matter either way?

- Would installing NSP or XCI files on eNAND, making it dirty, affect my sNAND in any way whether I was offline or online with 90DNS? (Not sure if installing an nsp/xci of a homebrew application (like tinfoil) is majorly different from installing a pirated game (which I really don't plan on installing). Clarification would be extremely helpful!)

- Do I need to backup my sNAND, boot0 + boot1, and keys in Hekate even if I'm not going to be modifying my sysNAND? If what I've read is correct, my switch has zero chance of being bricked if my sNAND is clean and unaltered. Besides, if I somehow managed to brick my eNAND, couldn't I just make a new one based off of my clean sNAND and do the 90DNS setup beforehand? Is it just something I should do just to be safe?

Thank you for your time and responses! Any and all help I receive would go a long way!

 

[dotmehdi]

- If I configured 90DNS on my sNAND and then created an eNAND, does that mean that I'm able to go online on my eNAND (Only for homebrew stuff since the entire point of 90DNS is to block communications to and from Nintendo) while still being able to do clean stuff (and go online w/o 90DNS) on my sNAND?

90DNS, like its name suggests, is just a DNS, so you can turn it on on your emuNAND and keep irt off when returning to sysNAND. It's not specific to the console and does not modify the system. For exemple, I configured 90DNS on my home router to disable any access to Nintendo servers from any of my devices since I've been hacking a lot of consoles for my friends

- This sorta ties in with my first question, but does being online with 90DNS (with airplane mode on) while in eNAND offer more protection, or does it not matter either way?

If you are using 90DNS, there is no point keeping airplane mode, and vice versa, on. It's like protecting something that is underwater.. From fire

- Would installing NSP or XCI files on eNAND, making it dirty, affect my sNAND in any way whether I was offline or online with 90DNS? (Not sure if installing an nsp/xci of a homebrew application (like tinfoil) is majorly different from installing a pirated game (which I really don't plan on installing). Clarification would be extremely helpful!)

When you are on emuNAND, consider your internal NAND as disconnected. You can do whatever you want on your emuNAND, but remember that if you did not protect your PRODINFO partition and disabled 90DNS, you'll get banned as well as if you were hacking on sysNAND, because even on emuNAND your console's certs can be read by Nintendo if you allow it to happen.

- Do I need to backup my sNAND, boot0 + boot1, and keys in Hekate even if I'm not going to be modifying my sysNAND? If what I've read is correct, my switch has zero chance of being bricked if my sNAND is clean and unaltered. Besides, if I somehow managed to brick my eNAND, couldn't I just make a new one based off of my clean sNAND and do the 90DNS setup beforehand? Is it just something I should do just to be safe?

Whatever you plan to do : keep a backup of your console. And also, keep a backup of your emuNAND files (if its a partition, use emuTool to back it up on your pc)

My advice for you would be to use Incognito_RCM on your emuNAND so you won't have to bother about all this, though you can still use 90DNS to make sure your console is safe from banning when using it on cfw.

 

[SavXL]

When you are on emuNAND, consider your internal NAND as disconnected. You can do whatever you want on your emuNAND, but remember that if you did not protect your PRODINFO partition and disabled 90DNS, you'll get banned as well as if you were hacking on sysNAND, because even on emuNAND your console's certs can be read by Nintendo if you allow it to happen.

What exactly is PRODINFO? I've heard of it but never got a proper explanation about what it was and what it did. How exactly would I go about protecting it so that I can do whatever on eNAND and not worry about getting hit with the ban hammer?

 

[dotmehdi]

PRODINFO is a raw binary blob containing the main calibration data, which ranges from hardware IDs to system keys.

Basically, blanking this specific part of the system using Incognito.nro, Incognito_RCM or NxNandManager will "hide" your Switch from Nintendo's ninjas (though this method cannot be 100% working since we don't know if Nintendo can identify our consoles with other methods). It's called the "Incognito" method, and this is the one I've been using with all the consoles I've hacked, and for the moment, none of my friends have had his console banned.

For more safety, you can use the Incognito method associated with 90DNS on emuNAND.

Don't forget to keep your PRODINFO backup safe of course.

EDIT : My bad, I said Lockping instead of Incognito...

 

[M7L7NK7]

If emunand affected sysnand then it would be pointless to even use

 

[SavXL]

Basically, blanking this specific part of the system using Lockpick, Lockpick_RCM or NxNandManager will "hide" your Switch from Nintendo's ninjas (though this method cannot be 100% working since we don't know if Nintendo can identify our consoles with other methods). It's called the "Incognito" method, and this is the one I've been using with all the consoles I've hacked, and for the moment, none of my friends have had his console banned.

For more safety, you can use the Incognito method associated with 90DNS on emuNAND.

Don't forget to keep your PRODINFO backup safe of course.

Ahh, how interesting! I did some research on this and also found a payload called Incognito_RCM, which seems to be heavily inspired from or based off of Lockpick_RCM. Is there an advantage to using one over the other, or are they mostly the same thing?
(Also, thank you very much for taking the time to answer my newbie questions. You've been a great help to me! ^^)

 

[xs4all]

Why risk banning a perfectly working unpatched Switch?

SysNAND: Keep SysNand untouched and use for legit stuff, for eShop purchased, retail games and Nintendo Online Sub.
EmuNAND: Do all your dirty stuff on EmuNAND, and STAY OFFLINE.

This is how I done it.

On SysNAND, delete all WIFI settings, Turn AirPlane ON, then create EmuNAND, as you stated, this creates a CLONE image of your SysNAND into EmuNAND. If you leave Wifi settings as is, once you boot into EmuNAND, your EmuNAND will connect to your WIFI network and phone home back to Nintendo to collect data and risk BAN. Yes you could turn OFF your WIFI, but deleting WIFI and put into Airplane mode just to be safe.

Once the EmuNAND has been created and you successfully boot into EmuNand, go to the Settings options and change the THEME to DARK, this way you will know what NAND your in. WHITE theme is your SysNAND for all your legit stuff, and booting into your EmuNAND will be DARK theme for all your dirty/pirate stuff.

I don't care what other people say, using CFW/EmuNAND online is NO NO for me, even using all the preventive stuff, it's not 100% safe, why risk it. Yes there are people using CFW/EmuNAND online for ages and have not been banned, they are just lucky I guess, it's just a matter of time. Even using EmuNAND completely offline might not be 100% safe, what's stopping from Nintendo scanning your SD CARD for files related to CFW/EmuNAND stuff? This is something they could do easily but for some reason choose not to. If this is the case, every modded Switch will be banned.

Once EmuNand is all setup boot back into SysNAND and connect to your Wifi again, now you have the best of both words.

I'm using SX OS by the way, same rule applies to Atomsphere.

 

[saltypepper]

what's stopping from Nintendo scanning your SD CARD for files related to CFW/EmuNAND stuff?

I'm pretty sure there's legal issues actually regarding this and even if they were to do this they would need to update their EULA about this

 

[SavXL]

If emunand affected sysnand then it would be pointless to even use

Fair point!

 

[Draxzelex]

Ahh, how interesting! I did some research on this and also found a payload called Incognito_RCM, which seems to be heavily inspired from or based off of Lockpick_RCM. Is there an advantage to using one over the other, or are they mostly the same thing?
(Also, thank you very much for taking the time to answer my newbie questions. You've been a great help to me! ^^)

Lockpick_RCM and Incognito_RCM are not derived from one another and have 2 completely different functions. The purpose of Lockpick_RCM is to dump keys for various uses while Incognito_RCM applies a self-imposed ban.

 

[The Real Jdbye]

I'm pretty sure there's legal issues actually regarding this and even if they were to do this they would need to update their EULA about this

Not sure on that but Niantic did a similar thing detecting certain files on the SD in order to tell if a device is rooted and they got away with it so...
I'd suggest to those who are paranoid about that to take out the CFW SD before booting into OFW. Then there is really no possible way for Nintendo to detect CFW usage.