Hacking 3ds security hint at CCC talk?

[totalnoob617]

here is a talk from the CCC where the speaker says that the 3ds wil perform firmware integrity checks and brick itself if it finds the fw was altered, i dont know if he is just speaking about rumour or if he has some 1st hand info ,this is not a console or 3ds hacking talk though ,i just found it interesting
oh if you dont feel like watching it all you can skip to about 19:00 where he mentions it

 

[yuyuyup]

he talks about that shit like it's common knowledge, I bet that idiot is talking out of his ass

 

[wchill]

he talks about that shit like it's common knowledge, I bet that idiot is talking out of his ass

At CCC, this kind of stuff is common knowledge.

 

[Vigilante]

he talks about that shit like it's common knowledge, I bet that idiot is talking out of his ass

Well allot of people at the CCC are techwizes so its easy to say the people there understand what he is saying.

 

[lestatbytes]

i hate this word = "Brick"

 

[soopahfly]

I understand what he's talking about.
Lots of interesting points too.

 

[McHaggis]

You don't need to alter the firmware to hack the console, though. An exploit is something that already exists in the firmware, waiting to be found, so homebrew can still be created if the someone successfully exploits it. This just means it's less likely we'll see a permanent solution/"homebrew channel", unless these integrity checks can be disabled.

I'd imagine such integrity checks would take a while to perform (calculating hashes of each file and checking them against a list?), so if this is true maybe it only happens during sleep mode.

 

[BrightNeko]

Its reasons like that I think I will buy another 3DS if a hack comes out.

 

[Rydian]

I'd like to see what sort of tests were done to confirm that. While other things he mentioned (like the Sony/BMG rootkit fiasco) have plenty of documentation, this is the first I've heard of this and that's a serious accusation.

 

[wchill]

You don't need to alter the firmware to hack the console, though. An exploit is something that already exists in the firmware, waiting to be found, so homebrew can still be created if the someone successfully exploits it. This just means it's less likely we'll see a permanent solution/"homebrew channel", unless these integrity checks can be disabled.

I'd imagine such integrity checks would take a while to perform (calculating hashes of each file and checking them against a list?), so if this is true maybe it only happens during sleep mode.

I'd imagine these integrity checks happen twice: once before the installation of any software and again before its execution (otherwise, what's the point of the Nintendo 3DS loading screen when you start a game?)
Anyway, all theories should go here: http://gbatemp.net/topic/307018-awesome-3ds-hacking-theories/

 

[ShadowSoldier]

he talks about that shit like it's common knowledge, I bet that idiot is talking out of his ass

Lol at the stupidity in your post. You really don't know a thing about them, do you?

 

[Deleted-236924]

If the 3DS performs an integrity check, then all we'd have to do is to find where those integrity checks are done and disable them.
(I know, easier to say than do. But if someone manages to make a CFW that would work, surely they'd be able to do that as well.)

 

[Zetta_x]

How about a future firmware update? How do you disable integrity checks if you download a new firmware? Block new firmware access...

 

[wchill]

Again, http://gbatemp.net/topic/307018-awesome-3ds-hacking-theories/

Go THERE for hacking theories. This thread should be for discussing the CCC talk, not for discussing how to hack the 3DS.

 

[indask8]

the speaker says that the 3ds wil perform firmware integrity checks and brick itself if it finds the fw was altered.

This wouldn't surprise me, the PSP 2000/3000 and so on does something like that, this is why it took some time (the time to find the signing keys) to get permanent CFW on those newer PSP.

 

[totalnoob617]

well i seriously doubt the 3ds is doing fw integrity checks at any time besides right before you update the fw and right after , there not going to brick a console if its running a cfw if your just using it, i hightly doubt it, i think they would however make it so if you have or have previously installed a cfw and then you try to update to a new fw that it will brick it or not allow you to update to the new fw

also i think the best way to hack the 3ds is to be able to sign code and not have to use a cfw, or just have a flachcart like crown that is a clone card ,and then maybe have seperate hack where someone figures out how to decrypt the 3dsware and resign it ,we need to get something like geohot got but never released , a real signing tool and not a fake sign where we can run code like its officially signed ,and not need an exploited cfw to do it
i mean i never got into the psp scene but cant they do that now with psp? isnt that what the kirk keys found recently in the ps3 allowed you to do?

 

[wchill]

well i seriously doubt the 3ds is doing fw integrity checks at any time besides right before you update the fw and right after , there not going to brick a console if its running a cfw if your just using it, i hightly doubt it, i think they would however make it so if you have or have previously installed a cfw and then you try to update to a new fw that it will brick it or not allow you to update to the new fw

The 3DS does integrity checks on all software. Firmware integrity checks are, of course, done before you update the firmware and right after it is installed. Basically before it is installed and before you use it.
Not 100% sure about bricking, however. There was a huge discussion on that, but meh.

 

[DeMoN]

Yep, this topic has been discussed to death already, and the fact that some guy mentioned it again at that convention isn't significant.

 

[Deleted-236924]

They can't make your system brick from a firmware update if the only thing you've done is use a flashcard.
However, I don't see what stops them from making the system brick from having an unauthorized modified firmware written to the system.

 

[totalnoob617]

yeh but i only think it would do a fw integrity check during a fw update , i doubt its going to do random fw checks all the time,