Anyone out there trying to get the bootloader keys ?

Discussion in '3DS - Flashcards & Custom Firmwares' started by Idaho, Nov 30, 2014.

  1. Idaho
    OP

    Idaho GBAtemp Advanced Fan

    Member
    672
    402
    Oct 3, 2013
    France
    So afaik the boot session on the 3DS is encrypted and that's why we can't directly flash a CFW on our 3DS.
    Flashing a CFW to the NAND would result as a failure as the boot-loader wouldn't recognize it as official because it'd be unsigned and that we don't have a way to extract the keys needed to sign it.

    As I still hope that one day we'd be able to do such a thing and not being stuck with workarounds that breaks functionalities in the 3DS (DS mode compatibility) or have sometimes a non convenient use (having to relaunch the exploit every time we need to go in the system settings), I'd like to know if some people are working on it or if there's even a few hints at how to obtain this holy Graal ?

    inb4 do it yourself (I'm just a random user that'd like to know how what the scene is focusing on)
     
  2. hippy dave

    hippy dave Butts Butts Megabutts

    Member
    2,587
    1,802
    Apr 30, 2012
    Infiltrate Nintendo. Go go go!
     
  3. iCEQB

    iCEQB GBAtemp Advanced Fan

    Member
    682
    447
    Nov 2, 2013
    United States
    If I had to guess, it's not the keys to de-/encrypt the bootchain which matters here, since they can be acquired if you have the right setup (Gateway has afaik -> hence all the newest emuNAND update capabilities) ... it's the signature we can't fuss with.
    Look at the 360, we can get every single key out of that console and still we can't boot into an unsigned bootchain w/o hardware modifications / hacks.
    The PS3 is a different story, because we can actually calculate the private keys and sign our own bootchain.

    I honestly can't tell you for sure since I know almost nothing about the 3DS, but seeing as how tough the whole security system is during runtime, I wouldn't be surprised if it's equaly strong during boot.
     
    Idaho likes this.
  4. Idaho
    OP

    Idaho GBAtemp Advanced Fan

    Member
    672
    402
    Oct 3, 2013
    France
    So what could be a solution to have a CFW launched at power on ?
     
  5. iCEQB

    iCEQB GBAtemp Advanced Fan

    Member
    682
    447
    Nov 2, 2013
    United States
    Either getting acces to the private keys which SHOULD be impossible ... or Nintendo decides to release them for whatever reason :D
    Or an exploit during boot time either by software (which becomes harder, if not impossible, with every new console generation) or via a modchip, just like the 360.

    Right now I wouldn't hope for it and actually be happy that you actually don't need any game or the likes to exploit a 4.5.0 3DS. Imagine you'd have to launch a game first and go through the menus everytime you restart the console.
    And be thankfull for the standby function of the 3DS :D

    Could hit you a lot worse buddy ;)
     
  6. Idaho
    OP

    Idaho GBAtemp Advanced Fan

    Member
    672
    402
    Oct 3, 2013
    France
    I guess I'm too used to convenient uses of hacks on my other devices as all of my other devices don't require actions in the stock OS to launch the hack, I remember that at some point it was like this on PSP 2000 units with the desperta batteries you could not power off your console or that'd just uninstall the hack, happily the reversing on the console allowed to flash CFWs on these consoles too...
     
  7. OuahOuah

    OuahOuah GBAtemp Maniac

    Member
    1,000
    201
    Oct 2, 2006
    France
    France
    Even private key and own bootchain does not make all the job : on PS3, you can't install CFW above 3.55.
    Above, you can only use modchip/ODE.
     
  8. Idaho
    OP

    Idaho GBAtemp Advanced Fan

    Member
    672
    402
    Oct 3, 2013
    France
    Well that's because another layer of security was added on firmwares above 3.55 but you can still downgrade the firmware version quite easily on many PS3 revisions and then flash a CFW with an E3 flasher...
     
  9. OuahOuah

    OuahOuah GBAtemp Maniac

    Member
    1,000
    201
    Oct 2, 2006
    France
    France
    Yes you can downgrade... but you need an hardware mod to do this, no more software mod...
     
  10. Idaho
    OP

    Idaho GBAtemp Advanced Fan

    Member
    672
    402
    Oct 3, 2013
    France
    But you don't need to have it all the time, using it only once is okay as opposed to the ODE methods that don't allow any CFW installation nor do they allow you to only use the chips only one time to allow the hack on your PS3...
     
    OuahOuah likes this.