Hacking Atmosphere-NX - Custom Firmware in development by SciresM

[igivenup]

While Sciresm has dropped hints that 4.1.0 has software entrypoints for direct entry on boot, I fully expect that FG will be needed at the very least for the initial foot in the door, and will likely be needed for many firmware versions, especially future ones. It might not be so trivial to update the boot loader code in the Tegra SoC, even at the factory. That means tethered booting will likely be a thing that hangs around unless a far bigger hole is found.

As such, I think having a toggling joycon and a portable injector fob would be good medicine, even with full direct-boot capability.

He hasn't even just hinted about it. The same exploit from 3.0 roughly works on 4.1 with some modifications. The 4.1 exploit SciresM found was announced weeks before Fusee. It's just a matter of if/when that's coming out. Also Fusee FAQ did say software only was coming

As the exploit / the boot rom isn't patchable and you always will have the possibility to inject some payload at this very early stage and no matter what nintendon't will do in the future, then why taking the risk going online with a modified firmware?
Only for the possibility of a softmod / untethered coldboot? No, thanks.

The other thing is, that you always have to keep your fw up to date to be able to use the online services. Doing so with a customized firmware you are dependent on the author of the cfw patches who has to keep up with every newely released original firmware and adapt to it.

A seperate offline cfw isn't dependent on any updates provided by nintendon't to run some homebrew or whatever.

I know this all comes with some inconvenience, but in my opinion the benefits outweigh.

It's all about options. I don't care for online and I would rather be able to boot CFW untethered. If online play is important to you then great, go with a tethered exploit. The Fusee FAQ does say a software only solution is coming though. So we both win.

 

[tecfreak]

Couldnt they just use payloads to launch the app they want without the need of CFW? Why using CFW when you dont plan on going online with it..i mean... do you even need it then? HWats the purpose of it?

Because you need an operating system to run apps. This can be a modified Horizon, a linux distribution, android or whatever. Depends on which software you want to use. A modified Horizon is needed to launch backups which probably the most people here are waiting for. A linux distribution could be used for kodi, dolphin or any other stuff of that kind.

 

[salamandrusker]

Because you need an operating system to run apps. This can be a modified Horizon, a linux distribution, android or whatever. Depends on which software you want to use. A modified Horizon is needed to launch backups which probably the most people here are waiting for. A linux distribution could be used for kodi, dolphin or any other stuff of that kind.

in fact if tomorrow a distributor would get a pp capable of doing cartridge backup to sd and use the data from the sd I would gladly pay the distributor, it is about keeping the cartridges in time and having the data in the sd, for me that and emulators or being able to play any game without having to upload firmware would be all I'm looking for

 

[naitsa]

Because you need an operating system to run apps. This can be a modified Horizon, a linux distribution, android or whatever. Depends on which software you want to use. A modified Horizon is needed to launch backups which probably the most people here are waiting for. A linux distribution could be used for kodi, dolphin or any other stuff of that kind.

Ah thanks. Now i get it I was thinking you already could launch apps via payloads by using fusee-gelee entrypoint to run unsigned code. If that inst the case and you just can use fusee-gelee to boot some kind of OS then a modified version of Horizon (Atmosphere) makes absolute sense. I guess it will be a hard decision for me if im riskin going online with atmosphere (im on 4.1 still) or if i just update to 5.x and use fusee at every boot to get into Atmosphere and go online with OFW. Either way it will be great and exciting times thanks to the great developers and SciresM. On top of that E3 is just around the corner Yay

 

[Wierd_w]

in fact if tomorrow a distributor would get a pp capable of doing cartridge backup to sd and use the data from the sd I would gladly pay the distributor, it is about keeping the cartridges in time and having the data in the sd, for me that and emulators or being able to play any game without having to upload firmware would be all I'm looking for

I very much want to EXAMINE the data inside my skyrim cart. I strongly suspect that if I cant just straight up get the game to load .ESP files, I can forcibly integrate them with the base .ESM and .BSA archives, and have all kinds of win with my switch. I have already mostly verified that aside from a strange image format used for the thumbnail, that the save data format is very close to the PC format, if not identical. While something like skyui is probably out of the question (needs scripting extensions. Good luck running a daemon behind the hypervisor reliably while scribbling all over the memory of an already somewhat unstable application! Good luck porting scripting extensions to Horizon to begin with!), there is quite a lot that could be baked in if the worst case scenario happened and Bethesda completely removed the loading hooks for .ESP files. (I would think they would leave them in, as that is the super duper easy way to push game patches. )

I have looked online to see if it was in the "early dumps" at the "usual places", but came up empty. Now I am waiting for a dumper, and Atmosphere with eager anticipation.

 

[isoboy]

I still have many doubts about atmosphere, will it be possible or not to load a backup of our cartridges from the sd? I have not seen any proof in the absence of 1 month to go

You're doubting if a console will be able to play backups? It's happened before.

 

[Wierd_w]

You're doubting if a console will be able to play backups? It's happened before.

No joke. I have been observing breakneck pace on the security layer portion of Atmosphere in the past week. Those cats are working hard on getting package decryption/encryption, layered filesystem and the like working. While a cartridge dumper/title dumper is outside the core scope of Atmosphere, it gives all the keys to the kingdom to any interested soul with the skills and will to make one. I expect that once that horse leaves the barn, it will never be going back.

 

[salamandrusker]

You're doubting if a console will be able to play backups? It's happened before.

you simply did not read my message or my messages. I do not seek to put a pirated copy, I try to put the games that I bought by another hole in the console, and not just the one above (so that it understands cartridge slot) but rather by the one below (so that the slot understands it) sd) and if you wonder why you would want to do this, maybe you never had a super nintendo system and over time the cartridge pins got damaged and even if you cleaned them with alcohol it did not work ... it is better to have a more reliable backup a sd or usb device and save the original on the shelf so nothing happens. I hope I have clarified that strange feeling that generates listening to talk about things that you think

--------------------- MERGED ---------------------------


wierd_w I appreciate your answer because you seem really successful with what really happens

 

[isoboy]

Yeah, I have no idea what I'm on about. Carry on.

 

[jaysea]

My point is that you don’t need emuNAND to achieve that.

Boot into CFW on sysNAND - remember to disable online, maybe use a different SD card.

Boot into stock FW on sysNAND - clean fw, no trace of CFW.

For example, Luma 3DS doesn’t need to make any permanent changes to the FW. Patches are applied on the fly. Remove boot.firm and you get a clean stock FW.

Remove boot.firm and the 3ds doesn’t boot for me. Luma requires a boot.firm on either as or ctrnand iirc.

 

[tecfreak]

I was thinking you already could launch apps via payloads by using fusee-gelee entrypoint to run unsigned code.

You can. See hekate-ipl for example. There is already a hbl based on that and like atmosphere it patches the firmware on the fly.

You could then boot into horizon with patches applied or without.
But that comes with a disadvantage, because you have to stay at a certain version of the firmware which the cfw patcher supports.

 

[salamandrusker]

You can. See hekate-ipl for example. There is already a hbl based on that and like atmosphere it patches the firmware on the fly.

You could then boot into horizon with patches applied or without.
But that comes with a disadvantage, because you have to stay at a certain version of the firmware which the cfw patcher supports.

when it refers to unsigned code, does it mean that it would be possible to use an xci in this atmosphere? nsp? elf? or simply nro?

 

[xenofly]

SciresM updated his twitter avatar. Now fish is brown and polished. Does that mean something???

Atmosphere hype!!!!

 

[fatsquirrel]

SciresM updated his twitter avatar. Now fish is brown and polished. Does that mean something???

Atmosphere hype!!!!

Not only that, he also posted something about "secmon"

 

[alexj9626]

Lets calm down guys. I know Michael likes to do this kinda stuff but lest just wait couple more days.

 

[fatsquirrel]

Btw whats this thing with secmon anyway?

 

[TheCyberQuake]

Btw whats this thing with secmon anyway?

Secmon = secure monitor, ie trustzone

 

[fatsquirrel]

Secmon = secure monitor, ie trustzone

Trustzone makes much more sense, cheers!

 

[leonmagnus99]

would be a surprise of team reswitched dropped something before tx starts shipping their dongles

 

[xenofly]

Guys, there's "revamp all the makefiles" all aboard the project https://github.com/Atmosphere-NX/Atmosphere. I don't know what that means, but sounds cool