Hacking can arm9loaderhax be patched by nintedo in a newer update if you update your sysnand

M

mathieulh

Well-Known Member
Member
Level 6
Joined
Feb 28, 2008
Messages
378
Trophies
0
Website
keybase.io
XP
897
Country
France
They could do stupid obfuscation, like doing a hash of some portion of FIRM and using it to generate keys, change ways modules get loaded, move the am version checks to Process9 and so forth. It's not really a cat and mouse game anymore, but they could start a game of annoyance.
 
  • Like
Reactions: mironicurse and DSoryu
driverdis

driverdis

I am Justice
Member
Level 12
Joined
Sep 21, 2011
Messages
2,867
Trophies
2
Age
31
Location
1.048596β
XP
2,838
Country
United States
MassExplosion213 said:
Well, they could always update firm0/firm1.. We block updates to it by patching AM:InstallFIRM (that or AM:InstallNativeFIRM, I forget which.). They could add a new AM command to install firm.
Click to expand...
They could but there is a catch.
You need to update to that new version first so that new AM command is added, but it will not be triggered until the next update after that. Inbetween this period, CFWs will be updated to block or ignore this new AM command.

Nintendo could do a 2 stage update however:
first stage update adds a new AM command and second stage update fires the command to update firm and to update the rest of the system.
 
J

jimmyleen

Well-Known Member
Member
Level 5
Joined
Feb 28, 2016
Messages
1,171
Trophies
0
XP
704
Country
driverdis said:
As long as you are using AuReiNAND (protects automatically) or Cakes (with firm protect option on : something like that, I do not use cakes), you will be protected and nothing should break.
Click to expand...

Wouldn't AureiNAND's a9lh detection option do just that?
 
Toasty

Toasty

Queen
Member
Level 4
Joined
Apr 1, 2011
Messages
104
Trophies
0
Location
Toledo OH
Website
www.google.com
XP
373
Country
United States
hacksn5s4 said:
thing is why arent nintedo trying hard to stop it if it allows piracy though
Click to expand...
It's a waste of resources and time. What does the 3DS have left? It's at the end of it's lifecycle. Nintendo isn't going to bother. They can use those resources on Project NX instead.

Edit: shit, I forgot about Pokemon Sun/Moon. I guess the 3DS does have a little life left.
 
Last edited by Toasty,
  • Like
Reactions: Pluupy, Harvest God and Deleted member 370671
WulfyStylez

WulfyStylez

SALT/Bemani Princess
Member
Level 12
Joined
Nov 3, 2013
Messages
1,149
Trophies
0
XP
2,877
Country
United States
k9lhax can't be patched or revoked without a new bootrom revision, something Nintendo seems to be adverse to. Also, so long as people keep up with all of N's binary diffs, they can't slip anything in without a lot of people noticing. I haven't seen anyone openly do that on like gbatemp tho, which sure is alarming (for public cfw users) since that means their changes can affect a huge number of users before they even realize what hit them.

Is now a good time to give Nintendo ideas? Now's the time for them to crack down on modified firmware in general. Have arm11 do an arm9 call to take a sha256 of process9's .text and send that on sign-in. If that differs (maybe if it differs twice, w/e it's implementation details) just ban the system outright. It would likely take so long for public cfws to catch up and work around this (if they even do either) that they could probably catch a couple thousand/tens of thousands of users. Particularly (importantly!) many users who've had their systems modified thru a paid service and aren't super knowledgeable about hax themselves would get swept up in this.
(This idea isn't new btw, it's what the 360 did and it effectively permanently shut 99.9% of highest-level-modified consoles out of their online services)
 
  • Like
Reactions: Ryccardo and FenrirWolf
Pluupy

Pluupy

_(:3」∠)_
Member
Level 10
Joined
Sep 13, 2009
Messages
1,945
Trophies
1
XP
2,265
Country
United States
So what's stopping Nintendo development studios and other game developers from implementing game-based anti-piracy measures like they did on the DS?
 
TariqSoftDev

TariqSoftDev

~Zexceil
Member
Level 7
Joined
Sep 18, 2013
Messages
716
Trophies
1
Location
London
XP
1,018
Country
Just make a backup of your NAND in case then theres no need to panic, although bricking your console if it has A9LH is a good way to make money as some people will get a new 3DS.
We should keep this in our head what if a Nintendo worker gets an idea T_T
 
Plailect

Plailect

Well-Known Member
Member
Level 8
Joined
Jan 30, 2016
Messages
546
Trophies
1
XP
1,502
Country
United States
WulfyStylez said:
k9lhax can't be patched or revoked without a new bootrom revision, something Nintendo seems to be adverse to. Also, so long as people keep up with all of N's binary diffs, they can't slip anything in without a lot of people noticing. I haven't seen anyone openly do that on like gbatemp tho, which sure is alarming (for public cfw users) since that means their changes can affect a huge number of users before they even realize what hit them.

Is now a good time to give Nintendo ideas? Now's the time for them to crack down on modified firmware in general. Have arm11 do an arm9 call to take a sha256 of process9's .text and send that on sign-in. If that differs (maybe if it differs twice, w/e it's implementation details) just ban the system outright. It would likely take so long for public cfws to catch up and work around this (if they even do either) that they could probably catch a couple thousand/tens of thousands of users. Particularly (importantly!) many users who've had their systems modified thru a paid service and aren't super knowledgeable about hax themselves would get swept up in this.
(This idea isn't new btw, it's what the 360 did and it effectively permanently shut 99.9% of highest-level-modified consoles out of their online services)
Click to expand...

The lack of anyone keeping track of binary diffs is probably the most worrying issue here.

While the exploit itself cannot be fixed without a bootrom update, it would be trivial for Nintendo to write to the firm partitions using a multitude of methods that aren't patched out by the commonly used CFWs. This would certainly catch quite a few users before anyone noticed (unless they screw up the implementation such as with that botched Wii Boot2 update and end up bricking people who update).

They could, of course, have always done this for EmuNAND/RedNAND users and never did, which would signal that they weren't willing to, but that's no reason to assume they never will.
 
  • Like
Reactions: sieroi

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

What's the best 3DS emulator (especially after Citra's shutdown)?

Tutorial  How to fix 007-2001

can't download system files on citra because im "not connected to the internet"

gacube emeleter

General chit-chat
Help Users
  • No one is chatting at the moment.
    Veho @ Veho: Nobody is reading what you post.