Hacking Question Donwgrading by upgrading...

[Eternam]

Sorry if this is a dumb question but would it be possible in the future to grab the fw 3.0 (or any other) change the header/label or whatever it has so that the switch sees it as an upgrade instead of a downgrade? Wouldnt that be a way to reintroduce vulnerabilities that where present on lower fw? That way we could maybe one day not need rcm.
I hope my poor english is not messing up what I am trying to say.

Once again sorry if this was already disscuse before or if its dumb.
Happy friday!

 

[wvsgnovize]

I don't know if this is theoretically doable - but IF you managed to do it, the older FW you have just installed will recognize that a downgrade has been performed due to the eFuses burned by the previously installed higher FW version and refuse to boot.

 

[Eternam]

I don't know if this is theoretically doable - but IF you managed to do it, the older FW you have just installed will recognize that a downgrade has been performed due to the eFuses burned by the previously installed higher FW version and refuse to boot.

But could that be also modified? I mean lets say that I want to install 3.0. I change it so that its called 5.2 wouldnt that be enough? Or maybe cant this 3.0 mod have its efuse number modified so that its the same as 5.2? I know nobody has played with it to this day but couldn't it be possible maybe?

 

[Vlaslega]

But could that be also modified? I mean lets say that I want to install 3.0. I change it so that its called 5.2 wouldnt that be enough? Or maybe cant this 3.0 mod have its efuse number modified so that its the same as 5.2? I know nobody has played with it to this day but couldn't it be possible maybe?

Efuses are real and physical. When you update your FW, the fuse is permanently busted. Theoretically, you could replace the fuses, but it's so expensive that you may as well get another switch.

 

[wvsgnovize]

Or maybe cant this 3.0 mod have its efuse number modified so that its the same as 5.2?

In theory, you could probably change the firmware image in a way that causes it to expect / accept a different eFuse configuration. Firmware packages are signed, though. Changing the code would invalidate the signature and you would need to re-sign everything for the switch to accept it. I'm not fully up2date with the current progress on hacking the switch, but I don't think we have access to the key Nintendo uses to sign their firmware.

 

[Lacius]

Sorry if this is a dumb question but would it be possible in the future to grab the fw 3.0 (or any other) change the header/label or whatever it has so that the switch sees it as an upgrade instead of a downgrade? Wouldnt that be a way to reintroduce vulnerabilities that where present on lower fw? That way we could maybe one day not need rcm.
I hope my poor english is not messing up what I am trying to say.

Once again sorry if this was already disscuse before or if its dumb.
Happy friday!

This is not possible for various reasons, including but not limited to the issue of digitally signing the updates. You also cannot edit version 3.0.0, for example, in a way that will allow it to work with more than three burnt efuses.

In summary, you cannot downgrade to a system version if you've already burnt too many efuses.

 

[Eternam]

Thanks for the answering my question! You cant say i didnt tell you it was a dumb one.

 

[Lacius]

Thanks for the answering my question! You cant say i didnt tell you it was a dumb one.

If you update your system by following this guide, you will preserve a downgrade path for future downgrades. For example, if you are on 3.0.0 and use this guide to update to 5.1.0, then it will be possible to downgrade to 3.0.0.

If you've never followed this guide before, then you will never be able to downgrade below what you're currently on.

 

[Eternam]

If you update your system by following this guide, you will preserve a downgrade path for future downgrades. For example, if you are on 3.0.0 and use this guide to update to 5.1.0, then it will be possible to downgrade to 3.0.0.

If you've never followed this guide before, then you will never be able to downgrade below what you're currently on.

Yes, I have done the guide. I Went from 4.0.1 to 5.1.0
My question was just theorical. Wanted to know if it was a possible that way.

 

[Lacius]

Yes, I have done the guide. I Went from 4.0.1 to 5.1.0
My question was just theorical. Wanted to know if it was a possible that way.

This means you have five burnt efuses. The lowest system version you will ever be able to downgrade to while still retaining the ability to boot your system without RCM is 4.0.0.

 

[Eternam]

This means you have five burnt efuses. The lowest system version you will ever be able to downgrade to while still retaining the ability to boot your system without RCM is 4.0.0.

I know. My question had nothing to do with my switch. I am good where I am. I just wanted to know if that method possible.

 

[BL4Z3D247]

This means you have five burnt efuses. The lowest system version you will ever be able to downgrade to while still retaining the ability to boot your system without RCM is 4.0.0.

Does Nintendo burn fuses in the factory to match the fuses needed to boot a specific firmware?

For example, are Switches that come from the factory with say 4.1.0 have already burned fuses that someone would have if the updated to 4.1.0 themselves?

I imagine this is the case, just curious.

 

[Lacius]

Does Nintendo burn fuses in the factory to match the fuses needed to boot a specific firmware?

For example, are Switches that come from the factory with say 4.1.0 have already burned fuses that someone would have if the updated to 4.1.0 themselves?

I imagine this is the case, just curious.

That is correct. Even if they didn't do that, the Switch would burn the necessary fuses the first time the system is booted.