I'm a bit disappointed by the way both Gateway and the administrator of that forum are handling this situation, it makes me think that probably Gateway became GetAway 3DS. An apologise would still be appreciated though.
Here's the actual explanation:
Gateway 3DS Bricking Mechanism Discovered
Expert members (specifically profi200) of ngb.to in collaboration with Normatt (who is in possession of the decrypted Gateway code) have discovered how Gateway bricks 3DS consoles, and how it is theoretically possible to fix it.
Gateway uses a CPU emulator that executes MIPS-like code. The bricking code is hidden inside the portion of code that is executed by the CPU emulator. Once the bricking code is activated, the temporary write protect bit within CSD is set and the eMMC lock is activated.
The people at Gateway can actually unbrick a 3DS WITHOUT a NAND dump by using a password which is unique for each 3DS and is generated using the CID of the NAND and which is then encrypted by the AES Engine of 3DS. By using this password, they can remove the lock and delete the write protect bit. That's why when Gateway initially posted the announcement about fixing bricked consoles they didn't mention requiring a NAND backup - because they really don't.
The Gateway brick can be fixed by using a forced overwrite that deletes all write protection bits and completely removes the lock. However, this requires low level hardware access [to the eMMC] with a dev board (or device like raspberry pie) that supports SPI or SDIO. Unfortunately if this method is used, the entire NAND will be overwritten, which means a prior NAND dump is required. Furthermore, this isn't exactly easy and requires advanced soldering skills, so it is not a newbie friendly solution.
So the bricking is indeed deliberate. The Gateway team placed several checksums inside 2.0b2 which trigger it under specific circumstances. It has been confirmed that the brick code and the checksums were not present before 2.0b2.
And while it is aimed at clone cards, it can and has happened to legitimate Gateway users, too (which is unlikely, but not impossible).
Now that the jig is up, maybe Gateway 3DS can be convinced to remove their dangerous code from their next firmware release to regain the trust of their customers.
I would like to kindly ask the moderators not to lock this topic as this is important information.
Also, please refrain from flaming me- I am merely the messenger.