Thank's to @ktemkin and all Reswitched Team[prebreak]1[/prebreak]

I'm super pleased to tease "fusée gelée", @reswitchedteam's proof-of-concept coldboot execution hack-- with which we join the growing ranks of those with unpatchable Tegra X1 bootrom bugs.
Quick video of it in action on a Switch: https://youtu.be/ik04jn0obag

​

 

[DerProGamer2000]

isn't it kind of funny that nintendo did the protection very good on this console but its somehow the fastest hacked console of nintendo yet even thou the protection is good

 

[ken28]

isn't it kind of funny that nintendo did the protection very good on this console but its somehow the fastest hacked console of nintendo yet even thou the protection is good

it isnt, nintendo made the protection strong but that doesnt matter if nvidias protectiong is worthless.

 

[DerProGamer2000]

it isnt, nintendo made the protection strong but that doesnt matter if nvidias protectiong is worthless.

oh so its because of nvidia... what if the chip would be the best protection which exploits would not work?

 

[ken28]

oh so its because of nvidia... what if the chip would be the best protection which exploits would not work?

thats what i get out of most of explaination of the exploit.
Also there is no prefect protection. If its made by a human it can be destroyed/cracked by a human its as easy as that.

 

[SoslanVanWieren]

it isnt, nintendo made the protection strong but that doesnt matter if nvidias protectiong is worthless.

Eh its nintendos fault as well to they did not patch the trust zone exploit properly they just patched access to it. Nintendo are lazy with fixing stuff.

 

[ken28]

Eh its nintendos fault as well to they did not patch the trust zone exploit properly they just patched access to it. Nintendo are lazy with fixing stuff.

fixing the trust zone exploit could be complicated and in the meanwhile they just closed the accsess point. this a common approach in programming, not just nintendo.

 

[jimmyleen]

It won't be public , it has been confirmed on ReSwitched Discord . RIP All my hopes and dreams

I'm assuming it won't be public because almost anyone could figure out how to soft mod the tablet.

 

[SoslanVanWieren]

also don't forget Nintendo trying to patch stuff and adding new features in newer firmware's can cause even more bugs.

 

[DeslotlCL]

Eh. Better wait for TX stuff.

 

[Jayro]

I suppose now it's just a race to see who releases their cold boot hax first. Probably Team Xecuter with their "modchip". Which judging by other's cold boot exploits, don't need one... A modchip is just a cashgrab.

 

[TheCyberQuake]

I suppose now it's just a race to see who releases their cold boot hax first. Probably Team Xecuter with their "modchip". Which judging by other's cold boot exploits, don't need one... A modchip is just a cashgrab.

It could depend on what the "public" coldboot exploits require for installation. My guess is they would at minimum require userland access, and it may require higher privileges. That means it would be free to install on firmwares that support those privileges, but anything higher would be SoL. Supposedly the hardmod would allow coldboot hacks on any firmware regardless of having code execution or not.

 

[Kubas_inko]

It could depend on what the "public" coldboot exploits require for installation. My guess is they would at minimum require userland access, and it may require higher privileges. That means it would be free to install on firmwares that support those privileges, but anything higher would be SoL. Supposedly the hardmod would allow coldboot hacks on any firmware regardless of having code execution or not.

Well, we (at least SciresM) have tzhax on any firmware. Is that enough privileges?

 

[TheCyberQuake]

Well, we (at least SciresM) have tzhax on any firmware. Is that enough privileges?

Any CURRENT firmware, but not future firmwares when the exploits are patched.

 

[Kubas_inko]

Any CURRENT firmware, but not future firmwares when the exploits are patched.

But future is not now

 

[chrisrlink]

sorry to bring this up but some older consoles held up pretty well PS3 4x aka super slim and sega saturn just only got fully cracked last year(sega saturn not pss3 superslim though that maybe exploited soon too) i think but theres a golden rule i learned here if it's a manmade electronic it can be exploited in some form

 

[Jayro]

It could depend on what the "public" coldboot exploits require for installation. My guess is they would at minimum require userland access, and it may require higher privileges. That means it would be free to install on firmwares that support those privileges, but anything higher would be SoL. Supposedly the hardmod would allow coldboot hacks on any firmware regardless of having code execution or not.

That does make sense... Soft-mod method probably requires 3.0.0, whereas the modchip works on any system firmware.

 

[Mrdx]

I think that every time Team Xecuter make a move, f0f and other teams show the possibilities of their "free" alternatives in order to dissuade TX from trying to make money out of piracy devices. That's the reason why they just show poc but never release anything...

 

[TheCyberQuake]

I think that every time Team Xecuter make a move, f0f and other teams show the possibilities of their "free" alternatives in order to dissuade TX from trying to make money out of piracy devices. That's the reason why they just show poc but never release anything...

Except if they never release their free alternatives, all it does is push more traffic to the things that actually release, even if they are a paid product

 

[cracker]

I'm willing to bet that there will be a free hack released at/before TX releases their mod.

 

[guily6669]

sorry to bring this up but some older consoles held up pretty well PS3 4x aka super slim and sega saturn just only got fully cracked last year(sega saturn not pss3 superslim though that maybe exploited soon too) i think but theres a golden rule i learned here if it's a manmade electronic it can be exploited in some form

Best one is Sega Dreamcast, just burn a game CD and run it lol, that was epic.