Have you asked all 8 billion to make sure?
As is the way of things, someone will eventually create a super cheap Switch modchip given that we know glitching the Switch isn't all that hard and all the information to do it exists. It's utterly inevitable. Look at UDPIH or RGH3 if you need proof of that.
We will know more as soon as someone updates to HOS16 with a working pi pico mod.
Last edited by FruithatMods,
Oops I forgot to do this earlier... I will start it now
Post automatically merged:
I can ensure you there is multiple people at least looking at firmware, I'm in touch with multiple devs who I won't name who are trying to figure this out
Post automatically merged:
ok so ive updated this lite to 16.0
i can still acess hekate etc, BUT i can no longer get into OFW(black screen)
lakka and everything else still works fine though
Post automatically merged:
ok also using the flash nuke uf2 someone sent me has allowed me to get back into ofw without getting my soldering iron! so thanks for that.
ooo this is intresting, after flash nuking and booting into OFW, i then reflashed the linux firmware and can still not only get into hekate, but also can get back into ofw now aswell.
Last edited by Tafty,
I didn't check the firmware progress because is very out of my the firmware in the page 34 is also encrypted? All the progress I see about the investigation of the firmware is about the one with the serial.
Why? There would be no differences. The problem is the corruption of the keyblob,
Basically the sdloader it writes disables access to the BEK and stuff
I tried to find/replace it in the .uf2 but it seems to me like the developer encrypted and/or compressed it so you can't easily replace it
Post automatically merged:
It's not using hwfly sdloader/BCTs
Ok maybe I don't understand something right.
A theoretical question:
If I dump the (unmodified) emmc whit a reader including Boot0/1, install the rp2040 boot to hekate write the dumped emmc back create a emmummc from this and try to boot the emummc. (Maybe create keys whit lockpick)
what happens then?
Bek error?
Can someone please tell me ?
It doesn't work that way. The keys are stored in Tegra Fuses, and will be loaded to keyslots by bootrom at boot.
The issue is that modchip firmware(sdloader) messes up the keyslots.
https://switchbrew.org/wiki/Fuses#Mariko
Perhaps it's possible to read the fuses directly after the bootrom is run? Or is this only something the boot coprocessor is capable of doing and won't do again until next boot?
I forgot when exactly the fuses get locked down but I think it's when the bootloader gets run (aka the code where the BCTs point to)
So basically the unlocked fw probably locks the fuses down on purpose, you can't do anything about it unless someone manages to replace the sdloader/BCTs inside the .uf2 file
Re-writing boot0 once hekate loads and yadda yadda all won't help because the sdloader runs before even Hekate loads and the firmware re-writes boot0 on every boot if it detects that the sdloader/BCTs are different.
Known working eMMC is Tafty's SKhynix H26M62002JPR
Mine doesn't boot, it has a Kioxia THGBMHG8C2LBAIL
@Nagaa Which eMMC does your non-booting console use?
Mine doesn't boot, it has a Kioxia THGBMHG8C2LBAIL
@Nagaa Which eMMC does your non-booting console use?
Samsung eMMC
Attachments
Who else managed to boot into hekate with the pi pico?
If you successfully booted into hekate please tell us your emmc manufacturer.
Could this be it? Does the pi Pico only boot if it is run on a skhynix switch?
Post automatically merged:
If you successfully booted into hekate please tell us your emmc manufacturer.
Could this be it? Does the pi Pico only boot if it is run on a skhynix switch?
Last edited by FruithatMods,
And why is that?
Post automatically merged:
I don't mean to out you as being thick, I am sure you can put one and one together, but if the injection only works on skhynix chips then your whole theory of all emmc chips using the same protocol and thus being the same is wrong.
If this is indeed the case a new sdloader will have to be injected into the firmware or the firmware should be rewritten from scratch.
Last edited by FruithatMods,
No offense taken.
1. you can easily look up the eMMC‘s datasheet, all of them say they support JEDEC‘s 5.1 standard protocol
2. @Nagaa s eMMC could successfully initialize with test code that I have.. Granted, my code doesn‘t do anything else other than init emmc and then boot OFW but honestly if init works then the rest has to work aswell
3. On @Tafty s switch my code works too
4. On @TheSynthax s switch it does not work. His eMMC doesn‘t respond for 9 tries and then returns a garbage CRC on the last try
So yes, the eMMCs have to use the same protocol. It seems like something is wrong with @TheSynthax s soldering OR his rp2040 is broken because on the ubuntu fw his LEDs behave very strangely.
So how do you explain the non flashable hwfly booting to a black screen on an oled switch with a skhynix emmc instead of the no sd screen?
The same modchip boots fine with a Samsung emmc. The only difference is the emmc manufacturer.
Which emmc chip does @Nagaa 's switch use?
The same modchip boots fine with a Samsung emmc. The only difference is the emmc manufacturer.
Which emmc chip does @Nagaa 's switch use?
Similar threads
- No one is chatting at the moment.
-
-
-
-
@
BigOnYa:
@SylverReZ I've never used a disposable, seems like a waste. kinda cool idea tho. It would be nice to have vape built in to a cell phone even. "The iVape"+1 -
-
-
-
-
-
@
K3Nv2:
I was hoping I could add a custom ROM to this fire HD 10 tablet but guess no one's made twrp available -
-
-
-
-
-
-
-
-
-
-
-
-
-
@
ZeroT21:
only ps5 updated to latest firmware can go on psn, jailbroken ones just don't use psn or they risk getting flagged or banned, altho spouting profanity in online play alredy does that -
