Hacking Question Pre Buy Question

[VIERcntHOLZ]

Hey guys

So, I decided to get my old Handheld (N3DS XL with b9s) out and going to get my hands on a new Switch due to the advanced hacking going on.
Before I proceed, I'd like to get some questions cleared (and yes, ive read trough dozens of other threads, about AutoRCM, etc.).

Questions:
1. If I buy a new console trough amazon, how high are the possibilities right now to get a vulnerable console?
2. Is there a chance to have my console always boot into CFW? (Without any other gadgets needed, just softwareside)
3. Are Sig. Patches persistent in ReiNX or something? (I'm just into singleplayer gaming, no online, but want to run backups from SD card)
4. Is there a complete *free* way to get to "cold boot"/CFW?

 

[Kubas_inko]

1. Odyssey bundles should be vulnerable. Otherwise, don't know.
2. Maybe in the future. For now, we know that it is possible up to 3.0.1
3. Almost any CFW has now sigpatches. But you always need to be in the CFW.
4. Coldboot maybe in the future. CFW, here.

 

[VIERcntHOLZ]

Sounds good.

What is the highest Firmwareversion I should look out for?
So if I order a bundle - what Firmware should it be on for me to be hackable?

 

[Kafluke]

It's not just about firmware version. It's more about serial number. Some units are patched and you cant run any CFW. All firmware versions support launching CFW if you have a hackable unit. Check the serial.

 

[Kubas_inko]

It's not just about firmware version. It's more about serial number. Some units are patched and you cant run any CFW. All firmware versions support launching CFW if you have a hackable unit. Check the serial.

You can run any CFW, if you know how

 

[Kafluke]

You can run any CFW, if you know how

Not if you have an ipatched unit you cannot.

 

[Kubas_inko]

Not if you have an ipatched unit you cannot.

yes, you can, if you know how. Ipatched units arent unhackable...

 

[Kafluke]

yes, you can, if you know how. Ipatched units arent unhackable...

Well then tell us how? You have a link or some info? First I've heard of this

 

[Kubas_inko]

Well then tell us how? You have a link or some info? First I've heard of this

jamais and deja vu

 

[V-Temp]

jamais and deja vu

Jamais Vu, is only for exceptionally rare and very low firmware units all of which would be vulnerable to FG by virtue of being in the very early launch batch of units.

Deja Vu won't be released for a long time due to unknown timetables on Mariko, and is already heavily mitigated in >4.1.0.

 

[shchmue]

it may be a year and more until we see any other entry point besides RCM, it totally depends what Nintendo does with future units. Firmware doesn't matter, just pick out one locally with a safe serial if you can find, otherwise it might take a few returns.

ref safe serial ranges here https://gbatemp.net/threads/switch-informations-by-serial-number.481215/

 

[V-Temp]

Sounds good.

What is the highest Firmwareversion I should look out for?
So if I order a bundle - what Firmware should it be on for me to be hackable?

We're approaching a point in time where you're best bet is probably looking for used and hoping its not fucked up by the previous users too badly. Unless you find some really old supply finding an unpatched unit new at retail is going to be difficult.

 

[tbb043]

If you do get a hackable unit, and value your time and ease of use more than money, SX pro is the "expensive" (still less than the price of a game, usually) but easy way to go.

And they're working on a solution for the "unhackable" patched units. Soon (tm) I believe is the term...

 

[Kafluke]

jamais and deja vu

So you're talking about unreleased stuff. Nothing helpful to the OP

 

[V-Temp]

And they're working on a solution for the "unhackable" patched units. Soon (tm) I believe is the term...

I wish people would stop peddling their bullshit and give people the wrong sense of progress or information on what to do. They've shown no proof or PoC to that end in weeks, and their "info to prove we can hack it" was already nonsense that could be dumped without boot-level execution. If they had a working solution by default they'd have had a PoC yet didn't show one. Almost as if they didn't have anything.

So you're talking about unreleased stuff. Nothing helpful to the OP

One of them is also useless as its for units that would all be FG-capable any way.