[QUESTION] Screw downgrading, what about CFW on 10.3

Discussion in '3DS - Flashcards & Custom Firmwares' started by Naked_Snake, Jan 7, 2016.

  1. Naked_Snake
    OP

    Naked_Snake Constant Miscreant

    Member
    1,143
    291
    Oct 6, 2013
    Hyrule Field
    Hi I just wanted to know how long does anyone think we are off for a 10.3 CFW since the downgraders and CIA installers have come out pretty fast and I'm sure as shit not downgrading at the risk of bricking my N3DS, opinions?
     
  2. 20mark
    This message by 20mark has been removed from public view by BORTZ, Jan 7, 2016, Reason: spam.
    Jan 7, 2016
  3. Naked_Snake
    This message by Naked_Snake has been removed from public view by BORTZ, Jan 7, 2016, Reason: spam.
    Jan 7, 2016


  4. retrofan_k

    retrofan_k GBAtemp Advanced Maniac

    Member
    1,818
    1,113
    May 31, 2013
    Belarus
    Caves
    It's just around the corner. Seriously, either have big balls and DG, or stay on 10.3.
     
    Last edited by retrofan_k, Jan 7, 2016
  5. Naked_Snake
    OP

    Naked_Snake Constant Miscreant

    Member
    1,143
    291
    Oct 6, 2013
    Hyrule Field
    I'm thinking so, as soon as I saw the FBI I kind of guessed it wouldn't be to far off, I'm wondering if it will be PastaCFW that gets there first
     
  6. Svaethier

    Svaethier GBAtemp Maniac

    Member
    1,294
    203
    Dec 2, 2013
    United States
    Sault Ste. Marie, Michigan
    with 10.4 around the corner I'm sure people who don't want to go through the trouble of updating their emunand or sysnand for their games to work on 9.2 will want a 10.3 cfw, I know I do :)
     
    Naked_Snake likes this.
  7. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    You guys do realize that CFW requires an ARM9 vulnerability and that at the moment we do not have on past 9.4 that doesnt't require extra hardware right?

    The ONLY thing that MCH2 gives is ARM11, which is why we can downgrade now. Downgrading and a new FBI to install legit cias does not mean "ooh cfw soon" or even "SOON". It means we have what we have and do not expect or even really hope for more right now.

    Yes, ntrcardhax gives ARM9 access and would allow CFW (at least on N3DS, idr if its compatible with both), but it requires additional hardware to utilize and even if GW is able to implement something it will probably be a brand new Yellow Card for you to buy for $120 to get cfw on 10.3.
     
    rotebrotobias and Xenon Hacks like this.
  8. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    12,096
    5,168
    Mar 17, 2010
    Norway
    Alola
    Well, 10.3 CFW is possible with arm9loaderhax (even if we could get it to work it would most likely be n3DS only) or ntrcardhax (which requires custom hardware.)
    Put simply, don't hold your breath. All the focus right now is on downgrading and it's not certain whether the CFW devs would be capable of figuring out those two exploits or whether they would even bother to spend the time and effort.

    arm9loaderhax would be the holy grail of CFW, essentially it would give us proper, full coldboot CFW installed directly onto NAND, with checks disabled so that we could patch/modify the firmware to our hearts content, instead of on-the-fly patching the firmware.
     
    Last edited by The Real Jdbye, Jan 7, 2016
  9. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    Arm9loaderhax (thank you, I couldn't remember the name lol) is most definitely N3DS only and from what I understand, before we can even BEGIN to port or develop stuff for it we have to figure out exactly how to trick it into dumping its firm and then figure out where it will jump to after it dumps. All they revealed was that it is exploitable because of the fact we can force it to jump and it wont verify the code its about to run after the jump.

    Ntrcardhax is the one that will likely give us something, but I fully expect that something to be a brand new flashcard.
     
  10. Naked_Snake
    OP

    Naked_Snake Constant Miscreant

    Member
    1,143
    291
    Oct 6, 2013
    Hyrule Field
    Awe man I was hoping to not have to downgrade, if I can have an emunand of 10.3 I would consider it but I've only got 3.5gb left on my 16gb microSD lol
     
  11. Zidapi

    Zidapi GBAtemp Psycho!

    Member
    3,033
    1,817
    Dec 1, 2002
    *Cough*

    I'll just leave this here,Team SALT's recent achievement.


    True cold boot launching to non-emuNAND CFW, with homebrew being launched directly from the homescreen, all on 10.3

    Hopefully we benefit from this at some point. Even if SALT don't release something, it's proof that it is possible.
     
  12. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    Those assholes will never release anything and only tease shit to rile up and piss of the rest of the community. Stop posting their shit.
     
  13. AtlasFontaine

    AtlasFontaine GBAtemp Maniac

    Member
    1,079
    633
    Jul 18, 2015
    Venezuela
    Venezuela-Zulia.
    If you expect something coming from team SALT then you'll be pretty much dissapointed, if that people wanted to release anything then they should've released +9.6 emunand long time ago.
     
    Last edited by AtlasFontaine, Jan 7, 2016
    Xenon Hacks likes this.
  14. ddurdle

    ddurdle GBAtemp Regular

    Member
    259
    65
    Dec 13, 2015
    Canada
    Precisely. I'm waiting, but I don't want to wait too long. I see all these threads of people starting from a firmware < 10.3, such as 9.9, downgrading to 9.2, then upgrading to 10.3 then downgrade back to 9.2 to get a working system. It looks like people are being forced to upgrade to 10.3 and if 10.3 is replaced by a patched 10.4, game over.
     
  15. Uring

    Uring Advanced Member

    Newcomer
    77
    9
    Oct 28, 2015
    Micronesia, Federated States of
    But if you wait to downgrade and nothing pops up after 10.4 then you are doom cause the reason to downgrade now is that if your firwware is ruin you can go back to 10.3 and try again.
     
  16. Zidapi

    Zidapi GBAtemp Psycho!

    Member
    3,033
    1,817
    Dec 1, 2002
    Looks like it's working, because your response is hilariously, and tragically, pathetic.

    You're crying because they didn't release their CFW? Releasing theirs seems a little redundant with so many other choices available don't you think? Not satisfied with Gateway, rxTools, reiNAND or CakesFW?

    It's fucking phenomenal achievement, they shared because they're proud of their work, as they should be.

    So what if they don't release it? You aren't entitled to anything they've developed. Period.

    Your attitude to their work is pretty representative of much of this community sadly. Everyone seems to overlook the incredible amount of information they've contributed to 3dbrew.

    If they can achieve it, so can the devs we have who do release work for the community. So either way, it's a preview of things to come.
     
    Last edited by Zidapi, Jan 8, 2016
  17. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    Idc if they release it or not. I care that they only ever brag about what they supposedly have achieved and refuse to even so much as share hints of how they got there to further the community. That kind of attitude is destructive to the community as a whole.

    Also, the people involved in the "SALT" team have contributed nothing to 3dsbrew last I checked.

    I have no problem with people like smea and yls8 who DO contribute. They take a hard stance against piracy (just like SALT/KARL) and refuse to actively release any code or software that will enable it directly (just like SALT/KARL) but the difference between them is that smealum, yls8 and their associates at least contribute in documenting the efforts they make and providing that information to the community, even if the community intends to use their information to an end they do not approve of.
     
    Last edited by Aroth, Jan 8, 2016
  18. wormdood

    wormdood pirate booty inspector

    Member
    3,560
    1,506
    Jan 3, 2014
    United States
    behind a parental advisory sticker
    i just want to point out all those emulators smea packed into the hbc by default and i dont know when the last time i had fun on a emulator without a rom . . . "can you tell me emulators are great even without roms . . .?" . . . smea simply played it smart and let others do the illegal part instead of getting his ass sued like geohot
     
    Last edited by wormdood, Jan 8, 2016
    Aroth likes this.
  19. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    ;)
     
  20. Syphurith

    Syphurith Beginner

    Member
    641
    222
    Mar 8, 2013
    Switzerland
    Xi'an, Shaanxi Province
    They never contribute anything in name of the team, you have to test out the devs' name.
    However there are still important clues to get it fully, and i don't find anything this important on 3dbrew, says, other detail about it id
    In fact, the arm11 kernel access before the memchunkhax2, that Brahma, is based on their bootstrap. If you don't believe just forget this (cause they've hided the repos, no way to check this again). I hate to say they are now hiding things, thus others can not learn from the code. This means closed-source. However since those are their own work, you don't have rights on what isn't yours. And with no binary or hints, this definitely harm the development. And they don't really respond to the technical questions from others, no such posts on 4dsdev either, this is OK to a certain extent at a certain perspect, like why it is still right to say OK to no release. So the only thing they've contributed around the arm9loaderhax now is the videos tells me the exploit is pratical used and the object could be archived.
    It is useless to talk about their "no release" or put hope on it. Shame or not, let us forget the useless things.
    BTW, arm9loaderhax isn't that easy to implement, and likely to be implemented with hard-mod. I don't think it is that interesting when some important clues are hidden.

    Note: If anyone would like to reproduce that video for trolling, in other way to make it appear as that, you need to disable menuhax bootup details and have a menu 3dsx, with that actually boot into Cakes EmuNAND, with injected patched nim and ac modules, and a private update server, CVer and NVer from latest system version installed.
    Note: The video can be totally Crafted, however this is also useless, unless someone is borned too much. And the work isn't easy, modify menuhax may involve ROP, yup.
     
    Last edited by Syphurith, Jan 8, 2016
    peteruk and Chesta like this.
  21. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    For anyone else who has trouble understanding what @Syphurith is saying (not your fault bro, dat language barrier), basically the Brahma code that is used for arm11 access in 9.2 and lower is the work of the guy who are now part of SALT, but there is no credit or documentation of such (or even any real documentation on Brahma itself) on 3dsbrew. In addition, the video itself is not that hard to fake. The basic process would be to install the updated CVer and NVer to your sysnand, then set up menuhax and have it coldboot your cfw of choice to an emunand that also has CVer and NVer updated. Some relatively minor work would be needed to alter the info/graphics displayed while loading *hax (to avoid the "homebrew ropbin is ready" and the flashing colors" but for a team that actually has decent coding experience that shouldn't be TOO hard.

    In addition, even if they actually are using arm9loaderhax, it is highly likely that it was done with a hardware modification.

    edit:

    Now that I think about it, they may very well have been using ntrcardhax instead of arm9loaderhax.
     
    Last edited by Aroth, Jan 8, 2016
  22. Urbanshadow

    Urbanshadow GBAtemp Maniac

    Member
    1,295
    473
    Oct 16, 2015
    I only see a problem with your theory. The boot time. Even with just sysnand and no colors, triggering menuhax takes a while (1-4 seconds) after the sysnand menu is fully loaded (1-3 seconds more) and then you have the cfw disabling signature checks (1 sec more). So the lower boot time they could have possibly got that way is from 3 to 6 or 7 seconds to menu. They got fully menu boot in 2 and a half seconds quit, impossible for such a setup. And then they have a custom theme.

    I don't think they were trying to fool us with the video.
     
    Last edited by Urbanshadow, Jan 8, 2016