Hacking What Do People Mean By: "Dirtying the Nand-Memory" When Using (SYSNAND CFW)?

[Ujico]

UPDATE: I found a way to safely restore save data onto my Nintendo Switch. Here's the link to the source:



It's a huge hassle but probably the safest way...





Hi, I want to restore a save file using Checkpoint on my Nintendo Switch.

I read a lot of different posts claiming that using SYSNAND in CFW mode is unsafe and can get you banned because the CFW leaves behind files on the SYSNAND memory, am I correct in this? I don't see as to why using my SYSNAND CFW would be a problem as long as I put my NSwitch to flight-mode before switching to SYSNAND CFW mode, that should make it safe right?

What do people mean by "dirtying" the SYSNAND memory? Launching Homebrew via the SYSNAND CFW shouldn't dirty it right? I also read that Nintendo creates log files about your usage on the NSwitch which could potentionally expose you? At what time are these log files generated? And can't they be disabled?

The only thing I want to do is restore my save file to my SYSNAND memory with minimal risk and hassle. How do I go about that?

I hope someone experienced can clear these things up for me.

(I probably already messed up for a potential ban anyway because I updated my Switch with a fuse-mismatch and accidentally loaded the SYSNAND CFW with my Internet enabled & restored a save file using Checkpoint but still.)


Sources (there're more but these 2 are straight to the point):

• https://www.reddit.com/r/SwitchPira...bility_of_transferring_saves_from_cfw_to_ofw/
  
• https://gbatemp.net/threads/how-do-...-checkpoint-to-switch-internal-memory.552395/

 

[dotmehdi]

Running AMS on your sysnand, even without launching any homebrew, may generate logs on your user partition, so if someday you get banned, that could be because of that.

Some guys on this board (like me) recommend not to touch your sysnand partition in any ways if you intend to use it online. No one can assure you that restoring your save will get you banned since we don't know how Nintendo proceed to scan our Switches online.

To me, the only safe way yo use CFW on your sysnand is with a full erase + blanked PRODINFO and local account (or injected fake nnid).

 

[Ujico]

Running AMS on your sysnand, even without launching any homebrew, may generate logs on your user partition, so if someday you get banned, that could be because of that.

Some guys on this board (like me) recommend not to touch your sysnand partition in any ways if you intend to use it online. No one can assure you that restoring your save will get you banned since we don't know how Nintendo proceed to scan our Switches online.

To me, the only safe way yo use CFW on your sysnand is with a full erase + blanked PRODINFO and local account (or injected fake nnid).

Hi, thanks for the reply.

What do you mean with:

• "the only safe way yo use CFW on your sysnand is with a full erase"? Can you elaborate as to what I should erase?
  
• What is a "blanked PRODINFO" and how do I make it blank?
• How do I "inject a fake NNID"?

So basically with "dirtying" the system memory people mean the log files that contain some extra info?
Are there any other ways to quickly restore save files from my emuNAND over to my sysNAND then?

Thanks in advance!

 

[dotmehdi]

By full erase, I mean either using @lordelan's tutorial : https://gbatemp.net/threads/cleaning-up-nand-to-play-online-safely.551767/ or using the homebrew Haku33 + doing a hard reset just after that so that your Nand is as brand new

You have to use either Incognito from homebrew loader or the payload Incognito_RCM so that you can backup your prodinfo partition, then blank some informations on that (you'll find more about that on the switchbrew wiki if you're interested on how it works)

To inject a fake nnid you can either use the tutorial available on this board (I don't remember where it is) or the homebrew Kefir Updater and choose the option "inject account".

I'm always glad to help anyone when it comes to hack a console, but I have to tell you that all the questions you posted were already asked many times different topics, so you should make some research before working on your Switch because I have a feeling that you didn't go far enough. I would recommend you to read tutorials on this board and on switch.hacks.guide. If you're stuck at any step, feel free to ask !

 

[evertonstz]

The only thing I want to do is restore my save file to my SYSNAND memory with minimal risk and hassle. How do I go about that?

So the minimal risk and hassle you talk about is doing one of the most risky things you can do on switch? Save editing has an extensible historic of getting people banned, if keeping yourself unbanned is a high priority for you move on with your life and forget about this save.

 

[Ujico]

So the minimal risk and hassle you talk about is doing one of the most risky things you can do on switch? Save editing has an extensible historic of getting people banned, if keeping yourself unbanned is a high priority for you move on with your life and forget about this save.

Any sources since it's so "extensible"? Your comment isn't really helping anyone as of this moment. I said "minimal" risk.

 

[annson24]

Omg, info here in GBAtemp are so outdated.

Here are a few things coming from kosmos dev:

three What are reasons I get banned by Nintendo?
== Certain Ban Reasons ==
• Piracy of any sort
• Homebrew NSPs
• Any installable NSPs whatsoever (This also applies to XCI, NSZ and any other format)
• Changing user icon through homebrew
• Sketchy eShop behavior

== Likely Ban Reasons ==
• Modding online games
• Cheating in online games
• Clearing error logs after they've been uploaded to Nintendo (this may extend to using both emuMMC and sysMMC online, due to mismatched logs)

== Not Ban Reasons ==
• Atmosphere itself
• Homebrew
• Custom themes
• Custom sysmodules (sys-ftpd-light, etc.)
• Mods/cheating in offline games
• Overclocking with sys-clk (just don't do it competitively, for all of our sakes)
• Running L4T, Lakka, Android or any other OS you may have installed
• emuMMC

== Not Enough Information ==
• Screwing with PRODINFO, but NOT committing bannable offenses

Sent from my SM-N975F using Tapatalk

 

[Ujico]

Omg, info here in GBAtemp are so outdated.

Here are a few things coming from kosmos dev:

three What are reasons I get banned by Nintendo?
== Certain Ban Reasons ==
• Piracy of any sort
• Homebrew NSPs
• Any installable NSPs whatsoever (This also applies to XCI, NSZ and any other format)
• Changing user icon through homebrew
• Sketchy eShop behavior

== Likely Ban Reasons ==
• Modding online games
• Cheating in online games
• Clearing error logs after they've been uploaded to Nintendo (this may extend to using both emuMMC and sysMMC online, due to mismatched logs)

== Not Ban Reasons ==
• Atmosphere itself
• Homebrew
• Custom themes
• Custom sysmodules (sys-ftpd-light, etc.)
• Mods/cheating in offline games
• Overclocking with sys-clk (just don't do it competitively, for all of our sakes)
• Running L4T, Lakka, Android or any other OS you may have installed
• emuMMC

== Not Enough Information ==
• Screwing with PRODINFO, but NOT committing bannable offenses

Sent from my SM-N975F using Tapatalk

Hi, thanks for the reply! By using Homebrew on OFW to load ONLY Checkpoint to restore save files wouldn't fit under this catagory right? I don't do any of the above except restoring save files via Checkpoint via Homebrew. Do you have the source if possible?

 

[pcwizard7]

Hi, thanks for the reply! By using Homebrew on OFW to load ONLY Checkpoint to restore save files wouldn't fit under this catagory right? I don't do any of the above except restoring save files via Checkpoint via Homebrew. Do you have the source if possible?

the only safer way to restore your save data on sysnand is to restore from a nand backup , u just need the user partition but we can't still guarantee your ban chances.

which is why we use cfw on emunand to leave the sysnand clean for online

or if your switch has fuse count for fw 4.1 or lower you leave the sysnand alone completely and use two emunands one for online and one for cfw

@annson24 that list sounds about right but i like to know how u know the accuracy of the list

 

[Ujico]

the only safer way to restore your save data on sysnand is to restore from a nand backup , u just need the user partition but we can't still guarantee your ban chances.

which is why we use cfw on emunand to leave the sysnand clean for online

or if your switch has fuse count for fw 4.1 or lower you leave the sysnand alone completely and use two emunands one for online and one for cfw

@annson24 that list sounds about right but i like to know how u know the accuracy of the list

I see. Clear answer. Restoring the sysNAND backup everytime is a big hassle though. But I get it. I still don't know what they mean with "dirtying" the sysNAND though, they mean the log files right?

 

[pcwizard7]

I see. Clear answer. Restoring the sysNAND backup everytime is a big hassle though. But I get it. I still don't know what they mean with "dirtying" the sysNAND though, they mean the log files right?

corrent log files may contain information that your switch is hacked and may result in ban.

I mean you only need to backup and restore the user partition which takes less time but i thinking how safe this can even be when it comes to logs. the advantage of this your not using a homebrew app but this wouldn't allow you to choose what to backup and restore. because a restore would overwrite anything current on the sysnand

which is why I would do the emunand setup for your situation

 

[FAST6191]

I see. Clear answer. Restoring the sysNAND backup everytime is a big hassle though. But I get it. I still don't know what they mean with "dirtying" the sysNAND though, they mean the log files right?

Log files are but one aspect. All those things people use to forensically analyse computers for tampering or whatever also often work just as well here -- you might have the most normal looking log files in history but if your system responds such that it can only have been hacked then who cares about logs? Oh look you have a DNS that blocks our public websites? Let's add another (a whole $10 for a new domain), or indeed use a direct IP address.

The general idea is the situation is reversed compared to basic hacking a console. In that the console maker has to be right every time against a wide variety of avenues of attack.
Here the console maker only has to be right once, and in the next however many years at that does not have to figure out a new detection method, and has a massive amount of methods at their disposal.
One of the primary things they can do is something called obfuscation. Here there will dot little snippets of code around the place with unknown purpose to the outside observer (and if you have several hundred thousand of those to account for it does rather make the job of the 5 or so people putting real effort into the firmware, and likely don't work together, a lot harder).
The can also switch those up every time (are we what 3 months between versions right now?), not act on the intel they provide (pragmatically speaking a ban does you no real good, might even up piracy, a ban when your new version/big online game is about to drop... well now. It does also mean you can have a safe as houses firmware today but if you were a risky type 3 years ago then yeah), and otherwise make things really hard for the would be hackers having to defend against this. The history of piracy of cable/satellite TV is usually a good one here as they do all this and have done for many years.

Most of the custom firmware makers (themselves often at least pretending to be anti piracy -- see the utter drivel they spout about why XCI format is the worst thing ever) are not detailing checks they found, looked for and negated, nor showcasing anything that shows they are doing that in secret (and are any good at it).

This is why the general mindset of would be hackers has to be if you hack then you risk losing online. There are things you can do to make it safer with one of the better ones being the stuff people suggest where you effectively anonymise your device and then have a perfectly normal version. Even with all that you still have the "I was drunk one night", "I have a little brother" and such things to contend with.
You can never be truly safe though. Personally I don't care (oh no you take bad online games on worse services that I have to also pay for away from me? However will I live now?) and encourage that mindset but play it as you will.

 

[annson24]

@annson24 that list sounds about right but i like to know how u know the accuracy of the list

These are the set of rules laid by the devs (kosmos, and I believe also atmosphere). you can check out their discord server if you haven't.