Why must we downgrade to 2.10 from 9.20?

Discussion in '3DS - Flashcards & Custom Firmwares' started by Chiqx, Aug 30, 2016.

  1. Chiqx
    OP

    Chiqx Advanced Member

    Newcomer
    92
    8
    Jul 29, 2016
    Gambia, The
    Hey. I'm asking myself why we have to downgrade from 9.2.0 instead of another version and why exactly 2.1.0? I've done the downgrade myself but now I'm asking myself why I did those steps ^^

    Gesendet von meinem SM-N910F mit Tapatalk
     
  2. DBlaze

    DBlaze I don't know what i'm doing.

    Member
    206
    63
    Nov 15, 2006
    Netherlands
    Well, if you did read the guide, then you would know why.
    Specifically, this part (in the new guide):

    "Since version 3.0, the OTP is locked out early in sysNAND boot. There is a New 3DS only exploit that works on 9.6, but it requires extra hardware. The solution we are using is to flash a 2.1.0CTRNAND partition and firmware to the device, allowing us to retrieve the OTP."

    So in short and easy terms, you want the OTP of your console, but you can only get it (easily) using 2.1.0.
     
    Last edited by DBlaze, Aug 30, 2016
  3. fikatr

    fikatr GBAtemp Advanced Fan

    Member
    880
    332
    Mar 29, 2016
    Turkey
    next to smea
    because otp is locked versions after 2.1 we need otp for a9lh so its black magic
     
    Sobliv likes this.
  4. zoogie

    zoogie simple pimp tool

    Member
    6,238
    7,916
    Nov 30, 2014
    United States
    tl;dr
    there's an oversight on < 3.0 that allows the dumping of the console unique data needed to install a9lh.
     
  5. TheToaster

    TheToaster Warrior of the Toast

    Member
    430
    160
    Aug 11, 2015
    United States
    USA
    For arm9loaderhax, you need the OTP. Nintendo has locked the OTP memory region, but forgot to do so in version 2.1.0
     
    Last edited by TheToaster, Aug 30, 2016
  6. PabloMK7

    PabloMK7 Red Yoshi! ^ω^

    Member
    1,752
    1,024
    Feb 21, 2014
    Spain
    Yoshi's Island
    Because Nintendo forgot to block the OTP region after boot. Firmware versions >3.0.0 block the otp region just after booting, so it becomes unaccesible. You need your otp which is unique to you in order to get neccesary keys to make the 3ds think that a9lh is legit.
     
  7. Chiqx
    OP

    Chiqx Advanced Member

    Newcomer
    92
    8
    Jul 29, 2016
    Gambia, The
    And what exactly is otp?

    Gesendet von meinem SM-N910F mit Tapatalk
     
  8. fikatr

    fikatr GBAtemp Advanced Fan

    Member
    880
    332
    Mar 29, 2016
    Turkey
    next to smea
    its black magic it keeps all secret keys :ph34r:
     
  9. DBlaze

    DBlaze I don't know what i'm doing.

    Member
    206
    63
    Nov 15, 2006
    Netherlands
  10. zoogie

    zoogie simple pimp tool

    Member
    6,238
    7,916
    Nov 30, 2014
    United States
    One-time-programmable - It's console-unique data burned into the CPU by the factory to help improve the 3ds's security.
    Nintendo mistakenly forgot to clear this info out of RAM during boot on < 3.0 firmwares and that's why we downgrade to get it.

    Before you ask, no emunand will not work because the OTP is locked shortly after power-on from > 3.0 firms. Boot to 9.2 sysnand then going to 2.1 emunand thus wouldn't work.
     
    Last edited by zoogie, Aug 30, 2016
  11. Chiqx
    OP

    Chiqx Advanced Member

    Newcomer
    92
    8
    Jul 29, 2016
    Gambia, The
    Ah okay thank you guys. :

    Gesendet von meinem SM-N910F mit Tapatalk
     
    zoogie likes this.
  12. GilgameshArcher

    GilgameshArcher GBAtemp Fan

    Member
    464
    162
    Jul 1, 2012
    Brazil
    São Paulo
    But I get my
    But I got my beautiful OTP downgrading my RedNAND
     
  13. sj33

    sj33 GBAtemp Addict

    Member
    2,702
    1,710
    Oct 22, 2013
    Japan
    This sounds fun, can I join in?

    "You need 2.1 to get your OTP!"
     
    Last edited by sj33, Aug 30, 2016
    astronautlevel likes this.
  14. TheToaster

    TheToaster Warrior of the Toast

    Member
    430
    160
    Aug 11, 2015
    United States
    USA
    Ninja'd x 100
     
  15. Elveman

    Elveman B9S Shitpost Race Smogonite

    Member
    GBAtemp Patron
    Elveman is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    434
    255
    Feb 1, 2015
    Russia
    Moscow city
    by then writing your RedNAND to sysNAND and still working with sysNAND after that
     
  16. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,339
    1,020
    Jan 1, 2016
    United States
    ...And flashing it to your sysNAND.

    EDIT: Ninja'd. :ninja:
     
  17. Chiqx
    OP

    Chiqx Advanced Member

    Newcomer
    92
    8
    Jul 29, 2016
    Gambia, The
    This is so fascinating. Everytime I open up my ds this comes to my mind. Like, those hackers must be geniuses o.o how do you even come up with these hacks and exploits :D
    Whatever thanks to all hackers who have made this possible :)
    Gesendet von meinem SM-N910F mit Tapatalk
     
    GilgameshArcher likes this.