Will it ever

Discussion in '3DS - Flashcards & Custom Firmwares' started by funnystory, Jul 21, 2015.

  1. funnystory
    OP

    funnystory Banned

    Banned
    1,472
    479
    Sep 20, 2008
    United States
    Ive read theres no hack for boot, but I was wondering If eventually it would be possible to flash the CFW to the sysnand so on bootup the exploit would work. I know this is currently unavailable but will it ever be available in the future? Why will this never be possible?
     
  2. MrJason005

    MrJason005 √2

    Member
    2,093
    1,157
    Nov 26, 2014
    Greece
    Κάπου
    You mean as in flashing a CFW to the NAND?
     
  3. gamesquest1

    gamesquest1 Nabnut

    Member
    14,120
    9,456
    Sep 23, 2013
    .....ahem........*shakes magic 8 ball*......apparently not
     
    kitney, Kippykip and WhoAmI? like this.
  4. StriderVM

    StriderVM GBAtemp Fan

    Member
    424
    87
    Jan 16, 2015
    I think the answer is "no" , because the "CFW" only works because the checks are removed by usage of an exploit (?), while the one on sysNAND, the same cannot be done.

    But I do not understand it correctly so please take it with a bucket of salt. :P
     
  5. MrJason005

    MrJason005 √2

    Member
    2,093
    1,157
    Nov 26, 2014
    Greece
    Κάπου
  6. gamesquest1

    gamesquest1 Nabnut

    Member
    14,120
    9,456
    Sep 23, 2013
    yeah your pretty much there, atm there is no known exploits that work at bootup, so if you try modify anything in sysnand you will either brick your 3DS or just do nothing positive, unless a exploit is found that is triggered on bootup all CFW's will be tied to being triggered elsewhere i.e CN,OOT,MSET,Browser

    unless a new exploit is found that is triggered on boot, or someone stumbles upon the signing keys for the 3DS it will always have to be triggered via some other route
     
    MrJason005 likes this.
  7. Typhin

    Typhin GBAtemp Fan

    Member
    305
    101
    Jan 30, 2008
    United States
    The bootloader is read-only and cannot be modified. The bootloader contains checks to make sure that the System Software it's about to load has a valid signature from Nintendo. The only way to be able to install a custom firmware or any other code as sysNand would be to get a hold of Nintendo's private keys and sign it, so the bootloader will willingly run it. A concentrated, distributed computing brute-force effort MIGHT be able to get the keys within a decade or two... And that's probably more likely to happen than getting it from Nintendo somehow.

    The only reason we're able to do anything with the system right now is because bugs were found that allow us to break that Chain of Trust, getting unsigned code to run (whether through the NVRAM exploit, the browser exploit, Cubic Ninja, or Zelda: OoT), and from there we can move on to custom firmwares and other fun things. But since that Chain of Trust starts from the system powering on, we have to get to an exploitable point each time before we can get to our code.
     
    peteruk likes this.