Zombie thread, RAAAGH

[cherryduck]

I honestly don't care about emunand right now. I just want to be able to use my New 3DS. I'd happily use a Gateway exploit with no emunand while they perfect it. Would buy a SKY3DS but it'd be a pointless expense with no region free support (outside of having to mess around with extra exploits) and no CIAs, and knowing my luck the Gateway update for New 3DS would be released right after I ordered.

Heck, maybe I SHOULD order a SKY3DS just so that happens x)

 

[thorasgar]

Why are people thinking its somewhere around August??

I honestly can't wait that long. I am actually starting to get impatient. I am already done with some games to keep my occupied namely Yakuza 3, Heavenly Sword and Journey.

Right now I am just playing Miles Edgeworth Investigations 2 for the DS hopefully Gateway's firmware is release before I am done with it.

Because without any other data to go by August has the same probability as Friday.

And you can wait that long. Others have waited that long. I have longer for >4.5 support.

 

[Maximilious]

Looks like it's an hardware flaw. Even it it gets fixed on the new batches, the keys can be derived on current units and must be the same for all future New 3DSes.

It's actually a software flaw if a write to memory stays consistent after a power-down/reboot of the device. Nintendo needs to add an operation to purge any un-needed cached memory objects during a reboot/shutdown in their software to clear the vulnerability.

 

[aofelix]

At this point in time, if you have a big library of 3DS games to be completed, I'd order a Sky3DS if you have a new3DS.

The only reason I'm holding out is I already bought a gateway 3DS, I have a 3DS XL and I've already played most of the 3DS games I wanted to. Therefore I'm not really too bothered.


The first thing I'm going to do when I get my new3DSXL working with my gateway is play fire emblem awakening to see those 3D cut scenes how they were meant to be seen.

 

[tony_2018]

At this point in time, if you have a big library of 3DS games to be completed, I'd order a Sky3DS if you have a new3DS.

The only reason I'm holding out is I already bought a gateway 3DS, I have a 3DS XL and I've already played most of the 3DS games I wanted to. Therefore I'm not really too bothered.


The first thing I'm going to do when I get my new3DSXL working with my gateway is play fire emblem awakening to see those 3D cut scenes how they were meant to be seen.

The first thing I'm going to do is NOT UPDATE IT IF ITS AT 8.1 - 9.2.

 

[davhuit]

US/EUR one won't be 8.1 for sure. Minimum firmware would be 9.0. For example, Ambassador (Europe) were 9.0

So they will either be between 9.0~9.4.

If there are between 9.0~9.2, it's pretty easy to be safe with the update, just don't configure any wifi connections at all and you'll be safe for sure, as no retails games have 9.x firmware on them yet.

You shouldn't even have to update to access the game included with it as it was said it's a preinstalled game so it should already be on the system when you turn it on.

Guys will we be able to use our saves on new 3ds when support comes? Cause I have put a lot of hours in pokemon Omega ruby and some other games and if I cannot transfer my saves then it will be a huge issue :S

It should be okay, as the saves are on the root of the SD card, as .sav files.

At least, it'll be okay for sure for Pokemon, as the save is inside the rom for those games.

 

[mathieulh]

It's actually a software flaw if a write to memory stays consistent after a power-down/reboot of the device. Nintendo needs to add an operation to purge any un-needed cached memory objects during a reboot/shutdown in their software to clear the vulnerability.

The keyslot 0x11 does (by design) get cleared; there simply is an (very silly) implementation flaw that allows you to retrieve the second stage for keyslot 0x11 "normal key" which in turn can be used to generate the thirst stage for keyslot 0x11 as well as KeyX for keyslots 0x18-0x20

I will not get into details, but the implementation mistake is quite easy to find/figure out with little knowledge of how the 3DS bootup process (technically wise obviously) works and few glimpses at the *New* 3DS ARM9 loader.
This flaw would allow someone with ARM9 code execution on a *New* 3DS (regardless of the firmware currently running) to retrieve those keys ("retrieve" implies generating/decrypting/calculating said keys)

 

[guitarheroknight]

The keyslot 0x11 does (by design) get cleared; there simply is an (very silly) implementation flaw that allows you to retrieve the second stage for keyslot 0x11 "normal key" which in turn can be used to generate the thirst stage for keyslot 0x11 as well as KeyX for keyslots 0x18-0x20

I will not get into details, but the implementation mistake is quite easy to find/figure out with little knowledge of how the 3DS bootup process (technically wise obviously) works and few glimpses at the *New* 3DS ARM9 loader.
This flaw would allow someone with ARM9 code execution on a *New* 3DS (regardless of the firmware currently running) to retrieve those keys ("retrieve" implies generating/decrypting/calculating said keys)

So with all this techy stuff being said it is possible to implement the 9.5 emunand?

 

[Miles54321]

So with all this techy stuff being said it is possible to implement the 9.5 emunand?

If anything i'm sure Gateway will come out of it sooner than people expect, the hard stuff has already been done and N3DS support is right around the corner

 

[mathieulh]

So with all this techy stuff being said it is possible to implement the 9.5 emunand?

Obviously yes, assuming you do get the second stage "normal key" for keyslot 0x11 you can decrypt the 9.5 ARM9 FIRM (and probably above depending on what new level of obfuscation Nintendo adds in the future)

 

[Miles54321]

So with all this techy stuff being said it is possible to implement the 9.5 emunand?

Also, I have a question about Gateway on 3DS, when you switch it on/access your games/emunand Do you get prompted all the time to update? (AKA 1 wrong button and you are on firmware 9.5)

 

[Maximilious]

Also, I have a question about Gateway on 3DS, when you switch it on/access your games/emunand Do you get prompted all the time to update? (AKA 1 wrong button and you are on firmware 9.5)

If your DS downloaded the patch it will prompt you to install. Block Nintendo Update servers from your router/firewall and format sysNAND to remove the prompt is the only way to remove it for now. emuNAND the prompt is okay, you just need to wait for GW team to release their launcher.dat file before you upgrade emuNAND.

Edit: This is in regard to a 9.2 sysNAND with browser exploit.

 

[2skies]

Also, I have a question about Gateway on 3DS, when you switch it on/access your games/emunand Do you get prompted all the time to update? (AKA 1 wrong button and you are on firmware 9.5)

For system updates - no.

On my 4.2 sysnand, I created three bogus connections so there's no way my system can connect to the internet in sysnand mode. My sysnand and emunand are unlinked, so that may help too. I never get nagged because I'm on 9.5 emunand, Gateway 3.0.4 supports 9.5.

 

[guitarheroknight]

Obviously yes, assuming you do get the second stage "normal key" for keyslot 0x11 you can decrypt the 9.5 ARM9 FIRM (and probably above depending on what new level of obfuscation Nintendo adds in the future)

Pardon my ignorance but does this second stage key need to be "leaked" by someone?

Also, I have a question about Gateway on 3DS, when you switch it on/access your games/emunand Do you get prompted all the time to update? (AKA 1 wrong button and you are on firmware 9.5)

Well I have made 3 fake connections on sysnand so I am good to go regarding update nags. But basically if youre playing a game or leave the 3DS connected to the wifi when youre in sleep mode the system will download the latest update automatically and prompt you to update. So the best thing is to set some fake internet access points or turn of the internet completely.

 

[jimskeet2002]

It should be okay, as the saves are on the root of the SD card, as .sav files.

At least, it'll be okay for sure for Pokemon, as the save is inside the rom for those games.

So it doesn't matter that the saves are from 4.5 sysnand?

Let me give all the facts.
Current state: old 3ds downgraded to 4.5. Emunand 9.5

If I get a 9.0-9.2 n3ds xl when gw launches support will my saves from my old 3ds system be usable on the new 3ds? I talk about rom saves only. Not retail cards

 

[MrJason005]

problem with bogus connections on sysnand with the new exploit is that you need internet to boot the exploit

 

[mathieulh]

I would like to add that there is probably a way to make use of the FIRM header race condition bug (the one actually fixed in firmware 9.5.0) to defeat that obfuscation as well, although I haven't looked into that, the implementation flaw I used is entirely unrelated (and simpler than this bug)

 

[guitarheroknight]

problem with bogus connections on sysnand with the new exploit is that you need internet to boot the exploit

You can quickly turn on the internet when youre in the browser just to access GWs exploit page, I mean theres o way to get the update nag by just doing that.

 

[MrJason005]

You can quickly turn on the internet when youre in the browser just to access GWs exploit page, I mean theres o way to get the update nag by just doing that.

wifi switch doesn't carry over to emunand?

 

[guitarheroknight]

wifi switch doesn't carry over to emunand?

It does but when you enter emunand just quickly turn it off and your good to go. Or better yet, make 3 bogus connections in emunand so it wont matter if the wifi switch is on or off.