Firmware status

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by Nah3DS, Jan 24, 2018.

  1. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    Yes you can downgrade, but what is unique to the Switch is the fuse check which is done when the console is turned on. To get to the non-tethered methods that 1.0 has, you have to bypass that step otherwise the Switch will not turn on. And the only way to bypass this is through the tethered coldboot since it occurs before the fuse check. So as you can see, you need to use the tethered exploit regardless to utilize an untethered exploit if you downgrade.
     
  2. nachuz

    nachuz GBAtemp Regular

    Member
    2
    May 21, 2017
    Chile
  3. yoshimashi

    yoshimashi GBAtemp Regular

    Member
    1
    Mar 7, 2016
    United States
    I just bought a switch from Walmart and before I chose which one I wanted, I asked if they were indeed new in which the employee confirmed that it was new. But when I turned it on and checked the firmware it's 4.1.0. So is this the new Switch that Nintendo sent out replacing the tegra chip or is this a used device?
     
  4. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    If it was, it would have to have at least firmware 5.0 because that's the one that has the support for the new Switch revision. I don't think the employee understood the real question you were asking which is if it was the new Switch revision, Mariko, that they were selling. For future reference, that revision will most likely be a silent implementation meaning Nintendo won't make an announcement that they are selling a Switch with a new SoC nor will they alert distributors that it is new. The only way to confirm if it is the new revision or not is to try and run Fusee Gelee.
     
  5. SabejiThePirate

    SabejiThePirate Newbie

    Newcomer
    1
    May 3, 2018
    United States
    I work at Walmart and happen to stock the switches I can say even tho it is on 4.1 it is new. I bought one myself a few weeks back and it was on 4.1 but the exploit works fine for me. So you should be ok.
     
  6. gene0915

    gene0915 Advanced Member

    Newcomer
    3
    Apr 6, 2008
    United States
    I appreciate the OP putting together that chart but I don't think it's accurate. I saw a screenshot of a message from SciresM's discord chat where he says that if you're firmware is beyond 3.0.2, there will be NO untethered coldboot option.
     
    Nah3DS and Draxzelex like this.
  7. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    I believe OP might have mixed up the terms coldboot with softmod. I know they mentioned that there are confirmed softmods that work up to 4.1 but I have never heard them mention any coldboots outside of the one currently available.
     
    Nah3DS likes this.
  8. Nah3DS
    OP

    Nah3DS Madre de Dios! Es El POLLO DIABLO!!!

    Member
    10
    Feb 9, 2010
    Argentina
    Yeah guys, I kinda confused right now with this. It's hard to keep up with all the changes.
    Would you mind telling me how would you change the chart so I can update it?
     
  9. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    Sure. The change is extremely simple. Just swap out the term 'coldboot' where it says 'untethered coldboot' with 'softmod'. So it will now read as 'untethered softmod'.

    Another change is more of a technical change. In the for for untethered coldboot (which should be untethered softmod) for 5.x, instead of an 'X', maybe say 'TBD'. Because based on what I know, nobody has played around with softmods on 5.x so we can't confirm or deny there being any softmods for those specific firmwares. They may exist, they may not exist, basically like Schrödinger's cat. Using an 'X' implies we will never find one which isn't necessarily true no matter how close the chances to zero are.

    I actually really like the chart, its got nice colors to make things pop out with the information laid out in a way that anyone can understand. My props to whomever made it :D
     
    Nah3DS likes this.
  10. Nah3DS
    OP

    Nah3DS Madre de Dios! Es El POLLO DIABLO!!!

    Member
    10
    Feb 9, 2010
    Argentina
    I updated the chart with your recommendations. I'm sorry if this caused some confusion.
    Glad you liked the chart :)
     
  11. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    This following part does not need to be added into the chart (mostly because it will generate a lot of confusion).

    After researching a bit more, it turns out there may be a way to perform an untethered coldboot up to firmware 3.02. However, no one is working on implementing this (although there is a bounty for it). So your original chart was correct in indicating there was indeed an untethered coldboot for firmwares up to 3.0, but no one has developed it yet.

    As wonderful as your chart is, its going to get confusing when the new Mariko Switches come out as firmware will no longer make or break hacks for you. It will be whatever identifier those units come with whether it be serial number or something else.
     
  12. Nah3DS
    OP

    Nah3DS Madre de Dios! Es El POLLO DIABLO!!!

    Member
    10
    Feb 9, 2010
    Argentina
    Yeah, it seems there is a way but for the moment it's not implemented.
    We will see how to update the thread when the new Mariko units start appearing.

    Thanks for the help! :):)
     
  13. MiserySW

    MiserySW Newbie

    Newcomer
    1
    Apr 30, 2017
    United States
    From what I understand, (thanks to the chart provided by OP), as of now if I wanted CFW and an untethered boot I would need to be <3.0.0. Anything 3.0.1-4.1.0 is will eventually have untethered boot, but the release date for anything beyond 4.1.0 is unknown. Is this statement correct?

    So as I understand it, firmware is not the major competent of switch hacking, but rather it is the hardware. Firmware only dictates when something (CFW/HB/Untethered boot) is released and how easy it is to hack the system (lower firmware = more vulnerabilities)? Eventually, everything will be released for all the switches with old hardware (Tegra chip), but nothing will be released once the new hardware is pushed out (at least for the foreseeable future)? Is this statement correct?

    I ask because I'm looking to buy a switch, due to the recent activity on the system, and I fear it would be quite difficult to find any systems <3.0.0 at this stage of the game. If I'm willing to wait a year or two before hacking the switch, would it matter which firmware I get? Since I would really prefer to have an untethered method of booting CFW (and a hardmodless method), would a 4.1.0 system be better than a 5.x.x system in a year or two (assuming I can't get my hands on a <3.0.0 Switch), or will everything possibly be out for any firmware as long as it contains the Tegra chip?

    I apologize if these questions have been clarified in a different thread. I'm reading all over the place that one shouldn't upgrade past 3.0.0, others stating absolute minimum is 4.1.0, etc. and I just wanted to know what's correct and what's not based on the fact that I would be willing to wait a year or two before hack switching. Thank you in advance for any advice given on my post :)
     
  14. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    @MiserySW Let's start with what we do know. There are a number of untethered exploits. Some establish higher level access to the console. And depending on your firmware, there are certain homebrew you can utilize. For example, Pegaswitch is available for 3.0 and below but only has access to homebrew. The tethered coldboot works on all firmwares and grants you full access to the console at the cost of tethering. There are unreleased softmod warmboots that work all the way up to 4.1 but they have not been released yet. The softmod warmboot for 3.01-4.1 will not be released when the CFW is launched. This is speculation for the reasoning, but they have stated that they have not tested any exploits for 5.x as of yet. Since they have not released this exploit, Nintendo should not be aware of what to patch theoretically. So based on this logic, it holds that the 3.01-4.1 exploit may work on 5.x. There is a reason this is important.

    I get the vibe that you are aware that Nintendo is planning on releasing a new Switch revision that takes care of the tethered coldboot, known as Mariko (based on the chip it uses). The current Switch revision, Erista, has a hole in its bootrom that cannot be patched out because it is read-only thus allowing all firmwares to be hacked. The reason we know Mariko is coming is because there was support added for it in firmware 5.0. Now because the tethered coldboot will no longer work on the Mariko Switches, we currently have no means of hacking them when they come out. This is where those unreleased exploits come into play as they may be the key for unlocking those consoles. The next part will help explain why you should buy sooner rather than later.

    Now, the following is speculation after closely following the scene, but I think it will help to advise that you should buy an Erista Switch ASAP. We have no idea when the Mariko Switch will hit the market. Nintendo will most likely do a silent implementation of this revision. We have no idea how to even identify them, until they come out that is. So we can't warn users beforehand if they are buying a Mariko Switch or not. However, what we do know is why they are making it. And that is because of the unpatchable bootrom exploit. Originally, this exploit was planned to be released on June 15th by a team that alerted the manufacturers of the exploited chip of the problem. They notified them months in advance in hopes to give them enough time to implement a fix as the exploit had potential ramifications outside of the Switch. This same team is devoting all their current time towards developing the CFW, Atmosphere. Even though the CFW is still a WIP, they were still trying to finish it by the same time as they would disclose the exploit to the public, June 15th. The reason they have not tested any exploits for 5.x yet is because not only are they busy working on Atmosphere for the time being, but they may have a strong feeling that the Mariko Switches may be released sometime around that date. If Atmosphere can be finished by the time the Mariko Switches are out, it will give them the perfect opportunity to work on cracking the Mariko Switch with the unreleased softmod warmboot exploits for 3.01-4.1.

    The long and the short of the last paragraph is that although we have no idea when the new Switch revision will hit the market, the longer you wait, the more risk you take that the Switch you purchase will be a Mariko unit. Of course, as long as it doesn't have 5.x then its guaranteed not to be a Mariko device. But this is why its strongly advised that now is the time to buy an exploitable Switch because at the current moment, there are no confirmed hacks that will work on Mariko.

    My last point will be obtaining said sofmodded warmboot exploits. We have reason to believe that the untethered exploit for firmwares 3.0 and below may have been patched out because they indicated it will be released at the same time as the CFW. Whether it involves Pegaswitch or not is just speculation. The hard part is when they will release the one for 3.01-4.1. If it turns out that it does not work on 5.x, then similar to the one for 3.0 and below, they will release it as it has already been patched out so there's nothing holding them back on releasing it. But what if those exploits do work on 5.x? Now it becomes a guessing game as to when they'll release it, if at all since as you have noticed, exploits typically get released after they are fixed. For what its worth, I'm holding onto my 4.1 in the hopes of that untethered exploit because I don't like tethering either. But we will simply have to wait and see.

    I cannot answer your questions on what hacking will be like in a year or two because a) I cannot see the future and b) anything is possible. However, I hope I answered all your questions with some history on how we got to our current point in Switch hacking. I would agree that the forums are a bit of a mess in terms of utilizing hacks and discerning right from wrong, but this should all be alleviated once the CFW comes out. As someone else once said, "We may not be as good as a LGQT support group, but we are getting there".
     
    MiserySW and LuigiXL like this.
  15. LuigiXL

    LuigiXL GBAtemp Fan

    Member
    3
    Jan 19, 2016
    This marvel should be stickied all over the Switch section. The most concise and informative post since this whole thing started.
     
  16. MiserySW

    MiserySW Newbie

    Newcomer
    1
    Apr 30, 2017
    United States
    First and foremost, I want to say thank you to @Draxzelex for taking the time to answer this newbie's question to such detailed extent. It is very much appreciated. I also appreciate the history you provided on how Switch hacking got to the point that it is now because although I may not be able to contribute to the community, I enjoy being informed on things I am researching so that I can avoid potential mistakes, or pass along this information to others. I do agree with @LuigiXL in that your post is extremely concise and informative, and I believe would help others new to Switch hacking a great deal, myself included.

    Going back to your second to last paragraph regarding untethered exploits for firmwares <3.0.0 being patched out, wouldn't the untethered exploit for 3.0.1-4.1.0 be released regardless of whether or not is works on a 5.x.x console since the incoming wave of Mariko units patch these exploits with the new hardware change? Or does a change in hardware to the Mariko units not completely patch out the firmware exploits? What I mean is that these "older" exploits would still be compatible with Mariko units, they (team developing the exploits) would "just" have find a new way of hacking the Mariko consoles bootrom so that these exploits can be implemented? Does that make sense?

    While I can only hope that untethered softmodding will be released for 3.0.1-4.1.0 in the "near" future, it creates much anxiety for me (and I'm sure for others) not being able to know if this method will be released for systems on these firmwares.
     
    LuigiXL likes this.
  17. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    @MiserySW Hey, I'm a fellow noob if you couldn't tell :P I'm like you. I may not be able to contribute to the community with exploits, hacks, or homebrew, but if I can help spread the correct and most up-to-date information, then I'll gladly accept that role. Now onto the nitty-gritty.

    The tethered exploit is based on a vulnerability in the bootrom of the Nintendo Switch. Now, normally Nintendo could theoretically just release a new firmware update that patches the bootrom, rendering the exploit useless. But since the bootrom is read-only, neither Nintendo nor the hacking community can touch it, rendering it a hardware-based exploit. If you want to get technical, Nintendo could do a massive recall and patch all 18 million units but its obviously impractical. The unreleased softmods exploit a bug in the firmware which can be patched with a system update. If Nintendo was aware of the bug hackers were utilizing, then they would immediately release a new firmware with the changelog detailing "enhanced stability" which is hackspeak for "we patched a bug hackers use". Since they have not tested this exploit on 5.x yet, we do not know if Nintendo preemptively patched it out or not. The new Mariko units cannot patch this, theoretically, as their main purpose was to fix the tethered bootrom exploit. Also remember that I stated that Mariko units must be shipped with at least a 5.x firmware as that one added support for the new Mariko chip. On that firmware, it has patched softmod exploits that work up to 3.0. The only hope they have a working exploit is the one for 3.0.1-4.1 so you can see why they haven't released it yet.

    One thing I should have mentioned is that the CFW, Atmosphere, that the main hacking team ReSwitched is developing will have EmuNAND support. So if you are unsure whether or not to update because there's a chance it may be a long time before the 3.0.1-4.1 exploit, you can safely update to the latest firmware using EmuNAND and keep your 3.0.1-4.1 firmware on SysNAND. It is almost June 15th, the supposed release date for the CFW, so it won't be long now until we all start using Atmosphere and the hacking scene gains its second wind.
     
    LuigiXL likes this.
  18. MiserySW

    MiserySW Newbie

    Newcomer
    1
    Apr 30, 2017
    United States
    You could have fooled me with all the information you already know :P

    So it's pretty much a hit or a miss situation when Nintendo upgrades their firmware? They can continue to upgrade their firmware to x.x.x in hopes of patching an exploit but unless they know what to specifically patch, then it's possible that the exploit may not be patched (and ultimately released) for years? (As I'm writing, I'm starting to understand more of your response to my initial post so I apologize if I'm reiterating what you have already said). If that's then case, then I can see why the developers are hesitant about releasing information on exploits relating to later firmwares, as the next exploit(s) could work on systems running on 3.0.1-x.x.x.

    I have not read anything at all regarding EmuNAND, so before I start asking questions and potentially hijacking the OP's thread with this topic, I should read up on it first. I'll also look around for some Switch's (with preferred firmware of 4.1.0 or lower). I don't mind having to wait X years (hopefully X not being 5+) for an exploit to be released on this firmware. It seems to be a "happy" medium between games I can play and access to CFW (no big deal if I can't access the eShop).
    If there's not much I can reply to on your next post (assuming you reply), thanks again in advance @Draxzelex :bow:
     
  19. Draxzelex

    Draxzelex GBAtemp Advanced Fan

    Member
    3
    Aug 6, 2017
    United States
    New York City
    School taught me how to search for anything on the Internet. If only it was a career alternative.
    You hit the nail on the head. Nintendo may implement any number of things in their firmware updates. They can add new features, fix bugs that they find on their own, or patch exploits that have been released by the community in an effort to curb hacking. This is also the reason why a lot of the features of the Switch connect to being online which they then force you to be on the latest firmware. Recently, they added a super update nag that prevents you from using any service on the Switch that requires Internet access. It's a never ending battle between hackers and Nintendo.
    Take all the time you want learning about EmuNAND. It is not a new tool if you were a part of the 3DS scene. If you've got any more questions, I'll be more than happy to answer them:D
     
    LuigiXL likes this.
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice