Well, people do have to understand that the Wii U has a serious physical preservation problem. For most past consoles, getting the hardware and software is relatively easy. With the Wii U however, it would be a nightmare. Gamepads only came bundled with consoles, meaning that if a Gamepad breaks, the console paired with said Gamepad is rendered semi-unplayable. Add that to the fact that Wii U production for hardware, accessories, and games (except for BOTW, Cars 3) has already stopped, a perfect storm of difficult hardware preservation ensues. It's not like the Gamecube or Wii where old hardware will be cheap (with the exception of those darn component cables)- while the Wii U console itself might be cheap, I predict that Gamepads in good condition will be worth more than the console itself. Luckily, the Wii U has a vast digital library (assuming the eShop doesn't go down), but I suspect physical only games might go for a premium (assuming people don't just install these with WUPinstaller).
Emulation, however, solves the preservation worries by emulating the console itself, the Gamepad (and hopefully other controllers soon too), and the Wii U library of games. Wii U games no longer on store shelves will be playable thanks to this. While it does seem early for an emulator, people also need to understand that newer consoles are more difficult to emulate, so there's an advantage to starting early. Plus, the Wii U is already broken in terms of content protection. Emulators aren't changing that environment entirely by themselves.
@ruinez They can't make a secure browser to save their lives
Both the 3DS and the Wii U browsers are total entrypoints due to Webkit bugs and general laziness on Nintendo's part to never update such things (the 3DS and Wii U browsers still run old Webkit, with specific Nintendo added patches- webkit, however, has not been updated in the browser itself).
Also, for all of the people who actually wanted a web browser on the Switch, NEITHER the Wii U and the 3DS (the old one, obviously) launched with a web browser. The Wii U Internet Browser was added the 2.0.0 update (which was a day 1 update), while the 3DS Internet Browser was added in the 2.0.0-2 update, which released over 2 months after launch.
The Wii and DSi also had internet browsers (although they were both downloadable apps, not actually part of the OS), but they weren't usable. I also have a hard time saying the old3DS browser is really all that useful, due to a lack of HTML5, but the New3DS browser makes up for that.
Maybe if Nintendo makes bank on the online service fee, the Switch will get an outsourced developed browser like Chrome or something where Nintendo wouldn't have to worry about bad security due to their own bad browser code management
@rushiosan Sighax could still work if it ever releases with 11.3+, since you just need NAND access (hardmod, exploitable DSiWare) to use it. However, sighax needs the ARM9 protected bootrom dump to happen, which probably isn't getting released anytime soon.
@Gridatttack Hardmods themselves still work for restoring bricked 3DSes from a NAND backup. A Hardmod now with 11.3+ just can't be used to downgrade the console anymore. That's the difference.
@BulbasaurusRex Nintendo tried to block the exploit by taking away http (internet) services to the game, but Smealum just made an offline version where you scan a lot more QR codes but it works on current firmware (11.0 and above).
@DanteSolablood Under Sega v Accolade reverse engineering of hardware is protected under fair use. There's nothing Nintendo can do about reverse engineering really. They can only make it more difficult for people to utilize (which is exactly what 11.X has accomplished).
For example, derrek dumped the 2 main 3DS bootroms (ARM9 and ARM11) over a year ago. He hinted at his method and showed SHA-1s of the dump files in a talk at 33c3 (link: https://www.youtube.com/watch?v=gZzS-qK6OOk). That reverse engineering is completely legal. What would be illegal would be releasing it to the public, which is why derrek never releases anything.
While someone is (inevitably) going to try to reproduce derrek's method for dumping the protected bootroms, and yes, those dump files are technically going to be illegal, it will be just like all of the other technically illegal files already needed to hack the 3DS. 9.2 downgrade firmware packs? Technically illegal. Does that stop their distribution or use? Not really. But Nintendo isn't going to try to sue based on the Sony v Connectix precedent (copying of a copyrighted BIOS software during the development of an emulator or other software does not constitute copyright infringement, but is covered by fair use).
@DanteSolablood It's difficult to argue that this would fall under reverse engineering though, as it's a problem with how Nintendo chose to store eShop content claim data on the console itself (client-side) without doing a server side check (basically, the eShop doesn't ask, can you actually redownload X content? etc).
@Braok It's about the same rate as the eShop itself, I bet if you did a time comparison between the two it would be about the same...
I think it's also important to note that Freeshop was also used by some users (not me) who used .cia format DLC or official themes since entering the official eShop deletes such content, so people used Freeshop instead.
@PlywoodStick At least copy cards (with the notable exception of that one card that works on current firmware) are obsolete when it comes to CFW. Open source CFW is so much better...
@3MonthBeef You need CFW to run installable apps like freeshop though. To install any kind of CFW, we must first upgrade or downgrade to system version 9.0, 9.1, or 9.2 (depending on console region). This is easily accomplished via the Homebrew Launcher on 9.3-10.7. 11.X makes it much harder to downgrade, you need NAND access (via a hacked DSiWare game+save or a hardmod) to downgrade 11.X consoles to 9.2.
The best method to run CFW is called arm9loaderhax, or A9LH. A9LH allows you to keep ARM9 access on current firmware, including the latest system version (11.2). Updating, formatting, system transferring, etc does NOT remove A9LH from your system. In order to install A9LH, you need to visit system version 2.1.0-4. Instead of downgrading like we did with 9.0-9.2, we used a premade ctrtransfer image. This image is in the same format as a NAND backup but it does not contain any console unique data. Using the same program we used to make a NAND backup, we transfer the ctrtransfer data to our console. When we boot up, we are now on 2.1.0-4, even if you have a New3DS, this will work. From there, we go to a certain page in the browser that gets ARM9 access and launches the A9LH installer. The reason we have to be on 2.1.0-4 for this is because we can only dump the OTP, a requirement to install A9LH, on system versions <3.0, and we can only dump the OTP through the browser on 2.1.0-4. But basically, once the exploit works, you just hit select to install A9LH to your console. Then, you power your console off. From there, we can now hold certain buttons on power on to boot applications that need ARM9 access, like the program used to make and restore NAND backups. We then use A9LH to boot this program and restore our backup we made on 9.2. Then, we can then update our console since we have A9LH installed to the latest version. I have A9LH installed on both an old3DS and a New3DS. They are both on system version 11.2, but remember, because I have A9LH installed, I can always have ARM9 access on boot no matter what system version I'm on.
@BulbasaurusRex Did you know that Gamestop INTENTIONALLY ordered a reprint of Cubic Ninja from Nintendo and they accepted? Nintendo is all ARRGHGHGHGH against homebrew/hacks until they make bank from it.
Also, Soundhax is completely FREE and allows the same hacks as Cubic Ninja does on current firmware http://soundhax.com/
@KTT Yeah some games (4 Swords, Fieldrunners) you can't actually redownload from the actual eShop anymore at all, and others (like the Tetris games on the 3DS) you can't actually legitimately purchase on the eShop anymore, so you would have to use something like this to get access to those games.
Even if these direct download apps get DMCAed, the pirate sites won't and they'll probably host binaries of them soon...
@Gridatttack They're not making any money on Wii U games, people who wanted the console this holiday season couldn't even find it on store shelves for crying out loud
@Anti-Matter Yeah I think it's more common in certain places to actually have sellers and availability of physically pirated games+consoles, not where I live but elsewhere.
@zip This is probably because of the 33c3 Nintendo Hacking 2016 talk- Nintendo had to prove it's not "game over" for them even though someone has dumped both the ARM9 and ARM11 3DS protected bootroms.
@dimi Homebrew Launcher allows the running of emulators. Please note that homebrew "apps" (in .cia format) are much different from homebrew "applications" in (.3dsx format). Stuff like Freeshop are in .cia format only, meaning you need A9LH/CFW sysNAND/stock 9.0-9.2 to install it. .3dsx homebrew can be run from Homebrew Launcher without A9LH/CFW/stock 9.0-9.2, including emulators, although performance is much better on New3DS compared to old3DS.
@Mopati You can't use it without having full ARM9 kernel access to the console anyway, and 99.9% of people with a 3DS on >11.X certainly do not have that. And please note that is is not something you can run from Homebrew Launcher- it's an installable app only.
Basically, Freeshop downloaded content straight from the eShop servers using a file that contains the decryption keys for said content. This file is never included in the release at all. One can dump their own file from their 3DS, however it is less complete than the "crowd sourced" version of the file as it will only contain keys from titles you bought (duh). This is not the only app that does this, there are many others that do the exact same thing, the only reason this one in particular got DMCAed is because it actually entered the public spotlight, unlike the other copycat tools. If it hadn't, you wouldn't be reading this article.
@Moon Only GATEWAY bricks consoles. Well, being absolutely clueless and irresponsible while hacking your 3DS can also brick consoles, but while Nintendo does have the power to brick consoles if they are modded they don't because it would be a PR nightmare. And, many of the exploits and modification methods are pretty much Nintendo proof.
@jimi Yeah, I understand what you're saying. I just think that people commonly forget is that the 9.2 downgrade allows homebrew that (if you had not downgraded) you would be running through the Homebrew Launcher. Now, on New 3DS, this isn't a big deal simply because there is more memory allocated to ARM11 userland compared to old3DS, so emulators running through the Homebrew Launcher run at near to full or full speed. Old3ds users on the other hand have a strong incentive to downgrade for this reason. To give you perspective, I have an old3ds. I used to only have access to the Homebrew Launcher, and one day, I tried using a GBA emulator through it. Needless to say, the framerate was ABYSMAL. As in, less than 5 frames per second. But in comparison, once I downgraded, I could now install homebrew (such as emulators) to the home menu, meaning they would use the full kernel power of the system. Having downgraded, I can now run GBA injected games and even some SNES games via an emulator at full speed. So while you can run emulators through the Homebrew Launcher, for old3DS users, it's simply not worth it. And for old3DS users who just happened to update to 11.0, they will now have to do some soldering to change that.
But really, people (including Nintendo) should be more concerned about 3DS software piracy than emulators. Simply put, unless a game is on the Virtual Console, Nintendo is making no money off of the games that people run on these emulators anyway. The 3DS is not a powerful system, and as one person put it, "Just because your 3DS can play a port of Ocarina of Time does not mean that the 3DS is capable of N64 emulation". Because emulation is actually a very CPU heavy process, the 3DS is already pretty limited to what it can do from the get go. Heck, reviewers of the original 3DS called its specs "underpowered" in 2011. The real threat to the 3DS is not a flood of homebrew emulators- it's more that the 3DS games that you see on store shelves for $40 a pop right now can be pirated with only ONE alphanumeric string and a number when using Custom Firmware (which requires a downgrade to 9.2 to install). That is much more worrying to Nintendo's business than somebody playing a lame GBA F-Zero game due to buying a shovelware game like Freakyforms that they wouldn't have bought if it didn't have an exploit in it. See, unlike the Wii U, the 3DS is very profitable. If everyone downgraded their console 9.2 once (which, as previously mentioned for 11.0 users, that involves a BIG extra step), they could pirate on an updated emuNAND, meaning their real system (sysNAND) is still 9.2, but that 9.2 system is being used to boot an updated system on 11.0 with patched signature checks and other patches (CFW). It's kind of confusing. Then, if they completed a roughly 5-8 hour process after downgrading and setting up an emuNAND, where you downgrade temporarily to 2.1 to dump a unique key (unique to every 3DS) used to completely break the 3DS chain of trust, restore a backup of 9.2, then use that key to install CFW that allows you to update your sysNAND without losing 9.2 full control exploits, then people can pirate on current firmware (11.0) on their sysNAND! This should be a lot more worrying to anti-piracy advocates, because with the method of piracy used on the 3DS, it is very difficult to truly know how much piracy of going on. There's not even a need for private headers, for crying out loud! But unfortunately, 3DS software piracy ethics go way beyond the ethics of doing it. Because not only can 3DS piraters download SmileBasic right now, they can also download any delisted game. You want Tetris Axis, even though nobody can buy it off the actual eShop anymore? Just pirate it directly from Nintendo's content servers. And once again, you can even get around the region free issue because you can download games from other regions with this. It's a much more complicated issue to talk about than emulation, because chances are, Nintendo and their affiliate devs on their own eShop could be losing money to it right now in real time. Nintendo has already made all the money it can make on games like Mario Kart: Super Circuit or other commonly emulated titles. But 3DS games are providing them cash flow right now, and the ease at which 3DS software piracy can be achieved (after downgrading to 9.2, of course) is scarily easy. And Nintendo themselves is pretty much the only one at fault for this. Because who controls the eShop content servers? Nintendo. Who released the New3DS and made the unique to every 3DS key part of the chain of trust as part of that hardware release? Nintendo. Simply put, a lot of these hardware and software flaws were preventable, and some were caused outright by a change Nintendo themselves made. But I think if Nintendo spent time and resources on those issues, they would probably be resolved relatively quickly. But with the NX coming soon, I understand why they don't want to devote a lot of time to the 3DS.
@jimi While it might be true that a lot of homebrew on the 3DS is for 3DS software piracy, the type of homebrew that involves all of this games such as SmileBasic simply does not and cannot enable it. The only piracy that the exploits in this game and others could possibly invoke on 11.0 is via emulators, but the debate on whether that is piracy or not is a whole different discussion. See, 11.0 changed a lot about how homebrew works, because unlike the 9.3-10.7 days, you can't downgrade to system version 9.2 from 11.0 unless you natively downgrade your NATIVE_FIRM via some tricky soldering work on your 3DS NAND memory board. And if you're wondering why system version 9.2 is even relevant anymore, it's because it's the only stock system version in which full control of the 3DS system is possible through exploitation. And with full control, piracy is very possible. But these exploits used on 9.2 to gain access to the full system are very different than exploits like the one in SmileBasic. Full control exploits allow access to the ARM9 kernel of the system, which is pretty much the powerhouse of the 3DS. Exploits such as the one in Smile Basic allows less than 1/4 of the control of the system, and that 1/4 is the ARM11 userland. ARM11 is the chip used to run the home menu and other applications within it, like the internet browser many people never use. Homebrew exploits only allow access to the userland portion of ARM11, which is very small (sure, it's a lot bigger on New 3DS compared to the older models, but still). That's why userland emulators that run via the Homebrew Launcher have poor performance on old3DS when New 3DS can handle them great. The only true argument you can make that the Homebrew Launcher allows piracy (besides emulator usage, if you consider that piracy) is that on system versions 9.3-10.7, you can gain access to the ARM11 kernel (the stuff that controls system settings and the system update feature) via the Homebrew Launcher and downgrade your system to 9.2 (because remember, ARM11 kernel controls the system update feature, and downgrading is pretty much that same process done in reverse). And if you're on 9.0-9.2 already, you're set because they don't need to be downgraded! So while you can argue that the Homebrew Launcher indirectly allows piracy on system versions 9.0-10.7 by allowing them to either downgrade their system to 9.0-9.2 or by allowing them to install a CFW that allows piracy. But on 11.0, that argument is much harder to make, simply because most people are not willing to go through the trouble of soldering on a $200 device just so they can downgrade. The only piracy leg the "Homebrew Launcher allows piracy" argument has to stand on is emulator usage. And even then, some people don't consider that piracy.
@dadajo Hackers that develop 3DS exploits aren't really coming from a "I want to find an exploit in this game!". No. Just no. The attitude of the 3DS exploit devs is that they're developing exploits for games that are vulnerable. The majority of 3DS games are not exploitable currently, and is really only limited to a handful of games. Nobody should be thinking that exploit devs are just cherry picking games to get them pulled- really, that's not the point. The point that people seem to be missing that "there are already a bunch of ways to get homebrew" is that these exploits could be gone in a blink of on eye. When 11.0 first came out, we only had ONE primary homebrew exploit (the kind just llike BASICSploit and Freakyhax) that survived the 10.7 to 11.0 jump. ONE. But you know what happened after that? People developed new exploits! There are now 6 additional exploits (both secondary and primary) that support 11.0, and that's not even including the 11.0 payload update to oot3dhax, so that's really 7 exploits, 2 of which (BASICSploit and Freakyhax) are primary, just like Cubic Ninja used to be on 10.7 (yeah, Ninjhax doesn't work on 11.0, RIP). The point is, exploit devs aren't throwing at a dartboard to pick games they should exploit- it's not that simple, and nobody should be blaming them for "taking down my favorite game" or whatever. It's not the dev's fault that there aren't a lot of popular games that are vulnerable, especially in the "primary exploit" kind of way. If, say, Mario Kart 7 had a primary exploit, I don't think anybody would be complaining. The truth is, it simply doesn't matter what an exploit game is- a homebrew exploit isn't a personal attack on you programming in a dead and useless programming language or making Formees that look like they were ripped straight out of a 5 year old mind on your 3DS. It just happens that those games were coded in a way that made them exploitable. And really, who was going to buy Freakyforms Deluxe without the incentive of a hoembrew exploit? Nobody except clueless 5 year olds! It's a shovel ware game, for crying out loud!
The point I'm trying to make is that the 3ds exploit devs simply have to keep working to keep homebrew alive on the 3DS, because a previously amazing and working exploit could be gone in the blink of an eye. If you had what 3ds exploit devs did for a job, it would be very disconcerting to think that all of your work on an exploit could be thrown away and wasted via an update or other patch if Nintendo wanted to. It's much harder to develop a 3ds homebrew exploit than many people think (I mean, have any of you even SEEN the BASICSploit script?). And ultimately, because the majority of 3DS games are coded well (which is not the homebrew community's fault at all), the majority of exploits are going to be in games you haven't even heard of or most likely wouldn't buy anyway. And sure, if something took down my favorite game from the eShop (and I didn't have a CFW A9LH system), I would be pretty mad. But really, there's no reason to blame the 3DS exploit devs for this, because they just don't pick games to exploit. They need to find a vulnerability first.
@shadowharold Even better, Ocarina of Time 3D has actually been fixed for 11.0!! Just redownload the homebrew starter kit, put the oot3dhax installer files from that onto the 3ds folder of your SD card (replace the old installer with the new one), and then use the new installer to install the 11.0 payload to your oot3d cart. However, the only way to trigger the exploit is to press A as soon as the hacked file loads (don't move around, touch the map, read the sign, those methods of launching don't work consistently with the 11.0 payload and will cause ASLR like random crashing). It will load 100% of the time of you just mash A, pretty much.
@Dave24 @Dave24 @Dave24 As much as people and Nintendo would like to deny it, homebrew (and, indeed, the entire process of reverse engineering technological devices) is protected under US law, and in other countries throughout the world. There is very little that Nintendo can do to homebrew developers legally because the only legal power they really have is to sue companies or processes that explicitly enable piracy, like the original R4 lawsuits. The issue is that the way the 3DS eShop is currently designed, it is currently near impossible to tell whether homebrew installable applications (notice, I did not just say apps, nothing in the Homebrew Launcher can pirate games, you need to be able to install apps to the home menu to do this) that normally can accomplish piracy are actually doi so. And unlike many other instances of console piracy, CIA downloaded (pirated) 3DS are a 1:1 copy (yes, that means online play on pirated 3DS games works), meaning it would be extremely difficult for Nintendo to go after people with pirated 3DS games because it would be very difficult to figure out which games were legitimate. So no, homebrew on the 3DS is here to stay, lawsuit free.
@AlexSora89 Homebrew users have been able to play pretty much any GBA game on the 3DS through VC injection, so yeah, if you want GBA games on your 3DS, go for CFW.
@Sakura By not needing to downgrade, do you mean you were at 9.0-9.2 already or were you at something really low (<3.0)? I'm curious how many "untouched" 3DSes run on OTP dumping compatible firmware (which is also <3.0). Also, I didn't know this until today, but you can actually dump your OTP on <3.0 using a special QR code for Cubic Ninja, which sounds sweet. I used the OTPHelper browser exploit (most people do) to dump my OTP since I don't have Cubic Ninja (I got into 3DS Homebrew on 10.5, when Ninjhax was pretty irrelevant compared to browserhax, so I didn't see the need to get a CN cart), but this just sounded like a really cool thing.
I guess what I like about active homebrew scenes is that even if you aren't actually developing any homebrew applications yourself, you can still learn something new about the system you're using every day.
You can already edit Splatoon costumes that work online with Wii U homebrew (TCPGecko or Cafiine), but the idea renderings in this video are extremely high quality. I especially like the Mario Kart 8 Battle Course one.
Honestly I haven't ever played this game but it kind of looks like shovelware. It might be a great game, it's just... something about Frozen having a good tie-in videogame doesn't sound right.
Thanks, eShop, for being broken enough that I can download games from you with just a title ID and a titlekey (and patched signatures through CFW, obviously).
Seriously, the 3DS eShop is the Dreamcast piracy equivalent of 2016. Like, why can't Nintendo make anything secure nowadays?
@CubicPirate @ThomasBW84 Yeah, I would love to talk more about 3DS Homebrew too, I have a lot of experience with it and I find it an interesting community as a whole. Just let me know if you need help verifying something or if you want to learn more about 3DS Homebrew in general.
I have also gotten into the Wii U Homebrew scene with the new 5.5.X kernel exploit out, and if this site plans on making an article about that I would love to contribute.
@ThomasBW84 With the way 3DShomebrew is currently set up, if you ever have the chance to downgrade/upgrade to 9.0-9.2, you can always run Custom Firmware as this is where homebrew has full control exploits on the 3DS.
With full control, we can make backups of our entire system. We'll call our 9.2 system sysNAND for simplicity. A 9.2 sysNAND can run a Custom Firmware that boots a copy of your system (via the backups we can make) that is updated to the latest system version. This copy is called emuNAND or redNAND, depending on how the memory is stored on the SD card. Using this method, it is true that the 9.2 syNAND isn't touched, because updating your sysNAND from 9.2 would make you lose the ability to run Custom Firmware. But with this method, you can update, play online, and do whatever you want on your updated emuNAND or redNAND because the Custom Firmware patches out certain things, such as signature checks and exploit patches in updates such as 11.0. Overall, this method is called Menuhax, as to boot your emuNAND or redNAND instead of your sysNAND, you can use a homebrew exploit that was patched in 10.6 (but still works on 9.2) that loads a homebrew executable on boot. Using a boot manager exeutable instead of the homebrew launcher executable allows people using this method to boot their system with Menuhax and automatically boot into their redNAND or emuNAND, so the old 9.2 sysNAND is completely bypassed and is only useful for a few other things that require full control, such as making system backups.
There is even a method to run Custom Firmware using the OTP (one time programmable) key unique to each 3DS that allows your sysNAND (instead of an emuNAND or redNAND) to have Custom Firmware access, even if it is updated. This method is called Arm9LoaderHax, commonly abbreviated to A9LH. With this method, people first back up their 9.2 sysNAND. Then, they create an emuNAND or redNAND if they haven't already. From there, in order to dump the console unique OTP, you need to downgrade the system temporarily to 2.1, as since 3.0, the OTP has been locked in the bootrom, but before 3.0, it was stored in userland (essentially what the homebrew launcher has access to). Since this system version is very old (the 3rd ever update created for the 3DS), none of the Custom Firmware programs support running an emu/redNAND on 2.1. So, we downgrade our emuNAND or redNAND to 2.1, but since no Custom Firmware supports running a 2.1 emuNAND or redNAND, our emu/redNAND will appear "bricked" by the downgrade. However, if we make a backup of this 2.1 downgraded emu/redNAND and flash it (copy over) to our sysNAND, our sysNAND will be able to run 2.1 just fine. From there, we use a browser exploit to gain userland control and dump the OTP file itself. We can then use the same program we used to dump the OTP to restore our 9.2 sysNAND backup.
From here, all that is necessary is to install the exploit itself. This is done through running an application in the Homebrew Launcher on a 9.2 sysNAND where the OTP dump is required as input. This exploit essentially writes unique (due to the OTP being required) "junk" data to our sysNAND so that as a result, it will always jump to a payload that can run Custom Firmware or even applications that require full control, such as the system and emu/redNAND backup program or decryption programs milliseconds into the boot processs while not having full control firmware (a.k.a. 9.2). Once the exploit is installed, you can use a Custom Firmware to run and patch your sysNAND instead of your emu/redNAND like in the Menuhax method. One of these essential patches blocks updates to the NATIVE_FIRM partition of your sysNAND. You know what this partition stores? All of the exploit patches, from the 11.0 minimum title list to the 10.6 browserhax/menuhax patches. This partition is also where the Arm9LoaderHax exploit is installed. So essentially, with this partition being blocked from updates, I can update my sysNAND running on Custom Firmware while still keeping full control of my system on current firmware (11.0).
Essentially, I think the best comparison to make if this is hard to understand is that 3DS homebrew is like a stock fund. Let's say that the stock fund represents full control hacks on the 3DS. There are "shareholders" that have already invested in this fund by downgrading their sysNAND to 9.2 at some point in the past to either run the Menuhax method or the A9LH (Arm9LoaderHax) method of homebrew. Those people will always have the ability to keep their share of the fund (keep full control hacks) if they wish. However, there is a couple more groups involved in this comparison, and one is the people on 4.X-8.X and 9.3-10.7 that could be a part of this fund but have not because they have not up/downgraded to 9.2 yet. These people can be a part of the "full 3DS control" fund if they choose to down/upgrade to 9.2. Then there is the last group in this comparison, the people on 11.0 (without using Arm9LoaderHax, obviously) who cannot join the fund (downgrade to 9.2) without getting a hardmod. And since the majority of 3DS users (I would say) are not willing to get a hardmod for their 3DS, for the most part, this stock fund of "full control on the 3DS" is closed for most of these new would-be investors.
In short, the people who have a 9.2 sysNAND with an updated emuNAND or redNAND (the Menuhax method) or the people who got to 9.2 at some point in the past and installed Arm9LoaderHax instead will always have the ability to keep Custom Firmware with full online access (with Menuhax, the emu/redNAND has full online access and update capability, the 9.2 sysNAND does not). But as getting to 9.2 at some point is required to install Custom Firmware in any situation, if Nintendo can block that initial downgrade to 9.2 for new users (as they did with 11.0 already), they can plateau the number of people with permanent full control Custom Firmware to the people who did it in the past, essentially closing full control *hax to new users. While some users on 11.0 will have access to the Homebrew Launcher through Freakyhax or the other games that have been taken down from the eShop, it doesn't matter anyway on 11.0 because downgrading through the Homebrew Launcher is only possible on 10.4 NATIVE_FIRM or lower (e.g. 4.X-10.7), so without a hardmod to downgrade NATIVE_FIRM from 11.0 to the one used on 10.4-10.7, 11.0 users cannot downgrade at all.
The new 11.0 exploits are truly only for Homebrew Launcher access. If 11.1 came out or something that patched all the 11.0 exploits people without Custom Firmware would have to stay offline (not update) to keep Homebrew Launcher access. I even did this for a period of time when I stayed on 10.5 for a while because 10.6 patched Menuhax and I was too cheap to buy Ocarina of Time 3D, which worked on 10.6 (As soon as the 10.4-10.7 downgrade exploit came out though, I downgraded to 9.2 and installed Arm9LoaderHax, so now my sysNAND is 11.0 but I still have full control and Custom Firmware like a 9.2 system does). However, this behavior of keeping a system offline does not happen when we're talking about anybody with Custom Firmware, because with Custom Firmware, any exploit that was patched can be patched back in by the Custom Firmware program itself. So, with 11.0, you know how Cubic Ninja was patched out? Well, due to the fact that my Custom Firmware reverted this patch, I can still use Cubic Ninja on 11.0 using my Custom Firmware sysNAND, even though other non hacked people on 11.0 could not do so.
@sunrisensoul Almost all of the games that have gotten taken down from the eShop because of homebrew are eShop only games- they never got a physical release. Ironfall: Invasion, VVVVVV, and Citizens of Earth were all eShop only games, there were no cartridges produced for them. The only game that has a cartridge (physical) release that has been pulled from the eShop because of homebrew is Freakyforms Deluxe, which can be considered near shovelware.
But yeah, none of these games (and their corresponding exploits) allow any pirating on their own. The Homebrew Launcher (HBL) is just what it says it is- a launcher. It doesn't come prebundled with anything, you have to provide and find the software you want to run with it. On 11.0, pirating from the HBL is quite literally impossible, and even on older firmware versions such as 4.1-10.7 unlimited piracy is not possible using the Homebrew Launcher alone (aka no Custom Firmware). The only type of piracy that can be performed using an HBL program alone is the installation of legitimately signed .cia games, which are only games bundled with 3DS consoles that were preinstalled (not download code bundled), such as Mario Kart 7 or Pokemon X and Y. And even then, that requires a firmware of 4.1-10.7 to work, so this doesn't even work on 11.0. Also, insecurity is not caused by hackers, it's found by them.
@HSuzumiyaVI Yes, there is a direct way to hack the 3DS (via CFW) but ultimately HBL is a "first step" of sorts that is required no matter what you want to do.
@HSuzumiyaVI Keeping exploits quiet often comes down to their importance. Secondary exploits like in VVVVVV and Citizens of Earth are relatively minor in terms of importance because both of those games are eShop only. The exploits that are most important to strategically release or exploits that run on a game with a physical release, because that means that if the game gets pulled digitally the exploit game will still be available physically. The most important ones to keep secret (other than ARM9 kernel access exploits, that's the top because the only released ARM9 kernel exploit only works on 9.0-9.2, which is why downgrading is needed in the first place) are exploits in games that have a physical release and do not require any kind of *hax to install or use (which is called a primary exploit). These are important because they are very rare. Only 3 games fall into this category: SSB, Cubic Ninja on 4.0.0-7 to 10.7.0-32, and Freakyforms Deluxe. As long as that last category is managed well, anything else can be freely released to the public for the most part in terms of 3DS homebrew. Well, you know, execept titlekeys and slotkeys.
@Dr_Lugae I asked this because I bought VVVVVV ages ago, and I agree, it's a really fun, solid puzzle platformer. I hacked my 3DS fairly recently, about a couple of months ago (A9LH, CFW, everything) and simply don't understand the methodology of these game takedowns now. In the case of VVVVVV, once the exploit came out for it, I backed up my save and tried it out. To be honest, I still find it one of my favorite homebrew exploits, because I can just mash A to get into HBL. Citizens of Earth is also nice, because it auto loads (like PSMD) and can have the payloads updated without reinstallation, although it's a slow booting game overall so it's not the fastest.
Based on what I've seen from the community, all of these secondary (meaning you need prior hax already to use them) game exploits are really just for convenience with users without CFW and a nicety to people that do. Like, for example, if I had a 11.0 vanilla 3DS and I happened to have one of these secondary exploit games like PSMD, OoT3D, VVVVVV, Citizens of Earth, and Pokemon OR/AS, I could use a primary exploit such as via Freakyforms Deluxe (or borrow a copy of OoT3D) to get into HBL and install a secondary exploit on one of the games I owned. That's why these are a convenience: secondary exploits are so that not everyone has to buy Freakyforms Deluxe. You could have one person buy the game, and then share it with a ton of other people so that they could install some other *hax on a game they own already, such as VVVVVV or Citizens of Earth or something.
For me with CFW, I mainly like having a variety of ways to get to HBL for fun, mainly, so right now I have an OoT3D cart with OoT3Dhax installed on it, I have *v Hax on my copy of VVVVVV I got ages ago, and I have a region free .cia of Cubic Ninja, Citizens of Earth from the Humble Bundle, and a pre-takedown CDN direct download of Freakyforms Deluxe. While sure, with CFW I can just install an 8 MB application that boots HBL near 100%, but what's the fun in that? I feel like I should take advantage of as many of these exploits as possible ultimately because some of them are more fun to use (*V Hax), some of them have more features (Ninjhax 1.1b on my 9.2 redNAND, for example), and some I'm just proud of homebrew developers finding and working on, like Freakyhax/OoT3Dhax/Humblehax/ and menuhax/browserhax on my 9.2 redNAND.
My solution to these secondary exploit games are to leave them be. Having an exploit in your game will certainly increase sales. Like seriously, Freakyforms Deluxe before the exploit was discovered was probably selling at shovelware rates. But now, this game is picking up tons of sales strictly because the game's security management is broken. What's the problem with making more money because of homebrew? If Nintendo kept this game on the eShop for even just a bit longer, they would sell boatloads of copies.
@Krzysztofa Well, there are a couple of programs that can do it. One you can find by searching for the installable 3DS file format plus angel, another you can find if you search"eshop", but add the letters "fre" to the beginning, and fbi at 2.0 or higher (not the government agency, the .cia installer). That should get you where you need to go. For some of these programs, you will need a file called enctitlekeys.bin, which you can get using the .cia application that you can find easily by searching "enctitlekeys.bin updater". No needing to go to that 3ds titlekey site either.
Or, you know, you could read the subreddit on this topic at reddit.com/r/3dshacks it has everything you could possibly need there too.
@Dakt Fully hacked 3DS consoles with Custom Firmware (CFW) can install all of the delisted or taken down eShop games they want! You want Game Boy Tetris and Tetris Axis, even though Nintendo's Tetris Licensing expired and both games were pulled from the eShop as a result? With CFW homebrew, you can get them! You can get VVVVVV, Citizens of Earth, Freakyforms Deluxe, and other delisted games which you would normally NEVER having the chance of getting using CFW homebrew.
@seb5049 Technically yes, but here's the thing: There are a decent amount of people with hardmods that can unbrick their system NO MATTER WHAT they install. So if a brick program surfaced, it would be verified and checked on those hardmod 3DSes. And if it really does brick the system, hardmod users can always flash a backup directly to the 3DS NAND board in and of itself and recover from it, not to mention spread the word that "x program will brick your console". This has already happened with Gateway flashcart software before (where installing a firmware update on counterfeit flashcarts would brick your system), but due to the people with hardmods this was well known and as a result Gateway is a complete meme in the 3DS hacking community.
@Patriplexity Also, when I got A9LH a few months ago there were no safety checks in the OTPhelper program that you actually used to flash your 2.1 emuNAND to your sysNAND, so I was super scared. Then, when I actually hit the button to flash it over and it finished, it looked like I had bricked because I just got a black screen. But when I booted without the SD card in it booted 2.1 fine for me. So yeah, even if everything goes well and there's no hiccups, it can still be stressful.
EDIT: Nowadays 99% of the programs you use to install A9LH have tons of safety checks to make it near impossible to brick via user error.
@Patriplexity Yeah, a lot of people don't understand that there are 2 levels to 3DS homebrew:
1. The homebrew setup where you have access to the Homebrew Launcher only (userland homebrew). This type of homebrew is possible on any firmware between 9.0-11.0 (11.0 is current firmware).
2. The homebrew setup where you have downgraded to 9.2 and installed CFW (custom firmware) with or without A9LH (arm9loaderhax, if you don't know what it is look it up) that can run kernel access homebrew and pirate games (play backups) while also having access to the Homebrew Launcher type of homebrew. This is possible on any system already on 9.0-9.2 without much work (unless you want to install A9LH) and is possible on 9.3-10.7 using a homebrew downgrader software that can be run in the Homebrew Launcher. What people don't seem to understand is that if you are on 11.0 you have to have/get a hardmod to do this type of homebrew because 11.0 broke the homebrew downgrader application probably for good and you need a hardmod to revert the downgrade fix.
So yeah, piracy on current vanilla firmware is not a walk in the park due to the fact that you need a hardmod. But for any 3DS on 9.0-10.7 vanilla, CFW and piracy can be easily accomplished.
@BIGGES202 So you're a menuhax peasant right now and want to get A9LH? It's a pretty straightforward process, it just takes a bit of time because it involves a lot of system backups, but it is well worth it having 100% boot rate and never having a yellow screen ever again. I have A9LH right now and honestly not sure what I would use without it.
Also, the ironic thing about A9LH is that if the New 3DS didn't come out A9LH wouldn't be possible so massive failure on Nintendo's end for messing with the cryptosystem when they designed the New 3DS.
I think that this whole discussion about pirating directly from the eshop has overlooked a major point: is it ethical to pirate a game that has been removed from public access (such as VVVVVV, Citizens of Earth, Freakyforms Deluxe, Cubic Ninja if you have a JP 3DS) by direct downloading from the eShop? Also FYI, doing this is entirely possible using my current *hax setup.
While I believe that this would be ok, I'm interested to think what vanilla (non hacked) 3DS users think about this.
Also, the PSP homebrew scene is very similar to the 3DS in that downgrading your system at some point was necessary to get full kernel access. But I think what Sony did to address the situation was pretty smart. They encouraged people to update their PSP (usually on exploitable or downgradable firmware) to the current version not because they made the old firmware non-functional. Instead, they added actually decent features like and internet browser in updates to encourage people to update.
In comparison, Nintendo has attempted to lockout online play, the eShop, and the internet browser (9.9-10.7 as of right now) for old firmware, and they've used the same line for the official 3DS update history since 9.4.X ("Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience"). And really, all of these blocks and checks that attempt to ( want to get people to update have only done the opposite. All of the blocks I mentioned above CAN be bypassed with homebrew itself. So it seems that whenever Nintendo tries to address homebrew by blocking something, it has the opposite effect.
Also, the only features that we have gotten feature wise in firmware updates since exploitable firmware is theme SHUFFLING and an official way to take screenshots (in 9.3.X). Themes can be used in the 9.0-9.2 ARM9 kernel exploit zone just fine, and the ability to take screenshots has been a homebrew ability on the 3DS for ages. Other than that, all we have gotten is "stability", which just means patching homebrew or system exploits that the majority of vanilla 3DS users know nothing or very little about.
@MadAdam81 Unless a hacker PHYSICALLY took down a game from the eShop (which they do not have the power to do, by the way), they can't be prosecuted for any of these takedowns.
Comments 92
Re: Cemu Wii U Emulator Version 1.7.5 Shows Daunting Progress With Zelda: Breath of the Wild
Well, people do have to understand that the Wii U has a serious physical preservation problem. For most past consoles, getting the hardware and software is relatively easy. With the Wii U however, it would be a nightmare. Gamepads only came bundled with consoles, meaning that if a Gamepad breaks, the console paired with said Gamepad is rendered semi-unplayable. Add that to the fact that Wii U production for hardware, accessories, and games (except for BOTW, Cars 3) has already stopped, a perfect storm of difficult hardware preservation ensues. It's not like the Gamecube or Wii where old hardware will be cheap (with the exception of those darn component cables)- while the Wii U console itself might be cheap, I predict that Gamepads in good condition will be worth more than the console itself. Luckily, the Wii U has a vast digital library (assuming the eShop doesn't go down), but I suspect physical only games might go for a premium (assuming people don't just install these with WUPinstaller).
Emulation, however, solves the preservation worries by emulating the console itself, the Gamepad (and hopefully other controllers soon too), and the Wii U library of games. Wii U games no longer on store shelves will be playable thanks to this. While it does seem early for an emulator, people also need to understand that newer consoles are more difficult to emulate, so there's an advantage to starting early. Plus, the Wii U is already broken in terms of content protection. Emulators aren't changing that environment entirely by themselves.
Re: Nintendo States That Support for the 3DS Family of Systems Remains Strong
I'm glad that the 3DS will still be supported, but that doesn't make the "New 2DS XL" any less stupid (especially that name. It's cringy at best).
Re: Nintendo Switch Lacks A Web Browser Because It's A "Dedicated Video Game Platform"
@ruinez They can't make a secure browser to save their lives
Both the 3DS and the Wii U browsers are total entrypoints due to Webkit bugs and general laziness on Nintendo's part to never update such things (the 3DS and Wii U browsers still run old Webkit, with specific Nintendo added patches- webkit, however, has not been updated in the browser itself).
Also, for all of the people who actually wanted a web browser on the Switch, NEITHER the Wii U and the 3DS (the old one, obviously) launched with a web browser. The Wii U Internet Browser was added the 2.0.0 update (which was a day 1 update), while the 3DS Internet Browser was added in the 2.0.0-2 update, which released over 2 months after launch.
The Wii and DSi also had internet browsers (although they were both downloadable apps, not actually part of the OS), but they weren't usable. I also have a hard time saying the old3DS browser is really all that useful, due to a lack of HTML5, but the New3DS browser makes up for that.
Maybe if Nintendo makes bank on the online service fee, the Switch will get an outsourced developed browser like Chrome or something where Nintendo wouldn't have to worry about bad security due to their own bad browser code management
Re: 3DS System Update Arrives, Doesn't Bring About World Peace Or Make Your Morning Coffee
@rushiosan Sighax could still work if it ever releases with 11.3+, since you just need NAND access (hardmod, exploitable DSiWare) to use it. However, sighax needs the ARM9 protected bootrom dump to happen, which probably isn't getting released anytime soon.
Re: 3DS System Update Arrives, Doesn't Bring About World Peace Or Make Your Morning Coffee
@Gridatttack Hardmods themselves still work for restoring bricked 3DSes from a NAND backup. A Hardmod now with 11.3+ just can't be used to downgrade the console anymore. That's the difference.
Re: 3DS System Update Arrives, Doesn't Bring About World Peace Or Make Your Morning Coffee
@Bryon15 No all of the Pikachu ones come on 11.2, you'll be fine. Just don't connect it to the internet when you get it.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@BulbasaurusRex Nintendo tried to block the exploit by taking away http (internet) services to the game, but Smealum just made an offline version where you scan a lot more QR codes but it works on current firmware (11.0 and above).
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@DanteSolablood Under Sega v Accolade reverse engineering of hardware is protected under fair use. There's nothing Nintendo can do about reverse engineering really. They can only make it more difficult for people to utilize (which is exactly what 11.X has accomplished).
For example, derrek dumped the 2 main 3DS bootroms (ARM9 and ARM11) over a year ago. He hinted at his method and showed SHA-1s of the dump files in a talk at 33c3 (link: https://www.youtube.com/watch?v=gZzS-qK6OOk). That reverse engineering is completely legal. What would be illegal would be releasing it to the public, which is why derrek never releases anything.
While someone is (inevitably) going to try to reproduce derrek's method for dumping the protected bootroms, and yes, those dump files are technically going to be illegal, it will be just like all of the other technically illegal files already needed to hack the 3DS. 9.2 downgrade firmware packs? Technically illegal. Does that stop their distribution or use? Not really. But Nintendo isn't going to try to sue based on the Sony v Connectix precedent (copying of a copyrighted BIOS software during the development of an emulator or other software does not constitute copyright infringement, but is covered by fair use).
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@Braok Yeah the New 3DS processor is optimized for CDN downloads, old3DS not so much
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@DanteSolablood It's difficult to argue that this would fall under reverse engineering though, as it's a problem with how Nintendo chose to store eShop content claim data on the console itself (client-side) without doing a server side check (basically, the eShop doesn't ask, can you actually redownload X content? etc).
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@Braok It's about the same rate as the eShop itself, I bet if you did a time comparison between the two it would be about the same...
I think it's also important to note that Freeshop was also used by some users (not me) who used .cia format DLC or official themes since entering the official eShop deletes such content, so people used Freeshop instead.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@PlywoodStick At least copy cards (with the notable exception of that one card that works on current firmware) are obsolete when it comes to CFW. Open source CFW is so much better...
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@3MonthBeef You need CFW to run installable apps like freeshop though. To install any kind of CFW, we must first upgrade or downgrade to system version 9.0, 9.1, or 9.2 (depending on console region). This is easily accomplished via the Homebrew Launcher on 9.3-10.7. 11.X makes it much harder to downgrade, you need NAND access (via a hacked DSiWare game+save or a hardmod) to downgrade 11.X consoles to 9.2.
The best method to run CFW is called arm9loaderhax, or A9LH. A9LH allows you to keep ARM9 access on current firmware, including the latest system version (11.2). Updating, formatting, system transferring, etc does NOT remove A9LH from your system. In order to install A9LH, you need to visit system version 2.1.0-4. Instead of downgrading like we did with 9.0-9.2, we used a premade ctrtransfer image. This image is in the same format as a NAND backup but it does not contain any console unique data. Using the same program we used to make a NAND backup, we transfer the ctrtransfer data to our console. When we boot up, we are now on 2.1.0-4, even if you have a New3DS, this will work. From there, we go to a certain page in the browser that gets ARM9 access and launches the A9LH installer. The reason we have to be on 2.1.0-4 for this is because we can only dump the OTP, a requirement to install A9LH, on system versions <3.0, and we can only dump the OTP through the browser on 2.1.0-4. But basically, once the exploit works, you just hit select to install A9LH to your console. Then, you power your console off. From there, we can now hold certain buttons on power on to boot applications that need ARM9 access, like the program used to make and restore NAND backups. We then use A9LH to boot this program and restore our backup we made on 9.2. Then, we can then update our console since we have A9LH installed to the latest version. I have A9LH installed on both an old3DS and a New3DS. They are both on system version 11.2, but remember, because I have A9LH installed, I can always have ARM9 access on boot no matter what system version I'm on.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@RadioShadow It won't matter, the latest binary is probably already in a torrent by now...
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@BulbasaurusRex Did you know that Gamestop INTENTIONALLY ordered a reprint of Cubic Ninja from Nintendo and they accepted? Nintendo is all ARRGHGHGHGH against homebrew/hacks until they make bank from it.
Also, Soundhax is completely FREE and allows the same hacks as Cubic Ninja does on current firmware http://soundhax.com/
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@KTT Yeah some games (4 Swords, Fieldrunners) you can't actually redownload from the actual eShop anymore at all, and others (like the Tetris games on the 3DS) you can't actually legitimately purchase on the eShop anymore, so you would have to use something like this to get access to those games.
Even if these direct download apps get DMCAed, the pirate sites won't and they'll probably host binaries of them soon...
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@Gridatttack They're not making any money on Wii U games, people who wanted the console this holiday season couldn't even find it on store shelves for crying out loud
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@Anti-Matter Yeah I think it's more common in certain places to actually have sellers and availability of physically pirated games+consoles, not where I live but elsewhere.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@zip This is probably because of the 33c3 Nintendo Hacking 2016 talk- Nintendo had to prove it's not "game over" for them even though someone has dumped both the ARM9 and ARM11 3DS protected bootroms.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@dimi Homebrew Launcher allows the running of emulators. Please note that homebrew "apps" (in .cia format) are much different from homebrew "applications" in (.3dsx format). Stuff like Freeshop are in .cia format only, meaning you need A9LH/CFW sysNAND/stock 9.0-9.2 to install it. .3dsx homebrew can be run from Homebrew Launcher without A9LH/CFW/stock 9.0-9.2, including emulators, although performance is much better on New3DS compared to old3DS.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@Mopati You can't use it without having full ARM9 kernel access to the console anyway, and 99.9% of people with a 3DS on >11.X certainly do not have that. And please note that is is not something you can run from Homebrew Launcher- it's an installable app only.
Re: Nintendo Slams 3DS Homebrew App Which Enables Piracy With Takedown Notice
@Trikeboy EULAs are not legally binding, though.
Basically, Freeshop downloaded content straight from the eShop servers using a file that contains the decryption keys for said content. This file is never included in the release at all. One can dump their own file from their 3DS, however it is less complete than the "crowd sourced" version of the file as it will only contain keys from titles you bought (duh). This is not the only app that does this, there are many others that do the exact same thing, the only reason this one in particular got DMCAed is because it actually entered the public spotlight, unlike the other copycat tools. If it hadn't, you wouldn't be reading this article.
Re: Citizens of Earth Has Returned to the 3DS eShop
Updating your game's SDK won't fix your security problems...
Re: SmileBASIC Gets Taken Down from the 3DS eShop Due to A Homebrew Exploit
@Moon Only GATEWAY bricks consoles. Well, being absolutely clueless and irresponsible while hacking your 3DS can also brick consoles, but while Nintendo does have the power to brick consoles if they are modded they don't because it would be a PR nightmare. And, many of the exploits and modification methods are pretty much Nintendo proof.
Re: SmileBASIC Gets Taken Down from the 3DS eShop Due to A Homebrew Exploit
@jimi Yeah, I understand what you're saying. I just think that people commonly forget is that the 9.2 downgrade allows homebrew that (if you had not downgraded) you would be running through the Homebrew Launcher. Now, on New 3DS, this isn't a big deal simply because there is more memory allocated to ARM11 userland compared to old3DS, so emulators running through the Homebrew Launcher run at near to full or full speed. Old3ds users on the other hand have a strong incentive to downgrade for this reason. To give you perspective, I have an old3ds. I used to only have access to the Homebrew Launcher, and one day, I tried using a GBA emulator through it. Needless to say, the framerate was ABYSMAL. As in, less than 5 frames per second. But in comparison, once I downgraded, I could now install homebrew (such as emulators) to the home menu, meaning they would use the full kernel power of the system. Having downgraded, I can now run GBA injected games and even some SNES games via an emulator at full speed. So while you can run emulators through the Homebrew Launcher, for old3DS users, it's simply not worth it. And for old3DS users who just happened to update to 11.0, they will now have to do some soldering to change that.
But really, people (including Nintendo) should be more concerned about 3DS software piracy than emulators. Simply put, unless a game is on the Virtual Console, Nintendo is making no money off of the games that people run on these emulators anyway. The 3DS is not a powerful system, and as one person put it, "Just because your 3DS can play a port of Ocarina of Time does not mean that the 3DS is capable of N64 emulation". Because emulation is actually a very CPU heavy process, the 3DS is already pretty limited to what it can do from the get go. Heck, reviewers of the original 3DS called its specs "underpowered" in 2011. The real threat to the 3DS is not a flood of homebrew emulators- it's more that the 3DS games that you see on store shelves for $40 a pop right now can be pirated with only ONE alphanumeric string and a number when using Custom Firmware (which requires a downgrade to 9.2 to install). That is much more worrying to Nintendo's business than somebody playing a lame GBA F-Zero game due to buying a shovelware game like Freakyforms that they wouldn't have bought if it didn't have an exploit in it. See, unlike the Wii U, the 3DS is very profitable. If everyone downgraded their console 9.2 once (which, as previously mentioned for 11.0 users, that involves a BIG extra step), they could pirate on an updated emuNAND, meaning their real system (sysNAND) is still 9.2, but that 9.2 system is being used to boot an updated system on 11.0 with patched signature checks and other patches (CFW). It's kind of confusing. Then, if they completed a roughly 5-8 hour process after downgrading and setting up an emuNAND, where you downgrade temporarily to 2.1 to dump a unique key (unique to every 3DS) used to completely break the 3DS chain of trust, restore a backup of 9.2, then use that key to install CFW that allows you to update your sysNAND without losing 9.2 full control exploits, then people can pirate on current firmware (11.0) on their sysNAND! This should be a lot more worrying to anti-piracy advocates, because with the method of piracy used on the 3DS, it is very difficult to truly know how much piracy of going on. There's not even a need for private headers, for crying out loud! But unfortunately, 3DS software piracy ethics go way beyond the ethics of doing it. Because not only can 3DS piraters download SmileBasic right now, they can also download any delisted game. You want Tetris Axis, even though nobody can buy it off the actual eShop anymore? Just pirate it directly from Nintendo's content servers. And once again, you can even get around the region free issue because you can download games from other regions with this. It's a much more complicated issue to talk about than emulation, because chances are, Nintendo and their affiliate devs on their own eShop could be losing money to it right now in real time. Nintendo has already made all the money it can make on games like Mario Kart: Super Circuit or other commonly emulated titles. But 3DS games are providing them cash flow right now, and the ease at which 3DS software piracy can be achieved (after downgrading to 9.2, of course) is scarily easy. And Nintendo themselves is pretty much the only one at fault for this. Because who controls the eShop content servers? Nintendo. Who released the New3DS and made the unique to every 3DS key part of the chain of trust as part of that hardware release? Nintendo. Simply put, a lot of these hardware and software flaws were preventable, and some were caused outright by a change Nintendo themselves made. But I think if Nintendo spent time and resources on those issues, they would probably be resolved relatively quickly. But with the NX coming soon, I understand why they don't want to devote a lot of time to the 3DS.
Re: SmileBASIC Gets Taken Down from the 3DS eShop Due to A Homebrew Exploit
@jimi While it might be true that a lot of homebrew on the 3DS is for 3DS software piracy, the type of homebrew that involves all of this games such as SmileBasic simply does not and cannot enable it. The only piracy that the exploits in this game and others could possibly invoke on 11.0 is via emulators, but the debate on whether that is piracy or not is a whole different discussion. See, 11.0 changed a lot about how homebrew works, because unlike the 9.3-10.7 days, you can't downgrade to system version 9.2 from 11.0 unless you natively downgrade your NATIVE_FIRM via some tricky soldering work on your 3DS NAND memory board. And if you're wondering why system version 9.2 is even relevant anymore, it's because it's the only stock system version in which full control of the 3DS system is possible through exploitation. And with full control, piracy is very possible. But these exploits used on 9.2 to gain access to the full system are very different than exploits like the one in SmileBasic. Full control exploits allow access to the ARM9 kernel of the system, which is pretty much the powerhouse of the 3DS. Exploits such as the one in Smile Basic allows less than 1/4 of the control of the system, and that 1/4 is the ARM11 userland. ARM11 is the chip used to run the home menu and other applications within it, like the internet browser many people never use. Homebrew exploits only allow access to the userland portion of ARM11, which is very small (sure, it's a lot bigger on New 3DS compared to the older models, but still). That's why userland emulators that run via the Homebrew Launcher have poor performance on old3DS when New 3DS can handle them great. The only true argument you can make that the Homebrew Launcher allows piracy (besides emulator usage, if you consider that piracy) is that on system versions 9.3-10.7, you can gain access to the ARM11 kernel (the stuff that controls system settings and the system update feature) via the Homebrew Launcher and downgrade your system to 9.2 (because remember, ARM11 kernel controls the system update feature, and downgrading is pretty much that same process done in reverse). And if you're on 9.0-9.2 already, you're set because they don't need to be downgraded! So while you can argue that the Homebrew Launcher indirectly allows piracy on system versions 9.0-10.7 by allowing them to either downgrade their system to 9.0-9.2 or by allowing them to install a CFW that allows piracy. But on 11.0, that argument is much harder to make, simply because most people are not willing to go through the trouble of soldering on a $200 device just so they can downgrade. The only piracy leg the "Homebrew Launcher allows piracy" argument has to stand on is emulator usage. And even then, some people don't consider that piracy.
Re: SmileBASIC Gets Taken Down from the 3DS eShop Due to A Homebrew Exploit
@dadajo Hackers that develop 3DS exploits aren't really coming from a "I want to find an exploit in this game!". No. Just no. The attitude of the 3DS exploit devs is that they're developing exploits for games that are vulnerable. The majority of 3DS games are not exploitable currently, and is really only limited to a handful of games. Nobody should be thinking that exploit devs are just cherry picking games to get them pulled- really, that's not the point. The point that people seem to be missing that "there are already a bunch of ways to get homebrew" is that these exploits could be gone in a blink of on eye. When 11.0 first came out, we only had ONE primary homebrew exploit (the kind just llike BASICSploit and Freakyhax) that survived the 10.7 to 11.0 jump. ONE. But you know what happened after that? People developed new exploits! There are now 6 additional exploits (both secondary and primary) that support 11.0, and that's not even including the 11.0 payload update to oot3dhax, so that's really 7 exploits, 2 of which (BASICSploit and Freakyhax) are primary, just like Cubic Ninja used to be on 10.7 (yeah, Ninjhax doesn't work on 11.0, RIP). The point is, exploit devs aren't throwing at a dartboard to pick games they should exploit- it's not that simple, and nobody should be blaming them for "taking down my favorite game" or whatever. It's not the dev's fault that there aren't a lot of popular games that are vulnerable, especially in the "primary exploit" kind of way. If, say, Mario Kart 7 had a primary exploit, I don't think anybody would be complaining. The truth is, it simply doesn't matter what an exploit game is- a homebrew exploit isn't a personal attack on you programming in a dead and useless programming language or making Formees that look like they were ripped straight out of a 5 year old mind on your 3DS. It just happens that those games were coded in a way that made them exploitable. And really, who was going to buy Freakyforms Deluxe without the incentive of a hoembrew exploit? Nobody except clueless 5 year olds! It's a shovel ware game, for crying out loud!
The point I'm trying to make is that the 3ds exploit devs simply have to keep working to keep homebrew alive on the 3DS, because a previously amazing and working exploit could be gone in the blink of an eye. If you had what 3ds exploit devs did for a job, it would be very disconcerting to think that all of your work on an exploit could be thrown away and wasted via an update or other patch if Nintendo wanted to. It's much harder to develop a 3ds homebrew exploit than many people think (I mean, have any of you even SEEN the BASICSploit script?). And ultimately, because the majority of 3DS games are coded well (which is not the homebrew community's fault at all), the majority of exploits are going to be in games you haven't even heard of or most likely wouldn't buy anyway. And sure, if something took down my favorite game from the eShop (and I didn't have a CFW A9LH system), I would be pretty mad. But really, there's no reason to blame the 3DS exploit devs for this, because they just don't pick games to exploit. They need to find a vulnerability first.
Re: SmileBASIC Gets Taken Down from the 3DS eShop Due to A Homebrew Exploit
@shadowharold Even better, Ocarina of Time 3D has actually been fixed for 11.0!! Just redownload the homebrew starter kit, put the oot3dhax installer files from that onto the 3ds folder of your SD card (replace the old installer with the new one), and then use the new installer to install the 11.0 payload to your oot3d cart. However, the only way to trigger the exploit is to press A as soon as the hacked file loads (don't move around, touch the map, read the sign, those methods of launching don't work consistently with the 11.0 payload and will cause ASLR like random crashing). It will load 100% of the time of you just mash A, pretty much.
Re: SmileBASIC Gets Taken Down from the 3DS eShop Due to A Homebrew Exploit
@Dave24 @Dave24 @Dave24 As much as people and Nintendo would like to deny it, homebrew (and, indeed, the entire process of reverse engineering technological devices) is protected under US law, and in other countries throughout the world. There is very little that Nintendo can do to homebrew developers legally because the only legal power they really have is to sue companies or processes that explicitly enable piracy, like the original R4 lawsuits. The issue is that the way the 3DS eShop is currently designed, it is currently near impossible to tell whether homebrew installable applications (notice, I did not just say apps, nothing in the Homebrew Launcher can pirate games, you need to be able to install apps to the home menu to do this) that normally can accomplish piracy are actually doi so. And unlike many other instances of console piracy, CIA downloaded (pirated) 3DS are a 1:1 copy (yes, that means online play on pirated 3DS games works), meaning it would be extremely difficult for Nintendo to go after people with pirated 3DS games because it would be very difficult to figure out which games were legitimate. So no, homebrew on the 3DS is here to stay, lawsuit free.
Re: Talking Point: In Praise of the 3DS eShop, Which is Now Five Years Old
@AlexSora89 Homebrew users have been able to play pretty much any GBA game on the 3DS through VC injection, so yeah, if you want GBA games on your 3DS, go for CFW.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@Sakura By not needing to downgrade, do you mean you were at 9.0-9.2 already or were you at something really low (<3.0)? I'm curious how many "untouched" 3DSes run on OTP dumping compatible firmware (which is also <3.0). Also, I didn't know this until today, but you can actually dump your OTP on <3.0 using a special QR code for Cubic Ninja, which sounds sweet. I used the OTPHelper browser exploit (most people do) to dump my OTP since I don't have Cubic Ninja (I got into 3DS Homebrew on 10.5, when Ninjhax was pretty irrelevant compared to browserhax, so I didn't see the need to get a CN cart), but this just sounded like a really cool thing.
I guess what I like about active homebrew scenes is that even if you aren't actually developing any homebrew applications yourself, you can still learn something new about the system you're using every day.
Re: Video: These Fan-Made Concepts For Splatoon, Animal Crossing And Mario Kart Should Give Nintendo Pause For Thought
You can already edit Splatoon costumes that work online with Wii U homebrew (TCPGecko or Cafiine), but the idea renderings in this video are extremely high quality. I especially like the Mario Kart 8 Battle Course one.
Re: Random: Um, Disney Frozen: Olaf's Quest is Joining the Nintendo Selects Range
Yay... more Nintendo Selects shovelware...
Honestly I haven't ever played this game but it kind of looks like shovelware. It might be a great game, it's just... something about Frozen having a good tie-in videogame doesn't sound right.
Re: Talking Point: In Praise of the 3DS eShop, Which is Now Five Years Old
Thanks, eShop, for being broken enough that I can download games from you with just a title ID and a titlekey (and patched signatures through CFW, obviously).
Seriously, the 3DS eShop is the Dreamcast piracy equivalent of 2016. Like, why can't Nintendo make anything secure nowadays?
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@CubicPirate @ThomasBW84 Yeah, I would love to talk more about 3DS Homebrew too, I have a lot of experience with it and I find it an interesting community as a whole. Just let me know if you need help verifying something or if you want to learn more about 3DS Homebrew in general.
I have also gotten into the Wii U Homebrew scene with the new 5.5.X kernel exploit out, and if this site plans on making an article about that I would love to contribute.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@ThomasBW84 With the way 3DShomebrew is currently set up, if you ever have the chance to downgrade/upgrade to 9.0-9.2, you can always run Custom Firmware as this is where homebrew has full control exploits on the 3DS.
With full control, we can make backups of our entire system. We'll call our 9.2 system sysNAND for simplicity. A 9.2 sysNAND can run a Custom Firmware that boots a copy of your system (via the backups we can make) that is updated to the latest system version. This copy is called emuNAND or redNAND, depending on how the memory is stored on the SD card. Using this method, it is true that the 9.2 syNAND isn't touched, because updating your sysNAND from 9.2 would make you lose the ability to run Custom Firmware. But with this method, you can update, play online, and do whatever you want on your updated emuNAND or redNAND because the Custom Firmware patches out certain things, such as signature checks and exploit patches in updates such as 11.0. Overall, this method is called Menuhax, as to boot your emuNAND or redNAND instead of your sysNAND, you can use a homebrew exploit that was patched in 10.6 (but still works on 9.2) that loads a homebrew executable on boot. Using a boot manager exeutable instead of the homebrew launcher executable allows people using this method to boot their system with Menuhax and automatically boot into their redNAND or emuNAND, so the old 9.2 sysNAND is completely bypassed and is only useful for a few other things that require full control, such as making system backups.
There is even a method to run Custom Firmware using the OTP (one time programmable) key unique to each 3DS that allows your sysNAND (instead of an emuNAND or redNAND) to have Custom Firmware access, even if it is updated. This method is called Arm9LoaderHax, commonly abbreviated to A9LH. With this method, people first back up their 9.2 sysNAND. Then, they create an emuNAND or redNAND if they haven't already. From there, in order to dump the console unique OTP, you need to downgrade the system temporarily to 2.1, as since 3.0, the OTP has been locked in the bootrom, but before 3.0, it was stored in userland (essentially what the homebrew launcher has access to). Since this system version is very old (the 3rd ever update created for the 3DS), none of the Custom Firmware programs support running an emu/redNAND on 2.1. So, we downgrade our emuNAND or redNAND to 2.1, but since no Custom Firmware supports running a 2.1 emuNAND or redNAND, our emu/redNAND will appear "bricked" by the downgrade. However, if we make a backup of this 2.1 downgraded emu/redNAND and flash it (copy over) to our sysNAND, our sysNAND will be able to run 2.1 just fine. From there, we use a browser exploit to gain userland control and dump the OTP file itself. We can then use the same program we used to dump the OTP to restore our 9.2 sysNAND backup.
From here, all that is necessary is to install the exploit itself. This is done through running an application in the Homebrew Launcher on a 9.2 sysNAND where the OTP dump is required as input. This exploit essentially writes unique (due to the OTP being required) "junk" data to our sysNAND so that as a result, it will always jump to a payload that can run Custom Firmware or even applications that require full control, such as the system and emu/redNAND backup program or decryption programs milliseconds into the boot processs while not having full control firmware (a.k.a. 9.2). Once the exploit is installed, you can use a Custom Firmware to run and patch your sysNAND instead of your emu/redNAND like in the Menuhax method. One of these essential patches blocks updates to the NATIVE_FIRM partition of your sysNAND. You know what this partition stores? All of the exploit patches, from the 11.0 minimum title list to the 10.6 browserhax/menuhax patches. This partition is also where the Arm9LoaderHax exploit is installed. So essentially, with this partition being blocked from updates, I can update my sysNAND running on Custom Firmware while still keeping full control of my system on current firmware (11.0).
Essentially, I think the best comparison to make if this is hard to understand is that 3DS homebrew is like a stock fund. Let's say that the stock fund represents full control hacks on the 3DS. There are "shareholders" that have already invested in this fund by downgrading their sysNAND to 9.2 at some point in the past to either run the Menuhax method or the A9LH (Arm9LoaderHax) method of homebrew. Those people will always have the ability to keep their share of the fund (keep full control hacks) if they wish. However, there is a couple more groups involved in this comparison, and one is the people on 4.X-8.X and 9.3-10.7 that could be a part of this fund but have not because they have not up/downgraded to 9.2 yet. These people can be a part of the "full 3DS control" fund if they choose to down/upgrade to 9.2. Then there is the last group in this comparison, the people on 11.0 (without using Arm9LoaderHax, obviously) who cannot join the fund (downgrade to 9.2) without getting a hardmod. And since the majority of 3DS users (I would say) are not willing to get a hardmod for their 3DS, for the most part, this stock fund of "full control on the 3DS" is closed for most of these new would-be investors.
In short, the people who have a 9.2 sysNAND with an updated emuNAND or redNAND (the Menuhax method) or the people who got to 9.2 at some point in the past and installed Arm9LoaderHax instead will always have the ability to keep Custom Firmware with full online access (with Menuhax, the emu/redNAND has full online access and update capability, the 9.2 sysNAND does not). But as getting to 9.2 at some point is required to install Custom Firmware in any situation, if Nintendo can block that initial downgrade to 9.2 for new users (as they did with 11.0 already), they can plateau the number of people with permanent full control Custom Firmware to the people who did it in the past, essentially closing full control *hax to new users. While some users on 11.0 will have access to the Homebrew Launcher through Freakyhax or the other games that have been taken down from the eShop, it doesn't matter anyway on 11.0 because downgrading through the Homebrew Launcher is only possible on 10.4 NATIVE_FIRM or lower (e.g. 4.X-10.7), so without a hardmod to downgrade NATIVE_FIRM from 11.0 to the one used on 10.4-10.7, 11.0 users cannot downgrade at all.
The new 11.0 exploits are truly only for Homebrew Launcher access. If 11.1 came out or something that patched all the 11.0 exploits people without Custom Firmware would have to stay offline (not update) to keep Homebrew Launcher access. I even did this for a period of time when I stayed on 10.5 for a while because 10.6 patched Menuhax and I was too cheap to buy Ocarina of Time 3D, which worked on 10.6 (As soon as the 10.4-10.7 downgrade exploit came out though, I downgraded to 9.2 and installed Arm9LoaderHax, so now my sysNAND is 11.0 but I still have full control and Custom Firmware like a 9.2 system does). However, this behavior of keeping a system offline does not happen when we're talking about anybody with Custom Firmware, because with Custom Firmware, any exploit that was patched can be patched back in by the Custom Firmware program itself. So, with 11.0, you know how Cubic Ninja was patched out? Well, due to the fact that my Custom Firmware reverted this patch, I can still use Cubic Ninja on 11.0 using my Custom Firmware sysNAND, even though other non hacked people on 11.0 could not do so.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@sunrisensoul Almost all of the games that have gotten taken down from the eShop because of homebrew are eShop only games- they never got a physical release. Ironfall: Invasion, VVVVVV, and Citizens of Earth were all eShop only games, there were no cartridges produced for them. The only game that has a cartridge (physical) release that has been pulled from the eShop because of homebrew is Freakyforms Deluxe, which can be considered near shovelware.
But yeah, none of these games (and their corresponding exploits) allow any pirating on their own. The Homebrew Launcher (HBL) is just what it says it is- a launcher. It doesn't come prebundled with anything, you have to provide and find the software you want to run with it. On 11.0, pirating from the HBL is quite literally impossible, and even on older firmware versions such as 4.1-10.7 unlimited piracy is not possible using the Homebrew Launcher alone (aka no Custom Firmware). The only type of piracy that can be performed using an HBL program alone is the installation of legitimately signed .cia games, which are only games bundled with 3DS consoles that were preinstalled (not download code bundled), such as Mario Kart 7 or Pokemon X and Y. And even then, that requires a firmware of 4.1-10.7 to work, so this doesn't even work on 11.0.
Also, insecurity is not caused by hackers, it's found by them.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@HSuzumiyaVI Yes, there is a direct way to hack the 3DS (via CFW) but ultimately HBL is a "first step" of sorts that is required no matter what you want to do.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@HSuzumiyaVI Keeping exploits quiet often comes down to their importance. Secondary exploits like in VVVVVV and Citizens of Earth are relatively minor in terms of importance because both of those games are eShop only. The exploits that are most important to strategically release or exploits that run on a game with a physical release, because that means that if the game gets pulled digitally the exploit game will still be available physically. The most important ones to keep secret (other than ARM9 kernel access exploits, that's the top because the only released ARM9 kernel exploit only works on 9.0-9.2, which is why downgrading is needed in the first place) are exploits in games that have a physical release and do not require any kind of *hax to install or use (which is called a primary exploit). These are important because they are very rare. Only 3 games fall into this category: SSB, Cubic Ninja on 4.0.0-7 to 10.7.0-32, and Freakyforms Deluxe. As long as that last category is managed well, anything else can be freely released to the public for the most part in terms of 3DS homebrew. Well, you know, execept titlekeys and slotkeys.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@Dr_Lugae I asked this because I bought VVVVVV ages ago, and I agree, it's a really fun, solid puzzle platformer. I hacked my 3DS fairly recently, about a couple of months ago (A9LH, CFW, everything) and simply don't understand the methodology of these game takedowns now. In the case of VVVVVV, once the exploit came out for it, I backed up my save and tried it out. To be honest, I still find it one of my favorite homebrew exploits, because I can just mash A to get into HBL. Citizens of Earth is also nice, because it auto loads (like PSMD) and can have the payloads updated without reinstallation, although it's a slow booting game overall so it's not the fastest.
Based on what I've seen from the community, all of these secondary (meaning you need prior hax already to use them) game exploits are really just for convenience with users without CFW and a nicety to people that do. Like, for example, if I had a 11.0 vanilla 3DS and I happened to have one of these secondary exploit games like PSMD, OoT3D, VVVVVV, Citizens of Earth, and Pokemon OR/AS, I could use a primary exploit such as via Freakyforms Deluxe (or borrow a copy of OoT3D) to get into HBL and install a secondary exploit on one of the games I owned. That's why these are a convenience: secondary exploits are so that not everyone has to buy Freakyforms Deluxe. You could have one person buy the game, and then share it with a ton of other people so that they could install some other *hax on a game they own already, such as VVVVVV or Citizens of Earth or something.
For me with CFW, I mainly like having a variety of ways to get to HBL for fun, mainly, so right now I have an OoT3D cart with OoT3Dhax installed on it, I have *v Hax on my copy of VVVVVV I got ages ago, and I have a region free .cia of Cubic Ninja, Citizens of Earth from the Humble Bundle, and a pre-takedown CDN direct download of Freakyforms Deluxe. While sure, with CFW I can just install an 8 MB application that boots HBL near 100%, but what's the fun in that? I feel like I should take advantage of as many of these exploits as possible ultimately because some of them are more fun to use (*V Hax), some of them have more features (Ninjhax 1.1b on my 9.2 redNAND, for example), and some I'm just proud of homebrew developers finding and working on, like Freakyhax/OoT3Dhax/Humblehax/ and menuhax/browserhax on my 9.2 redNAND.
My solution to these secondary exploit games are to leave them be. Having an exploit in your game will certainly increase sales. Like seriously, Freakyforms Deluxe before the exploit was discovered was probably selling at shovelware rates. But now, this game is picking up tons of sales strictly because the game's security management is broken. What's the problem with making more money because of homebrew? If Nintendo kept this game on the eShop for even just a bit longer, they would sell boatloads of copies.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@Krzysztofa Well, there are a couple of programs that can do it. One you can find by searching for the installable 3DS file format plus angel, another you can find if you search"eshop", but add the letters "fre" to the beginning, and fbi at 2.0 or higher (not the government agency, the .cia installer). That should get you where you need to go. For some of these programs, you will need a file called enctitlekeys.bin, which you can get using the .cia application that you can find easily by searching "enctitlekeys.bin updater". No needing to go to that 3ds titlekey site either.
Or, you know, you could read the subreddit on this topic at reddit.com/r/3dshacks it has everything you could possibly need there too.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@Dakt Fully hacked 3DS consoles with Custom Firmware (CFW) can install all of the delisted or taken down eShop games they want! You want Game Boy Tetris and Tetris Axis, even though Nintendo's Tetris Licensing expired and both games were pulled from the eShop as a result? With CFW homebrew, you can get them! You can get VVVVVV, Citizens of Earth, Freakyforms Deluxe, and other delisted games which you would normally NEVER having the chance of getting using CFW homebrew.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@seb5049 Technically yes, but here's the thing: There are a decent amount of people with hardmods that can unbrick their system NO MATTER WHAT they install. So if a brick program surfaced, it would be verified and checked on those hardmod 3DSes. And if it really does brick the system, hardmod users can always flash a backup directly to the 3DS NAND board in and of itself and recover from it, not to mention spread the word that "x program will brick your console". This has already happened with Gateway flashcart software before (where installing a firmware update on counterfeit flashcarts would brick your system), but due to the people with hardmods this was well known and as a result Gateway is a complete meme in the 3DS hacking community.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@Patriplexity Also, when I got A9LH a few months ago there were no safety checks in the OTPhelper program that you actually used to flash your 2.1 emuNAND to your sysNAND, so I was super scared. Then, when I actually hit the button to flash it over and it finished, it looked like I had bricked because I just got a black screen. But when I booted without the SD card in it booted 2.1 fine for me. So yeah, even if everything goes well and there's no hiccups, it can still be stressful.
EDIT: Nowadays 99% of the programs you use to install A9LH have tons of safety checks to make it near impossible to brick via user error.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@Patriplexity Yeah, a lot of people don't understand that there are 2 levels to 3DS homebrew:
1. The homebrew setup where you have access to the Homebrew Launcher only (userland homebrew). This type of homebrew is possible on any firmware between 9.0-11.0 (11.0 is current firmware).
2. The homebrew setup where you have downgraded to 9.2 and installed CFW (custom firmware) with or without A9LH (arm9loaderhax, if you don't know what it is look it up) that can run kernel access homebrew and pirate games (play backups) while also having access to the Homebrew Launcher type of homebrew. This is possible on any system already on 9.0-9.2 without much work (unless you want to install A9LH) and is possible on 9.3-10.7 using a homebrew downgrader software that can be run in the Homebrew Launcher. What people don't seem to understand is that if you are on 11.0 you have to have/get a hardmod to do this type of homebrew because 11.0 broke the homebrew downgrader application probably for good and you need a hardmod to revert the downgrade fix.
So yeah, piracy on current vanilla firmware is not a walk in the park due to the fact that you need a hardmod. But for any 3DS on 9.0-10.7 vanilla, CFW and piracy can be easily accomplished.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@BIGGES202 So you're a menuhax peasant right now and want to get A9LH? It's a pretty straightforward process, it just takes a bit of time because it involves a lot of system backups, but it is well worth it having 100% boot rate and never having a yellow screen ever again. I have A9LH right now and honestly not sure what I would use without it.
Also, the ironic thing about A9LH is that if the New 3DS didn't come out A9LH wouldn't be possible so massive failure on Nintendo's end for messing with the cryptosystem when they designed the New 3DS.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@BIGGES202 Yeah it's crazy how much of this 3DS homebrew stuff is censored or not known on this site.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
I think that this whole discussion about pirating directly from the eshop has overlooked a major point: is it ethical to pirate a game that has been removed from public access (such as VVVVVV, Citizens of Earth, Freakyforms Deluxe, Cubic Ninja if you have a JP 3DS) by direct downloading from the eShop? Also FYI, doing this is entirely possible using my current *hax setup.
While I believe that this would be ok, I'm interested to think what vanilla (non hacked) 3DS users think about this.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
Also, the PSP homebrew scene is very similar to the 3DS in that downgrading your system at some point was necessary to get full kernel access. But I think what Sony did to address the situation was pretty smart. They encouraged people to update their PSP (usually on exploitable or downgradable firmware) to the current version not because they made the old firmware non-functional. Instead, they added actually decent features like and internet browser in updates to encourage people to update.
In comparison, Nintendo has attempted to lockout online play, the eShop, and the internet browser (9.9-10.7 as of right now) for old firmware, and they've used the same line for the official 3DS update history since 9.4.X ("Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience"). And really, all of these blocks and checks that attempt to ( want to get people to update have only done the opposite. All of the blocks I mentioned above CAN be bypassed with homebrew itself. So it seems that whenever Nintendo tries to address homebrew by blocking something, it has the opposite effect.
Also, the only features that we have gotten feature wise in firmware updates since exploitable firmware is theme SHUFFLING and an official way to take screenshots (in 9.3.X). Themes can be used in the 9.0-9.2 ARM9 kernel exploit zone just fine, and the ability to take screenshots has been a homebrew ability on the 3DS for ages. Other than that, all we have gotten is "stability", which just means patching homebrew or system exploits that the majority of vanilla 3DS users know nothing or very little about.
Re: Talking Point: 3DS Homebrew Development Causes Another Game Takedown as Nintendo Maintains Its Tight Grip
@MadAdam81 Unless a hacker PHYSICALLY took down a game from the eShop (which they do not have the power to do, by the way), they can't be prosecuted for any of these takedowns.