Hello there, everybody. Welcome to a special Cinco de Mayo episode of retro gaming radio. Wow, that was interesting. You break format and look what happens you start talking like from 20 years ago. Hey everybody, welcome to passenger seat radio. This is a may 5 edition 2019. Since I’m dropping my kid off at the water park and it’s a long trip back to the house, I thought why not hop on and do a quick show. Over the summer I’ll be doing a lot of these probably special shows. So today’s a special topic is that hacking the Nintendo Switch and that’s all we’re going to talk about. So if you’re not interested in hacking the Nintendo Switch, this entire show will not be for you. At least you tuned in to hear the almost retro gaming radio flub up so that’s all fun. I’m actually stopping at frys, so it’s not a full trip home so it’s going to be a little bit shorter. But one of the I’m stopping at frys is to pick up a small USB see flash drive for use with my hacking endeavors. That g Travis it’s not lucky for you, because this is all about hacking the Nintendo Switch. So anyway, so where where did this come from? Well, just like every other console device in my past, we’ve all been bit by some bad purchases right? For me, the very first bad purchase I made on the Nintendo Switch was a game called tiny barbarian, which felt like a point and click created game, which it probably was. And there’s tons of examples of basic shovel were on the switch and all console’s really, but I’m, I’m singling out the switch because it’s germane to the show. So one of the ideas, of course is, listen, there’s two different there’s two different areas to look at with switch hacking. One, you once you legitimately carry all your purchase together things around you without having to hold cartridges around, right? So you can buy a game, you can rip the game, put it on your SD card, and then play it anytime you want, without having to carry the cards around. So that’s the the pseudo legitimate means of our reasons for hacking the switch. Obviously, blatant piracy is another one. And then finally, well, actually, I guess there’s another one try before you buy, right? So I’m very interested in Dragon’s Dogma, for example. However, that’s, that’s 40 bucks, right or whatever. And so I’m, I’m leery and I want to try it out prior to play. And most of these games don’t have demos. So they can’t say well try the demo, you’ll like it. So, so demoing commercial software is another pseudo legitimate reason for hacking your switch. And last, but not least, possibly the most important reason for wanting to hack your Nintendo Switch, is to use homebrew. And when I say homebrew, of course, I’m talking about emulators, because let’s be honest, paying eight bucks for front line, or eight bucks for time pilot. These are now listen, they got leaderboards and all sorts of other stuff. So there’s definitely some value in making purchases of these classic games. But let’s be honest, that Konami arcade collection came out. There’s one game I want on there, Konami has like 30 friggin games, and I would want to play one of them’s included in that Konami arcade pack, right. And all these games are emulated. I mean, they’re all emulated in main, they’re all emulated in some other emulator. And these emulators all exist for Nintendo Switch, providing you’re willing to hack it. So let’s start off with some basic stuff. Number one, don’t you need to switches, that’s the bottom line. Because Nintendo is not taking any chances. This time around. Nintendo’s switches very network connected, it’s very internet connected. And if they catch you running anything, even remotely, listen, be at homebrew commercial software, if they get any sniff off your system, that you’re running something unauthorized, like I said, whether it’s piracy or not, they will ban they will ban you, you your system will be banned. No more he shop nothing and you’ll your account, you could forfeit all your games. Listen, the bottom line is you’re going to need two switches. So what I ended up doing was I went to eBay. And they actually sell refurbished base units on there, right. So no joy cons, right, because you already got your icons, no base, because you already got a base no power supply know you already got a power spot. So what you really need is just the tablet piece of it the screen in the middle. And for that you will pay 189 bucks delivered off of eBay. And if you’re interested, I will post a link on which vendor I used. It came perfect. Everything was exactly it worked great. It was in great shape. So it’s a referral so you’re all good. Next thing you’ll need a couple of you leave one piece of hardware called a jig. And just like in the old days from the Nintendo DS, where you used a foil cover toothpick to bridge a couple of jumpers. To enter a recovery mode, you’ll need to do the exact same thing here. The good news is is we’re fairly into the hacking era with the switch so you can actually buy for about seven bucks less, or you can try to do with a paperclip but I don’t recommend it just buy the damn Jake. Seven Bucks deliver and you can buy it off Amazon for crying out loud. It’s great Amazon selling all these piracy tools, anything else. So essentially how this works is you need to bridge two pins on the right joy con rail. Like I said, it can be done with a paperclip, but it’s not very reliable, and it’s a pain in the ass. So this little jig is a little piece of plastic with two little wires sticking out of two little pins, you slide it into the right joy con rail it nestles down and seats right at the bottom. And that bridges these two connectors. At that point, holding down, holding down volume up and hitting the power button kicks you into recovery mode. Once you’re in recovery mode, you need a way of executing a payload to get you past all the security checks on Buddha. This can be done like 17 different ways. The way I’m currently doing it is I’m using a computer with a USB cable plugged in. And you simply load a bin file into this app, you executed it sends the hack over to the payload over to your switch. And boom, you’re now running in a hat mode, you’ve got sort of like root access, if you will. At that point, it picks up software running off of the SD card. And there’s a homebrew channel. There’s tons and tons of utilities for actually getting software installed. So we’ll circle back here real quick. So how does this work? Moving forward day to day? Well, first off, you’re going to be offline the whole time, you’re going to do all your own updates. You can you can take any version of the firmware works. Mine came was 7.0 point one, which is pretty much where everybody says you should be you want to be on seven point out there, it’s all the way up to eight now, but there’s very little advantage and there’s no games that don’t run under seven that you need paid for. So bottom line is don’t mess with your firmware if you don’t need to. But you can. Now here’s something interesting A lot of people don’t know how the firmware nonsense works on switch. Inside the switch. There’s a set of fuses now not talking about like fuses for your car fuses for your fuse box at home. These are micro close microscopic fuses. And there’s thousands of these things, I think hundreds or thousands, I don’t remember the number. But there’s a lot. Every time you install new firmware, it burns a certain one, certain sets of these fuses out. So that’s how they keep you from going backwards, right? Because you always want to go backwards, because old firmware is more exploitable. They patch a bunch of the holes in the firmware, and then they force you to upgrade well. As soon as you upgrade, they burn these fuses out as part of the upgrade process. Now you can’t go back. The good news is is this exploit the exploits that we’re using actually patch into the system prior to the fuse check. So you can upgrade and downgrade your firmware, all you want, because the fuse check is now null and void and is a bonus. As long as you’re running this, you know sort of this custom firmware or you’re using this exploit, and it doesn’t burn out fuses at all. So for now, hello, Bruce Miller’s on Hey, what’s going on, man? So the good news is, is that whatever the state of your switch is, at the moment that you start hacking it using this firmware, or this custom exploit, that’s where your that’s where it’ll stay. So even if you even if you have to completely roll this system back, which you can, you’re right back at 7.0. point one, even if you manually upgraded yourself to eight, the system will still stay at seven or beat the fuses will look like you’re on seven. Right? So that’s really cool. That’s a bonus of doing this is you always have the option to roll back firmware, or roll forward first, whatever you want to do, which is very, very cool. So how does this work with day to day operations? Let’s start with that because I will do I have to bring that joke around with me all the time do I have to have some sort of a payload exploit delivery system all the time. So let me let me clear the air on that. Once you have, once you have put the jig in, that’s what they call that little slider thing that slides in and pins, the shorts the pins, you only need that to enter recovery mode. Once you’re in recovery mode, you need to deliver a payload. Once you’ve delivered the payload, it sits in memory until the system either hard crashes, I mean, crashes all the way down the hardware level, which so far as never happened to me, or you drain the battery did nothing and it powers off or you’re stupid enough to shut the power off yourself. If you leave it in sleep mode. You never have to you never have to deliver the payload again, which means you don’t have to carry around the jig. You don’t have to carry around some payload delivery system. It’s great. I mean, your your untethered, you don’t have to hook it up every time you turn on. You don’t have to jailbreak it, none of that nonsense. So once you’ve got the payload delivered, no more, Jake. Well, like I said, Unless you power off or you lose power, or the system crashes, unrecoverable. You’re good. So it’s very convenient. It’s not it’s not as inconvenient, as you might think. It takes forever. By the way to figure out this information I’ve been I’ve been at this for like eight hours total, trying to figure out all the nuances and figure out what I can and can’t do and how it works. So as per usual, there is a homebrew application, which will get you all of the emulators and we’ll get you all this will get you all that. But they have a great tool, I think it’s called it’s called SD card setup.com. I don’t know, I’ll give you guys links. Essentially, it builds you a full blown SD card package, right. So you have some basic stuff you need for the custom firmware and all that other stuff that comes by default with this setup. But then you can go in and say I want retro arc, I want this emulator, I want that emulator on this app, I want that app, and then it compiles a custom zip file for you, you then take that zip file, and you extract some of the contents to your SD card. And that’s it. I mean, you’re kind of done. And you can hop into the homebrew channel easily anytime and get all that stuff. And that’ll get you your emulators. There’s a version of Prince of Persia that you can get for free. I mean, there’s all sorts of great stuff, emulators, video players, web browsers, all the sorts of things that you really wish the switch had been done. So that’s all through the homebrew channel. Now piracy, that’s a whole nother story. So piracy comes in two forms. piracy is a lot different on the switch now than it was on the 3ds. And on the DS, there’s a lot of similarities. But in terms of piracy, essentially, there’s two methodologies of of, there’s a million different ways to get games onto the system. But there’s a whole there’s a lot of restrictions to I’m not getting into too much detail. I’m actually sitting at the frys parking lot now. So this is actually shorter than I thought it was going to be. But essentially, there’s there’s commercial dumps, which are in one format. And then there are the E shop formats, which are in another format. So there is no there’s no more nonsense were used to be used to be able to like use Nintendo’s content delivery systems directly inside a free shop and all these other things. That’s the all gone. But they do have a free shop esque like system. And it all uses I don’t know exactly what it uses. But it doesn’t use Nintendo’s content delivery network. It’s not super fast, but it does the job. And it’s pretty slick. It’s called tin foil for those of you want to go look it up, look up tin foil, and you’ll you’ll see what we’re talking about. tin foil will get you pretty much anything that’s on the shop, it’ll get you almost all commercial stuff as it appears on the shop. But one thing that they will not provide and it’s probably smarter them is they will not provide any sort of Nintendo first party games on this free shop. Probably smart. That doesn’t mean it can’t be done, it just means you have to do it a different way to get them on there the convenience factor of queuing up 50 games and letting it download overnight. That’s still there, but it just doesn’t pertain to the Nintendo first party stuff. Now, there’s a like I said, there’s a million other different ways to get it on there, you can can install them off of a USB stick, you can install it off of an SD card, you can install it through a USB, USB cable to your PC, there’s a million different ways to get the games over and install them. I’m not going to get into those details. But there’s a million ways of doing it. It just all depends on what you want to do. They have some amazing stuff on there. There’s a built in FTP server and the custom firmware. So literally, you’d have to go flip it on and it sits and runs in the background. So you can connect your switch from your PC and drop one z two z files over there, you know, game Rahm’s images, that sort of thing really easily. It’s it’s very much a mature scenario now for a lot of people don’t want to get into hacking until it’s very mature. And there’s very low, low risk factor. A couple more things before I get out of here. One of which is. So again, your system will probably be banned at some point, you have to get yourself in that mindset. That’s why there are a lot of people that are doing they’re using it on their primary system. And they’re just going into airplane mode. They’re doing this and that the telemetry, they’re trying to block the telemetry, I’m telling you, it’s not listen, spend the extra couple hundred bucks and just get a dedicated hacking system. That thing will never go on. I mean, that thing will never get on a Nintendo server ever. And I’m okay with that. So hacking is really limited to Hey, what’s up, john? hacking is really limited to offline games, which is fine by me. And I mean, that’s pretty much the only limitation so far that I’ve seen is you can get anything else. emulation runs pretty well. I’ve only dabbled. I’ve used retro arc I’ve used up for all are you just up for all i think it’s up for all an Amiga emulator. I’ve played some I’ve played arcade games, using the main core of retro art. What else have I done, I did some PlayStation one stuff, the Nintendo DS stuff I played a little bit with emulation. That’s not quite there yet. In terms of speed anyway, but I’m using again, I’m using a lot of these built in cores for retro arc, I haven’t actually gone out and looked at some of the more dedicated emulators. I gotta tell you, it’s it’s pretty pain free. I mean, once you get through understanding the basics of what’s going on and getting that first payload on. I’ll tell you one of the one of the biggest hurdles I came up with was I used an X fat formatted memory card. Because if you use fat 32, there’s a four gigabyte limitation. And most big switch games are greater than four gigs. So you can’t copy them on there. It’s a restriction to the file system. So I format and sex fat. And that’s how I started this journey of hacking. x fat is not good for hacking, right. So I’ll save you guys. And plus, by the way, the custom firmware won’t even boot off of it. And this is where I ended up having like an hour and a half or two hours of digging around trying to figure out why I couldn’t boot into custom firmware. And it all had to do with the way I chose to format my memory card. So that’s the bottom line for fat format is fat 32. Dump those SD card setup files on there. Do your jig, do your payload exploit. And poof, you’re pretty much done. Yeah, you have to go back. And listen, I’m not going to circle all the way back to the beginning of the show. But yeah, this is all hack switch. This is a in the entire show is hack switch talk. There is a chance if you buy a brand new Nintendo Switch that it has been patched. And this is the fuse the exploit which lets you get around to the Hey Jeffrey. This the the the fuse the exploit is what allows you to upgrade and downgrade firmware without tripping the fuse burns. So they’re in during this there’s a guide. And I can post the links for you guys. If you want. There’s a guide let you test you’ll need it. You’ll need the jig though. And you’ll need a means of deploying the payloads to test your switch just to see if it’s vulnerable. And so it’s not patched anything after like June 8 of 2018. And there’s serial number lookup sites and everything else. So again, my recommendation is go to eBay buy the refurbished tablet piece only. It’s hundred 99 bucks fast and free shipping it came in a week. That’s where you want to pick it up. That’s what you want to use. Because at least the one I had was perfectly perfectly fine. seven point O firmware, no problems in hacking. It was super duper easy. Yeah, john, you got your switch on day one. So to die. But if you want to pick up a second switch, then you got to worry about Oh crap, is it going to be patched or I guess you could, technically speaking, just go and buy a new switch. use that as your primary and then just, you know, blanket destroy your your launch day switch and let that be your hack band system. Either way, so during the process, there’s a couple of really key elements I would like to warn you of a lot of people will skip this stuff because it takes a long time. But once you’ve done your first exploit and you’ve booted into this custom firmware, there’s options for backing up your NAND, which is your, you know, base, essentially what makes your Nintendo Switch yours. There’s also handfuls of keys that are attached special keys, custom crypto keys for your system, you’re gonna want to back all that stuff up, burn it to a disk, put it on Drive, put it on Dropbox, put it everywhere, because if that system gets banned, or that system has problems or something goes in and trashes it, using these backups can get that system back online. And it takes forever. I’m going to warn you right now, the NAND is like 32 gigabytes and it takes frickin forever to do the backups but go through it. Do the backups backup your keys, do due diligence and you’ll be fine again, so for those of you tuned in late Yeah, that’s exactly right to get a new switch and then module one that’s a great idea. I mean, it’s all a matter of what you want to do. Now for me, I don’t mind buying games I’m in a position now where in life I can actually afford to buy games and I’m totally fine supporting the software industry. But I’m not going to spend another 40 bucks on a game like tiny barbarian and get screwed. And let’s be honest, there’s a lot of there’s a lot of E shop slough where man and if you can pop that onto your your hack switch and take a look at it before you spend it even if it’s five or six bucks that stuff adds up when you buy enough of those you know crap where shovel where titles that are on there so highly recommended to consider using a getting a demo switch even if massive software piracy is not your main goal, we’re just show be should be supporting developers. I still am you know, I will continue to buy software from my real switch my hats which is going to get lots and lots of workout. And frankly, one of the things that that I really want to do is play emulators. I want to be able to play my name on a handheld and the switch to great handheld. I want to be able to play GPA stuff I want to be able to play Game Boy Color stuff, I want to be able to play turbo graphics 16 stuff I want to be able to play Coleco, vision, I want to be able to play Atari 2600 I’ve got tons and tons of things I want my switch to play. And my put my switcher get a lot more play if I could play those. Right. So anyway, that’s it. If you have any specific questions, you can reach out to me. I don’t think I’m going to do anything like super official in terms of my hacking fines, but I can definitely point you in the right directions. I can tell you the resources that I’m using. Like I said, it’s real turnkey. Now it’s pretty, pretty straightforward. There’s not a lot of scariness. If you’re in interested if you think you’re going to be interested. Order the jig now. Go to Amazon type in Nintendo Switch jig. And you’re looking for one that’s about seven bucks, there’s actually one that’s Amazon preferred, or what do they call the Amazon choice. It’s $7 and 19 cents free delivery. And it’s one of the highlights is it’s not 3d printed. Now, I’ll save you some time. If you are planning on buying a portable payload tool, they do have little dongles that you plug into the USB port, that act is a payload delivery system. So you don’t have to have a PC or something weird running on your phone or anything like that. It’s a dedicated tool specifically for the purpose of powering up with the Jagan place powering up with this dongle and and it will deliver the payload for you. Very handy. But as I said earlier in the show, unless you turn off a lot unless you move power a lot, you’re not going to need to probably be delivering that payload frequently. The reason I bring this up is the RCM payload tool, which I’ve got one on order, but I don’t have it yet. Comes with the jig. But, but but but it always comes from China, which is like 25 days delivery, right. So if you if you if you’re thinking about doing this, it’s like 14 bucks dudes, spend the 14 bucks by the RCA or the RCM tool that comes with a jig, right. And just get that now and then you’ll have the jig. And then if you decide you want the remote deployment tool, you can, you can use that as well. And that tool that you deliver different types of payloads to so and there’s reasons for delivering different payloads. I haven’t gotten to one where I can’t use this standardized one yet. But I’m sure that there’s a reason why there’s multiple different payloads to be delivered. So there you go. So, so real quick, get us switch, or just plan on whatever switch you have never getting online. Again. The there. So a lot of people are probably asking if you’re from the old 3ds days, or for the from the Nintendo DS days, there was something called immune and which essentially let you make a clone of your operating system and run it on a card. So your switch, if you held down a certain button, you would boot into a fake version of your switch, which would be isolated, never goes online, whatever. And then if you rebooted without holding a button down, it would take you to your real man, which is your online safe version. So you can do both in one unit. You can have your hack switch and your real switch on the same unit. There’s a lot of people there that are saying that that’s a very shaky proposition. The sx, there’s an sx executor Pro, something like that, which promises and unit m unit is coming from this other custom firmware that we’re using now. My point is, get it get a second switch, man. Just get it set. Yeah, it can be reversed. That’s why you do all that backup at the beginning, john was asking if it can be reversed. Yes, you can reverse the entire switch back. Even if it gets banned. I believe as long as you restore the NAND fully from your backup, it goes back to being normal. But it’s a real pain in the ass to restore. It’s not something you’re looking for. And who knows how, how that how far back? You know how far that band extends? Right? So does it I would never use your real Nintendo account, of course. But I don’t know if the system being banned can be restored. They haven’t gotten there yet. But from what I understand, if you do a full Nan restore, it puts the switch back into a perfect state not banned anymore, etc. But I don’t know no guarantees on that. So if you’re really only ever going to have one switch and you’re willing to risk it go look at that six and you Nan scenario or wait for me to get a little more community friendly. Or like I said, Get the second switch. That seems to be a good a good system for me. If you can afford it, of course. All right. Listen to me. let you guys go. post your questions. Go to the discussion forums if you like Monroe world.net I’ll be happy to answer any questions there and that way other people can get the benefit of your answers as well. Otherwise, you know, you can email me standard addresses catch me on Twitter, blah, blah, blah, blah, blah. This is Shane r Monroe pass. You see radio. We’ll see you next time. Take care, everybody.
Transcribed by https://otter.ai