Messages

1

iQue Switch / Re: Tutorial: Region Unlock iQue Switch

« on: July 21, 2020, 06:15:07 PM »

Probably no need since NxNandMgr could get it done on itself. You won't have any problem modifing PRODINFO or any partition and injecting it back.

I was mentioning the savegames. Prodinfo validation is relatively simple. As I say deleting (writing zeroes) is unknown to be safe, and I can't just port other console save because the validation is console specific.

2

iQue Switch / Re: Tutorial: Region Unlock iQue Switch

« on: July 21, 2020, 10:30:27 AM »

• Decrypt NAND2 with the key picked, modify its Prodinfo and those saves.

Now the only problem is how to modify: I don't know which bit is responsible for this, nor the way to fix the CMAC verification manually (I assume there's more verification)
Not enough information at switchbrew or else homebrews, no one bother to write system save games yet.

Only thing I can confirm now is, the bit exists in saves for system setting (8xx50~8xx54). I don't have time to further inspect it.[/list]

3

iQue Switch / Re: Tutorial: Region Unlock iQue Switch

« on: July 21, 2020, 02:54:32 AM »

I don't really understand what you are trying to argue about by using the word "not legal".

Well... I did forget to add quote mark. Keep calm. I would define "archive something without humanly overwrite things that is not readonly materials" as "legal" (delete is treated as writing massive zeroes) a.k.a. clean. PRODINFO is readonly while savegames is not. And because you are already Tentcent feature flag active before your (customer) first boot so you have to remove (write zeroes to) some savegames, causing your "legal" (clean) status is just gone as a potential illegal log that will be sent via the telemetry service is generated.

The reason why I don't use the "clean" term is, writing some datas to known block of rw files is still clean IMO, your legal logs retains and your are mostly safe to go online with this kind of modification (like "legal Pokemons").

Plusmore, there's already a homebrew forked from the blawar incognito and modded by an user from the infamous 91wii forum, dedicated to region change the Horizon (Tencent feature to global feature and vise versa). The method behind the tool is the same but it terminates more system processes so more savegames can be deleted.
I have uploaded this to the Temp, source code is included.
https://gbatemp.net/threads/switch-region.569965/#post-9133316

And I have been reserching on the region change method from 6th July around, a guy solves this first so I just gave up and turned to verify the "legality" of the method, and concluded illegal with help of my factory savegames.

4

iQue Switch / Re: Tutorial: Region Unlock iQue Switch

« on: July 20, 2020, 05:05:16 PM »

I have to point out that, the system title saves are already initialized during the factory setup stage, means the bit to control Tencent feature (assuming to be the region code according to my research) included in savegames are already written in the NAND before customer's first boot. So this method of modification is not by any mean legal.

I own a Tencent Switch and dumped factory clean NAND before my first boot, and finished my research of region changing around 10th July.

Also I have the dump of the stock NSMBUDX demo game. The one bundled is not encrypted.
Yeah the eShop downloaded titles (base and probably dlcs) do use new personalized ticket format (uses console specific keys), but this not only apply to Tencent Switch but also all Mariko products. But I can tell you update titles are confimed to use common tickets. (The Neon Abyss demo includes an update title).