"Unfortunately, this bug affects a significant number of Tegra devices beyond the Switch, and beyond even the X1 included in the Switch. " Any chance this bug affects pre-tegra 1 chips? Specifically the Nvidia Tegra APX 2600 chip? Thanks!
I’ve collected answers to some of the most common questions I get about Fusée Gelée and put them on my website: http://www.ktemkin.com/faq-fusee-gelee/ …
Many thanks to @reswitchedteam member @Qyriad for helping to collect and organize questions!
-
-
-
I don’t know yet— but I do have a Zune HD that’s waiting for me to try things on it. :)
-
:P LOL I've got one that identifies itself as an apx driver?
-
>.< didn't expect twitter to tweet my half done tweet.... I've got a zune hd that broke it's firmware updating... >.> You wouldn't happen to know how much the apx interface has access to on the switch or on the zune?
-
No, but I’d be interested in finding out. :) I have a couple of them, but I’d have to spend a few minutes trying to brick mine in _just_ the right way before I could explore their APX mode; afaik there’s no easy way into it beyond corrupting the device’s BCTs.
-
Please excuse my ignorance to how nvidia's tegra chips work ( I really wish there was a central location where I could learn how they work under the hood) but since the zune signature checks the firmware couldn't you just corrupt the signature?
-
Oh, yeah— but I’d need easy access to the flash to do that. I can definitely do it; it’s just a question fo what I can do easily without spending a ton of time on. :)
End of conversation
New conversation -
-
-
is it possible to fix bricked nvidia shield tvs (because of flashing the wrong bootloader or something like that) with this exploit maybe using adx mode? its a bummer to have such a powerfull device which collects dust only needing new software.
-
Theoretically, the bootrom vulnerability works on the Shield TV as well-- so it’s technically possible. How much work that’ll be for you remains to be seen, though. ^-^
-
tried Fusée Gelée today on it. couldnt get fusee.bin to work ;-) but it seems to be able to smash it in adx mode i just changed the pid.
-
Yeah, fusee.bin drives a panel and not the HDMI output. You’ll need a custom payload for that. :) I think someone’s working on a proof-of-concept for it.
End of conversation
New conversation -
-
-
Many thanks, looking forward to release. You may want to tighten up the firmware version language. E.g. you've said "below 3.0.0" when I think you mean "below or equal 3.0.0".
-
Oops, yep. Good catch— fixed.
End of conversation
New conversation -
-
-
very nice faq but several questions remain to me: Is a userland exploit needed at all ? What about 5.0+ (there was only Firmware 4.1 mentioned....) ? Thanks
-
The FAQ question covers versions _higher_ than 4.1— so that includes 5.0+. And no, you won’t need any exploit run from Horizon, userland or otherwise.
-
umm I just realised I overread that point
End of conversation
New conversation -
-
-
I'm really glad that someone like you is making this happen. The world needs more people with your ethics.
Thanks. Twitter will use this info to make your timeline better. UndoUndo
-
-
-
Thank you for all
Thanks. Twitter will use this info to make your timeline better. UndoUndo
-
-
-
Thank you so much for this now I can link my friends when they ask.
Thanks. Twitter will use this info to make your timeline better. UndoUndo
-
-
-
what is the diff between FG and Atmosphere? Is one the exploit and the other the payload?
-
Fusée Gelée is
@ktemkin's coldboot exploit; Atmosphère is the custom firmware ReSwitched is working on. -
thank you :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.