-
Notifications
You must be signed in to change notification settings - Fork 582
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Password protection? #299
Comments
as one can access both your sdcard content and rcm mode, you could barely prevent your switch from any convenient invasion.passwords are just of no help. |
It would protect from a kid just pushing random buttons tho. If they reboot the switch and it winds up at the hekate menu many bad things could happen |
Password can even end up being a file on the sdcard that get removed if we delete it, as long as it prevent getting in hekate easily. The password we can set in luma3ds is a good example of what im looking for. |
I think we don't even need to find and delete a "password file" to bypass it. we simply inject another bootloader payload in the case of switch.unless this password system means encrypting every file and real-time decrypting them , a simple boot-up verification won't do that much. |
Sounds right, but my goal is to prevent the kids burning my fuses, flashing my nand or whathever in hekate. They dont have the knowledge for now to inject another payload. And when something is written in english since their vocabulary is quite limited in this language and it need some more work to understand it they prefer the trial and error method to get to their goal wich on the switch is a game... |
I see. but don't underestimate your kids |
Not nessesarily. You can reboot to hekate from most kosmos (and atmosphere installations using hekate) from the restart menu. so its reasonable you could get dropped into the hekate menu |
Well I can only see 1 way on how this could work without intercepting it with another payload. And I don't want to deal with ppl that forget passwords on how to recover (you can recover). Plus that this will need touchscreen in order to not be a pain and there's not a lot of space for that in the main payload (and the whole logic, unlock UI, touch, magic stuff, needs to be there). It's a very specific thing. Maybe I could hack sth together just for fun, but not for having it in release. |
this isnt a security type of password This is parental controls type of password. to keep kids out of the tools and payloads menus |
I know this have been a year but have you figured out how to keep your kids away from hekate? |
or a password in hekate_ipl.ini config section. |
Hi, have you thinking about put bootwait=1 on hekate_ipl.ini so the auto boot process will be speed. At the moment bootwait=0 disable the autoboot, but could be a change on Hekate, where bootwait=0 disable autoboot, bootwait=x wait x seconds, and by example bootwait=99 boot immediately disabling the access to NYX and no hasle to recover passwords because editing on an external device the bootwait parameter you could regain access to NYX |
on and off switch? |
It is not useful. Preferably leave it on HOS and avoid AutoRCM, if you are sharing the console. Also, why would a child reboot the console? This requires holding down POWER, eh even without AUTORCM, when powering off the console will go back to HOS and will never load Hekate without any injections. What makes you think that entering Hekate is easy for a child, by accident? The only thing I recommend is to change the button combination for Overload and more than anything for Homebrew. |
your completely ignoring mariko consoles and mod chip users. Whats the point of turning off autoRCM if your goal is to stop your kid burning fuses and breaking things. This isn't a security mechanism. It doesnt even have to have setup in the menu making the user need to add it with a text editor in the conf file. The entire point of this is to stop your 5 year old mashing buttons in hekate's more dangerous menus. Hell. A 4 digit pin would be plenty. We aren't asking for bullet proof security just something to make it harder for kids to get into things they shouldn't. If you dont want to deal with people forgetting their password just make it so they need to edit the config file to set or change the password guaranteeing they know how to reset the password if they forget it. just a plaintext pin=1234 in hekate_ipl.ini just throw it in the readme add password entry to the UI and be done with it. Reply to any "how do I change my password" tickets with RTFM and a link to the readme. |
Could you add an option to ask for a password on hekate boot? Im starting to see some homebrew option to reboot to hekate, its pretty convenient but its a also pretty dangerous with clever kids around. Only thing protecting my switch is a button combo. It could prevent clever kids from getting in there and messing up the console, and could also serve as a console lock paired with autoboot and trinket. Part of the problem being the Switch parental control aint really good with clever kids, they can't palay games but they surely still can mess around, deleting games, updates... By the way good job its getting a nice payload ive been pretty surprised seeing a touch screen interface when i last updated.
The text was updated successfully, but these errors were encountered: