Is the whitelist a list of people that can participate in the beta servers?
It’s a list of friend codes of people who have tester access who can access beta servers.
is it worth trying to send mine
1 Like
“Mine?”
So there are multiple individual whitelists? Could you clarify that please?
I never said there’s multiple whitelists, just that it’s a list of friend codes of people who have tester access so they can access development servers.
1 Like
J-Will
October 6, 2024, 9:12pm
5
Do you mean that people that paid for beta on their PNID can share their friend code here to be whitelisted?
Yeah, that’s exactly what I mean
Do you mean that people that paid for beta on their PNID can share their friend code here to be whitelisted?
Hi, J-will!
But I thought you don’t have friends on the Pretendo Network? Or maybe that’s just for 3DS.
But I thought you don’t have friends on the Pretendo Network? Or maybe that’s just for 3DS.
The way that tester access currently works on 3DS requires you to send your friend code to someone
1 Like
But that’s only when you pay the subscription, right?
Some people have tester without paying a subscription as well, these usually are staff or people handpicked by staff.
I think I might be causing unnecessary confusion here and some things are going on right now (won’t go into details because this is not the place for it).
I’m just going to shut up for a bit.
Couldn’t Pretendo make faux users that act as bots and automatically add any users that friend the bot? That way, it makes the beta servers easier to access!
Don’t be down on yourself!
of course I say I’m going to shut up and then make a reply immediately after
No, that wouldn’t really prove someone’s a beta tester. Eventually, I think the team wants to use someone’s PNID to grant them access to beta servers, but that comes at the cost of locking out users with Korean firmware from ever becoming a beta tester.
1 Like
I said to not be down on yourself!
Why specifically Korean consoles?
Korean consoles never had Nintendo Network functionality, so you can’t link a PNID to those consoles.
It’s part of a proposal to force people to link a PNID to go online, since it would make moderation easier as well as linking 3DS consoles for beta testing, as well as a proposal to have one console of each type per PNID (apparently people have sold beta access in the past since there’s no limits at the moment).
I’d recommend reading the two issues below to get a better idea about what I’m talking about.
opened 02:09PM - 07 Jul 24 UTC
enhancement
approved
### Checked Existing
- [X] I have checked the repository for duplicate issues.
…
### What enhancement would you like to see?
Currently environment checks are done in 2 different ways depending on the system type:
- 3DS - Checks the NEX account environment
- Wii U - Checks the PNID environment
Since beta whitelisting is only automatically set at the PNID level, and it's not possible to reliably automate whitelisting/unwhitelisting 3DS consoles, we should instead require beta testers to link a beta-allowed PNID to their 3DS. Our servers should then:
- Check for that linked PNID on the console
- If a PNID is linked, use that for environment checks
- If not, use the system/NEX account environment
This way we no longer need to worry about manually whitelisting 3DS users. We would also need to run a migration on the database to reset all (not banned) 3DS environments back to production, in order to catch any legacy users, enforce the PNID checks for new users, and catch any people left behind who had their 3DS account whitelisted but we never unwhitelisted it after they left beta
### Any other details to share? (OPTIONAL)
_No response_
opened 12:22PM - 24 Jul 24 UTC
enhancement
approved
### Checked Existing
- [X] I have checked the repository for duplicate issues.
…
### What enhancement would you like to see?
This is a 2 part issue, which ties directly into #100:
1. Enforce PNIDs to be linked to consoles before letting them go online. This is only really relevant to the 3DS, as the Wii U already enforces this.
2. Actually link PNIDs to consoles on the backend just like Nintendo did.
## Part 1:
Enforcing a PNID to be linked to a console before going online has a few benefits, the biggest one being that it FORCES 3DS consoles to go through the NNID setup. This means we FORCE the 3DS to contact the NNAS server, which means we can:
- A) Ensure that a 3DS has an actual device certificate (not just the LFCS) tied to it.
- B) Actually tie a device to the device ID stored in said certificate.
Forcing a 3DS to link it's device certificate before going online means we always have access to it from the moment the user goes online. We plan to eventually completely change how bans are structured, and being able to simply directly ban the certificate would streamline things. Currently we still do support full console bans by using the LFCS, but being able to handle this as just device certificates would make things simpler when we transition the ban system. Currently the way console bans work is we lookup the console's records in our database and then set it's access level to `-1`. When we transition to a ban system where bans are stored as records in the database, being able to just store the device certificate hash in a ban record would simplify lookups (rather than trying to fumble around with checking both device certs and LFCS hashes).
Tying the device ID to the records in our database would also make some things easier in the admin panel. Currently @hauntii tries to use the device serial as the unique identifier, despite them being inherently untrustworthy (note that serials are not used for any actual checks besides sanity ones, since they are untrustworthy, Niko simply tries to use them as unique IDs).
Enforcing that a PNID be linked to a 3DS before going online would also give us an extra layer of tracking, especially when it comes to cheaters. For example if we find someone cheating in Mario Kart 7 we can see their PNID, and use that to cross reference who they are on a Wii U. If that Wii U has other accounts linked to it then we know to also monitor those accounts. Just as a basic example.
This brings things around to part 2.
## Part 2:
Linking users to single devices of each type has several benefits, but the biggest one comes down to preventing account sharing on supporter accounts. Right now we have a major issue with how supporters are handled on the 3DS; we manually whitelist people. This worked "fine" in the old days, but now that we cycle through several dozen supporters coming and going every day it's way too much to handle on our own. @DaniElectra does a great job adding people to the whitelist, but without someone also keeping up on removing people we end up in a situation where people support, get whitelisted, stop supporting, and stay whitelisted. We have known about this issue for years, but chose to not think much of it until now,
In order to prevent this, #100 was proposed. While this would fix the manual whitelisting issue, it introduces a new one (which isn't exactly new since this happens on the Wii U already); account sharing. By allowing PNIDs to exist on any number of consoles, it encourages account sharing especially in cases of supporter accounts. This can cause issues as we now have accounts tied to multiple consoles, and we can't actually know for certain who is who. If 1 account is linked to 2 consoles, and it keeps cheating, which console do we ban? That sort of thing.
In the case of supporter accounts it also encourages, essentially, account "piracy". People share the details to supporter accounts and then share those details publically. This becomes an issue as we rely on donations to stay operational, and just further adds fuel to the "who actually is this" issue. Additionally it also creates a scenario which we are seeing pretty often; people ***selling*** PNIDs. I know of at least 2 cases where someone has been directly profiting off of the mass sale of supporter PNIDs. This is, obviously, something we do not want to encourage. Not only for the already previously mentioned issues, but also because it creates an environment for users to get easily scammed.
By only allowing PNIDs to be linked to one of each console type, we prevent all these issues.
### Any other details to share? (OPTIONAL)
In order to do this properly we would need to throw the `0143` error on NNAS. This error, on the Wii U, throws the "The link to this Nintendo Network ID has been temporarily removed" error and unlinks the NNID from the local user account, forcing the user to sign in again and thus actually complete all the device detail filling and account linking.
This *does* mean that those who use Cemu as their primary medium would need to relink themselves using a real Wii U. I am aware that this may not be the case for everyone who uses Cemu, but that is unfortunately something I am willing to sacrifice in order to improve our own services and increase our security. Additionally, Cemu already has all the account information it needs to do the NNID/device linking process, so (while possibly not trivial) it is possible that Cemu could simply be updated to support this directly.
Additionally we would introduce a new issue that we would need to handle; manually unlinking PNIDs from consoles. This shouldn't be an issue from a technical perspective, but it is something people will request now (especially on the 3DS, since it doesn't have a "logout of NNID" button). We may be able to provide users the ability to unlink from their previously owned devices on the website however?
Also on the 3DS, I am unsure if `0143` from NNAS will have the same effect there. I remember testing some Wii U error codes on the 3DS a while ago and having slightly different results. This would need more testing.
1 Like
Can homebrew work on Korean consoles? If so, couldn’t we make a homebrew that lets a Korean 3DS connect to the Internet, and thus connect to the Pretendo Network with a user created by the homebrew?
Of course CFW can work on a Korean 3DS console. They can still connect to the internet anyways, they just can’t link a NNID and can’t get any access to Miiverse.
Ideally, it would be better region swapping to another region anyways to gain access to Nintendo Network.
2 Likes
The user would be directly within the CFW application. Thus, it would serve kind of like a pseudo-PNID that is assigned to the Korean 3DS and can thus use Pretendo’s services.
I’m not entirely sure that’s how things work. I’m not going to pretend I’m anywhere near as knowledgeable as the amazing developers who work for Pretendo.
2 Likes