Quick tl:dr on DSBrick
A long long time ago in 2005, some homebrew developer produced two trojans. One, DSBrickA/r0mloader, pretended to be a tool to run games. The other, DSBrickB/taihen was a hentai slideshow. Both of these would brick your DS when run by filling at much of it as possible with FF bytes.
Obviously people were in a panic back then, being extra careful to make sure nobody slipped either trojan into some homebrew. Since is was such a serious risk, people started promoting a custom firmware called FlashMe because it had "brick protection." The trojans wouldn't be able to write to the first part of the firmware, so a recovery mode was put in to reflash/repair the firmware.
FlashMe brick protection is a hoax
Brick protection sounds nice, especially with how dangerous the Trojans seem, but let's take a closer look...
Each DS has something called SL1, two pins that determine whether or not the firmware is write protected (photo below). A brand new DS will have the SL1 pins disconnected, meaning that it is impossible to write to the firmware (excluding the settings at the end). This is why every CFW installing guide tells you to bridge- connect the pins of- SL1.
The chips normally used to store firmware are LE25FW203A, LE25FW203T, M45PE20, M35PE20. Looking at the manufacturer's data sheets (attached to this post), SL1's write protect works for the first 256 pages, with each page being 256 bytes. 256*256=65536 bytes. In hex, that's write protection until 0x10000. According to gbatek, the DS firmware data goes until 0x3F9FF.
Everything shows that the DS firmware should brick... but it doesn't... Despite what everything says, anecdotally no normal DS should be affected by the trojans (assuming write protection is on). I tested every chip and board type on my consoles. The only thing that happened was a settings reset. Here's your proof:
Interestingly the firmware wasn't written to until 0x3F760. So as long as you haven't permanently bridged SL1 (eg. soldering), you'll be protected, both with original firmware or CFW. But if SL1 is bridged, the trojan can write to every byte of the firmware without issue. Nothing can save you at that point.
Back to FlashMe... did you know that FlashMe's brick "protection" actually puts users at risk? Remember that at the end of the day FlashMe is just data. DSBrick doesn't care that there is a "recovery mode". It will just delete it if it can and move on.
But users are going to be afraid of DSBrick and feel that they have to install FlashMe at all costs. Some might decide to solder SL1 to make flashing easier and expose themselves to the trojan. Others might accidentally short something/drop out the battery and stop flashing before 10% (guaranteed brick). Most users are going to be fine, but the fact that you're putting yourself in harm's way for nothing is just stupid!
I have to wonder how that rumor about FlashMe came to be. Even darkfader was wrong about their own software and recovery...
Anyways, the trojans really aren't that bad. You don't need extra firmwares or tools to detect DSBrick. All that you need to do is get into the habit of keeping SL1 disconnected! A good thing to do regardless of trojans.
An exception to this post
There are a couple types of DS that are affected out of the box: iQue and Korea. These are so uncommon that they aren't too big of an issue, but still worth mentioning. iQue and Korea has 512kb chips (LE25FW403A and M45PE40) to store the larger character sets for the chinese and korean languages. These chips actually behave like the datasheets say, stopping write protect at 0x10000. This is the only case where FlashMe would do any good with SL1's write protect on. Though this is such a niche case that I doubt this was the reason for people to promote FlashMe.
Could I be wrong?
It's always possible I missed something. I've tested every board and chip type I can think of but I can't say for sure that I didn't miss another, or that my DSes might behave differently (I've put them through so much after all...). If you spot something I didn't, please let me know down below. Thanks!
