Finally, after a long period of a scene that got riddled by money hungry dongle suppliers we uncover this big scam and show you how things actually work.
First of all, none of the code the dongles use comes from the creators. All files used come directly from higher PS3 firmwares. This works by using plugins / SPRX's who are basically just drivers, from a higher PS3 firmware.
To get games to work, you need to use the files from higher firmwares, that games require. Those plugins we are talking about, also have the decrypt information stored in them that the games use to work.
Some of the newer SPRX's are compatible with older firmwares and can be used on older firmwares quiet easily. All you need to do is place them in the right folder and that's it.
Of course this procedure doesn't work with all the games quite so easy, some of the 3.6+ games load right away, others need some fixing. This fixing is done by patching the SPRX's to work with the lower firmware. Porting the drivers, so they can work with lower firmwares should be the easiest task.
Basically all this DRM does is nothing. The stick holds some drivers, like i explained earlier in this post, and lets the system use them. The HyperVisior LV1 Patches are nothing more then redirections to the USB stick / DRM fake.
The USB stick holds some dev_flash files, the system then uses. Its basically the same thing we did in the early stages of the Custom Firmware to load modified files quick and easy.
So after knowing all this, this explains why the dongles use DRM on their USB stick, simply to not let us see that they are really just scamming us with the cheapest materials they could find and some (by now old) dev_flash files stored in it. It's nothing more, and I'm sure that TeaM AC1D will empower more things and work on more in the future then the dongles have in last months.
We love Open Source and that's why we share this information with you. This needs to be stopped and we should all join hands to finally put an end to all of this. Use this information and do what you have to do.
Our respect goes out to Kakaroto, grafchokolo, Hermes, Deank, JaiCraB, Jjolano, Stoker25, Redsquirrel87, GeoHot, Condorstrike, Team Hades and everybody else we forgot to mention here.
Don't let yourself get fooled by these dongles guys and happy hacking to everyone!
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
Don't expect too much from me about the masterkey.
I suspected many different process to boot 3.60+ Games on older firmware and also some other stuff related to the internal emulation (PSX/PSP/PS2)
Have many theory about the dongle but i'm gonna explain something.
1-Many Official Game had standart self renamed to EBOOT.BIN (not even npdrm) you can easily unself them (and fix the encrypted section)
2-Patch the header from the official eboot.bin -> (self) and they don't make own eboot from this way, they patch the header to be work on a 3.55 Special CFW (allow to load specific stuff related to the CELL Execution)
3-the dongle = emulate debug patch dev_flash/payload that allow to boot into the debugger mode -> also to patch in real time (syscall function between usb port/CELL) remember jig generate dongle id
4-also some PS3 Games use specific SDK revision (like i show on a another topic)
5-and for the eboot NPDRM is different -> lv2kernel related to the liblv2.sprx, etc patching it's your answer