100w ago - Today PS Vita hacker wololo has made available a Half Byte Loader (HBL) development FAQ for those interested in progress thus far on Sony's PlayStation Vita handheld console.
Also below he states that he has ported HBL for Teck4's exploit successfully and updated to EU/US versions.
To quote: I managed to port HBL to the US version of Teck4′s exploit in exactly 45 minutes (including writing the savedata exploit and the binary loader), which is a new personal record, thanks to the scripts included in HBL's repository, and also to the fact that the different versions of the game are internally fairly similar (which is to be expected because technically the game is supposed to be the same, just translated, but I seem to recall it wasn't that easy for the Hotshots golf exploit)
I also updated the EU/US versions of this HBL port to get the tweaks I worked on for the past weeks in order to get a fair amount of homebrews to work.
The next step for me is to write a bit of documentation on how to use all this, and then patiently wait. As far as a release is concerned... well check the FAQ I wrote yesterday.
I could spend time polishing this port of HBL for the Vita, improve compatibility, and I might do it, but since there's a high risk this gets used by only a small amount of people before it gets patched, I'll probably leave it in its current state for now. It's probably not worth working too much on the details if nobody ends up using it. Of course if by some sort of miracle this doesn't get patched immediately by Sony, I'll update it accordingly.
Now let's all wait (I'm probably more excited than anybody else about this release, really...)
A FAQ for HBL on the Vita
We've seen through Teck4′s exploit that PSP exploits run flawlessly on the PSP emulator of the Vita. I've spent the past 3 weeks working on leveraging Teck4′s exploit and port HBL to it. I've been receiving lots of questions (probably from people who haven't used HBL back when it was the only possible way to play homebrews on the PSP Go) and will try to answer them here.
What is HBL?
HBL stands for "Half Byte Loader". This is a homebrew loader for the PSP, which was written initially by m0skit0, then improved and maintained by a bunch of devs including myself (those two links are good old memories, when HBL wasn't loading a single homebrew properly). It basically allows to run fanmade games, emulators, etc on the PSP. We've found that it can run on the PS Vita through the PSP emulator.
Will this allow to run PSP backups (isos)?
Although in theory that would be possible, HBL only has access to the PSP "user mode" which is fairly limited. Practically, all teams who have tried to create an iso loader in user mode on the PSP have failed so far.
Will this allow to run PS Vita game backups?
Does this give us access to the Vita hardware (touch screen, etc)?
No. HBL accesses the hardware through the PSP emulator, and therefore only has access to what is mapped to the PSP controls. It also only has access to 32MB of ram, etc
Does this give us possibilities to hack the vita further?
Most likely, not. HBL is stuck in user mode, in a sandboxed emulator. To get access to Vita information, we would need first to get kernel access in the emulator (through a psp kernel exploit), and then find other exploits in the emulator/OS itself to break away from the sandbox (which, if the Vita OS is as secure as I think it is, is close to impossible)
But will it give us more horsepower than the psp? Can we expect emulators to run faster, etc?
This still needs to be investigated deeper, but from what I've seen, not really. Memory stick access is definitely faster on the vita (Wagic loads between 5 and 10 times faster on the vita than on a psp go), but the rest seems to follow the psp limitations (as one would expect from an emulator)
Will this be made public?
Yes. Teck4 (who found the exploit) and I agreed to making this public at some point.
When will this be made public?
Some time after the Vita is released worldwide.
I heard Sony can patch this very easily as soon as it's made public?
Yes. Since this uses a vulnerability in a PSP game, as soon as they know which game it is, Sony can remove the game from the PS Store. Once they do that, they can patch the Vita firmware to reject the "malicious" files (either by preventing them from being copied through the content manager assistant, or by patching the PSP emulator, or by patching the PSP game, etc). At that point, people who don't already have the game on their console won't be able to use HBL. Also, people who do have HBL will need to never upgrade their firmware, will have to use some tools such as OpenCMA in order to copy files to the vita, and will be locked out of the PS Store as long as they want to use homebrews.
So shouldn't you keep this under wraps instead?
Meh, it's not like anything is really secret here besides the name of the game. It's already pretty sure this is not useful for hacking the vita further, so even if it gets patched I don't think we will lose "too much".
No iso, no access to the vita internals, and Sony will patch it as soon as it's out, so basically it's useless?
Yes and No. Technically, a hacked PSP is way cheaper and will allow you to do more than that. But this is, as I write these lines, the only way to run unsigned code on the Vita, which in itself makes it a great achievement (and it's always cool to show your friends that your Vita can run Mario, and theirs can't). Also, it didn't take too much time to adapt since most of the code was already available from our past work in the psp scene. It would have been even more useless to say "oh yeah, interesting, we can run psp exploits on the vita" and not do anything with it.
How do you copy/install homebrews to the ps vita, since it cannot be mounted as a regular usb drive?
This will be explained when HBL is released.
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
Following up on the previous update, today PS Vita homebrew developer wololo has revealed the game used for the PlayStation Vita Half Byte Loader (VHBL) is Motorstorm Arctic Edge (Motorstorm Raging Ice in Japan) and shared a video of it in action below!
As a result, Sony has officially removed the Motorstorm Arctic Edge title from PlayStation Store.
To quote: "Ok, so, since the PSN maintenance is being postponed, there is no reason for me to not give the name of the game used by Teck4 for his exploit:
The Game is Motorstorm Arctic Edge, also known as Motorstorm Raging Ice in Japan. It is available for 19.99 euro on most European Playstation Stores, 15.99 Pounds in the UK, and for 3800 yen on the Japanese store.
Note for North American readers: that game, despite being available on the US Store, is marked as not compatible with the Vita in the US. People who have bought it in the US and tried to transfer it to their vita have failed as far as I know, which is why a few days ago I recommended people in the US to get a European PSN account.
Now what's next?
Well it's simple and stressful at the same time: I'm giving you guys a couple days to buy a copy of that game if you think VHBL is worth it (and assuming you trust that I'm not lying), and then I'll release the VHBL files. There are pros and cons to this "2 steps" release. The cons are that you have to trust me, and there's a possibility Sony actually patches/patched something without me knowing it, the pros are that I don't think Sony will remove the game from their store until they actually have something to patch, so I think this gives you guys a couple days to buy the game.
Or, you can wait until I release the files and other people confirm it works, at which point you run the risk that Sony patches the exploit and/or removes the game from the store before you can even buy it.
Now, let me be clear once again: buy the game if you want to play it, I have no way to guarantee VHBL will work for you, I can just tell that a few days ago this was confirmed to work by a few testers.
Also keep in mind that VHBL gives you no iso, no special access to the Vita hardware, just a limited PSP homebrew experience on your vita. If like me you think it's fun, then you might be interested. Or, if you think that 20 euros is a fair price for one of the best PSP games, then, well, just consider VHBL as a "bonus".
VHBL has been confirmed to work on firmware 1.61. If your console asks you to update to firmware 1.62 or something, I cannot guarantee it will still work. It is also recommended, after you bought the game, to be paranoid and disconnect your console from the network, and to install openCMA. Again, there are lots of unknown things going on with the Vita, it is impossible for me to tell if this will work for everyone.
As far as I know, there are 5 versions of this game out there. I ported VHBL to 4 of them, and I am sure the fifth one is vulnerable too, but I couldn't find any place selling or "distributing" it, so I couldn't port the exploit to it. That being said, it should be "doable" if somebody can get a copy, to port the exploit to that version as well.
Finally, for those who want proof, here's a video:
I want to thank the people who made this release go as smoothly as possible, especially Teck4 and Mamosuke, HBL devs (in particular m0skit0 and JJS, thanks for lurking on the scene for so long, you guys are the real deal!) the mods at /talk who have helped a lot over the past week, the handful of devs/testers who know how to keep a secret (you know who you are), but also the thousands of /talk users who, for some of them, have been knowing the game's name for several days now, and haven't leaked anything.
You guys are truly an awesome community, you can of course now go ahead and let your friends know, or brag about how you've known about the game for a while and hold the secret. It was so far an awesome experiment, let's hope the result will be worth it!"
Too bad my Vita will arrive in 9th March (international delivery) hopefully someone find another exploit by then.