283w ago - First off, we would like to wish all of our American visitors a very Happy 4th of July 2008 today!
But for more explosive news (who doesn't love a pun?) we recently received two special PS3 PUP files from a VERY nice guy. As pictured below, they are PS3 Debug 1.00 (65.5 MB (68,765,224 bytes)) and PS3 Debug 1.50 (72.2 MB (75,762,080 bytes)).
These PUPs, which are the special downgrade PUPs, allow a user to downgrade their PS3 TEST from any version down to it. For example, with the 1.00 SPECIAL Downgrade PUP a user can be on 2.40, install it, and after a reboot be on 1.00!
1.00, which lacks just about every feature but ON/OFF functionality, will then let us upgrade to any DEV firmware above it.
Which brings us to 1.50... Through examining numerous Sony documentation recently, we have read that in the 1.60 Firmware the PS3's kernel memory and user memory are separated, leading us to believe that the kernel memory before hand had much more relaxed access permissions, if any at all.
The current theory (soon to be put to the TEST [another pun] by our resident PS3 Devs) is, using a lower Firmware console to peek around what we can access of the memory, and we might just get lucky!
299w ago - We announced this notice some time ago, now I would like to show you a picture of the tool I compiled to do the job. You need the Infectus mod-chip on your PS3 to downgrade. This mod-chip allows you to take a backup of your current PS3 Firmware that can be restored.
The news is that before it wasn't possible to downgrade without a previous dump of your own PS3 console's Firmware, but now things have changed.
Using this tool you can modify a NAND backup in order to let the console think it has a lower Firmware version, so later you can use an official Sony upgrade PUP file to "downgrade" to the version you need.
It has been tested to patch all PS3 Firmware dumps up to 2.10 so far, but is a work-in-progress as we still need to test re-updating more thoroughly.
I would like to thanks to Gigi and Mainman for their support in this tool, and all the other PS3News Devs for helping us in all our work.
305w ago - We hinted on this in previous PS3 Dev postings, but now it deserves a post of its own. We have successfully obtained the decrypted ELF file from an encrypted SELF that we ran, then dumped using the PlayStation 3.
As you can see in the image below, there is an ELF file, totally decrypted from the retail game disc! This removes BOTH the disc layer of encryption on the EBOOT.BIN, as well as the file layer of encryption.
In other recent PS3 Dev news, we have managed to successfully downgrade a PlayStation 3 without utilizing a previous flash dump backup of the console. Normally to downgrade your PS3 you first need a copy of the original firmware (made with Infectus). However our method does not need any flash backup, as it uses the PS3's updates to downgrade for us.
Keep in mind it's still a work in progress, but expect additional details on this project as they become available. Look for more information coming this week!
325w ago - Hacker Robinsond has open-sourced the schematics sources and details that are required to make your your own PIC interface required to perform the timing attack that allows you to boot the 1888 base kernel. This means even if you have burned fuses and dont know your CPU key, you can boot to the respective kernel and update the exploitable kernel.
The timing attack is working well now, the software has been released for testing and if no major problems are found then it will be available at the end of the week. The first release will require an Infectus modchip and a "home made" PIC interface. I thought I would release the details of the PIC today to give people a chance to order parts, build and test the hardware.