Hi all, I have been lurking here for a while, keeping tabs on the discussions (much of which goes over my head- I am NOT a low-level guy). I would love to see you guys succeed for the simple reason that I'd love to write indy software for the PSP-as I'm sure many of you plan to eventually ;)
I have noticed that no-one seems to have mentioned the fact that demo PSPs (and early dev versions) apparently used to be able to run software builds from the mem stick. In one of their reports (I'm sorry, I forget which one- so no URL ;p), IGN mentioned that when games were first being demo'd to them, they were being run from the stick and not from UMD. The disabling of this has of course been a pain in the butt for developers, because it means if they want to test their builds, they have to have a UMD burned in Japan, and turnaround for that at the moment is terrible.
What I was wondering was if that lock was in hardware, or in the firmware... almost like a PC bios setting that enables or disables booting from CD (excuse the simple, ignorant comparison, as I said, I'm no low-level guy..). And if it is in software (part of the firmware) if that firmware could somehow be modified to re-allow running code straight from the card..
Anyone have any thoughts on this?
Running code from the stick- hard or soft lock
Running code from the stick- hard or soft lock
--
Flint
"The universal aptitude for ineptitude makes any human accomplishment an incredible miracle."
Flint
"The universal aptitude for ineptitude makes any human accomplishment an incredible miracle."
Flint:
If they were smart they would have disabled it in the hardware... but this would have required them to produce a modified version of the dev chip that handles code execution on the mem card.
This modified chip... could be as simple as removing a trace/pin on the chip, would then have to be manufactured for the PSP in mass quantities. Question is was Sony in a rush to get this to market... if so they may have just flashed some firmware to handle disabling the routines. I hope this is the case bc it would be the easiest vector to hack.
Anyone see whats in these chips yet? If i was more capable, I would love to try and decode whats in the firmware/bios. Time to read http://hackingthexbox.com/ again!
This is all under the speculation that there actually was code/chip in place to read/run code from the mem card.
If they were smart they would have disabled it in the hardware... but this would have required them to produce a modified version of the dev chip that handles code execution on the mem card.
This modified chip... could be as simple as removing a trace/pin on the chip, would then have to be manufactured for the PSP in mass quantities. Question is was Sony in a rush to get this to market... if so they may have just flashed some firmware to handle disabling the routines. I hope this is the case bc it would be the easiest vector to hack.
Anyone see whats in these chips yet? If i was more capable, I would love to try and decode whats in the firmware/bios. Time to read http://hackingthexbox.com/ again!
This is all under the speculation that there actually was code/chip in place to read/run code from the mem card.
SCPH-50001/N
HD SCPH-20401 U
Eyetoy SLEH-00031
Network Adaptor SCPH-10281
Logitech Z680 via FIber w00t!
Sony Wega TV + USB Keyboard
http://staff.philau.edu/barberej/
HD SCPH-20401 U
Eyetoy SLEH-00031
Network Adaptor SCPH-10281
Logitech Z680 via FIber w00t!
Sony Wega TV + USB Keyboard
http://staff.philau.edu/barberej/
so the psp games that sony releases are just signed/encrypted? no stopping someone from loading a bin file from the memory card! interesting... so maybe there is a buffer over/underflow in the file decryption code.
SCPH-50001/N
HD SCPH-20401 U
Eyetoy SLEH-00031
Network Adaptor SCPH-10281
Logitech Z680 via FIber w00t!
Sony Wega TV + USB Keyboard
http://staff.philau.edu/barberej/
HD SCPH-20401 U
Eyetoy SLEH-00031
Network Adaptor SCPH-10281
Logitech Z680 via FIber w00t!
Sony Wega TV + USB Keyboard
http://staff.philau.edu/barberej/
on production hardware:
only sony-ized software will run.
by sony-ized i mean they package it and encrypt it with thier set of keys.
pain in the ass process (longer than one would like)
on dev hardware:
will run straight code.
dont count on overrunning or underrunning the encryption. its been tested and proven and in any case not a lot of people knows how it even works. It may be based on AES and AES keys but its package is proprietary.
a firmware hack (for lack of a better word) is your best bet at making the psp run un-packaged homebrew code. Id suggest you all have tcpdump/ethereal ready to go for the firmware realease. but in anycase thats packaged as well.
edit: toned down
only sony-ized software will run.
by sony-ized i mean they package it and encrypt it with thier set of keys.
pain in the ass process (longer than one would like)
on dev hardware:
will run straight code.
dont count on overrunning or underrunning the encryption. its been tested and proven and in any case not a lot of people knows how it even works. It may be based on AES and AES keys but its package is proprietary.
a firmware hack (for lack of a better word) is your best bet at making the psp run un-packaged homebrew code. Id suggest you all have tcpdump/ethereal ready to go for the firmware realease. but in anycase thats packaged as well.
edit: toned down