Hi

I was thinking about downgrading and how we could exploit different features, then it hit me!

2.80 must have kernal otherwise how do sony write there firmware updates to the nand flash memory, so there must be some kind of kernal access to the nand flash memory.

Maybe dark_alex and his team could exploit the way sony writes to the nand flash and make it so that a downgrader could write to the nand flash the same way.

what are your thoughts?

every firmware has kernel...it's only a matter if coders can bypass the security checks in place to be able to have access in kernel mode. It'll only be a matter of time though, be patient

why has everyone been saying that there isnt kernel access on firmware 2.80? is it the fact that there isnt kernel access on 2.80 because it hasnt been cracked yet?

ok cause the 2.71 downgrader hasnt worked for me even though it should work so i was waiting untill a 2.80 downgrader came out then i was gonna try that

couldnt people like fanjita or dark alex and so on not like look at the firmware updates eboots and see if there is a code that manages to bypass the security. so they would have to look at the version 3.0 eboot to be able to crack the 2.80 security.

so in theory all firmwares from now on should be crackable but it will just be a lot harder each time and i mean a whole lot harder.

interesting theroy

all firmwares have kernel access, all the games released by sony run in kernel mode.

i think the security on the update EBOOT is broken when you extract the files.

sony dont write to the flash with an exploit, they have the security code to allow their applications to run from the memory stick.

i see now, I hope someone cracks it soon

Benh have you tried the newly released easy downgrader yet?

yep tried the easy downgrader full and lite none of them worked

i think the security on the update EBOOT is broken when you extract the files

that is correct, a program inbuilt in the psp searches for that security code every period of time i heard. moreover, if u try to edit sony's eboot files, if you careful enough you would notice that after editing the file, the param.sfo file actually suffers a loss in memory. the only way to get pass it is illegal, to get a copy of this code which is more known as Sony's Encryption code which appears to be used to seal their eboot files and then with an encrypter, encrypt the eboots with it. it is supposed that another team of coders have done it before but it's illegal and the homebrew scene wants to stay legal.

if a program can be made to patch that search process for that security file or encryption code etc etc, like redirecting to a file that has them, we shud be able to run homebrew off the xmb but then again this idea of mine may not work nor is it an easy task.

someone makes a program like x-flash that changes things in the nand memory, you could make it so that u know like u can put spoof fw versions, you could make it so that it puts the firmware as fw 1.00 as a spoof and the psp will think its as 1.00, so then you just run the 1.5 firmware update and it will update to 1.50

you could use the tiff exploit to run the x-flash type program plus it would be the safest way to downgrade because you would be running an official update

thats the way the mph 2.0 downgrader worked, but these recent ones just copy the older firmware file by file

that has been tried while trying to downgrade 2.0 psps if i am not mistaken

oops..didn't see the post that's now above mine..lol

at any rate many theories of a downgrader has been though of before so there's barely any stones left unturned but still, we mustn't lose hope