Coldbird and VF, The Big Interview, Part 3 (I swear, it’s the last one)

Missed the first parts of the interview? You can find part 1 here, and part 2 here :)

Still with us? Great, welcome to this last part of my big interview with two of the main active hackers on the PSP scene nowadays, Coldbird and Virtuous Flame. In this last part, we discuss a bit of 6.37 hacking, and the two devs’ thoughts on the NGP.

Based on your experience with CFW Pro, do you think hacking the PSP has become easier since the 1.xx era ? Or harder?

coldbird: Well… in early times – 1.0 and 1.5 – no real hacking was required… And nowadays, once you did the initial hacking (with no means to debug, besides framebuffer coloring), you can always rely on psplink to help you out with breakpointing / testing…

Also, we developed our own debugging applications, one being named “Jumper”, which allows us to inject a OllyDBG like trace function into a module, to see its program flow…

I dont think its any easier to hack 6.XX Firmwares than it was back in 3.XX. A few protections were added, but its the same process involved. Just that we know a bit more about the hardware / software now than we did before.

Many people ask me if a Kernel exploit/HEN for firmware 6.37 is likely to happen… do you have an answer for them?

coldbird: Unless we discover a suitable Kernel Exploit or Boot-Stage exploit, no – not yet.

For those that do wish to go on a 6.37 exploithunt…Search for Syscall exports that might be exploitable. Many people still dont know how we can make the jump from user to kernel. Syscalls are the only way in! :D For newbies, get yourself prxtool, get yourself psardumper… decrypt 6.37 and dig in.

As for us… we lack the time to do active searching ourselves. Maintaining PRO as is is enough of a job next to studying, reallife, etc.

6.37 already allows to run user mode homebrews, and a large number of isos using a few signing tricks. We haven’t seen a patch from Sony yet, do you think they gave up on the PSP?

coldbird: Nah. They just got lazy… Not too many people know that the homebrew scene even exists. The homebrew / cfw users make up a small percentage of the overall users. If I go out today, and ask 10 psp owners, I’m already lucky if 1 of them knows what a homebrew is.

They became lazy but they are still operating, and thus only do what they have to do to counteract it in measurable ways. Besides… the ISO signing algorithm by TPU and co only work with pre-generated demo headers, giving you a very strict limit in iso filesize and iso crypt codes. The only real way sony will counteract this is to keep the future released demos below the already existing maximum demo size, to not allow further isos becoming playable.

At least thats my guess here.

What piece of advice would you give to people who want to know “how” to become a hacker?

coldbird: Hm… depends what they wish to do obviously. Well for PSP… the first thing you WILL need is a good MIPS Assembly Instruction sheet, unless you know MIPS Assembly already. No hacking without Assembly.

Virtuous Flame: My advice is “Always curious. And better know nothing than half-know”
coldbird: Ah our friend is talking in cryptic language again. :) Curiosity is very important though, and a big thirst for knowledge.
Virtuous Flame: I see many devs trying to crack a bug just by replacing files. If they just went deeper into the assembly they would find out a better/wider solution.
coldbird: Yup…

Virtuous Flame: For example, one protection we had to bypass at some point was just made of two new functions added in 6.xx kernel. And it blocked us for many months.
coldbird: Yeah… sheesh that took us forever. But it was so simple: Sony just “cloned” functions with different nids, to trigger a “function not found” error in older firmwares. This simple thing kept us looking for many months, because we were expecting something really difficult,  and were too blind to accept the possibility that it could be a minimal thing.

Any “developer anecdote” you would like to share?

Virtuous Flame: During one of our experiments we found a weird bug in 6.20 utility modules
coldbird: yeah. :)
coldbird: And evil game developers misusing it for intended crashing… :)
wololo: Wait, seriously? Game developers don’t intentionally do that :)
coldbird: they do.
Virtuous Flame: They used a bug fixed in 6.3x to crash any Firmware under 6.3x
wololo: so that’s an anti downgrade feature, somehow ?
Virtuous Flame: Yes. I guess they intened to trigger a bug from Sony’s “bug fix list”. They do nothing in the code except loading and unloading libmp3…
coldbird: Its just a 6.20 bug, which occurs when unloading libmp3, freezing the system
Virtuous Flame: During this process 6.20 kernel corrupts its user memory, which causes random crashes
coldbird: they [The game devs] knew of it… and added it to ensure no 6.20 ofw could – using tricks – play the game.

Are you guys gonna get an NGP?

coldbird: I wont… unless someone magically donates me one or something.
In that case I would continue as I already did for PSP. Take a deeper look into it when possible… and see if i can extend its featureset.
Virtuous Flame: As for me, why not? I am sure Sony must regret selling me the pspgo :D
Wololo: :D
coldbird: Even if the statement of my friend sounds a bit… i dont know how to say it…We dont want to harm sony.

Ok, that’s basically it for my questions, any final word for the readers ?

coldbird: Hm.. final sentence. Sounds important. Can it be anything?
Wololo: definitely
coldbird: In that case, I wanna thank everyone who got involved with our development of PRO-CFW and its subprojects, like the online mode, especially my friend Virtuous Flame who sticked with me ever since the start of it. But also the others who were directly or indirectly involved in making progress in the PSP scene, be it Dark Alex, who I always looked up to, Mathieulh, Geohotz and also the early birds of the scene, like Nem who helped us get as far as we are now.

I also want to add a personal greeting of my own to Aznk, my most relyable Betatester in the PRO-Project and my girlfriend Crispy who cheers me up and gives me strength when I’m down.

Wololo: Virtous Flame, any final word, or thing you want to discuss?
Wololo: Ah, I have to go to bed, or my wife will kill me (again!)
coldbird: “Again”? You a zombie?
Wololo: Yup…she basically kills me every sunday night
coldbird: So mate, give wololo your final sentence so he can die in peace. :)

Virtuous Flame: The era of PSP may end very soon, but soon a new dawn will rise.
Is this good enough ?
coldbird: poethical. :D

Wololo: Thanks SO MUCH for your time guys!

  1. Dallox’s avatar

    1.00 the best firmware alive ;)


  2. J-Spill’s avatar

    Awesome. And i didn’t know Wololo had a wife.
    As soon as coldbird and vf come up with online play I’m going to upgrade to 6.35.


  3. J-Spill’s avatar

    till then, im stickin with 6.20TN-D


  4. Basch’s avatar

    Can’t even image how much I laughed reading this part
    Wololo: Virtous Flame, any final word, or thing you want to discuss?
    Wololo: Ah, I have to go to bed, or my wife will kill me (again!)
    coldbird: “Again”? You a zombie?
    Wololo: Yup…she basically kills me every sunday night
    coldbird: So mate, give wololo your final sentence so he can die in peace. :)

    Virtuous Flame: The era of PSP may end very soon, but soon a new dawn will rise.
    Is this good enough ?
    coldbird: poethical. :D



    1. Anand’s avatar

      like, hahahaha :D


    2. masterfu’s avatar

      i wonder what kind of “kill” wololo is talking about

      the argument “kill” or the “magical feeling kill”


  5. kalte’s avatar

    Nice interview! Very interesting, now I’m even thinking about giving a chance to PRO (still using TN-D).

    Congrats and good luck to devs!


  6. Jurasic’s avatar

    wow…. nice interview… i hope part 4 will continue… :D


  7. cute’s avatar

    i’m new to psp and i thought psp may die after ngp comes
    but people like VF says “but soon a new dawn will rise.” i’m so happy …:)


    1. hiro’s avatar

      yea same. i only recently bought a psp ( around 6-7 months ago ) and after a few months, the ngp was announced so i thought that it was sort of a waste to buy ithe psp, but then all of the HENs and LCFWs came out and I changed my mind!!


  8. Amido’s avatar

    Go Go GO VF and ColdVird, GO xD


  9. Kboy35’s avatar

    bring out 6.37 cfw pro!


  10. Noel’s avatar

    Pls support Virtuous Flame and Coldbird’s fanpage on Facebook,.


  11. zone’s avatar

    The era of PSP may end very soon, but soon a new dawn will rise. yeah!!!


  12. Vince’s avatar

    Reading the three interviews just made me all the more proud to be on PRO.
    I understand the troubles and hardships and countless hours vf and cb put into the lcfw that we may or may not take for granted.

    Many thanks to coldbird and virtuous flame for all ur effort. After reading this interview i think i will be a loyal pro user for many years to come. :D

    And thank you wololo for interviewing cb and vf and sharing this with us. May ur wife not kill u too often so we can continue to have a great webmaster and fellow forumer. :D


  13. pspmodel2001’s avatar

    After reading this, I cant wait fer the new 6.35 pro cfw. Right now I have 6.37 me 7.


  14. TheDarknessArrives’s avatar

    The words of Coldbird and VF have given me more hope on finding a way on the OFW 6.37. It’s hard work, i don’t know how they manage to keep up with it.


  15. nascar_007’s avatar

    Jurasic Quote:
    wow…. nice interview… i hope part 4 will continue… :D

    but wololo say
    “(I swear, it’s the last one)” xD


  16. juan321’s avatar

    here is the 6.20/35 PRO B-4


  17. masterfu’s avatar

    VF said in his chinese 163 wangyi blog that a hater tried to shut down coldbird’s blog prior to Pro-B4′s release

    the hater says that coldbird’s blog “spreads virus”



Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>