Several people have been contacting me inquiring about the future possibility to exploit PS Vita firmware 3.61. The majority of the audience of this blog has been enjoying HENkaku on firmware 3.60, but a growing number of users are left in the cold, stuck on firmware 3.61. So I expect the questions related to a PS Vita 3.61 downgrader, or a PS Vita 3.61 jailbreak, or a PS Vita 3.61 hack to increase with time.
Is there, or will there be a PS Vita 3.61 Vita Jailbreak?
The long answer is more nuanced, but still ends with a “no”. Think about it, it took about 5 years for the first “real” Vita hack to surface. And hopefully, the various explanations that have been posted by Team Molecule and others about the hack have proven that it was not a small achievement. HENkaku required several hacks and tricks to work.
It’s not clear to me how many of these vulnerabilities have been patched by Sony (the user Mode webkit exploit was definitely patched), but it’s safe to assume they did not only patch the webkit vulnerability.
Basically, it wouldn’t be a stretch to assume that a similar scope of work (as what happened for HENkaku) would be required for a new Vita exploit to be released. In other words, years.
With that being said, hackers now have access to more information about the Vita than Team molecule had. It is not a black box anymore, and with access to the system, I assume some groups are hard at work reverse-engineering the Firmware to find more vulnerabilities. But this is not the PSP days anymore, where the system had very limited protection. Here again, Yifan Lu and Xyz have made a point of showing how complex it is to fool the Vita securities.
Hacker Mike H. mentioned he did have access to a kernel exploit in one of his writeups of HENkaku. That doesn’t mean this will be released or used in a larger exploit sequence for a future Vita 3.61 exploit. He also hasn’t provided any proof of that statement so far.
Luckily for me, I already found a way to leak kernel memory while playing with the SceNet syscalls, so, stage 3 is on its way.
How about a PS Vita 3.61 downgrader then?
A downgrader would basically imply that Sony’s private keys are leaked or that their security is completely taken down. According to everyone I’ve asked, this scenario is highly unlikely.
Alternatively, it would mean a Kernel exploit with the ability to patch the system in Ram, which wouldn’t really be a downgrade anymore, just another kernel exploit for Firmware 3.61. So a downgrader is probably even more unlikely to happen than a 3.61 Jailbreak.
People have contacted me, offering to donate money to fund a “bounty” for a PS Vita 3.61 downgrader or exploit. I’d like to remind everyone that we have attempted this in the past, with a total bounty of about $2000. This gave us Rejuvenate, from the very same person who gave us HENkaku, Yifanlu. Nobody else ever even tried to suggest something else: Rejuvenate was literally the only entry for that bounty, despite it running for months.
So I don’t think money is the issue here, unless, as I’ve told to the people who have suggested it, unless you have somewhere between $10’000 and $50’000 to give away. That kind of money might motivate the people with the right skills who weren’t thinking of doing it for free in the first place.
What hacking options exist for Users on Vita 3.61?