It is unknown if the hacker has plans to release his exploit. He had told me directly in the past that he would release it if he ever had another combination of user + kernel exploit. This makes sense: keep one for himself in order to investigate future firmwares, and give one away for the scene.
If I’m counting correctly, so far Qwertyoruiop has 1 usermode exploit + 1 fully weaponized kernel exploit (the one mentioned here), as well as one additional kernel bug he mentioned a few days ago. We’re still missing a few things: another usermode entry point, and confirmation that the second kernel bug can actually be exploited.
In other words, we’re still pretty far from meeting the conditions under which Qwertyoruiop has said he would release anything. And that’s assuming he sticks to his word, which he has no obligation to do.
I’ve seen a lot of criticism of PS4 hackers in general and Qwertyoruiop in particular for their attitude of “not releasing anything” for the PS4. Although I do understand (and share) the frustrations of the community for not seeing any release coming our way, while a significant amount of hackers claim they have kernel access on the console, I think this is a good reminder for us that hackers don’t owe the community anything. People should also keep in mind that hackers usually have very good reasons not to release their work (whether we feel they brag too much about it is another point entirely), and it’s worth remembering that Qwertyoruiop has released lots of his work in the past, even if that might not be obvious to everyone. He was in particular a contributor to CTurt’s work in the 1.76 kernel exploits, and released a webkit exploit for firmware 4.0x.
It is also a good time to remind people that hacking consoles is not magic. It’s mostly the result of time, perseverance, and technical skills, which arguably anybody can acquire. Anyone with a PS4 running firmware 4.07 or below can run a public webkit exploit (released by Qwerty himself, as mentioned above) and start looking for kernel vulnerabilities. Not everyone has the skills to find a kernel exploit on a console, but certainly those who do not even look into how it’s done, will never find one.