Flash0 dump, then what?
A few weeks ago, our forum member The Z twitted about a “leak” of a full dump of the Flash0 of the PSP emu on the PS Vita. Unless you’ve been in the homebrew scene for a while, this probably doesn’t mean anything to you. Worse, you’ve been getting mixed signals from various people or websites, some of them going as far as claiming claiming this cracks the vita open, etc…
So what does this really mean for the end user? Well, in the short term, absolutely nothing, but read along for more details.
A bit of background
Flash0, PSP Emulator, PS Vita, Kernel hack… unless you’ve been in the “scene” for a while, these terms might be a bit confusing, so let me do a quick explanation on the security implemented on Sony’s devices. If you know about this already, feel free to skip to the next section.
Basically, the PSP has 2 levels of permissions: user, and kernel. If you use a shared computer at school or work, “kernel” is a bit equivalent to the “admin” rights of your computer. The user mode has a limited access to the PSP features, basically everything that’s required by games to run properly. The kernel mode, on the other hand, has access to everything, including the possibility to verify/decrypt games with DRM, or the possibility to update the firmware of the PSP, among other things.
From a hacking perspective, this means that getting access to a PSP user-level hack will give us limited features, while accessing a kernel-level hack gives us access to everything on the device, such as the possibility to rewrite the firmware (which is necessary, for example, for Custom Firmwares).
Similarly, a program running on the PSP in user mode does not have access to all files on the PSP or all sections of the memory. In particular, the “modules” used by the firmware are stored in a portion of the (Flash0) memory that can only be accessed in Kernel mode.
In addition to all that, on the Playstation Vita, the PSP emulator runs in a “sandbox”, which means that it does not have direct access to all the features of the PS Vita. In other words, a “Kernel exploit in the PSP emulator” does not give you a full access to the Vita, at best it gives you full access to the PSP emulator, which in itself is fairly limited.
Current (AFAIK) situation
Based on the explanation above, and the stuff that is publicly known, here’s what I can tell you: The only publicly available hack for now on the Vita is VHBL, which runs in User mode, inside the emulator sandbox. Davee has access to a kernel exploit that gives him access to more features of the PSP emulator, and apparently another hacker does too, since this person was able to access the PSP emulator firmware files on the Vita.
Just for reference, the schema below dirtily summarizes the permission levels (things in gray are unknown/hypothesis). And for reference, I included “where” we should be if we wanted a PS Vita iso loader, just so that people stop asking. It is worth mentioning yet again that I personally do not have any PSP Kernel exploit, and therefore it is also useless to ask me if I plan to release a PSP iso loader for the Vita.
OK, some hackers are gonna kill me for such an inaccurate diagram, apologies in advance
So what about that flash0 dump?
My awesome diagram shows that the Flash0 dump is at the kernel level, so I already see people saying this thing could give us access to the PSP Kernel inside the Vita… well…no, because I suck at diagrams. Yes, Kernel access was required to get that information, but no, it doesn’t magically give us access to the Kernel. If your admin takes a screenshot of his desktop and sends it to you by email, that doesn’t give you any admin rights, but it allows you to have a look at what the admin has on his desktop.
And this is, in essence, what this “leak” is about. We do not get PSP kernel access with this, but we get access to a few files we couldn’t get otherwise. So what will this lead to? Well, first of all, it means Davee is not anymore the only one who can investigate Kermit, the library that handles communication between the PSP emulator and the vita. Secondly, it will allow (motivated) devs to investigate the differences between an actual PSP’s firmware and the one on the emulator. We already know Kermit is one such difference, but maybe there’s more.
More unlikely (but we’re allowed to dream), the PSP emulator could reveal some more interesting secrets… some universal drm encryption key maybe? This is extremely unlikely, but after all, at some point the PS3 helped us to hack the PSP, so who knows if the PSP emulator doesn’t have a flaw that would lead to a Vita hack?
Nevertheless, from the end user’s point of view, this brings absolutely nothing. This can’t lead to a PSP Kernel access, or at least, not in a way that would be any easier than finding Kernel exploits in the actual PSP (and reusing them in the emulator). After all, if Davee (Proxima/some1) got access to such an exploit, it was (obviously) one that already existed on the PSP firmware, which anybody with a PSP and enough free time can investigate whenever they want. There’s also no telling that enough developers will be interested in looking into these files and reverse them… but who knows, it only takes one guy.
Don’t get me wrong, this is still very interesting, because it gives us access to files not everyone could access before, and it tells us there are at least two groups of people with access to the PSP kernel on the Vita. This is still, of course, very far from giving us a full control of the PS Vita, but it is exciting nonetheless 🙂
What do you guys think of this? Feel free to discuss here, or in the dedicated /talk thread
Thanks for this clarification, you’re the best 🙂
if vitahacked == true then
buyvita()
elseif vitahacked == false then
fuckthatshit()
end
if ( System.Language() == VB )
{
Person You = new Person(MSLover);
You.PSVita = NULL;
}
else
{
Person You = new Person(NormalPerson);
You.PSVita = new PSVita(Money);
}
if(programmingLanguage == C++)
{
std::cout << "I don't use VB" << std::endl;
}else{std::cout << "I don't understand." << std::endl;}
return 0;
System.out.println(“LOL, not using AP Computer Science standards huh?”);
System.exit(0);
//You know what?
>+++++++++[-]+++++++[-]++++++++[-] +++++++++++[-]++++++++[- ]<+.[-]++++++++++.
//so long, and I give a brain****!
HAI
CAN HAS ESOTERIK LANGUAGEZ?
ORLY?
YARLY
VISIBLE “MOOOOOAAAAR”
NOEZ
VISIBLE “meh”
OIC
KTHXBYE
Thats pretty interesting. I already planned on selling my vita. im not impressed with the game lineup so far and its been out for a lil while.
But if it ever becomes fully hacked. i may consider keeping it. I had my PSPgo for 1-2 years before HBL publicly was released on it.
I like my Vita, even without homebrew. My policy is that even if I’m bored with a game or system, to keep it anyway in case I want to go back to it at a later date, and it’s always served me well. Plus I’m loving vHBL for my homebrew needs (even if there are bugs, which is prevalent in everything), so even if the flash0 dump doesn’t have any use for us end users, I’ll wait patiently until someone manages to use the dump to get further into Vita hacking to a point that is useful for end users, such as, say, loading PSP homebrew straight out of the Vita menu for starters 🙂
Im gonna keep my vita on 1.61. Just incase i need vhbl in the future to use a higher level hack. I dont even use it much anyways.
could someone explain this website please. ” revitalizedteam.blogspot.com ” thank you Wololo.
A scam. you can tell by several things. First of all, the wallpaper for their title is actually for Ubuntu Linux OS, which has nothing to do with Vita. Second, the link to the txt that has the “password” for their files is on a site that requires a completed survey in order to download. Most sites that use that are scams. Third the so called “LeetGaming Review” is a text box that was entered and has no link whatsoever to a real site with the review, hence no support for it. Fourth, All their download links require surveys, and the download links are all under so called “torrent” links. A legitimate site would not make a mistake like that. Finally, if you google “Leet gaming” there is no crew, and the top result is a site called LeetGames, not Gaming. Anyway that is my analysis, I could be entirely wrong, but you also have to know if there really was a hack wololo or Davee would have found out earlier and have shared it out to the world.
o ya and if you check out their so called tutorial video, if you notice, there is no scene where theres a video of both the vita installing and with the computer screen installing. both videos are isolated, easily pieced together with the technology accessible to everyone nowadays.
Just click on the virus scan and the file size is small.
that’s just a *** website. PS Vita iso? How come Vita can load isos when there’s not even one news about it? You can’t play iso on Vita and you never will be and XK.XV was right, it’s just a scam.
Honestly the ps vita is on its way to being cracked. Whether Sony has a last line of defense or not everything gets hacked at some point but should we fully crack the ps vita to the point of how the psp turned out. No. Biggest reason being “Market Wise”. Once the ps vita gets to the point of where you can download any ps vita game for free its a huge turn off to gaming companies. You may say ” I don’t give a **** I just want my stuff free”. Well your not gonna get much free *** when companies stop making games for the vita cause to them there’s no point, its just a black hole there putting there money into. People will just wait for the game to show up on the internet and stop buying games for the Vita. Now i’m all in favor for ADDING onto the vita like homebrew, emulators, and maybe even psp iso loader now knowing that the psp is nothing more than our portable gaming system with a unlimited library. Mainly because these things don’t affect gaming companies directly so they will continue to make games. But sadly people get greedy and they run great systems like psp that could have been left at the homebrew scene and nothing more cause i don’t know about you but I cant wait for resistance burning skies and gravity rush. Why ruin such a great system with amazing upcoming titles like CoD and StreetXTeken. IMO it should be left at the homebrew scene and the psp iso loader because idk about you but I would like to play CoD on the go and many new games coming out for the Vita even if just cost a little out of my pocket.
PSP V3 board never got hacked and prolly will never happen. Also current hackers referred in this article are clearly against piracy. There is no such thing as unbreakable, but to what degree is definatly not sure. In essence PSP allows custom code running, using VHBL and the psp SUITE (?)
PSP ISO Loader is a must for the Vita. Sony needs to be punished for making us buy again our PSP games for the Vita.
THX a lot for the explanation what the leak means for a user like me.And could you tell me that,is it necessary to get to a Kermit level runned homebrew(maybe) by a vhbl homebrew acting as a bridge or sth like that,from the view of what we’ve get now?(sorry for my poor english)
I love how you have to reiterate the same thing many times :P. Are people that insistent?
300+ comments in 3.2.1…,GOD LUCK
mmm i believe that psp user access mode can stabilize homebrew on ps vita ,but i see the legal danger that there is by modding your ps vita so i understand why no development of the flash0 will come at least from here…
Huh. Well that is quite interesting and suprisingly easy to understand. Hopefully a “motivated developer” will be able to do something with this.
DON’T PANIC
KERNEL PANIC! Not Working: Fatal Exception in Panic Interrupt.
thank for the update wololo hoping update some more abour this!!!
did you think about Vita’s own user/kernel on diagram? 🙂 that may be important, unless the vita iso loaders magically won’t require vita kernel
Yeah, I intentionally let that undefined in the “gray” zone, as I have no clue how permissions are handled on the vita. It could be a much more complex system involving various users, etc…
Actually, this shows even more how my diagram sucks, I got it backwards compared to a “regular” security ring (the most protected zone should be at the center, not on the outer layer… oh well…)
But we have hacked the “core”, the PSP emulator, and we’re trying to break out into LiveArea, so it makes sense IMO
revitalizedteam.blogspot.com is FAKE
I hacked my vita with an axe :/
from a old school psp scener this is big news for my yeaaaaa time to go oldschool hacking man nice lol
Teh el oh elz =_=…
you need… a towel? 😮
wee i hack my vita by buying psvita game XD just kidding
well i support vita but hope get play psp using iso because it still ridiculous to buy over again when you have the umd… and umd passport only work for JPN 🙁
I would love to have Yu-gi-oh Tagforce 6 with English patched running on my Vita, but don’t seem like its possible at this rate. Checked the JPN PSN and they don’t even have that title which is really lame. Only way i can see the sale for Vita going up is a PSP ISO LOADER in all honesty the way its marketed is just terrible should have waited till November to release it with THML 5 and Youtube apps or at least a better browser.UK PSN is giving away free games once in a while and they know that its the only way to
yeah i heard Sony racked up a record annual loss of 457 billion yen ($5.7 billion) in its fourth straight year of red ink as the once-glorious maker of the Walkman and PlayStation struggles toward a turnaround under a new president
Honestly, I don’t play my psvita anymore. It just sits there with firmware 1.61 after I beat uncharted and got bored of blazblue. I have all my psp games on my shelve with no way to play them, and GameStop gives like 4 bucks as the most money for each. I’m really not enjoying the vita at all, and so far I’ve been playing the 3DS about 12x more than my vita (Kid Icarus is awesome). I tried ever since the beginning to get vhbl but I’m always late to get the game, or it’s released outside the US. Something needs to happen on the vita hack scene, because I remember the awesomeness of being able to homebrew on the PSP, and how it brought me back on board, leaving my DS in the dust shelf instead.
Its been 3 MONTHS SINCE THE VITA LAUNCHED AND NOTHING! cOMON SONY WHAT THE heck!!!!!!!
Its actually been 6 months if you count japan.
This must be heck for u wololo having a system with so much potential for so long with no good games 🙁
http://www.youtube.com/watch?v=8C7bWyyDXBg&feature=plcp
PSX Running on PS Vita
Ive noticed the uploaders name was (thez94) could it be the zed or or whatever his name is the same guy who tweeted about getting the flash0 dump? Hmmh
that video could just be him running a psx game from psn because i got an email saying that psx games are in the ps vita store now.
Thanks for this clarification Wololo.
Why says Ps Vita 660 keys??
how do install flash0 dump on your ps vita, so i can started playing psp games
-Wololo