PSVita Hacking @ 35C3: Summary of talk, F00D (Bootloader) key revealed and Team Molecule releases various decryption tools – Now, the PSVita’s security is effectively blown wide open!


I'm a girl that's liked technology from day 1. Mostly interested in the PSVita/PSP scene but I've always modded my stuff when it's possible, that is :)Contact me via DM at @KawaiiAuroraA on Twitter if you have any questions/concerns about my articles or if you have any article requests.

16 Responses

  1. Basam Zayniaie

    I love vita…and really great job…but I’m more excited about the ps4 news….the end of the year is near…we want the kernel exploit..!!

  2. Coco

    So what’s stopping 3.69 enso from happening now? If the security processor of the console has been hacked doesn’t it mean unsigned code at startup is a possibility regardless of firmware?

  3. Codeman785

    So in conclusion this was a breakthrough, and and there are things to come from it?

    • Andrew

      You now have the root keys to decrypt every single file for the Vita OS, including it’s kernel. This allows you to more easily find exploits for the system, or in some cases you could install a complete custom firmware in place of it, instead of something like H-encore.

      With these keys, you could theoretically replace the Vita OS completely with Android or Linux, instead of running them as kernel plugins. There’s more to it to make that possible, but now exploits can be created to run by the bootrom instead of the OS, much like with the 3DS and B9S.

      • yoshi314

        you don’t have those keys, to be fair. they were not released with the decryption code.

        but they extracted them.

      • StepS

        That’s not correct. You can’t just replace the official firmware files with custom ones, because it’s not just about decryption, but also signature checks. And we do not have Sony’s private keys to sign firmwares or games.
        An exploit for the bootrom is also unlikely. As Yifan said himself, the bootrom is super-simple and the attack surface is very low. Therefore, you’re unlikely to find a vulnerability that would let you take control over it beyond the voltage glitching procedure he performed (which will probably never become user-friendly or convenient to use).
        So, in those terms, we’re still limited to exploits in the upper layers of the Vita boot-up process.

  4. bolo

    Hope it can help boot android on vita in the future 😀 Android 2.3 would be perfect to run GTA SA on vita 😀

  5. Smoker1

    The only thing I am currently interested in right now, is getting a PSM Game (Everybody’s Arcade), and getting the Klondike Solitaire unlocked, which I already Paid for Years ago. It wont work on my 3G Vita, even with it Backed Up/Restored with QCMA. Worked perfectly on my other Vita. But wont on the 3G Vita.

  6. Gr8n00d1e

    I wonder if something like Pandora Battery is possible now for Vita.

  7. duh_dehtt

    great news, poor article, damn the trepp

  8. Jefphar

    Wouldn’t Sony sue them now they show themselves in Broad Day light (Hackers Yifan Lu and Davee). This is a question for their own security for now.

  9. SilicaAndPina

    PSM Developer apps are MINE

Leave a Reply

Your email address will not be published. Required fields are marked *

Most comments are automatically approved, but in some cases, it might take up to 24h for your comments to show up on the site, if they need manual moderation. Thanks for your understanding