There he is! haha I have DEX and ProDG but even I have my paranoia about tinkering in those fields...
Really? because I seem to recall reading/overhearing on multiple occasions that the metldr2 was much more encrypted than the SYSCON found in Slims and Fats. Like, people were saying that the encryption could be cracked but that someone would have to sit there for years while the keys were decrypted to said PC? I definitely remember hearing about this
But just as i figured from the start, it's possible? Though no one is willing to spill that can of beans...
1. There is no paranoia to be had, using a debugger in DEX isn't a risky procedure. If it were, game developers would have their hands full all the time lol
The debugger exists to aid development, not to make it easy to brick a console.
There is no risk directly associated to app & game development, any changes you might make with the debugger are userland memory based. Even if you made changes to the kernel or the hypervisor memory at runtime using custom code or exploits, those will disappear after reboot.
That's exactly what happens with HEN actually.
The only thing that may be risky would be to make changes to the NOR/NAND based CoreOS files or per console regions, stuff like that. This kind of exploitation work does require having a hardware flasher handy just in case BUT that's not the type of work that 99.99% of developers do & it cannot be done with a debugger anyway as it only has access to userland memory so as long as you don't use the sys_storage_write syscall (1 syscall out of the hundreds available) in your custom code, there is nothing to worry about.
As to modding /dev_flash based binaries, the risk is mostly a soft brick, fixable with a hdd wipe on NOR. NAND/emmc consoles can be a little more problematic. But again, modding those system binaries is not exactly typical development work.
2. metldr2 keys are not the be all & end all of ps3 exploitation & exploiting its code is not the only way to get a CFW running on superslims.
Sure, attempting to bruteforce the new ecdsa keys isn't a really viable option but there are various potential entry points in the boot sequence, the day someone finds a vulnerability in those & releases an exploit breaching the chain of trust on boot, because of its design, sony will never be able to fix it on any of the console's already produced (same as what happened for pre 3.60 consoles) & as they no longer manufacture ps3 consoles, on that day all ps3 models will be CFW compatible.
Ultimately nobody cared to do it but it's not because it is impossible or too difficult. Hackers do like a challenge but I think that the generation of hackers that got us CFWs on up to 25xx models simply lost interest in the ps3 & moved on to greener pastures including other consoles that were still unbreached at the time, never looking back.
Then about 3 years ago, a bunch of learning amateurs (esc0rtd3w & I lol) initiated the ps3xploit work & from there, well you know the story & the contributors. Hopefully, the ps3xploit work will continue & new contributions will be made, no matter who makes them.
