An interview was made between a user of Maxconsole and Mathiuelh on the current state of the PS3 Hacks and also some more information about the relationship between Geohot and Math, enjoy. :)
Originally Posted by Mathiuelh Interview1: Members have seen you interacting with Geohot, Do you have any personal interest in the PS3 and if so can you tell us anything about your plans? Are you working with Geohot?
I've interacted with a lot of individuals in the past; Geohot is one of them, though one of the most interesting I encountered so far. Although he tends to work alone, we have been exchanging ideas, I helped him with a couple of things, he helped me with a couple of others and so on. He is someone that's really skilled and I appreciate exchanging thoughts with people like that.
2: It has taken quite some time to find a way into the PS3, What do you think of Sonys achievements in security? Anything else you want to say about the PS3?
The playstation 3 security was more the work of IBM than sony's the idea of using isolated spus as crypto engines in order to hide keys was brilliant, I do not think sony implemented such an idea properly though, as such their current architecture has a few security design flaws on its own that I noticed.
I believe it has pretty much been security through obfuscation all along.
3: What do you think of Sonys removal of Other OS as a preventative measure, Do you feel it is right to blame 's' or 'pirates' for its removal?
I believe sony wanted a pretext to remove otheros and found one in Geohot's hack. I do not believe this is the right approach, it would have paid off to talk with s and homebrew developers in the first place and give them compromises, in fact the playstation 3 remained unhacked until sony chose to release ps3 slim systems without the otheros feature in.
4: Assuming you chose to answer the above, Do you have a counter argument for Sonys statements? and do you think Sony could have fixed this without removing the feature?
Yes of course they could have, there are several existing ways to close this exploit effectively without removing the otheros feature, they wanted it removed and used it as another pretext to do so, pretty much like the phony one they used for the slim console pretexting that they would have to implement support for it on the new hardware (while it actually would have worked just fine on it, should they had enabled option to do it in the first place). The otheros feature did cause a few security concerns regarding the fact that you could pretty much cold boot the console and use otheros to dump lv2, this could easily be fixed by ensuring that the selected os option is only applied upon proper shutdown though.
5: How far along is development with the PS3? How much control do we really have? How much work is left for a system that is as 'open' as the PSP currently is? If you were to compare the PS3's current development status to another device such as the PSP which stage would you compare it to?
We already have a lot, and that's in a sense the problem because we have too much to work with, too much to reverse... These things take time.
A huge amount of work is required before we get to a level comparable to the one we have with the psp right now. I would say months at least, if not years of work may still be required.
6: Are you personally working on the PS3 and if so can you tell us what you are up to? Can you tell us of any personal objectives?
I am working on the ps3, so are countless of other skilled developers out there, as for my objective, that would be unrestricted homebrews on the device, either on top of lv2 or by the mean of a RTOS.
9: Will the Other OS/Playstation 3 hardware still be open to the same attacks when Geohot releases his planned method of upgrade?*Members Question*: Why doesn't Mathieulh release his lvl 1,2 and 3 dumps of the PS3 firmware?
Because that's copyrighted data (there is no such thing as lv3 by the way) and I am certainly not putting that in the wild. The people that have a need for these either already have those dumps or the capacities to dump them. There is a certain site (which I wont name) that has been literally whining to various developers (including me) so that we "share" (read leak) the dumps in our possession. They claimed they would do wonders so long as they had the dumps in the first place. When someone finally dumped lv1 and released it in the wild, what did this site ever did with the dump ? Nothing. This is what happens when all the "devs" you have can't use ida or reverse engineer and that the only thing they could ever do is look at strings with an hex editor.
On that note I will leave you to think about this.
*More Members Questions*:
1. Now that you have dumps of the HV etc.. is there any reverse engineering going on and Is it possible to execute homebrew code on a retail machine if so are there any plans to give the public that ability?
Yes there are a few people reversing these dumps as we speak, things take time, when there is any development, you shall be kept posted.
2. If developers are capable of creating custom PUP's would it be possible to patch future official firmwares to retain the Other OS feature for members that have already updated to 3.21?
No, because of the coreos revocation checks (among other things) this is for now not a possibility.
Yes it will.
10: Do you have a rough ETA for when end-users will have something to play with for example homebrew such as a Quake 1 port?
No idea. You can already play Quake 1 on otheros using linux I believe.