Here is the only way I can see to do this and someone is working on part of what will be needed to make it possible (the guy who removed the flash rom chip and wants to put in 2)
we need to flash the hardware DIRECTLY ie dont even boot it up flash the flash rom chip directly hardware to hardware.
theoretically there is nothing sony or the hardware can do to bypass this since it would be hardware direct and would allow a byte for byte transfer of 1.00 firmware since again its direct and bypasses anything that could inhibit it.
HOW to do this. hehe no idea. not a clue ideally it would be nic if no desoldering was needed like a socket that you place OVER your current chip and it has contact points to touch the needed contacts on the 2 chips and it would simply overwrite the destination chip with whats on the source chip kind of like how inkjet chip resetters work.
Obviously its more complex than this but the idea is sound. hopefully some creative critters can figure out a way to make it happen.
Then the trick would be getting later games to think your running a newer OS etc..