...This may be one of the silliest questions around, so I apologize regarding this. I am fairly unfamiliar with the PS3 and do not know much about why this would or would not be difficult. So I'm just going to ask a very simple question here.
I watched 27c3 when it first came out, and I watched 27c3 again now. It explains how much of a fail the PS3 security is, and also why it's such a fail.
I understand why we haven't been able to get true CFW again, due to lacking the keys to sign things for PS3 again, since ECDSA was broken.
So, my question is simple. The Webkit Browser for PS3 is ANCIENT. and as it's ancient, it surely has several, several of the flaws that are found on both the PS Vita and PS4 Webkit browsers. The lack of proper checks in the PS3 hypervisor and how it doesn't enforce security on applications despite them actually being signed is described clearly in these presentations as well.
Even if True CFW cannot be run, like some of the later models of PSP, and also on PS Vita, LCFW and HENs, like HENKaku, which were based on compromising the memory of a system and taking it over, became popular.
And with the PS3 having far less security to a point where true ROP chains don't seem to even be required (...The PS3 has been attacked by overflows several times...) this would seem to be easier than both on the PS4 and especially the PlayStation Vita. Further, since according to Fail Overflow's presentation, only lv2 is needed to be compromised in order to run any unsigned code one wants, since the hypervisor simply doesn't care...
...So my question is...why haven't we seen the PS3 equivilant to HENKaku for PS3 users, especially PS3 Super Slim users? Wouldn't it be extremely beneficial to the PS3 scene to have players after 2010, which is over 60% of PS3 sold to market to date, be able to run custom software like the 3DS?
Just a thought based on what I know about the state of the console.
I watched 27c3 when it first came out, and I watched 27c3 again now. It explains how much of a fail the PS3 security is, and also why it's such a fail.
I understand why we haven't been able to get true CFW again, due to lacking the keys to sign things for PS3 again, since ECDSA was broken.
So, my question is simple. The Webkit Browser for PS3 is ANCIENT. and as it's ancient, it surely has several, several of the flaws that are found on both the PS Vita and PS4 Webkit browsers. The lack of proper checks in the PS3 hypervisor and how it doesn't enforce security on applications despite them actually being signed is described clearly in these presentations as well.
Even if True CFW cannot be run, like some of the later models of PSP, and also on PS Vita, LCFW and HENs, like HENKaku, which were based on compromising the memory of a system and taking it over, became popular.
And with the PS3 having far less security to a point where true ROP chains don't seem to even be required (...The PS3 has been attacked by overflows several times...) this would seem to be easier than both on the PS4 and especially the PlayStation Vita. Further, since according to Fail Overflow's presentation, only lv2 is needed to be compromised in order to run any unsigned code one wants, since the hypervisor simply doesn't care...
...So my question is...why haven't we seen the PS3 equivilant to HENKaku for PS3 users, especially PS3 Super Slim users? Wouldn't it be extremely beneficial to the PS3 scene to have players after 2010, which is over 60% of PS3 sold to market to date, be able to run custom software like the 3DS?
Just a thought based on what I know about the state of the console.