Team Molecule's Henkaku challenge was a great way to lure in engage talented people in hacking the PS Vita's solid security. One of the hackers that took the challenge goes by the handle hexkyz who successfully reverse engineered all three stages of Henkaku. However, that was not the end of the road. While Henkaku enabled access up to the lv2 layer of the Vita, there are two more security layers to exploit, the Secure World Kernel (lv1) and F00D (lv0). After the challenge was over, hexkyz went on a mission to hack the remaining layers. Getting around those layers proved to be exceptionally difficult on firmware 3.60 due to constant interferences of lv1 sanity checks. So he figured out his best bet to make any progress is to hunt down a Vita on a low firmware. Ideally it would had to be a launch Vita with no firmware updates installed at all. Unsurprisingly it turned out to be very hard to get ahold of one, so he decided to go after something a bit higher.

Since the F00D processor was updated only once on firmware 1.60, hexkyz decided to get a Vita with a firmware at least lower than 1.60 in case some critical lv0 bugs were patched there. Fortunately he managed to get a firmware 1.50 Vita. From there the real fun began.

Basically, while he was able to achieve everything what Henkaku does on firmware 1.50, in the end, he went even further than Henkaku and achieved arbitrary lv1 code execution on firmware 1.50. So what does this mean for the average dude? Since the vulnerability he found was patched around firmware 1.80, nothing. At least for now. Still this is useful for hackers with a low firmware Vita who want to help hack the system even further.

Currently, hexkyz is fuzzing with the main interface of the F00D processor on firmware 1.50, while looking for new lv1 vulnerabilities for firmware 3.60. And who knows, maybe from all of that, someday the system will be hacked further on 3.60 or even 3.63. Visit hexkyz's blog to read the full post with all the details.

Source: hexkyz's blog via Yifan Lu's Retweet

 

This is so hype

 

why would you need a lower firmware.... 3.60 is the golden FW

 

So long as I can play vita and psp titles, 3.60 is good enough for me, it's not like the vita is powerful enough to emulate gamecube or ps2, even if you can fully hack the vita and unlock its full hardware potential, it's not gonna be good enough

 

Explanation? Maybe I am missing out on something?

 

I can't answer for WiiUBricker, but here are a few reasons to dig further into the PSVita inners:
- Knowledge. This can't be overseen.
- Improved ability to hack it (permanent hack, 3.63 vulnerabilities, 100% success rate, etc)
- Side effects (possible usage for another Sony device)
- Access to low level informations (ultimately a way to sign, inject and run arbitrary code without an exploit)
- Because if it bleeds, we can kill it.