[RELEASE] 5.03 TIFF Hello World

[lilspanyol]

Well, the HEN hasn't been officially announced - so I'd say not.

I would love an announcement of a HEN as well ..

 

[JonyJonJon]

Am I the only psp 3k (ofw5.03) owner that can NOT put the eggsploit running?? I've folowed every single guide zillions times and all i get is a big crash... =S

 

[jeerum]

Am I the only psp 3k (ofw5.03) owner that can NOT put the eggsploit running?? I've folowed every single guide zillions times and all i get is a big crash... =S

Use theme called "original"

 

[Guitarhero]

If the HEN will be released that will means that TA88V3 HACKED?????

 

[Cloudy]

If the HEN will be released that will means that TA88V3 HACKED?????

It will mean it can run homebrew, yes. But it will not be "hacked" in the same way as other motherboards, since the IPL issue still needs to be worked around. The HEN will need to be started whenever you start your psp up from a cold boot - which, as it is a tiff file, is not too much of an issue.

 

If the HEN will be released that will means that TA88V3 HACKED?????

Not necessarily, The PSP is "hacked" be able to run both user and kernel mode homebrew on an HEN. The HEN is just for that. But... this hack is temporary and does go away if the PSP is shut down, so you have to run every time from Photo menu if you shut down the PSP.

And if you asked about the TA-088 V3 "hack", it in no way helps with getting custom firmware or getting service mode (Pandora's Battery exploit) to work fully.


EDIT: Cloudy beat me to the post.

 

[wimat]

And on my PSP fat?? Will the HEN be able to downgrade it?

 

[KezraPlanes]

Not necessarily, The PSP is "hacked" be able to run kernel mode homebrew on an HEN. The HEN is just for that. But... this hack is temporary and does go away if the PSP is shut down, so you have to run every time from Photo menu if you shut down the PSP.

And if you asked about the TA-088 V3 "hack", it in no way helps with getting custom firmware or getting service mode (Pandora's Battery exploit) to work fully.


EDIT: Cloudy beat me to the post.

Wait a minute... I thought having Kernel Mode was the pre-requisite for installing CFW... Can anyone shed some light on this?

 

Wait a minute... I thought having Kernel Mode was the pre-requisite for installing CFW... Can anyone shed some light on this?

You could install custom firmware from HEN. If you do that on a PSP with the TA-088 V3 and TA-090 V2 motherboard, it will brick as those motherboards do not currently work with the Custom IPL used in the custom firmware.

 

[KezraPlanes]

You could install custom firmware from HEN. If you do that on a PSP with the TA-088 V3 and TA-090 V2 motherboard, it will brick as those motherboards do not currently work with the Custom IPL used in the custom firmware.

Oh! That makes sense now... Thanks for shedding light on that jx233 +rep

Edit: On another note though, will Kernel Mode be able to help crack the Custom IPL problem? Sorry for the questions but this is most likely things useful for everyone to know...

 

[Cloudy]

And on my PSP fat?? Will the HEN be able to downgrade it?

If by downgrade you mean install custom firmware on it, then yes. To be completely clear:

The kernel exploit will allow changes to the IPL. However, on PSP models such as the PSP 3000 and the unhackable slim model, writing to the IPL will just cause a brick, as the pre-ipl won't verify it.

Oh! That makes sense now... Thanks for shedding light on that jx233 +rep

Edit: On another note though, will Kernel Mode be able to help crack the Custom IPL problem? Sorry for the questions but this is most likely things useful for everyone to know...

No - In order to be able to see the pre-ipl (which would hopefully, allow the IPL problem to be bypassed), there needs to be a much lower level exploit, or a way of reading the pre-ipl by hardware methods. The former is hard to find, and the latter is expensive

EDIT:

You could install custom firmware from HEN. If you do that on a PSP with the TA-088 V3 and TA-090 V2 motherboard, it will brick as those motherboards do not currently work with the Custom IPL used in the custom firmware.

This time you beat me

 

The Pre-IPL terminates after the PSP boots. With very little knowledge of the Pre-IPL, it is very difficult to make/forge a Custom IPL to work for the PSP's with a TA-088 V3 and TA-090 V2 motherboards. Kernel exploit or no exploit, the custom IPL problem cannot be solved. But the kernel exploit is good for running unsigned code (homebrew), and dumping the PSP-3000 firmware / idstorage for study / research purposes.

 

[dudericious]

No - In order to be able to see the pre-ipl (which would hopefully, allow the IPL problem to be bypassed), there needs to be a much lower level exploit, or a way of reading the pre-ipl by hardware methods. The former is hard to find, and the latter is expensive

What is IPL? Or Pre-IPL even?

 

What is IPL? Or Pre-IPL even?

Pre-IPL is in the PSP's hardware, it starts / has instructions to start the IPL. IPL starts the PSP's firmware.

 

[Cloudy]

What is IPL? Or Pre-IPL even?

The pre-ipl is code that is inside the ROM of the CPU. It is ran whenever the PSP boots up. Now, the PSP NAND is made to have an updatable IPL, so the first thing that the PSP does is to decrypt the IPL and check it.

The reason that the TA-083-v3 doesn't work, is that the pre-ipl has been updated to check extra things (or perhaps the exploit has been closed totally - depends how lazy sony is) - and our "fake signed" IPL's do not pass these checks, so it turns itself off This check is done both to IPL's ran from the memory stick, and from the NAND (psp flash) - and custom IPL's are what make custom firmwares on the slim and above possible.

EDIT: We really should stop posting the same thing

 

The pre-ipl is code that is inside the ROM of the CPU. It is ran whenever the PSP boots up. Now, the PSP NAND is made to have an updatable IPL, so the first thing that the PSP does is to decrypt the IPL and check it.

The reason that the TA-083-v3 doesn't work, is that the pre-ipl has been updated to check extra things (or perhaps the exploit has been closed totally - depends how lazy sony is) - and our "fake signed" IPL's do not pass these checks, so it turns itself off This check is done both to IPL's ran from the memory stick, and from the NAND (psp flash) - and custom IPL's are what make custom firmwares on the slim and above possible.

EDIT: We really should stop posting the same thing

You're right. Our posts were a coincidence. Well, I guess I will reply later to other unanswered questions.

 

[Davee]

HEN will be a stripped down enabler lacking many features of M33 custom firmware. It'll allow the bootup of homebrew regardless but may be restrictive to certain applications (in cases where it will not boot at all). However, applications will be released to enhance the HEN such as the loading of M33 custom firmware when I get permission to use the modules.

As another note, the conditions of the TIFF exploit as very unstable (as you might have noticed) and flashing of modules to flash0 is improbable and will load off the memorystick. An eboot will be supplied to countervent this and will flash the modules in a more stable enviroment.

Release is currently unconfirmed but will be before Tuesday.

 

[RoBz]

Thanks for the update Davee.

 

[KezraPlanes]

HEN will be a stripped down enabler lacking many features of M33 custom firmware. It'll allow the bootup of homebrew regardless but may be restrictive to certain applications (in cases where it will not boot at all). However, applications will be released to enhance the HEN such as the loading of M33 custom firmware when I get permission to use the modules.

As another note, the conditions of the TIFF exploit as very unstable (as you might have noticed) and flashing of modules to flash0 is improbable and will load off the memorystick. An eboot will be supplied to countervent this and will flash the modules in a more stable enviroment.

Release is currently unconfirmed but will be before Tuesday.

Thanks Davee

 

[Cloudy]

HEN will be a stripped down enabler lacking many features of M33 custom firmware. It'll allow the bootup of homebrew regardless but may be restrictive to certain applications (in cases where it will not boot at all). However, applications will be released to enhance the HEN such as the loading of M33 custom firmware when I get permission to use the modules.

As another note, the conditions of the TIFF exploit as very unstable (as you might have noticed) and flashing of modules to flash0 is improbable and will load off the memorystick. An eboot will be supplied to countervent this and will flash the modules in a more stable enviroment.

Release is currently unconfirmed but will be before Tuesday.

Ta for the update. The exploit is weird. Stable in some circumstances, yet unstable in others. Personally, it loads every time for me on 5.00 M33. Guess it's more to do with the state of the memory though.

Looking forward to what you come up with