While the PS3 scene is slow now a days and some of you are dreading for the return of PSN, Mathieulh has posted some interesting discoveries on his Twitter. Mathieulh has managed to QA Flag his PS3 and show the hidden options available for it. Before I go on, most of you are probably wondering what in the world does QA Flagged mean?

You must login or register to view this content.
So alls we need is the combo now right?
To quote:

QA flag is the internal console flag used by Sony, it enables hidden options and removes restrictions for both retail and debug consoles alike. It is used for QA centers and the R& Department, there are 2 levels of QA flags, Minimum and Advanced, this console has been set to the Advanced one.

Now Mathieulh has come out and said that he will not be telling us how he did this, but nonetheless very cool and it will be interesting to see where this will lead to.



This Makes you feel teased

To quote video description:

I just QA flagged my Metal Gear Solid 4 Limited Edition console and I thought I’d show you the hidden options for the sake of it. (and because I was bored)

I am sorry for the unstable camera, I only have two hands and the options are hidden and require (along with the actual flag) a crazy button combo to pop up. (I kid you not)

Sorry I am not telling you how to do this, please do not ask.

Yes, this video is real

Here are some interesting Tweets made regarding this:


Mathieulh Mathieulh:
@dantezteam It’s an UNMODIFIED RETAIL FIRMWARE.

@KaKaRoToKS For various reasons, one of them being that you can warez with this, and the flag stays even after updating.

@KaKaRoToKS The QA flag happens to remove a bunch of restrictions that have the side effect of preventing you to warez.

@dantezteam The console is QA flagged, The firmware checks for this flag and will enable special features when it finds it.

@dantezteam Basically it’s what Sony themselves use to allow special debugging on their consoles and loosen restrictions.

@KaKaRoToKS By the way, Advanced QA flag enables downgrading, just my 2 cents… xD

ps: if this is ever figured out it would mean a regular ps3 that if you push like up up left... x10 just saying not actual sequence you would be able to have a regular ps3 no cfw or dongle nothing just a regular ps3 retail on steroids it like a super cfw with out no mod just a button sequence to activate it one time only if it was release it would be the end of sony
of course, he won't share how to do it

but... its pretty easy
UPDATE1: this how to QA flag your ps3 do at your own risk source psx scene

requirements:
grafs kernel, ps3dm-utils and linux_hv_scripts

to patch your DM you have to run dmpatch.sh (skip if you're on gitbrew fw)

read QA flag:
Code:
ps3dm_um /dev/ps3dmproxy read_eprom 0x48C0A
it should return 0xFF on retail ps3.
just set it to 0x00

write QA flag: <- on your own risk!

Code:
ps3dm_um /dev/ps3dmproxy write_eprom 0x48C0A 0x00

OR

ps3dm_um /dev/ps3dmproxy write_eprom 0x48C0A 0xFF
its a very mighty tool. you can also enable product mode and other things.
more offsets @ps3devwiki

UPDATE 2 AS OF 5/50/2011 :
OVER AT PS3 SCENE THESE GUYS ARE WORKING ON IT NIGHT AND DAY WITH SOME HINTS FROM Mathiuleh him self they almost got it done and yes im contributing what i know as well ONCE IT READY AND I HAVE THE GO ILL RELEASE IT ON NGU THE PUBLIC well here what we got so far contribute by posting what you know and i will add it
Found the key to decrypt the token. It's a step. Still need to figure a few more things out. ^^

SUCCESS!
key: 34-18-12-37-62-91-37-1C-8B-C7-56-FF-FC-61-15-25-40-3F-95-A8-EF-9D-0C-99-64-82-EE-C2-16-B5-62-ED
iv: E8-66-3A-69-CD-1A-5C-45-4A-76-1E-72-8C-7C-25-4E

If your IDPS was
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF
Encrypted Token (Dummy)

0x96, 0x6D, 0x15, 0xCC, 0x15, 0x32, 0x8C, 0x6A,
0xC9, 0xED, 0xC4, 0xFA, 0x7E, 0xAB, 0x8E, 0xA7,
0xEF, 0x38, 0x12, 0x91, 0xE9, 0x57, 0x02, 0x29,
0xF2, 0x9D, 0x1C, 0x6B, 0x09, 0xDA, 0x4B, 0x36,
0xC1, 0x91, 0x7F, 0xB4, 0x52, 0x80, 0xB3, 0x72,
0xDC, 0x14, 0x03, 0x30, 0x4B, 0xB2, 0xA9, 0x5D,
0x51, 0x9B, 0x91, 0xE2, 0x54, 0xAC, 0x09, 0x5D,
0x08, 0xEE, 0x28, 0x66, 0x74, 0x0A, 0xF7, 0xDC,
0xB6, 0xD3, 0x89, 0x2C, 0x85, 0x2B, 0xC7, 0xCC,
0xAB, 0x82, 0xD8, 0xB5, 0xEA, 0xAC, 0xFB, 0xDA

Decrypted Token (Dummy)

0x00, 0x00, 0x00, 0x01, 0x00, 0x11, 0x22, 0x33,
0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB,
0xCC, 0xDD, 0xEE, 0xFF, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x19, 0x4A, 0x4B, 0xBA,
0x15, 0x97, 0xAE, 0x71, 0x36, 0xCC, 0xB6, 0x65,
0x7F, 0xC3, 0xB5, 0x3F, 0x49, 0x22, 0x2F, 0xB1


This is highly useful if you figured this it out + rep for info

Banning was invented for people like you. He did answer your question. You can't, you need CFW in order to complete the steps to unlock QA flagging.

Now answer my question: Why would you update to 3.61?

people need to realise this is going to take some time to get right. plus people also need to realise that this will NOT work on 3.60 and above unless you qa flag before 3.60 then update the firmware wich you would like, unless someone gets the keys for 3.60 and above. plus people sating that "all we need now is the button combo" expecting to get it like in the next few mins need to chill there beans, it will take ages untill someone finds the combo.

Not Exacltly We just need to look for it in vsh? maybe, Im looking through it for my self, Aswell as in touch with others that are to.
We are that much closer to this.
But like you are saying, this wont be in minutes, or week. It could be forever.
but with a few more hints hopefully, And or we findout what the last hint was that meth gave us we will sure conquer this.