(adsbygoogle = window.adsbygoogle || []).push({}); ok i was just browsing around and i found this interesting info about QA Flagging so i thought i could share with you the collected info by some user in a random forum..i posted it here so someone could make up ...errm maybe an english! thread like this to help devs who dont understand that language to know all the tips collected from andriac,Mathieulth,rms:bro:
Link:
You must login or register to view this content.

translated version:You must login or register to view this content.

Thanks for posting this mate been waiting for button combo to leak on web

Translated Link if anyone feels like reading .. You must login or register to view this content.

thx for the translation mate let me keep it on the thread

Here it is in English:
Hi, yes you've probably already noticed it all.
News is indeed working on the QA (Quality Assurance) Flag Method!


What does the QA FLAG?
As we already reported the hacker was able to find a way to Mathieulh, the QA flags change to its console. So he could call on an original and unchanged PS3 firmware to enable the hidden menus and, in effect a downgrade.
However, it will not stay with a downgrade, your PS3 is to set the (software side) Dev box and should remain so after a firmware update :-). This would in turn mean a CFW may soon no longer will be necessary! (Source: IDEV world and even expanded!)



Here you can find hints and rumors, since users RMS, Adriance and Mathieulh not give out information, but only to other hackers to help find the right way.
Here you will find all the information so that I could find and possibly also some that I could find out or ask itself.

Note 1 (So put Mathieulh the QA flag, old info without a token and no button combo but possibly useful)

Requires: kernel grafs, ps3dm-utils and linux_hv_scripts

Your DM patches by going to the executing dmpatch.sh.

Read the QA Flag: ps3dm_um / dev/ps3dmproxy read_eprom 0x48C0A (0xFF should return to a standard PS3.

Put now the QA flag to 0x00 (At Your Own Risk!)
ps3dm_um / dev/ps3dmproxy write_eprom 0x48C0A 0x00
or:
ps3dm_um / dev/ps3dmproxy write_eprom 0x48C0A 0xFF


Note 2 (update info by RMS: RMS users to talk about the QA flag method)

Ever since Mathieulh released his video, some people just want to QA flag their consoles. Now, let me tell you one thing, it's so not easy.
Besides, if you want to use the QA flag, you have to have a valid token QA, and you have to be on a specific firmware range. Now, what's so special about the token is that it's generated in a funny way, I am not going to disclose that here. But, remember, PS3 hypervisor can then make tokens. But these tokens .. do not do anything except just unlock the QA repository node.

Besides, the fancy menu requires a very weird key combo on the Sixaxis, and it only works on retails. On debug, it just removes all restrictions.

Remember, the QA flag in Syscon therefore requires a valid token. (Reiterated again.)

So, in the end flagging QA = (* Warez Piracy )++;. Do not do it.


Note 3 (Very useful IRC compilation of RMS - not incl. Diesbzgl demand for RMS.)

[15:55:57] <dospiedra> i talk for token generation and set ..
[15:56:08] <rms> just use hypervisor
[15:56:12] <rms> graf tools'll's work for ya
[15:56:56] <dospiedra> you no say token generated with tools graf is a dummy and not set to work qa flag?
[15:58:16] yeah <rms>
[16:00:03] <dospiedra> I'm confused ..
[16:03:49] <rms> huh?
[16:04:01] <rms> goddamnit
[16:04:28] <dospiedra> not sure all steps correctly to get qa_flag
[16:04:33] <dospiedra> without brick
[16:05:24] <dospiedra> rms a valid token is token per console?
[16:05:27] <dospiedra> or valid at all?
[16:05:34] <rms> per console
[16:05:45] <dospiedra> uh ..
[16:06:12] <rms> yes
[16:06:27] mod lv'ls <dospiedra> rms need to get valid token no?
[16:06:56] <dospiedra> i really confused now :-|
[16:07:21] <rms> yes to dospiedra
[16:07:26] <rms> no, just modify lv1
[16:07:39] <rms> i think you can figure the rest out on your own
[16:07:50] <rms> be right back.
[16:08:49] <dospiedra> Mathieulh you can explain instructions to mod and get lv1 valid token to set flag?
[16:09:02] <pl0x> math is never here
[16:09:20] <SordOfWar> go on twitter
[16:09:25] <SordOfWar> hes always there
[16:09:26] <SordOfWar> lol
[16:10:15] <bsalvador> the problem is to link the string on spu_token_processor.self lv1 to some to call it ...

Demand for RMS in this regard:
<ODD29> Hi. just one question .. to create a valid and workng qa token .. we need to mod right lv1?
<rms> no
<ODD29> Ohhh ok, I've read a irc log: <rms> no, just modify lv1
3.60 <rms> to get keys


Note 4 (information from the stock market Members: Om3n)

Zusammenschitt by Mathieulh in Efnet:
edit (for devs):
[03:31] <@ Mathieulh> bsalvador no
[03:32] <@ Mathieulh> the token is not the stuff jig
[03:32] <@ Mathieulh> it's the token QA
[03:32] <@ Mathieulh> set through spu_token_processor
[03:34] <mysis> eh
[03:35] <mysis> spu_token_processor.elf?


edit 2 (bissl together irc section):
[02:41] <Mathieulh> Twitter
[02:41] <Mathieulh>: P
[02:45] <pyr> Mathieulh you have problems holding a camera dude SRSL
[02:46] <Mathieulh> try doing a buttom combo with the camera in one hand xD
[02:46] <Mathieulh> read the description
[02:46] <Shamifone> Wat
[02:46] <Shamifone> Maths just tweeted 3.60 keys?
[02:50] <BillyRR> teach us Mathieulh DD
[02:52] <apathy> Hey look, it's the best troll ever.
[02:52] hey <alinalmas> apathy! how are u? u prick!
[02:53] <Mathieulh> apathy the troll does things you can only dream of
[02:53] <Mathieulh> odd, they seem very real to me
[02:54] <Mathieulh> I am just not willign to share them for many reasons
[02:54] btw you <Mathieulh> shoudler check out that video, it looks very real too
[03:01] btw you can <Mathieulh> warez both stores and disc games with QA flag so long for security ...
[03:05] <Mathieulh> of course QA flag would stay even as you update your firmware ...
[03:05] <T00L> Mathieulh, grow up, **** up, or shut up
[03:05] <Mathieulh> yawn ....
[03:05] <T00L> Bloody immature troll.
[03:05] <Mathieulh> T00L as I've told you before, you are ... a tool


Note 5 (Only caused a notice, but a thought of me - but incorrect)

Mathieulh has said it is not at all difficult to create the token, RMS says "it's generated in a funny way" as I understood it but this is specifically not by QA TOKEN: PS3 hypervisor created. Graf's tools are able to create Qa token, but these are not valid but so-called "dummy tokens ... would not it be a "funny way" if one could be generated by using Graf's tools but Qa valid token, by changing only a string? A thought and maybe more would be worth it ..

Well, currently I try on a nice YES and NO game figure out something!
I'll keep you up to date and hope for your help! :-)


Note 6 (A very useful PS3dev page)

Main Page - PS3 Development Wiki


Note 7 (notes could I ask of Adriance)

<ODD29> Is it possible to create a valid token qa using linux on ps3 cfw 3:55? i mean petitboot or a distro?
<ODD29> But i dont want to know how this token could be one of the first steps to create a valid?
<adrianc> you can set it in 3:55 with linux
<adrianc> i think
<adrianc> but you cannot create it
<ODD29> Create then A valid token is not a linux thing?
<adrianc> be creative
<ODD29> Hmm graf is a tool involved into creating the token? i mean graf a modified tool from? because this would be the way i would start with ..
<adrianc> there are no tools for creating a token
<adrianc> you have to do it yourself
<adrianc> via its console
<ODD29> Okay .. thanks

If we could create the token then, as we verify that the token is correct? (THANKS TO KRISIUN)
<ODD29> Just a little hint? to verify that the token was created correctly? :-)
<adrianc> when the button combo works <- Oh great and no one knows the combo ^ ^


Note 8 (hints could I ask of Rms)


So, after this conversation I will be one not to go out of my head ^ ^
you need only one pup and that damn saying "sheesh, its easy enough: P" ^ ^

<ODD29> Ohh okay .. can u give me a small hint or token just a direction to create a valid. I've understand that a linux "petit boot" is Necessary on the ps3 .. and putty on the PC to execute the "secret" code on the ps3 right?
<rms> no
<rms> the pup has everything one needs
<ODD29> Pup Which?
<ODD29> So no linux is needed?
<rms> not saying
<rms> depends if you want it or not
<ODD29> I have it installed on the ps3 .. but its not Necessary to create the token right?
<rms> close
<ODD29> I mean a valid token qa
<ODD29> Ok ..
<rms> sheesh, its easy enough: P
<ODD29> But the pup is a pup from math self created? i dont know what u mean with "the pup" ^ ^
<ODD29> Maybe its to easy hehe ^ ^
<rms> no
<ODD29> So its not created from math?
<rms> sony made it xD
<ODD29> Haha .. is it downloadable or is in in the ps3? ^ ^
<rms> i guess its downloadable
<ODD29> And the name is PS3UPDAT?
. <ODD29> Pup:-P
<rms> maybe: P
<rms> its everywhere in the aether xD
<ODD29> So token we have to modify a file and update our flash ps3 with it to get a valid? hmm
<rms> no need to modify it
<ODD29> Okay!
<ODD29> But then the ps3 is only a flash with ofw .. "If its not modified" so there is no way to create a valid token unmodified on a ps3 right?
<ODD29> Flashed i mean
<rms> nope


Note 9 (File Found on PS3ISO: PS3T0K3N_help.zip)

You must login or register to view this content.

Includes links and some tips on the subject including a token QA vsh.self



Note 10 (Last note for today, but this time directly by the Grand Master Mathieulh)

on <Mathieulh> I can do it with a signed app as far as I concerned
<ODD29> U have a hint for me? or have u wrote the signed app yourself?
<Mathieulh> I went through at first graf's bootstrap
<Mathieulh> Then I wrote an app
<ODD29> Ohh ok .. this is not easy for us :-( damn ..
<ODD29> Did rms and Adriance created the token using qa ur signed app. ?
<Mathieulh> They used graf's bootstrap and a special payload

So everything is not so easy!

And here is an excerpt from the Channel shortly after my conversation:

<Mathieulh> Ok, I'll help you a LOT
<emizE> Those I paint
<Mathieulh> Instead of looking for the combo
<Mathieulh> Look for whatever checks the token
<Mathieulh> It'd so give you what value you need to set
<emizE> Hmmm ......
<_bubba> getting closer
<Mathieulh> The function that Enable the combo in vsh.self so happens to check the token value
<Slynk> Spu_token_processer? I'm not sure if it handles verification or just encryption / decryption
<emizE> Ahhh ......
<Mathieulh> The decrypted token is stored in ram
<Mathieulh> Somewhere: P
<Slynk> Woo, was going to ask that XD
<emizE> Lol
<Mathieulh> And I REALLY helped you there
<_bubba> clues are coming
<Mathieulh> But the rest you'll have to figure it out on your own
<Mathieulh> I already said way too much


New video of RMS (dex official fw on a retail) 19:05:11 - 23:45 clock:
You Tube




Why am I writing this here now?
I would also encourage you to investigate and possibly a bit myself to try some or possibly to monitor the process a little, and to post your ideas here. I think we should stick together as a Scene!


CURRENT STATUS:
1. Set QA Flag: Currently not a problem!
2. Creat Valid tokens: Only three people know how to do it, the main task to date!
3. Find the button combo: Currently not a problem!


P.S. Who wants to watch the event live should look at the following times EFNET Channel :-)
# Qa-flag. I would like to ask you where to read only and not to ask questions, such users are usually very sensitive and we need your help! Furthermore, we are fortunate to help.

Thanks, was an interesting read and I'm sure someone that knows what they're doing will find this usefull.

Somepeople will already be downgrading, they wont release for awhile i bet you, Watch this now it will release tomorrow

guys the people who can do this, already have the 3.60 keys or maybe even the 3.61 keys. they are smart people, and not the type of people that like to release stuff that we leech.

Once everything dies down with Sony people will start to release their findings.

Thats untill the NGP comes out and gets hacked to bits