the adventure of reverse engineering the librie can be followed in a yahoo mailing list. First surprising thing: no japanese involved!!! It seems japanese hackers were not interested on the posibilities of the machine.
First step become when people dissected the file format of the upgrades. The upgrade is via the USB connection, not need to be online, using a PC application provided by sony. A person -who has not got a librie!!- did a small program able to repackage a linux filesystem and to recalculate checksums. Then some others started the "librie translation project", using this tool to create a japanese librie.
At some time in the project, they decided to introduce a trick to execute scripts: a new entry in the rc.d inits looking for a file named "hook.sh" in the memory stick, and executing it if available.
Now the source code enters play. One of the tarballs genuine from sony was a driver module for communication via the USB. And they did use of it to login. Genuine modification of a module in the source code!
(will follow later)
|