He says that all future firmware updates can be decrypted, since every PS3 must be able to upgrade to any future version, but can't Sony just put an intermediate update that changes the keys and is the only one that older consoles can update too, and then after having that one update you are allowed to the newer updates encrypted/signed with newer keys?
"Q: Can Sony “fix” this like they did for the 3.55 exploit?
A: No. With 3.55 the keys metldr used to verify its dependent modules were recovered. So Sony simply stopped using the now-insecure metldr and started using bootldr (which was still secure) to load.. Sony doesn’t have any more secure modules like bootldr left so like I said in my original post they have no options and cant fix anything; without getting too technical, we now have the keys to every “common” hardware module that is able to decrypt Sony-signed modules. The only thing left are the modules that use per-console keys, which are useless for booting common firmware (which must be decryptable by every PS3)"
