private keys are out off the question.thats for sure.
But iff you really examin the lv0 and lv0.2
it makes sense
bootldr2 is just like the normal bootldr.
just without the randomfall explot, so no calculation.
the new consoles uses the same lv0 as we know it just with header lv0.2.
pretty easy to test cut hex at offset 0x0000000000000500 in the lv0 (old)
copy the lv0.2 thats 0x00000000000004F0 long so fits perfect.
Run throw scetool
Code:
[*] Application Info:
Auth-ID [lv0]
Vendor-ID [hv]
SELF-Type [lv0]
Version 04.25
offcause we cant decrypt it, sinse we dont have the new booldr keys.(bootldr2)
Now for the lv0.
inside are 4 isolated headers. after alot of hex editing you would find that they belong to appldr/lv1ldr/lv2ldr/isoldr. thats strictly for the new version.
funny thing is, that they didnt made new files at all, just new headers, with the same result.
So on new consoles, exampel the decrypted lv1ldr would, look 100% the same, as the one we can decrypt.
Also the loader headers are differnt lenght , than the old version.So that suggestion that they change the algorytme, no crypto expert, but still.
So cunclusion same **** different wrapping.