Well, there's bound to be a reference to it, since it must find the file and boot when it's in Factory Service mode.
At the moment, we figure it boils down to the authid section of the self, and maybe the hash (but changing the authid also changes the hash, so that works out if it's the hash) that is used to tie the program to the revocation list. Modifying the authid and re-encrypting it should be enough, but what's odd is that Geohot used the SAME authid as the "file 2" lv2diag.self file (the one that exits service mode).
The problem at this point is that we haven't been able to properly sign it, due to the poor nature of the current tools. This is the problem with EVERYTHING at this point (including signing homebrew and pre-patching firmware), so we are eagerly awaiting Geohot's release of his tools.
If anybody knows if/where the PS3 stores bootup logs, I'd be much appreciated... as soon as we CAN sign apps to run in service mode, I would like to knock out a simple app to copy out the diagnostic logs so bricks can be fixed easier. I've got a brick that flashes great, except for the "factory firmware PUP" (just the coreos) - flashes any retail firmware you throw at it, with no issues in the downgrade log, nor any stoppages on the recovery flash screens (goes to 100% after copying to HD, then RSoD)
With the ability to grab those log files, I might finally know why the PS3 insists on going to a RSoD.
Working hard on UberCFW, incorporating NTFS, sub-free NetFlix and Blockbuster, PSN cheat system with built-in swearbot and MAC-spoofing, Adding MKV, RAM and BIK movie support, and Xbox360 emu*.
*not really. Get a life, newbs...
My YouTube channel: http://www.youtube.com/user/BenJeremy