Well I'll link you with one piece of the PS3DEVWIKI here:
Originally Posted by cyto
Flash:Individual System Data - cISD - PS3 Development Wiki
With a simple read from cISD1 they can retrieve the KIBAN ID (This is the barcode printed on the board) and from that they know EXACTLY which motherboard is that which is connecting to the server. From that they can go through their internal database, retrieve SYSCON and CELLBE keys for encrypting a new bootldr/metldr2 pair for that system. Then they can just overwrite the respective sections of the flash and be done with it.
It's not that hard. The only challenge is access their own internal database and generate the new bootloader and have it flashed.
So don't trust they cannot do it. They can. They just didn't yet. And they might not (it may cost too much to develop a solution to do this).
Edit: Obviously I am saying that about consoles which are hanging on the internet with a live connection to the SEN/PSN.
SCPH-10000_GH-001 SCPH-15000_GH-003 SCPH-18000_GH-008 SCPH-30001_GH-005 SCPH-30000_GH-016(V4) SCPH-30001_GH-010(V4)
2xSCPH-10190, 2xSCPH-10350, 2xSCPH-10280
"**** j0 hackers!"
-Sjeep (As seen on TOXIC OS ELF...)