Stupid question, is the reason that people cannot simply dump the ROM as they do with say routers is that the rom is encrypted? But if they have the SDK they can decrypt it?
The flash chip is encrypted with the console's CPU key, and the CPU key is unique per-console and encoded in efuses. So even if one person manages to dump keys they're mostly useless for hacking other consoles. The exception to this is the "keyvault" which is the console's own private key used for signing save games. You can take save games from console A and load them on console B, so console B is able to verify console A's signature based off the public key certificate embedded in the save. Microsoft had a revocation process for revoking keyvaults if they ever leaked but they just gave up once too many were in the wild.
Dev kits are keyed differently and most of the console's keys for signing / encryption are in various SDK DLLs that if you reverse engineer you can find.
Dev kits are keyed differently and most of the console's keys for signing / encryption are in various SDK DLLs that if you reverse engineer you can find.