Re: A83: Re: Flash App Hacking


[Prev][Next][Index][Thread]

Re: A83: Re: Flash App Hacking




>Just thinking, could not something be done like with ROMDUMP, but then
>backwards... :
>
>Person starts APPWRITE program.
>Person starts special app transfer link program on PC...
>APPWRITE program writes app to flash mem without validating...
>
>Just a speculation of course,
>
>Do I understand correctly that the flsh chip validates the app, and not
>some kind of ROM routine... (which makes the above hardly possible too)
>
>Peter Martijn

That would have been a good idea except that you can only write to flash
memory if you're in the "privileged" boot sector i.e. pages 1Eh-1Fh. Also
every unlocking sequence in that part of the ROM is very well protected
making spoofing impossible.

Solignac Julien
x1cygnus@xcalc.org
http://xcalc.org

Piracy is a victimless crime, like punching someone in the dark