Re: A83: Re: Flash App Hacking


[Prev][Next][Index][Thread]

Re: A83: Re: Flash App Hacking




>Is the validation info written in flash with the app, or is it recreated
when the app is transferred??
>is it is recreated with each transfer, we could try to phisically hack a
calc, and then in essence signing it on the calc..

The validification routines are all about page 1Fh a starting point is 64D7h
(md5 sub routine), validation info is written each time an app is
transferred (page 1Eh) to the calc and read every single time it's run. The
only thing that is written once for all is base code validification (about 3
bytes). Physical hacking is a good/great idea, there's only a single wire to
short circuit to do so: the #WE pin on the flash chip.

Solignac Julien
x1cygnus@xcalc.org
http://xcalc.org

Piracy is a victimless crime, like punching someone in the dark