RE: A83: Re: Flash App Hacking

RE: A83: Re: Flash App Hacking

• To: "'assembly-83@lists.ticalc.org'" <assembly-83@lists.ticalc.org>
• Subject: RE: A83: Re: Flash App Hacking
• From: Hyperbyte <central@hyperfield.com>
• Date: Sat, 30 Sep 2000 20:30:22 +0200
• Reply-To: assembly-83@lists.ticalc.org

Wow, TI really went through some hard work to be able to make money on 
signing apps (wonder if they'll ever get more out of it than they spent for 
it).

BTW, can anyone give me an explanation of the signing process, I'm curious 
about it. (I had a masterclass RSA, but that only involved encrypting, not 
signing).


Thanx in adv.

Peter Martijn

-----Original Message-----
From:	Solignac Julien [SMTP:x1cygnus@online.fr]
Sent:	Saturday, September 30, 2000 7:54 PM
To:	assembly-83@lists.ticalc.org
Subject:	Re: A83: Re: Flash App Hacking


>Just thinking, could not something be done like with ROMDUMP, but then
>backwards... :
>
>Person starts APPWRITE program.
>Person starts special app transfer link program on PC...
>APPWRITE program writes app to flash mem without validating...
>
>Just a speculation of course,
>
>Do I understand correctly that the flsh chip validates the app, and not
>some kind of ROM routine... (which makes the above hardly possible too)
>
>Peter Martijn

That would have been a good idea except that you can only write to flash
memory if you're in the "privileged" boot sector i.e. pages 1Eh-1Fh. Also
every unlocking sequence in that part of the ROM is very well protected
making spoofing impossible.

Solignac Julien
x1cygnus@xcalc.org
http://xcalc.org

Piracy is a victimless crime, like punching someone in the dark


____________________________________________________________
Get your FREE personal .com domain name and
NAMEzero Personal Portal at: http://www.namezero.com.
For customer service, mailto:customerservice@namezero.com.	


begin 600 WINMAIL.DAT
M>)\^(A<2`0:0" `$```````!``$``0>0!@`(````Y 0```````#H``$(@ <`
M& ```$E032Y-:6-R;W-O9G0@36%I;"Y.;W1E`#$(`0V ! `"`````@`"``$$
MD 8`Z $```$````0`````P``, (````+``\.``````(!_P\!````5P``````
M``"!*Q^DOJ,0&9UN`-T!#U0"`````&%S<V5M8FQY+3@S0&QI<W1S+G1I8V%L
M8RYO<F<`4TU44 !A<W-E;6)L>2TX,T!L:7-T<RYT:6-A;&,N;W)G```>``(P
M`0````4```!33510`````!X``S !````'0```&%S<V5M8FQY+3@S0&QI<W1S
M+G1I8V%L8RYO<F<``````P`5# $````#`/X/!@```!X``3 !````'P```"=A
M<W-E;6)L>2TX,T!L:7-T<RYT:6-A;&,N;W)G)P```@$+, $````B````4TU4
M4#I!4U-%34),62TX,T!,25-44RY424-!3$,N3U)'`````P``.0`````+`$ Z
M`0```!X`]E\!````'0```&%S<V5M8FQY+3@S0&QI<W1S+G1I8V%L8RYO<F<`
M`````@'W7P$```!7`````````($K'Z2^HQ 9G6X`W0$/5 (`````87-S96UB
M;'DM.#- ;&ES=',N=&EC86QC+F]R9P!33510`&%S<V5M8FQY+3@S0&QI<W1S
M+G1I8V%L8RYO<F<```,`_5\!`````P#_7P`````"`?8/`0````0````````"
MN6T!!( !`!\```!213H@03@S.B!293H@1FQA<V@@07!P($AA8VMI;F<`# D!
M!8 #``X```#0!PD`'@`4`!X`%@`&`$P!`2" `P`.````T <)`!X`% `;`!$`
M!@!$`0$)@ $`(0```$0S,39#0S(V,$8Y-T0T,3$X134U,#!#,#(V,C0P-C0X
M`.8&`0.0!@"$" ``(0````L``@`!````"P`C```````#`"8```````L`*0``
M`````P`N```````#`#8``````$ `.0"@-TQ^#"O `1X`< `!````'P```%)%
M.B!!.#,Z(%)E.B!&;&%S:"!!<' @2&%C:VEN9P```@%Q``$````6`````< K
M#'Y$)LP6U)</$=2.50# )B0&2 ``'@`># $````%````4TU44 `````>`!\,
M`0```!<```!C96YT<F%L0&AY<&5R9FEE;&0N8V]M```#``80?WX(]0,`!Q"\
M! ``'@`($ $```!E````5T]7+%1)4D5!3$Q95T5.5%1(4D]51TA33TU%2$%2
M1%=/4DM43T)%04),151/34%+14U/3D593TY324=.24Y'05!04RA73TY$15))
M1E1(15E,3$5615)'151-3U)%3U543T9)5 `````"`0D0`0```& %``!<!0``
M9 @``$Q:1G7)-@%Z/P`*`0,!]P*D`^,"`&-HP0K <V5T," '$P*#0P!0#N9P
M<G$R#^9]$PJ ",@@.PEO,C4U2P* "H%V")!W:PN 9-HT#&!C`% +`V,`00M@
M0&YG,3 S,PNF( !7;W<L(%1)(,,)< = ;'D@=PGP!4 $=&@#8'5G:"!S:0-P
M92 /<607T 6P:[$8(&\@8AC@`:!L&.";&:$`P&L8X 1@;F47P',"(!B@:6<#
M`!8`&?!PNG $("@94!30!) @!I"+&"$;`"<7H"!E=AR!7F</L!K!"7 ;('4%
M0&^]',!I&!(#D1SB&*!P%_+C`A <D70I+@JB"H0*@&A"5%<7(&,#D0!P>7L:
MX1V@:1UP&G 9X0.@9<)X"U%N871I&S$>@:<<X1M7$3!O8P>0<Q<@^$DG;2%@
M"'$(8 0@`:!['D(>L"X<(!=0#W 9,&%I&G%S= 208PM@!!%2=%-!%R!B'E$>
MX1YA;OL7L0N =@;P'7 9, GP!0#.>04P&Z$7(&YO!4 ;96L@3"!D5![Q>"CA
M&?!DVG8@6U /L!R!30K (T!^:@.A*RH5H % )($G,&-"=!!T,38@+3"R3Z\%
M$"(@(R #($TDP6$=L#\PLR!F+\0OD0L3+\9I+<@Q-#0!0&QI-%,,T%$T4V(@
M1@-A.@R#8AT/T%,&\!MQ`- @2G4#-* )\"!;4TU44+(Z-2!C>1N ):! **'I
M"X!E+@-072!E-8 &8(\",#7H(S (<&1A>1<@FP9@!3!E!M <@3,P%R #`= [
M\" W.C4T(.1033D'5&\UYR>!.T%A%[ M.#- -* G('-&+B- (7!L8RX%L&<Q
M.0AU8FHO\37G4F7>.@_@/G!!4$$R1B=Q&)#R01OP($@`T!2Q/Y8RS]LOXQ7D
M-!97(&H^-P`G(-\8(0N 0M(A40A@;!DP*D/O&,%'`AO &=%D(>(TH!JA!P/P
M&# '\$]-1%5-KE G]@GP1D5B0K%W"Q'[/N!,$" UX$941D4MP ^0#QLR`9 `
M( 0@05!05S!2251%)'()P&%M]R!533T?@6,',1O2&"!.\'T`@&8<@3B!&8!.
MM1LB4/Y#3!%&14XN%] %$"<P);'[41(9L&9"$P> 5(%)P1Y"^G8'0&DZL"GB
M4OA&2B;@7U""-Q C-T>A#Y$L3&Q$>QFP%U!U'&)-L1301Y%R_PEP, `7L2A3
M(\)5@$(Q#V#_!2!6E@>1(\(;X1<@6\(J0?]&11BS%+(><DH!%V >03B2_TPA
M'#!'$ ]@&G->50;@(D%3&0(7L7!O!!!I&A1O_BE,;BWI*WT%0!E01\(/<.\B
M01G0-T$FX&=D(!DP5M"_%X BP22P!3$H4R'0=2%C_RBC5*-51R!D5>$%L"C1
M',#=:9$G'A$LD2/"(A$P(C#E`Q!E';!D(AG 9" J87LO\1_R+CBP)' QT00@
M,:1%:#1 1F@F4$%=0/YO(&0=8A? 6U )`$+#;C'^<0I0*9!LE2AQ"K$>8R/"
M_V"R! !6D'"R%^ =,2^U"8#_:T4:D'%38X >@!NB!W!CAK\@6S9](&0WUVC@
M/SMH`D"P<#HO+WF]+65I3O#_-_!SDB;@%' P``=P&B $$>\%`0> %R!)8W!;
M4%V!<6(_&,$AXFRU.K 9<"L?"E_?@7^"CX.?A"8@9$<=P6F1<07 1E)%3I%-
M4S%A+O\%H"4P21 `P"R1(R B<QDP@XA.(&1.04U%>@20]QFP340Q85 )$5#2
M.< 8\/5ZM'>+\"Z'PHGRAP(F4/V(^D8%L250)R 8P07 #Z"N<GTA?A&'<6P9
MH#J.%GV.I4",.PR"B38@:A'Q``&3, ,`$! ``````P`1$ $````#`( 0____
M_T `!S" (Q(0#"O `4 `"#" (Q(0#"O `0L``( (( 8``````, ```````!&
M``````.%`````````P`"@ @@!@``````P ```````$8`````$(4````````#
M``6 "" &``````# ````````1@````!2A0``MPT```,`"H (( 8``````, `
M``````!&``````&%````````'@`3@ @@!@``````P ```````$8`````5(4`
M``$````$````."XP``L`%X (( 8``````, ```````!&``````Z%````````
M`P`8@ @@!@``````P ```````$8`````$84````````#`!J "" &``````# 
M````````1@`````8A0```````!X`*8 (( 8``````, ```````!&`````#:%
M```!`````0`````````>`"J "" &``````# ````````1@`````WA0```0``
M``$`````````'@`K@ @@!@``````P ```````$8`````.(4```$````!````
B`````!X`/0`!````!0```%)%.B ``````P`--/TW``#D.(4`
`
end

• Prev: A83: Need help with rom page
• Index(es):
  • Main
  • Thread