If I had an ATMega32 and a prgrammer for it I would attempt building one but since I dont I wont. ;(
On 10/5/07, MsTiFtS <[EMAIL PROTECTED]> wrote: > > Sorry, I have neither a dissected iPod nor an ATMega32 lying around here > :( > In the presentation they stated that they found the JTAG ones out of 30 > pads in a few hours using that finder. With 15 pins it will take 1/8 of > the time. If can rule out a bunch of pads because they are tightly > connected to ground or VCC (not pullable through 330R resistors), you > can probably reduce the pad count to about 10 pads. That's 1/27 of the > time they needed for their 30 pins. So I think it's worth a try, but as > I said, I won't open my nano to do that. If I manage to get one with a > broken display/battery/etc. I'll do it. > > JD schrieb: > > I read the paper long ago and I continue to think it's too difficult > > but if you want to try... be my guest :) > > > > JD. > > > > On 05/10/2007, MsTiFtS <[EMAIL PROTECTED]> wrote: > > > >> You only need to find the first 3 pins, if you have got these you'll > see > >> what the 4th is. > >> And with level tests, you can simply rule out all these VCC and GND > pins > >> and further reduce the number of pins you need to test. > >> Have a closer look at the PDF presentation of the JTAG finder site, > it's > >> all described there. > >> > >> JD schrieb: > >> > >>> I take a look on that JTAG finder, it's a good tool to find out JTAG > >>> pins when you know where the pins are (but you don't know pin order). > >>> The problem with level test is other chips may got the same level > >>> characteristcs than a JTAG signal. > >>> And there a permutation of 4 pins in 15 pads is more around 30000 > possibilities. > >>> > >>> JD. > >>> > >>> On 05/10/2007, MsTiFtS <[EMAIL PROTECTED]> wrote: > >>> > >>> > >>>> Well, IF there are ONLY 15 pads (I could not make out any on the > scans, > >>>> where the heck are they?), you can probably reduce them to about 10 > with > >>>> signal level tests, so there are only about 110 or 1000 possibilities > to > >>>> go, depending what scheme you use. That's done withing a few seconds > >>>> using that JTAG finder. Who has a dissected nano to try it out? ;) > >>>> > >>>> JD schrieb: > >>>> > >>>> > >>>>> Of course there is a way to put binaries on the devices but I don't > >>>>> think we can find how without the original documentation, mainly > >>>>> because: > >>>>> > >>>>> 1. There is no proof that JTAG is used here. > >>>>> Only the ARM got a JTAG interface on our board and the main JTAG > >>>>> feature is daisy chaining multiple chips on a single bus. Maybe the > >>>>> in2g is initially programmed by an other protocol / bus, even by an > >>>>> homemade simple serial bus. > >>>>> But okay if I have to bet I choose JTAG. > >>>>> > >>>>> 2. The JTAG pins aren't clearly defined, that doesn't mean there are > >>>>> no pins on our board but maybe the pins are one of the many board > pads > >>>>> ( approximatly 15 pads and 4 JTAG pins -> impossible to guess even > >>>>> with signal level tests (maybe I'm wrong but even if it's possible > >>>>> this will take a very very long time)). > >>>>> > >>>>> I really think there is no hope about JTAG without proper schematics > / > >>>>> boards layout. > >>>>> > >>>>> JD. > >>>>> > >>>>> On 04/10/2007, MsTiFtS <[EMAIL PROTECTED]> wrote: > >>>>> > >>>>> > >>>>> > >>>>>> I doubt there are JTAG pins anywhere accessible on the board. I am > >>>>>> wondering how they loaded the initial code to these devices, but I > can't > >>>>>> see any way to do this except before the chips where soldered to > the > >>>>>> boards. There is simply nothing on this board you cold make a quick > >>>>>> connection to except the dock port, but I doubt that JTAG is in > there > >>>>>> somewhere. That JTAG finder just helps to get the pinout if you > have a > >>>>>> dozen touchpoints on the board. Whe have the exact opposite > problem: > >>>>>> Nothing to hook up to. (Well, at least nothing I can see on the > various > >>>>>> PCB scans, I didn't get my fingers on a dissected iPod yet.) > >>>>>> > >>>>>> mat h schrieb: > >>>>>> > >>>>>> > >>>>>> > >>>>>>> http://www.c3a.de/wiki/index.php/JTAG_Finder ? > >>>>>>> > >>>>>>> On 9/28/07, *mat h* < [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote: > >>>>>>> > >>>>>>> just an idea what chip is the ram? Alot of chips have > debugging > >>>>>>> pins on them ( JTAG etc) does the ram chip? > >>>>>>> > >>>>>>> > >>>>>>> On 9/28/07, *Jeremy Prater* < [EMAIL PROTECTED] > >>>>>>> <mailto:[EMAIL PROTECTED]>> wrote: > >>>>>>> > >>>>>>> Hmmm, im going to stop my hunt then, I searched 19% of the > >>>>>>> keyspace, but it sounds like im wasting time here. Has > anyone > >>>>>>> had any luck or ideas on how to dump the 256mbit/ 8meg > ram? > >>>>>>> Ive got no ideas on even trying to get the ram out of > there. > >>>>>>> Hehe except with a hammer... ok later im going to keep at > it. > >>>>>>> -- Jeremy > >>>>>>> > >>>>>>> -----Original Message----- > >>>>>>> From: Emmanuel Fleury [mailto:[EMAIL PROTECTED] > >>>>>>> <mailto:[EMAIL PROTECTED]>] > >>>>>>> Sent: Thursday, September 27, 2007 10:20 PM > >>>>>>> To: Hardware and developpement mailing list. > >>>>>>> Subject: Re: [Linux4nano-dev] Update to rc4 key search > >>>>>>> (optimized) > >>>>>>> > >>>>>>> mat h wrote: > >>>>>>> > ok, just give me a bell if you need cpu power. > >>>>>>> > > >>>>>>> > Anyway what makes you so sure that the key is RC4? > >>>>>>> > >>>>>>> It's not. We have some good clues against it. > >>>>>>> > >>>>>>> Comparing several consecutive encrypted firmwares show us > that > >>>>>>> the same > >>>>>>> key is used each time. > >>>>>>> > >>>>>>> In the case of an RC4 (or any stream cipher scheme), it > would > >>>>>>> mean that > >>>>>>> we could have some statistical properties poping out when > >>>>>>> XORing of two > >>>>>>> encrypted firmwares (namely we should see something > similar to > >>>>>>> the > >>>>>>> statistical property of an ARM binary... As Serpilliere > did > >>>>>>> mention it, > >>>>>>> ARM binaries have very specific statistical properties (on > the > >>>>>>> 'command' > >>>>>>> part)). > >>>>>>> > >>>>>>> We tried and nothing came out from this, which means that > it's > >>>>>>> very > >>>>>>> likely a block cipher scheme (with a fixed key). > >>>>>>> > >>>>>>> Regards > >>>>>>> -- > >>>>>>> Emmanuel Fleury > >>>>>>> > >>>>>>> I do not fear computers. I fear the lack of them. > >>>>>>> -- Isaac Asimov > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> Linux4nano-dev mailing list > >>>>>>> [email protected] <mailto:[email protected]> > >>>>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>>>> http://www.linux4nano.org > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>>> We explore... and you call us criminals. > >>>>>>> We seek after knowledge... and you call us criminals. > >>>>>>> We exist without skin color, without nationality, without > >>>>>>> religious bias... and you call us criminals. > >>>>>>> You build atomic bombs, you wage wars, you murder, cheat, and > lie > >>>>>>> to us and try to make us believe it's for our own good... > >>>>>>> ....yet we're the criminals. > >>>>>>> > >>>>>>> ____________WAUSHARE ROX ______________ > >>>>>>> Join the dark side we've got cheese > >>>>>>> Annoying people since 1992 > >>>>>>> If you hate me, I love you too. It ain't my fault I'm better > than you > >>>>>>> Save Water, Drink Beer > >>>>>>> God Made Women First, Then He Had A Better Idea. > >>>>>>> If Barbie is soo popular...how come you have to buy her > friends? > >>>>>>> Don't play stupid with me... I'm better at it! > >>>>>>> You were so cute when you were a baby...What happened? > >>>>>>> My folks were always asking me to wear underpants. What am I, > the > >>>>>>> pope? > >>>>>>> I'm calling the police!... Right after I flush some tings. > >>>>>>> Join the army, see the world, meet interesting people, and > kill them. > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>>> We explore... and you call us criminals. > >>>>>>> We seek after knowledge... and you call us criminals. > >>>>>>> We exist without skin color, without nationality, without > religious > >>>>>>> bias... and you call us criminals. > >>>>>>> You build atomic bombs, you wage wars, you murder, cheat, and lie > to > >>>>>>> us and try to make us believe it's for our own good... > >>>>>>> ....yet we're the criminals. > >>>>>>> > >>>>>>> ____________WAUSHARE ROX ______________ > >>>>>>> Join the dark side we've got cheese > >>>>>>> Annoying people since 1992 > >>>>>>> If you hate me, I love you too. It ain't my fault I'm better than > you > >>>>>>> Save Water, Drink Beer > >>>>>>> God Made Women First, Then He Had A Better Idea. > >>>>>>> If Barbie is soo popular...how come you have to buy her friends? > >>>>>>> Don't play stupid with me... I'm better at it! > >>>>>>> You were so cute when you were a baby...What happened? > >>>>>>> My folks were always asking me to wear underpants. What am I, the > pope? > >>>>>>> I'm calling the police!... Right after I flush some tings. > >>>>>>> Join the army, see the world, meet interesting people, and kill > them. > >>>>>>> > ------------------------------------------------------------------------ > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> Linux4nano-dev mailing list > >>>>>>> [email protected] > >>>>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>>>> http://www.linux4nano.org > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>> _______________________________________________ > >>>>>> Linux4nano-dev mailing list > >>>>>> [email protected] > >>>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>>> http://www.linux4nano.org > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> _______________________________________________ > >>>>> Linux4nano-dev mailing list > >>>>> [email protected] > >>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>> http://www.linux4nano.org > >>>>> > >>>>> > >>>>> > >>>>> > >>>> _______________________________________________ > >>>> Linux4nano-dev mailing list > >>>> [email protected] > >>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>> http://www.linux4nano.org > >>>> > >>>> > >>>> > >>> _______________________________________________ > >>> Linux4nano-dev mailing list > >>> [email protected] > >>> https://mail.gna.org/listinfo/linux4nano-dev > >>> http://www.linux4nano.org > >>> > >>> > >>> > >> _______________________________________________ > >> Linux4nano-dev mailing list > >> [email protected] > >> https://mail.gna.org/listinfo/linux4nano-dev > >> http://www.linux4nano.org > >> > >> > > > > _______________________________________________ > > Linux4nano-dev mailing list > > [email protected] > > https://mail.gna.org/listinfo/linux4nano-dev > > http://www.linux4nano.org > > > > > > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org > -- We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good... ....yet we're the criminals. ____________WAUSHARE ROX ______________ Join the dark side we've got cheese Annoying people since 1992 If you hate me, I love you too. It ain't my fault I'm better than you Save Water, Drink Beer God Made Women First, Then He Had A Better Idea. If Barbie is soo popular...how come you have to buy her friends? Don't play stupid with me... I'm better at it! You were so cute when you were a baby...What happened? My folks were always asking me to wear underpants. What am I, the pope? I'm calling the police!... Right after I flush some tings. Join the army, see the world, meet interesting people, and kill them.
_______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
