Fuseable Links - no guarantees??
jim bell
jimbell at pacifier.com
Sat Jun 15 14:27:43 PDT 1996
At 11:44 PM 6/14/96 -0400, Warren wrote:
>I have never paid much attention to the protection of firmware or the
>technical issues revolving around such schemes...was wondering:
>
>I recently saw an add for a UK based group that says they can take a PIC
>OTP micro and read the prom (for a fee, of course) - How the heck is this
>done?? I have my suspicion that they (somehow) magically peel off the
>ceramic coating (without destroying the chewy center), get a circuit mask
>and 'micro probe' the I/O of the IC...they then download the secret recipe
>to the afore mentioned 'chewy center'.
>
>Is this close to accurate?? How is it 'done' ???
While I have never come even close to needing to attempt this kind of thing,
long ago it occurred to me that if the "no read" bit was stored in a
programmable bit, and if the location of that bit was known or could be
identified, you could expose that particular bit through a tiny mask hole
and cause the part to be readable again. Locating that bit (assuming
there's just one) would be relatively simple: Take a test part, program it,
read-lock it, and then expose it to a VERY slowly sliding mask with UV
behind. Do this for both axes, to find the bit's location on the chip.
Jim Bell
jimbell at pacifier.com
More information about the Testlist
mailing list