Hi to all. In July 1996 when I worked on my project for programming PICs, I discovered something interesting. There is a bug on PIC 16c71 that allows you to read contents from protected programmed PIC !!! This techniqe is destructive, so I have never used it on non windoved PICs (otp). But there is a problem, product on the end is data with 1-bit error (13 bits are ok and only 1 is unknown) so I have 2 codes per 1 instruction. This bit is usually used for high file access (movwf 89h ) so in that case it is easy to determine correct instruction.This technique maybe works on others serial programmed PICs. Is anyone inerested for this (Program can work on AN589) Ciao, Dejan Love takes a lot of time, but who cares ?! Make PICs not war(ez) ! mailto:dejan@net.yu http://www.net.yu/~dejan Martin R. Green wrote: > Yep, that's the one. It really opened my eyes. > > CIAO - Martin. > > On Wed, 17 Dec 1997 03:27:27 -0600, Dave Mullenix > wrote: > > >Martin R. Green writes: > > > >> There are some very sophisticated > >techniques that are "very" destructive to the device under attack. I > > >used to have a link to a site that described in detail some of the > >methods these "service" companies use, but I seem to have lost it. > >Maybe someone else out there will know the one I am talking about. > > > >You're probably thinking of: > > > >http://www.cl.cam.ac.uk/users/rja14/tamper.html > > > >which has an excellent article on hacking microprocessor security. I > just > >tried it and it's still there. They also list this FTP site for a > >postscript file, but I haven't tried it: > > > >ftp.cl.cam.ac.uk/users/rja14/tamper.ps.gz > > > >Dave, N9LTD > > Martin R. Green > elimar@NOSPAMbigfoot.com > > To reply, remove the NOSPAM from the return address. > Stamp out SPAM everywhere!!!