They are not "protected' by that stuff, just surrounded by it. My point is, they aren't secure. Forget it. Anything you do (even like your crypto system) only slows someone down, or tells you it might have been compromised. I don't expect PICs to be secure. Just secure-enough. That's what they are, and I'm happy. Andy Marc on 09/18/2000 08:50:04 AM Please respond to pic microcontroller discussion list To: PICLIST@MITVMA.MIT.EDU cc: (bcc: Andrew Kunz/TDI_NOTES) Subject: Re: [pic]: lousy code protection on F87X !!! Are you kidding me??? > As far as the suggeston for using another chip as the bootloader over ISCP, > this is no good as it would still require two pins on the F87X. And, it a > waste of resources, and is unecessary, and actually facilitates code copying > due to how well known the ICSP protocols are. They can be recorded easily. Didn't you say yourself that the inners of the product are protected by 480V 10000A? You can establish a cryptographically secure link on the RS485, and place the In-Circuit-Program slave chip physically near to the F87x, and use reflective opto sensors or similar at the slave as a tamper detector. It can report tamper attempts and let you decide yourself then whether you want to continue upload the firmware or rather disconnect and unscrew the product to look inside whether a "PIC ISP protocol tap" has been installed or not. Such a tap btw I have built already in the past, if someone is interested :---) As long as the slave reports (cryptographically secure) no tamper attempts, you should be quite safe that nobody records your firmware. Once one product reports tampering, though, an attacker might have learned how to avoid your detection traps in the future. -- http://www.piclist.com hint: To leave the PICList mailto:piclist-unsubscribe-request@mitvma.mit.edu -- http://www.piclist.com hint: To leave the PICList mailto:piclist-unsubscribe-request@mitvma.mit.edu