[Tiptoi] Tiptoi hacking
Matthias Weber
matthiaz.weber at gmx.de
Mi Jan 3 18:55:11 CET 2018
Hi Björn and all,
(hard to cope with all those emails in my inbox).
Bjoern wrote:
> When I read out the NAND directly by a Raspberry Pi, the data was not
> really reliable because some bits always toggled.
What do you mean? Did you check your data against the error correction
codes in the spare region? Do you understand the checksum?
> Is your reading method giving accurate, reproducable results or are
> toggled bits an inherent effect of reading raw data from NANDs (hence
> using ECC is mandatory) or ?
Unfortunately, I could not find my actual unsoldered NAND flash device
at the CCC. Either I didn't bring it or somebody removed it. I need to
look for it or unsolder a different one. The dump should be pretty
accurate (as it was hell slow).
> I have meanwhile managed to enter the BIOS of the TT. This BIOS offers
> the following commands:
> - download
> - setvalue
> - go
> - dump
>
> From what I could see so far, only two memory sections contain data:
> section 1: 0x0000'0000 - 0x0000'FFFF
> section 2: 0x0800'0000 - 0x0802'FFFF
That really does sound very interesting. How did you find this out?
Cheers
Matthias
Mehr Informationen über die Mailingliste tiptoi