Updating Atmega162 VCDS and other interfaces

[KenshinPT]

Can you please 'elaborate' a bit on it? That might be VERY interesting (and not at all offtopic).
Have you particularly managed to program fuses (e.g. EESAV) on a locked atmega without destroying content of eeprom area? Could be possible?
Thank you.

If the ATMEGA is locked you can't read the content of the EEPROM.

If you want to reset fuses the content of EEPROM will also be erased.

To do this fuse reset and EEPROM erase you need to dessolde the uC from the PCB and then connect it to a HVP (High Voltage Programmer) thus the content of the memory is lost.

You can read the content of the EEPROM if you have a laser to destroy the uC case and then with a microscope you can read the content of the memory bit by bit. Then you need a pen and a paper to write it down.

[rsibiza]

If the ATMEGA is locked you can't read the content of the EEPROM.

If you want to reset fuses the content of EEPROM will also be erased.

To do this fuse reset and EEPROM erase you need to dessolde the uC from the PCB and then connect it to a HVP (High Voltage Programmer) thus the content of the memory is lost.

You can read the content of the EEPROM if you have a laser to destroy the uC case and then with a microscope you can read the content of the memory bit by bit. Then you need a pen and a paper to write it down.

Yes,and no...

First hack is the invasive attack...destroying some atmegas...by laser or some acid burning the housing

But it seems,actually somebody has managed to create an external programmer able to confuse atmega lockbits...and read entire flash and eprom....by non ivasive attack...

Atmega would not be destroyed....

[rsibiza]

Can you please 'elaborate' a bit on it? That might be VERY interesting (and not at all offtopic).
Have you particularly managed to program fuses (e.g. EESAV) on a locked atmega without destroying content of eeprom area? Could be possible?
Thank you.

I am actually too busy to play around on atmegas

And avr are not really my favourite thing...there exists real experts for that kind of work...

[youpsolo90]

good thank you

[ipejasinovic]

Can you please 'elaborate' a bit on it? That might be VERY interesting (and not at all offtopic).
Have you particularly managed to program fuses (e.g. EESAV) on a locked atmega without destroying content of eeprom area? Could be possible?
Thank you.

Yes, it's possible to read locked atmega with special programmer. Even that atmage stays alive.

[potel]

Yes, it's possible to read locked atmega with special programmer.

Yeahhh.... Go on! Don't stop here!
Give us a hint... a track... WHICH PROGRAMMER ???

[ipejasinovic]

Don't know. One of my friends have it and I know that he can unlock ATmega 8, 16, 64, 128 and 162. For other I didn't ask. But, don't forget, programming and reading AVR mcu's is his job. I doubt that he will give the name and source of programmer just like that.

[rsibiza]

Don't know. One of my friends have it and I know that he can unlock ATmega 8, 16, 64, 128 and 162. For other I didn't ask. But, don't forget, programming and reading AVR mcu's is his job. I doubt that he will give the name and source of programmer just like that.

Yes...why should he loose lot of money?...for not even a thank youthats the world today....

If i had infos about non invasive attacks for avr...


I know some chins asking more than 900 USD for reading one only avr...so how much need you to pay getting infos about hardware and firmware to do it yourself...

Let them do a good job..and hope that they continue doing it...

[tehnosoftex]

I think that all microcontrollers are sensitive to oscillator spikes or variations. As we can see there is programers which read protected motorola , micronas or even fujitsu. May be for atmel or pic can be made a such programmer but need some research to do.

[rsibiza]

I think that all microcontrollers are sensitive to oscillator spikes or variations. As we can see there is programers which read protected motorola , micronas or even fujitsu. May be for atmel or pic can be made a such programmer but need some research to do.

You are right...in the document i posted before..are some instructions...but not great stuff...

What do we know...we need some powersource which can vary power peaks from 3 to 13 V...
how many variations/second?

Some fischls programmer:

fischl.de - USBasp - USB programmer for Atmel AVR controllers

But need some one able to write a great FW for it...check which power or oscillation peakes and changes where needet

[zoro1]

Yes, it's possible to read locked atmega with special programmer. Even that atmage stays alive.

If the fuse bit is set to 0xFC ,even God can not read Atmega with programmer.The China-man clones the ELM 327/a PIC microcontroler/with Grinding mashine and a electron microscope

[rsibiza]

If the fuse bit is set to 0xFC ,even God can not read Atmega with programmer.The China-man clones the ELM 327/a PIC microcontroler/with Grinding mashine and a electron microscope

Thats what atmel and they user are wanting,but not completely thrue.

All avr or pic can be attacked...by power glitch,peakes oscillo peakes...it looses control...and let read the content.

Grininding,laser and electron microscope is also very successfull,but not only choice.

[tehnosoftex]

I know that for secure microcontrollers, like these used in smart cards , there is a sensor which apply reset on mcu core when sense variations in oscillator frequency. Why they do that?

[rsibiza]

Here after hours i found back an article i read a zear ago..mazbee this can help understand a bit more about attacking avr s...

http://www.cl.cam.ac.uk/~sps32/mcu_lock.html

http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-630.pdf

[zoro1]

intresting ,but i do not hawe a answer on my q.IS the code for atmega ?