NOP is more often 0x00h which makes sense because a blank chip is all 0xFFh's. ie you program the zero's.
If they all have the same program in them then it may be worth working out how to blank the unwanted data and even re-hook the interrupts. You could also selectively blank bytes and leave chosen instructions to do something you wanted if the security bit's aren't set.
I impulsed a sleeve of programmed chips, with stickers covering what they were.
They are a Motorola XC68HC705C9CP microcontroller in a 40-pin DIP package. http://www.elnec.com/device/Motorola/MC68HC705C9+%5BPLCC44%5D/ ^Any one know of a dedicated site that gives Chip info like that? Long story short, here are my questions: Can OTP [One Time Programmable] chips be reprogrammed? --either by writing over the existing program and using the remaining space [How is this done?] OR --by using X-Rays to reset the OTP memory. Wiki says yes* *non-pratical dose, followed by a 600 C oven. http://en.wikipedia.org/wiki/EPROM Any one have any insight or experence? Or should I dissolve a window into the case and use UV? Secret option 4, toss them in the trash, buy something newer and better.
I knew a cat, thought he was crazy at the time, but finding myself understanding his perspective more and more every day... anyways, he used to acquire used one-time-programmable uCs from work. His technique was to overwrite the written data with NOPs, which, at least for that uC, corresponded to the bits that get written when programming... (I think it was: unwritten = 0, written = 1, and NOP = 0xffff...) So, writing the chip with NOPs at the used memory-locations completely overwrote whatever was already there. I think he got clever with the interrupt jump-tables, too... I don't remember the exact details, but it was something like... since the program memory was previously-unused toward the higher-address-bits, the jump-table could be overwritten by bitwise-similar addresses, but with a higher-order bit set.... or was it that he went to the actual original jump-location and overwrote with NOPs until he found an instruction that could be overwritten with another jump...?
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.
NOP is more often 0x00h which makes sense because a blank chip is all 0xFFh's. ie you program the zero's.
If they all have the same program in them then it may be worth working out how to blank the unwanted data and even re-hook the interrupts. You could also selectively blank bytes and leave chosen instructions to do something you wanted if the security bit's aren't set.
Are you sure? yes | no
I impulsed a sleeve of programmed chips, with stickers covering what they were.
They are a Motorola XC68HC705C9CP microcontroller in a 40-pin DIP package.
http://www.elnec.com/device/Motorola/MC68HC705C9+%5BPLCC44%5D/
^Any one know of a dedicated site that gives Chip info like that?
Long story short, here are my questions:
Can OTP [One Time Programmable] chips be reprogrammed?
--either by writing over the existing program and using the remaining space [How is this done?]
OR
--by using X-Rays to reset the OTP memory.
Wiki says yes*
*non-pratical dose, followed by a 600 C oven.
http://en.wikipedia.org/wiki/EPROM
Any one have any insight or experence?
Or should I dissolve a window into the case and use UV?
Secret option 4, toss them in the trash, buy something newer and better.
Are you sure? yes | no
I knew a cat, thought he was crazy at the time, but finding myself understanding his perspective more and more every day... anyways, he used to acquire used one-time-programmable uCs from work. His technique was to overwrite the written data with NOPs, which, at least for that uC, corresponded to the bits that get written when programming... (I think it was: unwritten = 0, written = 1, and NOP = 0xffff...) So, writing the chip with NOPs at the used memory-locations completely overwrote whatever was already there. I think he got clever with the interrupt jump-tables, too... I don't remember the exact details, but it was something like... since the program memory was previously-unused toward the higher-address-bits, the jump-table could be overwritten by bitwise-similar addresses, but with a higher-order bit set.... or was it that he went to the actual original jump-location and overwrote with NOPs until he found an instruction that could be overwritten with another jump...?
Start a project, it'd be cool to follow!
Are you sure? yes | no