Very true, however I do not think lasercutting has anything to do with it since there are easier ways to hardlock it.
Also there is still no proof that the JTAG interface has anything to do with the multiplier, but on the very small chance that there is a connection we should explore this option.
I don't know what kind of chip you had te reverse engineer but a chip like a CPU is a bit more complex. The JTAG interface is used in debugging and testing (this is actually it's main function). All the circuits inside the chip are connected to the JTAG interface and you need to know the exact shift register data in order to be able to talk to one specific chip.
Also you can use the JTAG to read and write in the memory via the memory controller, if you end up reading from there you will get a lot of data which isn't usefull. The JTAG interface can also be used as a (re)programming interface. I use it myself to recover PDAs with broken firmware. Via the JTAG interface I can flash it.
However as said, I have the shift-register data for a lot of PDAs and therefor I can program them. If I haven't got those I can't really do anything at all with them. The same is true for the Athlon 64 chips. A PDA can be reverse engineered because they are mostly made up of standard components and manufacturers tend to use the same for similar series of PDAs.
A CPU however is very complex, like I said it's like trying to get a serial mouse to work with only a RS232 datasheet. Not impossible but really hard and a high-luck factor.
Is there anybody who has gotten anything out of the JTAG interface yet? Also since TCK seems to be connected directly to GND (VSS) does the CPU short-circuit when a clock is connected?
Bookmarks