AVR-Chat

Actually opening the chip is the easy part.  All you need is the
proper acid to eat the plastic bits but leave the chip.  

--- In AVR-Chat@yahoogroups.com, "Allan Lane" <allan.lane@h...> wrote:
> Oh, MAN, that's a good link!
> 
> People are asking this question ALL THE TIME
> about AVR's and PIC's -- and now here's
> a definitive answer!  
> 
> So yes, this link gives you the technique.
> First, you open the package.  In their case,
> they used a smart-card, so they removed the 
> CPU core from the card, then installed it in
> an empty IC, using the aluminum wire/ultrasonic
> connection machine.  
> 
> Our job is easier, maybe, as we don't have to 
> do all of that -- just cut the top off the IC.
> Easier said than done.
> 
> From there, you just probe the chip under a 
> high-magnification workstation, restore the 
> 'lock' fuse, and you're good to go!
> 
> Unfortunately, it does take about $30,000 in
> equipment (estimated) -- and some luck to not
> destroy your chip when you open it.
> 
> 
> --- In AVR-Chat@yahoogroups.com, "moriarty70" <moriarty70@y...> wrote:
> > You can use an electron microscope to read the memory according to
> > this PDF:
> > 
> > http://www.cl.cam.ac.uk/~mgk25/sc99-tamper-slides.pdf
> > 
> > If you know the precise location of the lock bit you might be able 
> to
> > change its state by bombarding it with electrons.
> > 
> > If it were a simple job to read the memory of a "locked" AVR the 
> lock
> > bit would be useless, right?
> > 
> > Have Fun!
> > 
> > --- In AVR-Chat@yahoogroups.com, "Emerson Santos"
> > <emersonsantosrj@u...> wrote:
> > > Hi people !!!
> > > 
> > > Anyone know a kind of "backdoor" in AVR to read a chip
> > > with a enabled LockBit ???
> > > 
> > > Could I read a PRG in Flash .. in this conditions ??? (lock bit =
> > ON)
> > > 
> > > Tanx'S ALL