Lpc2000

--- In lpc2000@yahoogroups.com, "brendanmurphy37" <brendan.murphy@...> wrote:
 > Your reply below is interesting, but only in a historic sense (unless
 > I'm missing something). The problem you referred to in IAP has been
 > acknowledged by Philips and a fix provided (updated boot loader for
 > some parts).

Yes you are missing the something an important fact.  Boot loader update 
did not stop my code from falling over.  Replacing the flash algorithm did.

 > I'll repeat the question I asked: do you have any evidence to back up
 > your claim that the "boot loader is broken"?

I said it boot loader is broken because I am able crash the boot loader at 
will on my LPC 2292 irrespective of whether or not CRP is enabled.

 > Hence my question: is there any evidence of a problem with the
 > (current) boot loader, based on empirical data (not opinion or
 > supposition), that ought to concern me and the others who are using
 > these parts?

See above.

 > If the answer's "no", then that's great. If it's "yes", can you
 > please supply details of the specific problem you have observed, and
 > the circumstances in which it occurs, so that I (and others) can
 > evaluate any risk that might be present.

Yes.  See above.

What happens when the boot loader crashes is indeterminate.  No exception 
handling makes matters worse.  In most security contexts, this poses 
unacceptable risks.

My task (what I am paid to do) is to mitigate or eliminate threats to 
security.  Providing a replacement boot loader is how I chose to do this. I 
looked at other options and these were either too expensive or did not 
mitigate enough.

 > Many thanks in advance for any assistance you can give on this.

You must get your own security assessment done for your particular situation.

 > Regards
 > Brendan

Send instant messages to your online friends http://au.messenger.yahoo.com