Robert I guess we can put this one to bed. I do get security conscious when I see a device that is advertised as a copying machine for protected PICS, as simple as just having two sockets, one for the protected target and one for the blank and a switch. I shall certainly think twice before I use another PIC. I believe you, but I am glad I asked the question. I sincerely believe in letting the manufacturer know our legitimate concerns. Thank you again George philips_apps <philips_apps@...> wrote: George, on my honor and best knowledge (I sit about 20 yards away from the design team and we are in meetings almost every day), we have not build in a back door to read code from protected devices. This is actually sometimes a real problem when customers ask for help in regards to protected devices and we really can not loot into the chip. Having said this, there are always options to read out code with enough sophisticated equipment, enough identical devices and lots of time invested. I am talking about physically looking into states of flash cells by destroying devices layer by layer. There are no secure devices out there but there are many out there that we cosider secure enough, which means, the investment in time and money to extract the code is higher than the possible gain. Hope this answers your question about Philips (and government) back doors. Robert --- In lpc2000@yahoogroups.com, George Powell <georgelpowell@y...> wrote: > Robert > > You have evaded my question. Can you guarantee us on your honour that Philips have not engineered a way to read code from these chips that are protected in the normal way. > > Let us not get into semantics. > > regards > > George > > philips_apps <philips_apps@y...> wrote: > George and Armando, > > the missing security option for our first ARM devices, the LPC210x > was not deliberately as a backdoor, it was at time of definition not > considered crucial to an ARM micro. While the architects of the > LPC210x were right in many things (I guess that's why we can have this > coversation on this user group), this has been a wrong decision. All > devices hitting the market after the LPC210x have such a security > feature implemented. We hope that most customers that need security > can use one of the 64-pin devices. > I know this does not help you right now but please grant us an honest > mistake. Redesigning the LPC210x to include this feature is > prohibitive expensive. We hope that most of you, the users of all the > LPC2000 devices can use other family members that provide this feature. > > Best regards, Robert > > > --- In lpc2000@yahoogroups.com, George Powell <georgelpowell@y...> wrote: > > Hi All > > > > I would like to hear what Philips apps have to say on the question > of a deliberate back door to read protected code. So far the silence > is deafenning. Can you say in all integrity that you do not know that > Philips (and other manufacturers) leave a back door of some sorrt in > their chips for 'security' reasons. > > > > By its very nature flash is highly resistant to copy techniques > unlike eprom but this has brought us no extra security benefit. > > > > best regards > > > > George Powell > > > > philips_apps <philips_apps@y...> wrote: > > Hello Armando, > > > > Richard is right, The LPC2104 / 2105 and 2106 do not support code read > > protection. Somebody with a JTAG debugger can go in an read your code. > > All other devices of the LPC2000-family do support code read > protection. > > > > Application Support Philips > > > > --- In lpc2000@yahoogroups.com, "funes_armando" <funes_armando@y...> > > wrote: > > > The only point of my post is that I want to know if the LPC2104 has > > > code read protection. > > > > > > Could someone answer this simple question? > > > > > > Thanks all > > > > > > Armando. > > > > > > > > > > > > > > > > Hi all, > > > > > > > > I think some of us have totally missed the point. Your competitor > > > is not going to sit down and try to crack your chip. He is going to > > > send it to a slimy company that have already worked out how to see > > > into your type of chip and they will charge a pittance for ripping it > > > off. > > > > > > > > This is a business. They charge their clients a few thousand > > > dollars for a few minutes work. This IS a global problem and one that > > > Chip manufacturers need to seriously adress. > > > > > > > > Dont tell me how difficult it is to find a way into a chip. You > > > only have to do it once then set up in business. > > > > > > > > Your code is worth max 10K usd. What is it worth to your > > > competitor. Being as it is only a few minutes work to the copy > > > company you can probably bargain the price down too. > > > > > > > > This is a real problem and one that will not go away through > > > wishful thinking. > > > > > > > > George Powell > > > > > > > > > > > > > > > > > > > > Hi all, > > > > > > > > Dear people, I don't want to discuss about governments, back doors, > > > > etc. > > > > We all know that exists expensive procedures to unprotect devices, > > > > but they are EXPENSIVES and in most cases exceeds the development > > > > expense. > > > > If I really want to protect my intellectual property in all > > > > circumstances, I should use a tamper proof device. But I want to > > > use > > > > the LPC2104 because of it's price and features. > > > > > > > > According to LPC2114 data sheet and like Pete wrote, code read > > > > protection in LPC2114 is available since bootloader revision 1.61 > > > > But this device is more expensive than the LPC2104. I can't believe > > > > that the LPC2104 doesn't have the same feature. > > > > > > > > Please, could somebody tell me if the LPC2104 have code read > > > > protection?. > > > > > > > > Thanks all > > > > > > > > Armando > > > > > > > > > > > > > > > > > > > > Yahoo! Groups SponsorADVERTISEMENT > > > > > > > > > > > > --------------------------------- > > > > Yahoo! Groups Links > > > > > > > > To visit your group on the web, go to: > > > > http://groups.yahoo.com/group/lpc2000/ > > > > > > > > To unsubscribe from this group, send an email to: > > > > lpc2000-unsubscribe@yahoogroups.com > > > > > > > > Your use of Yahoo! Groups is subject to the Yahoo! Terms of > > > Service. > > > > > > > > > > > > > > > > > > > > --------------------------------- > > > > Do you Yahoo!? > > > > New and Improved Yahoo! Mail - Send 10MB messages! > > > > > > > > [Non-text portions of this message have been removed] > > > > > > Yahoo! Groups SponsorADVERTISEMENT > > > > > > --------------------------------- > > Yahoo! Groups Links > > > > To visit your group on the web, go to: > > http://groups.yahoo.com/group/lpc2000/ > > > > To unsubscribe from this group, send an email to: > > lpc2000-unsubscribe@yahoogroups.com > > > > Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. > > > > > > > > --------------------------------- > > Do you Yahoo!? > > New and Improved Yahoo! Mail - Send 10MB messages! > > > > [Non-text portions of this message have been removed] > > > Yahoo! Groups SponsorADVERTISEMENT > > > --------------------------------- > Yahoo! Groups Links > > To visit your group on the web, go to: > http://groups.yahoo.com/group/lpc2000/ > > To unsubscribe from this group, send an email to: > lpc2000-unsubscribe@yahoogroups.com > > Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. > > > > --------------------------------- > Do you Yahoo!? > Yahoo! Mail is new and improved - Check it out! > > [Non-text portions of this message have been removed] Yahoo! Groups SponsorADVERTISEMENT --------------------------------- Yahoo! Groups Links To visit your group on the web, go to: http://groups.yahoo.com/group/lpc2000/ To unsubscribe from this group, send an email to: lpc2000-unsubscribe@yahoogroups.com Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. --------------------------------- Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. [Non-text portions of this message have been removed]
Message
Re: [lpc2000] Re: Flash Security
2004-09-20 by George Powell