Trying to read a protected chip

Have you got the data sheet? You'll mostly likely need a logic analyser to capture the data pins while triggered from the address pins.

Are you *sure* you can't just get the same computer somewhere cheap like on eBay and rip the chip out?

Dave :)

. . .

The data sheet is available on the Samsung site (

From a quick look, it does not look like it would be easy to do what has been proposed.

BTW in another thread the OP mentioned there was a "secure area". The only security feature I saw in the data sheet is that there is a section which is OTP. From that it sounds like the only protection is that some of an already programmed device cannot be altered, but you can read the whole thing out normally, and hence copy it (unless some secret chant is required to program that area - it does not seem to go into detail about the OTP area). Andy Wood snipped-for-privacy@trap.ozemail.com.au

It does look like a generic OTP area, the datasheet just says:

"Unique ID for Copyright Protection is available

-The device includes one block sized OTP(One Time Programmable), which can be used to increase system security or to provide identification capabilities. Detailed information can be obtained by contact with Samsung."

If that is the case and you know the address (was it mentioned in the previous thread?), then it should be fairly easy read out?

Then of course you need a programmer that supports writing to this OTP location. It might only be a factory programmed thing, in which case the chances are not good.

Dave :)

Dave, if only things were that simple lol. The only options I have are:

It is a factory programmed thing, but I wasn't able to get a reply from samsung :( Im not even sure how many bytes it is... I know roughly it holds the model# and the ID code which I assume would be about 9 bytes total(?), but if I knew what was in it I could find a way to reprogram it. I also don't know the address.... because its not something samsung released.

If you know the model number it puts out then in thoery I guess you could use a logic analyser and trigger on a sequence of bytes?

If the OTP area is simply inside the normal address range then you might be able to simply use a programmer to read out all of the data and then program a similar flash chip without this OTP option? This would at least be worth a try before resorting to harder schemes.

If on the other hand the OTP area requires some address sequencing scheme to work (likely I guess, otherwise it's not very "secure"), then you are probably up the proverbial creek without a paddle!

Dave :)

Yep I know the code it puts out, and thats why i was thinking of using a mod chip type thing, to watch for the sequence and then change it. But I didnt know how to go about it....

The only other option I have failing this, is to actually find someone to hack the bios and software inject the code rather than having it read from the hardware... which would probably be less dramatic than a mod chip or chip copying...

Well, you won't be able to use PIC like you mentioned before, too slow, it would have to be a fast PLD/FPGA operating with real-time transparency. AND you'd have to make sure it didn't upset the motherboard system timing. Not a trival thing to do any stretch of the imagination.

But if you don't know the address/data sequence I wouldn't bother starting to think about it.

Take 1 genious geek, add Jolt Cola and Pizza, and hey-presto! :->

Any geek wearing one of those "Will work for Bandwidth" t-shirts should do the trick!

Dave :)

Thanks Dave, now I know I I'll probably just be wasting time looking this way... I'm off to find some nerds :D