JP1 Remotes Forum Index JP1 Remotes


FAQFAQ SearchSearch 7 days of topics7 Days MemberlistMemberlist UsergroupsUsergroups RegisterRegister
ProfileProfile Log in to check your private messagesLog in to check your private messages Log inLog in

Why is extracting ROM not possible?
Goto page Previous  1, 2
 
Post new topic   Reply to topic    JP1 Remotes Forum Index -> JP1 - Hardware
View previous topic :: View next topic  
Author Message
3FG
Expert


Joined: 19 May 2009
Posts: 3365

                    
PostPosted: Tue Jan 19, 2010 6:07 pm    Post subject: Reply with quote

My company makes equipment that uses 8 bit micros, for which we write the firmware. We have absolutely no reaon to think that anyone would want knowledge our the firmware. Yet, we protect the ROM (or more recently the flash). Why? Because the micros and our C compilers are set up that way by default, and we don't change away from the default. Less chance of error.

Now if we had even an inkling that our firmware had value to a competitor, we'd be doggone sure to protect it. Protecting it is easy and has no downside for us because we don't need to read the contents of the micro memory-- we wrote the code and we know what's inside.

So protection doesn't need a strong rationale--it's the easy way out.
Back to top
View user's profile Send private message
The Robman
Site Owner


Joined: 01 Aug 2003
Posts: 21210
Location: Chicago, IL

                    
PostPosted: Tue Jan 19, 2010 6:27 pm    Post subject: Reply with quote

vda wrote:
The reason I asked to see the code of IR.exe is to learn more about JP1 stuff. There are tons of howto's and FAQ's on this forum and on the net, but unfortunately the majority of them are not up-to-date and confusing. As a programmer I always find the source code the best "documentation" or "specification" to read - supposed that the software works, certainly.

And for the same reason, there is no better way to understand how a remote control works, at least for me, than by looking at its code. That's why I would like to extract the ROM.

This is the part that I'm really having a hard time understanding. We've got over 10,000 members here, most of whom understand the documentation and get up and running with JP1 without even asking any questions, yet you say that you would need to read the source code to understand it because the documentation isn't clear. It seems to me that if you're smart enough to read source code, surely you must be smart enough to understand the docs that 10,000 other people have been able to understand.

And as for wanting to read an assembler dump of a remote rather than read the user manual, that one's really mind boggling. If you simply want to know what secret functionality is in your remote, just ask, because we've already figured it out.

Do you even have a JP1 remote?
_________________
Rob
www.hifi-remote.com
Please don't PM me with remote questions, post them in the forums so all the experts can help!
Back to top
View user's profile Send private message Visit poster's website
johnsfine
Site Admin


Joined: 10 Aug 2003
Posts: 4766
Location: Bedford, MA

                    
PostPosted: Tue Jan 19, 2010 7:22 pm    Post subject: Reply with quote

vda wrote:
Well, then I would like to hear from John Fine about this if he is around: "John has been a One For All remote enthusiast for many years. He painstakingly went through all the codes in his Cinema 6 using an oscilloscope documenting what the signals looked like." -- from http://www.hifi-remote.com/jp1/history.shtml

Maybe John was lucky enough to not trigger the scrambler?


1) That is a bit of an exaggeration of my activities. I went through a lot of EFC numbers for each of very few setup codes in order to deduce the way that EFC numbers are a crude encryption of OBC numbers. Going through a lot of EFC numbers in one setup code does not trigger any scrambler that I know of.

I did not go through a lot of setup codes, which I think is the thing that triggers the scrambler.

I used a lot of original remotes with that oscilloscope, rather than a lot of OFA setup codes to learn a wide variety of IR protocols, in order to learn about how information is encoded in IR.

2) Irrelevant because I never tried long batches of setup codes in a Cinema 6, but I don't think it has that scrambler behavior. Many other models do. I'm not sure which others don't.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vda



Joined: 11 Jan 2010
Posts: 11

                    
PostPosted: Wed Jan 20, 2010 10:08 am    Post subject: Reply with quote

The Robman wrote:
This is the part that I'm really having a hard time understanding. We've got over 10,000 members here, most of whom understand the documentation and get up and running with JP1 without even asking any questions, yet you say that you would need to read the source code to understand it because the documentation isn't clear. It seems to me that if you're smart enough to read source code, surely you must be smart enough to understand the docs that 10,000 other people have been able to understand.

And as for wanting to read an assembler dump of a remote rather than read the user manual, that one's really mind boggling. If you simply want to know what secret functionality is in your remote, just ask, because we've already figured it out.

Do you even have a JP1 remote?


Sorry if I did not make myself clear. I had no problem using JP1 to play around with my remote. However I am not satisfied with only being able to follow the instructions. I'd like to understand how things work. It is just like going to cinema to watch a movie. 10,000 other people would go home after watching but I would try to get in the engine-room to see how the projector works. Of course, it it my fault.

Here is my JP1 remote.
Back to top
View user's profile Send private message
mdavej
Expert


Joined: 08 Oct 2003
Posts: 4500

                    
PostPosted: Wed Jan 20, 2010 10:21 am    Post subject: Reply with quote

I think you need to play around in IR in the RAW tab, and many things will become clear. If you turn on highlighting, you'll see exactly where all the data is stored for upgrades, key moves, device codes, etc. You can also set a baseline and change some data to see how it changes in the memory. This is really all we need to know to make JP1 work. We don't need to know the inner workings of the ROM. We typically get all these address boundaries by trial and error, changing something on the remote, and seeing what changes in the raw data.
Back to top
View user's profile Send private message
The Robman
Site Owner


Joined: 01 Aug 2003
Posts: 21210
Location: Chicago, IL

                    
PostPosted: Wed Jan 20, 2010 10:47 am    Post subject: Reply with quote

Dave's suggestion is a good one. When we started this project, all we had was a dump of the EEPROM then it was up to me to figure out what all the bits and bytes were for. The guy who did the first E2 dump (HW Hackr) figured out a lot of it, then it was my turn to sort out some of the finer points.

A lot of the early work is documented here:
http://www.hifi-remote.com/hack/index2.shtml

We figured out how to format device upgrades fairly early but the protocol upgrades took longer because we didn't know which assembler language was being used. We originally thought it was Zilog before the penny dropped that it was really S3C8.

If you want to do things in the E2 that IR.exe won't let you do, just remove your RDF from the RDF folder and work in raw mode. But unless you have a newer remote that we haven't completely sorted out yet, we've already done all that and the reason that IR won't let you do it is because the remote won't let you do it either.
_________________
Rob
www.hifi-remote.com
Please don't PM me with remote questions, post them in the forums so all the experts can help!
Back to top
View user's profile Send private message Visit poster's website
Barf
Expert


Joined: 24 Oct 2008
Posts: 1402
Location: Munich, Germany

                    
PostPosted: Wed Jan 20, 2010 1:18 pm    Post subject: Reply with quote

vda, if you are interested in leaning how embedded systems work, there are better ways than studying (uncommented) rom dumps, at least if you are not already an expert. Here is an open source project writing an "operating system" for an advanced remote (unfortunately in German).

The Remotemaster sources may also be of interest.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Kevin Timmerman
Expert


Joined: 09 Jan 2007
Posts: 142
Location: West Michigan

                    
PostPosted: Wed Jan 20, 2010 4:35 pm    Post subject: Reply with quote

vda wrote:
And for the same reason, there is no better way to understand how a remote control works, at least for me, than by looking at its code. That's why I would like to extract the ROM.


If you really want to do that, get a Harmony remote. You can read (and write) the firmware using Concordance. Most Harmony remotes use a Microchip PIC18 series microcontroller.
Back to top
View user's profile Send private message
vda



Joined: 11 Jan 2010
Posts: 11

                    
PostPosted: Thu Jan 21, 2010 7:20 am    Post subject: Reply with quote

Thank you guys for all your helps. I don't speak German so I could leave the BettyHacks forum. For the Harmony, it sounds good... until I find this:

http://www.techdesign.be/projects/011/011.htm

Very Happy

vda
Back to top
View user's profile Send private message
AndyJackman



Joined: 27 Jun 2004
Posts: 30
Location: Wiltshire, UK

                    
PostPosted: Sun Feb 14, 2010 4:17 pm    Post subject: Reply with quote

vda,
If you're interested in using a remote as a general microcontroller then I recall I posted the src for an entire operating system for the JP1.2 remotes (e.g. the URC7555). The OS completely wiped the chip (of course), but then it leaves you in control as to how you make you remote work - or to use the remote as a general microcontroller (perhaps not so useful!)
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic       JP1 Remotes Forum Index -> JP1 - Hardware All times are GMT - 5 Hours
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


 

Powered by phpBB © 2001, 2005 phpBB Group
Top 7 Advantages of Playing Online Slots The Evolution of Remote Control