The new keychange packets are dynamically checking eeprom locations to make the right IDEA keys, so its really not JUST a simple EMM morph.They can choose any codespace or rom location they want. EMM $B1 will have to be processed correctly.
EMM: 21006DA0CA00006704650801820010954659314577537BF940 9F35A13841805FD4AF29656A1E94C5996C463F1FF7C6C65941 E04D2EF95A21F8AB 5FD8E8CEE9C5494D2893D4860F4245B5422749EAC7A60BE52A A96EA7CB264446D974737620CE4D87C200DDF676012DD06FEB 97B68F02C4
Decrypted: 3FF352035871FC1A080113DB000115BC7789B17180C6826CCD 9290B8C8B7C8C68C37B8DBB7DB17B27100A61DCC9569830901 4A0010060800104F 11A4DB3E2285786DFC5438A40520514200104
00:0093: 71 80 ldp #$80 ; Set DSR to $80 (EEP)
00:0095: C6 82 6C lda $826C ; Load a byte from EEP ($80:826C = $FC)
00:0098: CD 92 90 jsr $9290 ; Jump to $00 9290 (lsla, rolx, rts)
00:009B: B8 C8 eor $C8 ; EOR with value in key0
00:009D: B7 C8 sta $C8 ; Store new value in key0
00:009F: C6 8C 37 lda $8C37 ; Load a byte from EEP ($80:8C37:
This dynamic code will require a math routine for each key and proper placement of results to keep up. Unless the FTA makers finally make good on a full EMU, they could soon be writing new bins daily. Even the newest plastic fixes will pretty much be at the mercy of whatever Nagra intends to do, and that can lead to worse problems.. Let the games begin!
c/p from the dssguy
Blogsphere: TechnoratiFeedsterBloglines
Bookmark: Del.icio.usSpurlFurlSimpyBlinkDigg
RSS feed for comments on this post | TrackBack URI for this post
Best Deal Ads :
Leave a Reply
- June 2008 (3)
- May 2008 (4)
- April 2008 (3)
- March 2008 (1)
- February 2008 (5)
- January 2008 (11)
- December 2007 (9)
- October 2007 (11)
- August 2007 (9)
- July 2007 (2)
- June 2007 (20)
- May 2007 (36)
- April 2007 (14)
- March 2007 (11)
- January 2007 (6)
- December 2006 (18)
- November 2006 (6)
- October 2006 (5)
- September 2006 (10)
- August 2006 (13)
- July 2006 (3)
- June 2006 (4)
