Whole-known-network
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> wheeeeeeeee at least it’s the CPU that’s broken, and not the debugger that scribbles garbage over register a0 (first function argument) during single-step use. Makes memcpy() do interesting* things…</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@cliffle" class="u-url mention">@<span>cliffle</span></a></span> samesies. I resolved that they must be names rather than numbers. This here is Mr. Onepointfiveinches Smith.</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Viss" class="u-url mention">@<span>Viss</span></a></span> to clarify, they took Signal, which is E2E encrypted and doesn't store message on the server, and deliberately modified it to just send everything to this third-party "vendor" in plain text. I wonder if that was malicious or just dumb, and how this thing ended up being used by what appears to be half the government.</p>
<p>the advantage of the implementation strategy I picked is that the entire read is done in one long burst without requiring more than a single USB roundtrip; as a result, it occurs at the maximum speed the JTAG interface can provide</p><p>(nobody cares about ARM7TDMI, but the technique generalizes to CoreSight, and will be even faster there)</p>
<p>in the upcoming <a href="https://mastodon.social/tags/GlasgowInterfaceExplorer" class="mention hashtag" rel="tag">#<span>GlasgowInterfaceExplorer</span></a> ARM7TDMI debugger, here is how you can read system memory using just a few lines of Python</p><p>this avoids the need for any existing interface like GDB server as it lets you easily manipulate CPU state in every feasible way</p>
<p><span class="h-card" translate="no"><a href="https://nrw.social/@markuswerle" class="u-url mention">@<span>markuswerle</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@salkinium" class="u-url mention">@<span>salkinium</span></a></span> big fan of his thesis!</p>
<p>by the way, the "bizarre, seemingly impossible way" is that the CPU can execute an `STM r0, {r0-r15}` command just fine, but when asked to do `MSR CPSR_c, 0xc0` it just... doesn't switch the mode</p><p>the MSR opcode is a single word. there's nothing in how it's executed that isn't already tested by the preceding and succeeding STM opcode. it doesn't touch system memory or anything; it's one of the simplest commands you can imagine. the data transferred by STM is always right</p><p>it's just... broken</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> you could join forces with <span class="h-card" translate="no"><a href="https://chaos.social/@salkinium" class="u-url mention">@<span>salkinium</span></a></span> who had much fun with similar issues.</p><p><a href="https://salkinium.com/master.pdf" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">salkinium.com/master.pdf</span><span class="invisible"></span></a></p>
<p>A Tektronix TDS 684B Oscilloscope Uses CCD Analog Memory<br /><a href="https://tomverbeure.github.io/2025/05/04/TDS684B-CCD-Memory.html" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="ellipsis">tomverbeure.github.io/2025/05/</span><span class="invisible">04/TDS684B-CCD-Memory.html</span></a></p>
