RX8 Programmer by Harrison R&D
#76
the enemy in the mirror
Join Date: Oct 2006
Location: billerica, ma
Posts: 440
Likes: 0
Received 0 Likes
on
0 Posts
^^^ that's sorta what i was saying regarding copying.
(there is significant risk without detailed knowledge of the flash)
https://www.rx8club.com/showpost.php...9&postcount=62
to me, the utility of flashing the ecu and software to edit/tune a flash are really two separate things.
ECU flash tuning solution providers bundle the two actions together with their products. Perhaps they are relying on some implicit security by tying together both mechanisms, but unless they are modifying the system to no longer be J2534 compliant (which COBB does?), there has always been the risk that another conforming flasher/reader could manipulate (copy, overwrite) their output. (this was one of lola's concerns, i think)
I suppose a provider of a flash editor could simply disable the READ logic to protect from copying, and leave the WRITE part to make the ECU flash a one-way device. That way you could always flash it back to stock and start over. (I don't know how feasible it is to do - there could be some significant drawbacks)
Now that i think about it for a second, personally i am more drawn to a standard compliant flasher/reader, and standalone editor combination - i guess part of me doesn't like my ecu being locked down completely.
This leads me to a hypothetical question:
What if my COBB AP breaks or is stolen, is my ECU stuck in the same state forever? (someone says the dealer cannot reflash it...)
(there is significant risk without detailed knowledge of the flash)
https://www.rx8club.com/showpost.php...9&postcount=62
to me, the utility of flashing the ecu and software to edit/tune a flash are really two separate things.
ECU flash tuning solution providers bundle the two actions together with their products. Perhaps they are relying on some implicit security by tying together both mechanisms, but unless they are modifying the system to no longer be J2534 compliant (which COBB does?), there has always been the risk that another conforming flasher/reader could manipulate (copy, overwrite) their output. (this was one of lola's concerns, i think)
I suppose a provider of a flash editor could simply disable the READ logic to protect from copying, and leave the WRITE part to make the ECU flash a one-way device. That way you could always flash it back to stock and start over. (I don't know how feasible it is to do - there could be some significant drawbacks)
Now that i think about it for a second, personally i am more drawn to a standard compliant flasher/reader, and standalone editor combination - i guess part of me doesn't like my ecu being locked down completely.
This leads me to a hypothetical question:
What if my COBB AP breaks or is stolen, is my ECU stuck in the same state forever? (someone says the dealer cannot reflash it...)
#77
Race Steward
iTrader: (1)
If you have no way to read the ECU, then how can you keep a copy of your stock flash???
You can't make the flash "non passthrough compliant". It will just not be compliant with the factory tool.
(Food for thought. I've got it all covered in my mind, and product for that matter )
Cheers,
Hymee.
You can't make the flash "non passthrough compliant". It will just not be compliant with the factory tool.
(Food for thought. I've got it all covered in my mind, and product for that matter )
Cheers,
Hymee.
#79
Registered
Join Date: Mar 2007
Location: West Palm Beach, FL
Posts: 356
Likes: 0
Received 0 Likes
on
0 Posts
54 68 61 74 20 69 73 20 61 20 76 65 72 79 20 62 61 73 69 63 20 6c 6f 6f 6b 69 6e 67 20 69 6e 74 65 72 66 61 63 65 2e 20 20 59 6f 75 20 77 6f 75 6c 64 20 6e 65 65 64 20 74 6f 20 62 65 20 61 62 6c 65 20 74 6f 20 64 65 63 6f 64 65 20 48 45 58 2e 20 20 49 66 20 79 6f 75 20 63 61 6e 20 72 65 61 64 20 74 68 69 73 2c 20 74 68 65 6e 20 79 6f 75 20 61 72 65 20 61 62 6f 75 74 20 31 2f 31 30 30 74 68 20 6f 66 20 74 68 65 20 77 61 79 20 74 68 65 72 65 2e
43 68 65 65 72 73 2c 0d 0a 48 79 6d 65 65 2e
43 68 65 65 72 73 2c 0d 0a 48 79 6d 65 65 2e
#81
the enemy in the mirror
Join Date: Oct 2006
Location: billerica, ma
Posts: 440
Likes: 0
Received 0 Likes
on
0 Posts
If you have no way to read the ECU, then how can you keep a copy of your stock flash???
You can't make the flash "non passthrough compliant". It will just not be compliant with the factory tool.
(Food for thought. I've got it all covered in my mind, and product for that matter )
Cheers,
Hymee.
You can't make the flash "non passthrough compliant". It will just not be compliant with the factory tool.
(Food for thought. I've got it all covered in my mind, and product for that matter )
Cheers,
Hymee.
The physical flash memory itself would always be accessible (write-able/read-able), but it could create the need to open up the unit and wire to the memory directly; unless you're saying that the pass-through read/write interface is already directly connected to the memory and not handled (or abstracted) by the software running on the ECU (which could be modified to create the scenario i described).
If that's the case I don't know how COBB is locking others flashers out - are they only locking the dealer out (because the standard dealer tool has some behavior they're exploiting - version checks or something) ?
My idea might not even be possible because read access could be required for the action of writing (checksums or safety checks or responses, etc)
if there is some method to bypass their marriage lockout, then that would seem to be the case.
I don't doubt that~
though i am curious about what 'other' changes occur when you marry the AP besides the tune.
--
thanks for the replies!
#84
This leads me to a hypothetical question:
What if my COBB AP breaks or is stolen, is my ECU stuck in the same state forever? (someone says the dealer cannot reflash it...)[/QUOTE]
It will be locked until you acquire a second re-flasher from the same company. Once the ECU is locked out, the factory tool can neither read or write the ECU Flash memory via the OBD-II connector. The diagnostic and OBD functions of the ECU still work.
What if my COBB AP breaks or is stolen, is my ECU stuck in the same state forever? (someone says the dealer cannot reflash it...)[/QUOTE]
It will be locked until you acquire a second re-flasher from the same company. Once the ECU is locked out, the factory tool can neither read or write the ECU Flash memory via the OBD-II connector. The diagnostic and OBD functions of the ECU still work.
#85
the enemy in the mirror
Join Date: Oct 2006
Location: billerica, ma
Posts: 440
Likes: 0
Received 0 Likes
on
0 Posts
i think i need to read up on exactly what the encrypted flash does.
can encrypted files be read back out? (in an encrypted state - or do you have supply decrypt key to read it, or can they not be read at all?)
that might give me the answers i'm looking for.
can encrypted files be read back out? (in an encrypted state - or do you have supply decrypt key to read it, or can they not be read at all?)
that might give me the answers i'm looking for.
#86
The real road block is changing the PCM security so that only the tool that did the deed knows how to get back in.
#88
the enemy in the mirror
Join Date: Oct 2006
Location: billerica, ma
Posts: 440
Likes: 0
Received 0 Likes
on
0 Posts
I think data goes on and off the PCM unencrypted (Mazda's firmware which by copy write really should not be changed). I am guessing the encryption happens on the tool or PC side.
The real road block is changing the PCM security so that only the tool that did the deed knows how to get back in.
The real road block is changing the PCM security so that only the tool that did the deed knows how to get back in.
I think at this point, I'll wait for a bit and see.
Thread
Thread Starter
Forum
Replies
Last Post