On Wednesday 27 June 2012 at 00:17, Edward Robbins wrote:
Sorry for 3rd email...
Using a 9V supply the emailer appears to start - email and voice lights flash, then after some time the power light comes on when I press power, and camera light comes on when I then press video, but the LCD does not come on. So I suspect that amstrad were being cheap in choosing such a high voltage PSU - because they didn't want to include a backlight inverter to boost the voltage for the LCD backlight. I thus further suspect that I can still talk to the serial port without the full voltage input... so if I build a cable, is there a way I can tell which PBL I have from the serial output?
See the first line of http://www.earth.li/%7Enoodles/files/delta.boot (linked from http://www.earth.li/~noodles/hardware-e3.html).
Hope this helps,
Antony.
Thanks, that helped.
I just got it to output serial... and it's PBL 5.1.
I guess that means it's basically a brick then? Any plausible way around?
On Wed, Jun 27, 2012 at 9:06 AM, Antony Stone < Antony.Stone@e3.open.source.it> wrote:
On Wednesday 27 June 2012 at 00:17, Edward Robbins wrote:
Sorry for 3rd email...
Using a 9V supply the emailer appears to start - email and voice lights flash, then after some time the power light comes on when I press power, and camera light comes on when I then press video, but the LCD does not come on. So I suspect that amstrad were being cheap in choosing such a
high
voltage PSU - because they didn't want to include a backlight inverter to boost the voltage for the LCD backlight. I thus further suspect that I
can
still talk to the serial port without the full voltage input... so if I build a cable, is there a way I can tell which PBL I have from the serial output?
See the first line of http://www.earth.li/%7Enoodles/files/delta.boot(linked from http://www.earth.li/~noodles/hardware-e3.html).
Hope this helps,
Antony.
-- All generalisations are inaccurate. -- I'm not impossible, just highly implausible.
Please reply to the
list; please don't CC me.
On Wednesday 27 June 2012 at 18:40, Edward Robbins wrote:
Thanks, that helped.
I just got it to output serial... and it's PBL 5.1.
I guess that means it's basically a brick then? Any plausible way around?
I personally know of no way to reflash it once it's got 5.1, but I'm not exactly an expert around here. Others may well be better-informed than I am.
I just hope there are some others still around here, though - I guess that since you only just got your E3, you only just joined the mailing list - so you probably don't know that the previous posting before yours on Tuesday this week was Sunday December 11th 2011.... :(
I hope someone can give you a better answer.
On Wed, Jun 27, 2012 at 9:06 AM, Antony Stone wrote:
On Wednesday 27 June 2012 at 00:17, Edward Robbins wrote:
... so if I build a cable, is there a way I can tell which PBL I have from the serial output?
See the first line of http://www.earth.li/%7Enoodles/files/delta.boot (linked from http://www.earth.li/~noodles/hardware-e3.html).
Hope this helps,
Antony.
Hi,
Antony Stone wrote:
Edward Robbins wrote:
I guess that means it's basically a brick then? Any plausible way around?
I personally know of no way to reflash it once it's got 5.1, but I'm not exactly an expert around here. Others may well be better-informed than I am.
I suppose JTAG using the exposed pads on the circuit board, how the ROM's contents were obtained originally IIRC, might be a complex option...
Is it correct that no revenue is now made from the Emailer family; that the premium rate numbers have been closed, etc., and whoever bought the relevant part of Amstrad has no interest in operating it any more? If so, could an approach to them to make available, e.g. signing key, for the benefit of those that want to tinker? No skin off their nose now and if the right person is reached it may work, what with the increased prominence of the Maker movement, etc.
Cheers, Ralph.
On Thu, Jun 28, 2012 at 1:30 PM, Ralph Corderoy ralph@inputplus.co.ukwrote:
Hi,
Antony Stone wrote:
Edward Robbins wrote:
I guess that means it's basically a brick then? Any plausible way around?
I personally know of no way to reflash it once it's got 5.1, but I'm not exactly an expert around here. Others may well be better-informed than I am.
I suppose JTAG using the exposed pads on the circuit board, how the ROM's contents were obtained originally IIRC, might be a complex option...
After scouring the mailing list it doesn't appear that anyone actually ever managed to find all the JTAG pins for the e3. Question is, if I get another emailer from ebay (which in all likelihood will turn out to be PBL 5.1) and remove the SoC to find the test pads, will somebody else with a 4.9 PBL be willing to hook up a JTAG and get a dump for me?
I have the tools to remove the SoC and find the pads, and also have access to a JTAG debugger, but wouldn't know how to go about getting a flash ROM dump even so...
Is it correct that no revenue is now made from the Emailer family; that the premium rate numbers have been closed, etc., and whoever bought the relevant part of Amstrad has no interest in operating it any more? If so, could an approach to them to make available, e.g. signing key, for the benefit of those that want to tinker? No skin off their nose now and if the right person is reached it may work, what with the increased prominence of the Maker movement, etc.
This might work, though in my experience they may be prevented from helping simply by company policy or because the people with the relevant knowledge have moved on or are too busy to spend time on something that will generate no revenue. On the other hand it can't hurt to try... any idea what the best line of contact might be? Or how I should frame the question?
Cheers, Ralph.
e3-hacking mailing list e3-hacking@earth.li http://www.earth.li/cgi-bin/mailman/listinfo/e3-hacking
Hi Edward,
Is it correct that no revenue is now made from the Emailer family; that the premium rate numbers have been closed, etc., and whoever bought the relevant part of Amstrad has no interest in operating it any more? If so, could an approach to them to make available, e.g. signing key, for the benefit of those that want to tinker? No skin off their nose now and if the right person is reached it may work, what with the increased prominence of the Maker movement, etc.
This might work, though in my experience they may be prevented from helping simply by company policy or because the people with the relevant knowledge have moved on or are too busy to spend time on something that will generate no revenue. On the other hand it can't hurt to try... any idea what the best line of contact might be? Or how I should frame the question?
Cliff Lawson, the creator of the Emailer family, might know who owns the rights and how to go about contacting them. I'll send you his email address off-list. If they are effectively bricks without the Amstrad infrastructure support then he may like to see them getting some use by being opened up more.
Cheers, Ralph.
Cliff Lawson, the creator of the Emailer family, might know who owns the rights and how to go about contacting them. I'll send you his email address off-list. If they are effectively bricks without the Amstrad infrastructure support then he may like to see them getting some use by being opened up more.
Some progress - I recently finished some work so had some free time to look at the emailer again. I emailed Cliff Lawson (thanks for the contact Ralph) and he does indeed seem willing to help. He gave me some information about how the images are signed in PBL 5.1! He says:
"all I can tell you is that the signature I added uses SHA256 and the key is the first two or three sentences of the King James Bible ("In the beginning was the word..."). ... note that SHA256 like all hashses (MD5 etc) is sensitive to every last space and bit of punctuation so even if you get the words right if you miss a comma or a semi-colon it will not sign. Again I forget the exact details but I did it very like CHAP authentication so first the "key" and then the bytes of the image are passed through the hash and then I cannot remember if the SHA256 hash output was then put in the header or a footer to the image and the PBL also has the key built in (actually I think it may be held like a module in Nand) it passes that then the delivered data through an SHA256 and only if it gets the same hash does it unlock the flash programming routines."
So not quite there, but this might be enough to reverse engineer the format enough to get PBL5.1 machines to accept an image. If I understand correctly with PBL5.1 the machine wont accept an image over serial though, so this would have to be done by dialling in to another modem?
Cliff did say he will have a look and see if he can find any source code that might have more information. In which case we might not have to go through the reverse engineering stage, but I'm not certain he will actually find anything.
I actually went ahead and bought another new emailer as well - and it was brand new, unopened. So it has PBL4.9 and my need to get the other one working has kind of gone.
Ed
Hi Edward,
Thanks for coming back to us with the info from Cliff.
If I understand correctly with PBL5.1 the machine wont accept an image over serial though, so this would have to be done by dialling in to another modem?
Is that true? IIRC, years ago Cliff suggested one way Amstrad could meet my interpretation of their GPL2 requirements having implemented signing was for me to send him my image for him to sign as part of the build process. His implication being that I could then upload it over serial as before?
It could be 5.1's modem-only has been established as fact and I've forgotten.
Cheers, Ralph.
On Wed, Oct 17, 2012 at 4:03 PM, Ralph Corderoy ralph@inputplus.co.uk wrote:
Hi Edward,
Thanks for coming back to us with the info from Cliff.
If I understand correctly with PBL5.1 the machine wont accept an image over serial though, so this would have to be done by dialling in to another modem?
Is that true? IIRC, years ago Cliff suggested one way Amstrad could meet my interpretation of their GPL2 requirements having implemented signing was for me to send him my image for him to sign as part of the build process. His implication being that I could then upload it over serial as before?
It could be 5.1's modem-only has been established as fact and I've forgotten.
I'm not sure, it was a guess really. It's just that I don't think you can get into the debug console mode in PBL5.1, so how can you initiate a transfer?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The 5.1 PBL requires a handshake first ( as previously discussed on list ) of the aforementioned key as a blob. Once it gets that, the old flashing commands are all available.. I think I actually posted the sig of the key on list ?
On Wed, Oct 17, 2012 at 4:03 PM, Ralph Corderoy ralph@inputplus.co.uk wrote:
Hi Edward,
Thanks for coming back to us with the info from Cliff.
If I understand correctly with PBL5.1 the machine wont accept an image over serial though, so this would have to be done by dialling in to another modem?
Is that true? IIRC, years ago Cliff suggested one way Amstrad could meet my interpretation of their GPL2 requirements having implemented signing was for me to send him my image for him to sign as part of the build process. His implication being that I could then upload it over serial as before?
It could be 5.1's modem-only has been established as fact and I've forgotten.
I'm not sure, it was a guess really. It's just that I don't think you can get into the debug console mode in PBL5.1, so how can you initiate a transfer?
e3-hacking mailing list e3-hacking@earth.li http://www.earth.li/cgi-bin/mailman/listinfo/e3-hacking
Hi Jake,
I think I actually posted the sig of the key on list ?
Perhaps http://www.earth.li/pipermail/e3-hacking/2008-January/000795.html
Cheers, Ralph.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hey Ralph.. Yup, that'd be it.. :)
Hi Jake,
I think I actually posted the sig of the key on list ?
Perhaps http://www.earth.li/pipermail/e3-hacking/2008-January/000795.html
Cheers, Ralph.
e3-hacking mailing list e3-hacking@earth.li http://www.earth.li/cgi-bin/mailman/listinfo/e3-hacking
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Yup, I did.. We even know the plaintext length: 392 bytes ..
On Wed, Oct 17, 2012 at 4:03 PM, Ralph Corderoy ralph@inputplus.co.uk wrote:
Hi Edward,
Thanks for coming back to us with the info from Cliff.
If I understand correctly with PBL5.1 the machine wont accept an image over serial though, so this would have to be done by dialling in to another modem?
Is that true? IIRC, years ago Cliff suggested one way Amstrad could meet my interpretation of their GPL2 requirements having implemented signing was for me to send him my image for him to sign as part of the build process. His implication being that I could then upload it over serial as before?
It could be 5.1's modem-only has been established as fact and I've forgotten.
I'm not sure, it was a guess really. It's just that I don't think you can get into the debug console mode in PBL5.1, so how can you initiate a transfer?
e3-hacking mailing list e3-hacking@earth.li http://www.earth.li/cgi-bin/mailman/listinfo/e3-hacking
To resurrect an ancient thread, due to the increased traffic on the list lately, I played a bit with trying to crack PBL 5.1 last night.
Otaku mentions (over here [1]) that he believes the key is 392 bytes long and he gives the hash. What's interesting is in the mail from Cliff mentioned below, he says that the signature is SHA256 and the key is the first two or three sentences of the King James Bible ("In the beginning was the word" - so start of John), and looking at the King James version of John, the first 6 sentences make exactly 392 bytes:
"1 In the beginning was the Word, and the Word was with God, and the Word was God. 2 The same was in the beginning with God. 3 All things were made by him; and without him was not any thing made that was made. 4 In him was life; and the life was the light of men. 5 And the light shineth in darkness; and the darkness comprehended it not. 6 There was a man sent from God, whose name was John."
However, piping this through sha256sum I cannot get the same hash. I have tried various permutations, newlines at the end of the sentences, periods in different places, tabs after the numbers, before the numbers, changing everything to lower case or upper case, feeding the whole thing in backwards, feeding each line in backwards, changing the endianess of the data, changing ascii encoding (character page) and various combinations of those. I am not sure if a tool like hashcat could be used to try and crack it more systematically by using permutations of the information we have, but the tool seems quite complex and 392 bytes is a very long key. Also, it is possible that I should actually be looking at the New King James Bible, or that Cliff actually meant to refer to the old testament. or maybe it's only 3 sentences of some version, but in UTF16? God knows... hehe
Anyway, thought I'd mention it in case anyone else has any bright ideas or wants to have a go.
[1] http://www.earth.li/pipermail/e3-hacking/2008-January/000795.html
On Wed, 17 Oct 2012 at 13:58, Edward Robbins edd.robbins@googlemail.com wrote:
Cliff Lawson, the creator of the Emailer family, might know who owns the rights and how to go about contacting them. I'll send you his email address off-list. If they are effectively bricks without the Amstrad infrastructure support then he may like to see them getting some use by being opened up more.
I emailed Cliff Lawson (thanks for the contact Ralph) and he does indeed seem willing to help. He gave me some information about how the images are signed in PBL 5.1! He says:
"all I can tell you is that the signature I added uses SHA256 and the key is the first two or three sentences of the King James Bible ("In the beginning was the word..."). ... note that SHA256 like all hashses (MD5 etc) is sensitive to every last space and bit of punctuation so even if you get the words right if you miss a comma or a semi-colon it will not sign. Again I forget the exact details but I did it very like CHAP authentication so first the "key" and then the bytes of the image are passed through the hash and then I cannot remember if the SHA256 hash output was then put in the header or a footer to the image and the PBL also has the key built in (actually I think it may be held like a module in Nand) it passes that then the delivered data through an SHA256 and only if it gets the same hash does it unlock the flash programming routines."
Hi Ed,
he says that the signature is SHA256 and the key is the first two or three sentences of the King James Bible
In an old private email to me, he said he *thought* it was the `first few chapters of the King James Bible'.
the first 6 sentences make exactly 392 bytes:
392 B is 3,136 b and that's only slightly bigger than 3,072 that is 3 Ki. 3,072 b is 384 B, suggesting 8 B of that 392 B aren't the digest?
From our company's experience of sha256 signing on atmel Sam7 chips there
are as many variants of padding and signing as bootloaders. It must be a multiple of 32 bytes. There is a field for pad bits added at the end. And the actual hash signature isn't part of the data to hash. But as I found out from adventures in squashfs with Linux hacking, there's a period where it deviated from standard to get it working from patches. And they are not all the same. Not sure if this is what has happened here though. Does anyone have nor flash dumps of 5.1 and 4.9?
On Fri, 5 Apr 2019 11:09 Ralph Corderoy, ralph@inputplus.co.uk wrote:
Hi Ed,
he says that the signature is SHA256 and the key is the first two or three sentences of the King James Bible
In an old private email to me, he said he *thought* it was the `first few chapters of the King James Bible'.
the first 6 sentences make exactly 392 bytes:
392 B is 3,136 b and that's only slightly bigger than 3,072 that is 3 Ki. 3,072 b is 384 B, suggesting 8 B of that 392 B aren't the digest?
-- Cheers, Ralph.
e3-hacking mailing list e3-hacking@earth.li https://www.earth.li/mailman/listinfo/e3-hacking
On Friday 05 April 2019 at 12:00:49, Ed Robbins wrote:
What's interesting is in the mail from Cliff mentioned below, he says that the signature is SHA256 and the key is the first two or three sentences of the King James Bible ("In the beginning was the word" - so start of John),
On Wed, 17 Oct 2012 at 13:58, Edward Robbins wrote:
I emailed Cliff Lawson (thanks for the contact Ralph) and he does indeed seem willing to help. He gave me some information about how the images are signed in PBL 5.1! He says:
"all I can tell you is that the signature I added uses SHA256 and the key is the first two or three sentences of the King James Bible ("In the beginning was the word..."). ...
What puzzles me about this is that these are the first few words of the Book of John, but why would he call this "the first two or three sentences of the King James Bible"? It doesn't start with John.
The Old Testament starts with Genesis, and I wonder whether Cliff's memory tricked him into thinking it was the start of John, but is in fact "In the beginning God created the heaven and the earth. And the earth was without form, and void; and darkness was upon the face of the deep. And the Spirit of God moved upon the face of the waters. And God said, Let there be light: and there was light....."
Maybe my theology lets me down, but why would anyone consider the Book of John to be the start of the Bible?
Antony.
On Fri, 5 Apr 2019 at 12:05, Antony Stone Antony.Stone@e3.open.source.it wrote:
What puzzles me about this is that these are the first few words of the Book of John, but why would he call this "the first two or three sentences of the King James Bible"? It doesn't start with John.
The Old Testament starts with Genesis, and I wonder whether Cliff's memory tricked him into thinking it was the start of John, but is in fact "In the beginning God created the heaven and the earth. And the earth was without form, and void; and darkness was upon the face of the deep. And the Spirit of God moved upon the face of the waters. And God said, Let there be light: and there was light....."
Maybe my theology lets me down, but why would anyone consider the Book of John to be the start of the Bible?
Completely agree here, it's strange. But I just thought it was a funny coincidence that the first 6 verses are 392 bytes. But there are so many factors at play here...
Now we're dealing with a formless void with a clearly defined surface, has depth, and is made of water...
On Fri, 5 Apr 2019 12:14 Ed Robbins, edd.robbins@googlemail.com wrote:
On Fri, 5 Apr 2019 at 12:05, Antony Stone Antony.Stone@e3.open.source.it wrote:
What puzzles me about this is that these are the first few words of the Book of John, but why would he call this "the first two or three sentences of the King James Bible"? It doesn't start with John.
The Old Testament starts with Genesis, and I wonder whether Cliff's memory tricked him into thinking it was the start of John, but is in fact "In the beginning God created the heaven and the earth. And the earth was without form, and void; and darkness was upon the face of the deep. And the Spirit of God moved upon the face of the waters. And God said, Let there be light: and there was light....."
Maybe my theology lets me down, but why would anyone consider the Book of John to be the start of the Bible?
Completely agree here, it's strange. But I just thought it was a funny coincidence that the first 6 verses are 392 bytes. But there are so many factors at play here...
e3-hacking mailing list e3-hacking@earth.li https://www.earth.li/mailman/listinfo/e3-hacking