Bullshit.

mili

CRAP , the P4 cannot be glitched into like we do with the HU for one thing !

The issue about it not being vulnerable to glitching is a load of SH**; There are lost of reports out there on what methods the Gremans used to protect their chips inside these smart cards..I read a Canbridge report that goes out of its way to address the need for the need to implement internal hash commands that wipe the eeprom if the cards clock cycle or voltage is tampered with..ie, anti-glitching code.

dave wouldn;t spend millions and not address the HU acrds #1 vulnreability.

but the idea of using the CMD07 and ISO backdooring the card thru the card swap packets has its possibilties.

I would be surprised if that ultimately is how they get into the cards..ISO with scripted CMD07 packets..

getting int his card may prove eaisre then we thought, but activating with some semblemnce of stability is another story.


If we can get a dump fo the P4, decodes it eprom and isolate the way its manages the group keys, we might be able to then load tiers and use it it modified NOZKT receivers..I suspect the receievsr them seklves will need new firmware to also help prevtn the ins42 wipes.

the P4 will gethacked, but its going to take more powerful hybrids to do it..scriipts and modifed receiver firmware is probaly the answer..also don;t be surrpsied it emulation is popular again..aux'ing the P4 card makes alot of sense so its not directly exposed to the datsstream

if thers a backdoor than dave will try and close it..so some form of backdoor password or blocker may be needed so we can get back in.

all just speculation on my part, but its based on 7 years of testing and having seen the way this game evolves.

Glitching has 'zero' effect because the loaders/unloopers used for the P3 are designed for a card running at ~3.6mHz. The concept of glitching is to send repeated pulses at ~4x the rated clock frequency. This means your unlooper can produce glitches at ~14mHz.

The P4 's native frequency is at least 12mHz. This means
1) you will need an unlooper/loader which can produce a 48mHz pulse to have any chance of a meaningful glitch attempt, and
2) since your unlooper/loader can produce a MAX 14mHz, the P3 glitch attempts are running at about the P4's native frequency.
In other words, the P3 glitch attempts are only tickling the P4's feet.

Aside from this point, that is a pretty lame C&P post as is evidenced by the next to last paragraph "all the info that it was looking for from the h card"
If recycling old H card posts, at least change to the correct card generation.