Sony Ericsson K200i flash protection

[Vadim Yanitskiy]

On 01.12.2023 23:01, Mychaela Falconia wrote:
> In both cases, there are NO "hard" security features activated, hence
> on both flash chips we should be able to clear those non-volatile
> sector lock bits (called PPBs or persistent protection bits) and
> unlock all sectors.  The programming procedure for these PPB operations
> is quite different between Spansion PL-J + Samsung on one hand vs
> Spansion PL-N on the other hand: the way it is done on PL-N is sane
> and straightforward, whereas on PL-J and Samsung flash the raw guts of
> flash physics are exposed, requiring the programmer to do "pulse,
> verify and repeat" and "program all before erase" logics explicitly -
> but I am taking it as a sportive challenge to implement fc-loadtool
> support for both.  I will need some time to implement it, though.

Thanks for digging into this and providing a very detailed explanation! 
I will keep an eye on the fc-loadtool repository and look forward to 
hear any news from you.

It's not like I need to be able to unlock and overwrite those locked 
sectors, I am just curious to learn how this kind of protection works. 
But well, I would also love to see it being defeated on practice ;)

This would also allow flashing unofficial firmware without having to 
mess up with SE's bootloader, which may [in theory] be blocking 
executing unofficial firmware from flash.

-- 
Best regards,
Vadim.