[Igor] wished to upgrade his newly acquired radio — a Baofeng UV-82 — with a larger memory for storing additional scanning channels, and came up with a very elegant solution: Replacing it’s EEPROM with a larger one and injecting the additional memory address bits into the I2C data line.
The cheap handheld radio comes with an 8192 bytes large 24c64 EEPROM, which allows it to store 128 channels along with a few other persistent settings. The radio’s firmware sends two-byte memory addresses over the I2C bus when accessing the 24c64, but since the 24c64’s largest address is
B00011111 11111111, these addresses always roll in with three leading zeroes. The 24c512 EEPROM [Igor] is using for his hack offers 8 times as much memory, filling in the last three bits of the two-byte address space. The hack is simple: An ATtiny45 listens to the I2C bus and hears the memory address coming. By pulling the SDA line high in the right moment, the Tiny injects a three-bit memory page address that overrides the leading zeroes the firmware sends. This effectively makes one of eight 8192 bytes large memory pages (or banks) visible to the radio’s firmware. Which memory page is active can be selected through a pushbutton.
[Igor] also connected the ATtiny to the radio’s reset line to force it to re-read the memory once the memory bank has changed. Thanks to a custom boot message, which is also stored in the EEPROM, the radio even shows the selected memory bank on the LCD screen after the switching. Of course, this method isn’t limited to cheap handheld radios, it can be used to add memory banks to pretty much any device with an I2C EEPROM that does not use its entire address space. Check out the video below, where [Igor] demonstrates the trick: