Flashing your code into an Arduino, an ESP32 or any other modern microcontroller platform is pretty straightforward: connect the device through USB, fire up the appropriate software platform, and press “program”. But those who followed embedded programming classes in the ’80s and ’90s will remember a more complicated procedure that consists of swapping EPROM chips between a programmer, a target board and a UV eraser. Veterans of that era might even remember how you could overwrite a previous program with NOPs and place new code behind it, to save yourself a trip to the “blank chips” bin.
If you’re a retrocomputer enthusiast and would like to have the easy programming of modern tools, but the authenticity of a self-contained ROM-loading computer, you might want to check out [Anders Nielsen]’s latest design of a wireless boot loader for a 6502 single board computer. The target platform for this project is a beautiful custom-made 6502-based retrocomputer that [Anders] documented in detail on his Hackaday.io page.
The basic idea here is to have a wireless receiver on the target system that receives data from a transmitter connected to a modern PC. When you click “program”, the object code is sent to the 6502 machine, stored in RAM and executed. The wireless link is implemented with a pair of nRF24L01 2.4 GHz modules that communicate through SPI. Since [Anders]’s Mac Mini doesn’t come with GPIO ports he hooked up the transmitter to a Raspberry Pi which he controlled through a network link.
On the 6502 side he wrote a bootloader in assembly language, which bit-bangs the SPI protocol to communicate with the wireless module. A simple user interface is included to allow the user to control the loading and running of programs. All code and hardware documentation is available on Github for use by anyone with a similar 6502 system.
Those nRF24L01s are versatile little things: we’ve seen them being used to transfer anything from MIDI data to TCP/IP links, as well as code for other microcontroller platforms.
I really like the idea for the development convenience, but the security enthusiast in me smiles and sarcastically has to say, “Congrats on the new back door!”
I kinda feel the same way, and I made the darn thing! :)
The 6502 is from a time when security was an expensive afterthought. This feature does come with adequate warning that all data should be considered open and/or tampered with. Slightly better obfuscation than a basic 433mhz pair though.
Well, just add a signature, RSA on a 6502 should be possible
oh wow, wonder if ‘something’ could be done for the Commodre 64…could be fun to change the ROMS on the fly
The technique should be extensible, as long as the Commodore has enough performance to bitbang SPI, which is a pretty low bar.
I love it!
Love it!
How do you replace code with NOPs?
Only if they are high quality NOPs.
You mean I should ask the guy who got my Apple ][+ the bring it back ?
On many processors, NOP was coded as 00h. Since most EPROMS read FFh when blank, and are programmed by pulling bits to 0, writing a block of 00h over some random data is possible.
“Many” only matters if your FPU is included.
The 6502 is $EA, the 6809 is $12 and a bunch of others aren’t 00
The magic of the 6502, is even better, since you can write $00 to an arbitrary place in ROM and force a BRK – this BRK IRQ can then return right after the instruction you overwrote with $00, or you can do debugging etc. This is waaaay better than the ability to replace arbitrary code with NOPs :)
Reminds me of the old days cracking games on my Apple //e, inserting a 4C 59 FF booting games to load a piece at a time into memory so to save it to a binary, when games did not need to be a full disc. Boot tracing or something I forget.