Sometimes your project needs a lot of non-volatile ROM, right on cue [Matthew] let us know how to not only connect, interface, read, and write to SD cards with a PIC over serial, but also how to do the above mentioned with an old PATA HDD. For those without a PIC/serial connection don’t fret, [nada] let us know about his Bus Pirate SD card hack, of which our personal favorite part is the creative use of an old 5.25″ floppy connector as the SD card socket.
[Segher] has reverse engineered the hardware and command set for the NES CIC chips. These chips make up the security hardware that validates a cartridge to make sure it has been licensed by Nintendo. Only after authentication will the console’s CIC chip stop reseting the hardware at 1 Hz. The was no hardware information available for these chips (go figure) so [Segher] had to do some sleuthing with the tools at hand which include some rom dumps from the chip pairs. He was nice enough to share his findings with us. We’re betting they’re not of much use to you but we found it an interesting read.
[Thank ppcasm]
[Photo credit: Breaking Eggs and Making Omelets]
[Yuppicide] sent us a link to a photo album of an Atari 2600 modified to play ROMs stored inside. We did some digging around and have an idea of what’s going on. It seems that the creator, [Victor] has taken his Atari 2600 cartridge emulator one step further.
Previously, he had replaced the chip in an Atari cartridge with an EEPROM that he could reprogram via a ribbon cable. This new iteration places that EEPROM inside the case of the gaming console along with a PIC development board. The PIC board interfaces an SD card with somewhere around 1200 ROMs on it. Three switches added to the front of the Atari allow the user to cycle through available games and flash the desired title to the EEPROM. As you can see, a 2×16 LCD display now resides in the cartridge opening.
This seems a little more eloquent (and less legal) than the Super Genintari.
It’s only been a week since the Super Gameboy’s boot ROM was dumped by [Costis] and he’s already at it again. This time he’s managed to grab the Gameboy Color’s boot ROM. He found the newer Gameboy Color’s hardware is able to cope with a clock speed up to 100MHz, so the original clock increase trick he used on the Super Gameboy wouldn’t work again.
Instead he discovered a quick disconnection of clock and power before 0xFF50 would make the Gameboy jump to a random area within the ROM. Then it was only a matter of entropy, luck, and some special NOP instructions until eventually he had the boot ROM. Keep up the good work [Costis].
[Costis] managed to dump a copy of the boot ROM for the Nintendo Super Game Boy. This small piece of code (256 bytes) writes a graphic to the display at boot time as it loads the ROM on the game cartridge. He was able to dump the code by finding the exact point at which the device locks down the boot ROM. Just as that point approached he overclocked the device causing it operate so fast it couldn’t write the lockout bits into the register. Once past that single point of security, he executes a code that writes the boot rom out to a different address that he is able to read from. He’s got a copy of the dump along with the explanation up for your enjoyment.
[Thanks Anthony]
