Essentially these chips are locked by setting certain flags in memory. Various flags control various peripherals, including a flag to disable read/write access to the firmware. Obviously once you disable access, it’s permanent because you don’t have access to reenable it.
This side channel attack takes advantage of a flaw in the actual silicon, where branches can be skipped if the power is altered momentarily. So if you skip that first check, the attacker has low level firmware control.
(This was also how the firmware was dumped on the Apple AirTags)
The only mitigation is to use a chip that doesn’t suffer from this flaw or change the software to prevent “root” access even if an adversary has access to the entire firmware (ie do things server side)
Xbox 360 had the reset glitch hack where if you powered cycled the chip at the exact right timing you could run unsigned code. It required a small mod chip soldered to some of the smallest points on the motherboard that I have ever soldered. Different versions of the 360 worked better but most worked even if it took a minute or so before the glitched worked and booted into custom firmware. Mine worked really well and booted first try almost every time. I was very proud to successfully install it and watch my 360 boot into fsd a custom OS that allowed me to play all my games from a HDD.
Yep - the Switch had an issue in the mask ROM / first stage bootloader too, but it was a traditional software one, where the recovery mode bootloader passed an unverified length to a memcpy and smashed the stack.
Essentially these chips are locked by setting certain flags in memory. Various flags control various peripherals, including a flag to disable read/write access to the firmware. Obviously once you disable access, it’s permanent because you don’t have access to reenable it.
This side channel attack takes advantage of a flaw in the actual silicon, where branches can be skipped if the power is altered momentarily. So if you skip that first check, the attacker has low level firmware control.
(This was also how the firmware was dumped on the Apple AirTags)
The only mitigation is to use a chip that doesn’t suffer from this flaw or change the software to prevent “root” access even if an adversary has access to the entire firmware (ie do things server side)