Monthly Archives: November 2008
So in the most recent edition of Circuit Cellar, one of the things in the “new things” column was a $150 dollar logic analyzer. Most logic analyzers are really expensive and since this one seemed affordable I decided to check it out. The Saleae website has better information that I could ever describe, but basically it was a USB, 8 Channel, 25Mhz logic analyzer with a really slick looking user interface. I decided I would order one and give it a try. I received mine within maybe 2-3 days so I was very happy about the fast shipping. I immediately set out to unpack the thing and connect it to something. The closest thing I had on hand was a toy Dora The Explorer phone. I quickly opened it up and hooked the analyzer up to the flash EEPROM chip in it.
Originally I tried using the logic analyzer on my Macbook using VMWare Fusion and although all the software installed fine, the USB didn’t play nice. I kept getting buffer overruns and errors about telling me that I needed to use lower sampling rate. I decided that the slowdown on the virtual machine and the VMWare USB probably was the cause so I decided to install the software on my main Windows XP machine. The software installed easily and the interface is dead simple to use. Even on my real Windows XP machine though I still get errors about needing to use a lower sampling rate. I got this even without anything else connected on USB and no other applications running. I was disappointed about this but I hope that future software updates will make this better.
Overall though I was extremely happy. I was able to capture the reading of data from the EEPROM when I hit the buttons on the phone. I can only assume that this EEPROM is where the voice data is stored. I’m not sure though if it just stores the customizable name voice data or also all voice data used. This toy uses a bunch of Winbond PowerSpeech chips and Winbond doesn’t make information easy to come buy. Very neat though. I was able to easily see the clocking in of the address and read out of the data.
I did manage to find a datasheet for the EEPROM so I knew the pins and then I wrote a python script to decode the logic analyzer data into a file for me. So now I can take a better look at what is stored in the EEPROM. I would imagine also now that knowing exactly how I should talk to this chip I could hook it up myself to a micro controller and read the complete contents from it. I can’t wait to use the logic analyzer for more things and I wouldn’t hesitate to recommend the Saleae Logic product to any other hobbyist on a budget.
Recently the NeoInfoSec guys put on a malware reverse engineering challenge. You can find out more information here. The winners still haven’t been announced because they’re still reviewing all the submissions. I have never analyzed malware before but I figured since I’d done a lot of reverse engineering I would give it a shot. Below is the link to the paper that I submitted.