--- Log opened Tue Jan 27 00:00:11 2009
01:01 -!- TheStorm [~TheStorm@rrcs-67-53-130-2.west.biz.rr.com] has quit [Quit: Leaving]
01:54 -!- Merthsoft [~Shaun@140.141.26.108] has joined #tiasm
04:16 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
04:19 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
04:29 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
04:31 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
04:43 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
04:45 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
04:46 -!- Storm\_ [~TheStorm@CPE-75-86-232-242.wi.res.rr.com] has quit [Read error: Connection timed out]
05:22 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
05:22 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
05:39 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
06:06 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
06:13 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
06:29 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
06:54 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
07:07 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
07:24 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has quit [Ping timeout: 240 seconds]
07:37 -!- snowman [~snowman@rdbk-15592.mtaonline.net] has joined #tiasm
13:02 -!- Storm\_ [~TheStorm@CPE-75-86-232-242.wi.res.rr.com] has joined #tiasm
13:16 -!- Merthsoft [~Shaun@140.141.26.108] has quit [Quit: ☮♥♫]
13:38 -!- Storm\_ [~TheStorm@CPE-75-86-232-242.wi.res.rr.com] has quit [Quit: Leaving]
22:42 -!- jackmcbar [jackmcbarn@c-67-163-190-79.hsd1.pa.comcast.net] has joined #tiasm
22:44 <@chronomex> jackmcbar: he's here, but probably afk until later today
22:45 < jackmcbar> k
22:45 <@chronomex> BrandonW: jackmcbar has questions about PTT, TestGuard, etc
22:45 <@chronomex> do you just want to disable it?
22:47 < jackmcbar> i guess thatll work
22:47 <@chronomex> hmmm?
22:47 < jackmcbar> just disabling
22:48 < jackmcbar> will his patchptt take care of both?
22:48 <@chronomex> I don't know; I don't have experience with the 83 series
22:49 < jackmcbar> BrandonW: another question when youre here. if someone's calc is stuck in ptt/testguard, is there any way to get out of it without a link cable?
23:08 < BrandonW> Can't be done without a link cable. The Press-to-Test status is stored in the certificate, which doesn't change by resending the OS or anything like that.
23:09 < BrandonW> PatchPTT takes care of the application/program-disabling aspect.
23:09 < BrandonW> Which means even after it's active, you can still run programs and Flash applications.
23:09 < BrandonW> Which is the doorway you'd need to run a simple program that disables Press-to-Test/Testguard.
23:10 < BrandonW> It's piss easy to disable it, you just need to be able to execute the program to do it.
23:10 < BrandonW> And that's what PatchPTT gives you.
23:11 < BrandonW> So it serves its purpose.
23:11 < BrandonW> People get really pissed at me because it's still possible to lock it down after the patch.
23:11 < BrandonW> Because they don't understand what it does.
23:11 < BrandonW> I know, I should put that somewhere or write an all-in-one program/application, but time is short.
23:13 < jackmcbar> btw, i tried testing pttp, and ptt still activated, and i couldnt get it off without the link
23:13 < BrandonW> But could you run programs or applications while it was active?
23:14 < BrandonW> pttp is really old and I think it only runs on a single OS version.
23:14 < jackmcbar> not 2.43 i take it?
23:14 < BrandonW> It was more a proof-of-concept thing because TI was really dumb and did "ei" at some point in OS 2.41 while Flash was unlocked.
23:14 < BrandonW> I'm pretty sure it was 2.41 and in the readme.
23:15 < BrandonW> No, not in the readme, because I was being cryptic.
23:15 < BrandonW> Sorry for the crappy documentation.
23:15 < BrandonW> So PatchPTT is where it's at.
23:16 < jackmcbar> so patchptt thwarts whatever anyone tries to limit my calc with?
23:16 < jackmcbar> wait
23:16 < BrandonW> It's been so long, I can't even remember what all it does, let me look.
23:16 < jackmcbar> sending a new os would thwart that
23:16 < BrandonW> Yes, it would.
23:17 < BrandonW> You could patch the OS to not accept new OSes, or just install a silent link hook that prevents any linking at all.
23:17 < BrandonW> There's really a million ways to get around these things.
23:17 < jackmcbar> dislink work?
23:17 < BrandonW> That would stop you from being able to receive an OS, yes.
23:17 < BrandonW> Through the silent link. It would still work calc<->calc.
23:17 < jackmcbar> although i noticed GetCalc( works through silent link
23:18 < BrandonW> Yeah, it would have to.
23:19 < BrandonW> IOHook would stop any linking at all.
23:19 < BrandonW> Although you'd have to write a program that used that hook, and it's not exactly a normal hook.
23:21 < jackmcbar> how can an os be sent through silent link anyway?
23:21 < jackmcbar> or does that need a pc?
23:21 < BrandonW> It could certainly be done from another calculator, but the TI-OS has no built-in ability to do that, so yes, a PC.
23:22 < jackmcbar> i wonder what would happen if someone activated ptt and didnt have a link cable to undo it
23:23 < BrandonW> They are screwed.
23:23 < BrandonW> Why is why Press-to-Test is evil.
23:23 < jackmcbar> everything that can disable what a user can do, that they cant re-enable easily, is evil
23:23 < jackmcbar> whether on a calculator, or anywhere
23:23 < jackmcbar> (imho)
23:23 < BrandonW> There is no way at all to run code on a Press-to-Test activated calculator without the help of another device via link.
23:24 < jackmcbar> no evil AsmComp tricks or anything?
23:24 < BrandonW> No ugly OS exploits or anything.
23:24 < jackmcbar> i have an idea
23:24 < jackmcbar> sorta like how "Fake" mimics clear until key combo
23:24 < jackmcbar> make a fake ptt/testguard
23:25 < jackmcbar> that also waits for key combo
23:25 < BrandonW> That's very hard to do because there's a lot more OS integration involved with Press-to-Test and [8]+[2]/[5].
23:25 < BrandonW> You must patch the OS to get around it, unless you use the APD trick.
23:26 < BrandonW> Which I don't really care for.
23:26 < BrandonW> Which means you have to patch it to work both in "normal" mode and in "fake" mode.
23:26 < BrandonW> Which means you need some spare room in the OS.
23:26 < jackmcbar> apd trick?
23:26 < BrandonW> Something constant on all OS versions.
23:26 < BrandonW> Which is not easy.
23:26 < jackmcbar> what is it though?
23:27 < BrandonW> There is sector 30h/70h (no original 83+), but then you have to patch the OS so you can even use that area, just like IOHook does.
23:27 < jackmcbar> btw, how was pttu supposed to work?
23:28 < jackmcbar> or pttrestore?
23:28 < BrandonW> The APD trick is where you install an OFFSCRPT hook so that whenever the calculator turns "off", you get control, shut off the LCD, and set the APD timer to 1. That way, the calculator instantly APDs. It APPEARS that you turned it off, but really it turned "itself" off. And Press-to-Test can't work while APD'd, only with [2nd]+[ON].
23:28 < BrandonW> One, it's ugly, and two, it can EASILY be fixed by TI.
23:29 < BrandonW> It looks like the idea behind pttu was to allow disabling Press-to-Test by inserting a USB cable or connector.
23:29 < BrandonW> At the time I believed the USB activity hook wasn't disabled by Press-to-Test.
23:30 < jackmcbar> ughhhh my calc is giving me os problems, and one of my groups is missing
23:30 < BrandonW> So by installing a hook that simply disables Press-to-Test, all you have to do is get the hook to trigger (which plugging/unplugging a cable would do) and it would give you the ability to run programs again.
23:30 < BrandonW> I'm not sure it works and it's even worse than the APD trick.
23:30 < jackmcbar> oh
23:30 < jackmcbar> can i transfer a patched 2.43 os from one calc to another?
23:31 < BrandonW> pttrestore is basically a baby Virtual Calc, it backs up the RAM to the extra RAM pages and lets you restore it. The name is the same as an official TI application, which the OS is hard-coded NOT to delete in case of a hard reset. So if someone hard resets you, you just run the application (which is still there) and restore the RAM backup you made.
23:31 < jackmcbar> poly simlt whatever isnt deleted?
23:32 < BrandonW> Not without an exploit, no. A receiving calculator always attempts to validate the OS it just got, and a modified/patched OS will never validate.
23:32 < jackmcbar> ugh
23:32 < BrandonW> Right, and a few others as well.
23:32 < jackmcbar> but only by singapore delete its ignored right?
23:32 < jackmcbar> not 2nd mem clear all?
23:33 < BrandonW> Right. [8]+[5] won't delete it, [8]+[2] won't delete it, but Reset All will
23:33 < BrandonW> But Reset All can be gotten around with Fake or whatever you want.
23:33 < BrandonW> I know, it's screwy having to use like 8 different things to get around all the possible resets, but like I said, I never got around to writing an all-in-one simple solution.
23:34 < jackmcbar> but [8][5] and [8][2] clear archives right? which cant really be backed up to the calc?
23:34 < BrandonW> And there's always the boot code reset, which you can never stop.
23:34 < BrandonW> Right.
23:35 < jackmcbar> boot code reset?
23:35 < BrandonW> [ON]+[DEL] after pulling a battery.
23:35 < jackmcbar> that clears ram, or all mem?
23:35 < BrandonW> That always resets RAM, but only because that's what the OS is coded to do. In theory you could modify the OS so that that doesn't work.
23:36 < BrandonW> But you can also use the boot code to reset all memory, and that you can never stop.
23:36 < jackmcbar> how?
23:36 < BrandonW> The only way to stop that would be to reprogram the boot sector of the Flash chip, which is only theoretically possible. I attempted it once and failed.
23:36 < BrandonW> I believe it's ON+MODE.
23:37 < jackmcbar> why did ti even do that?
23:37 < jackmcbar> i can see ram reset
23:37 < jackmcbar> but mem reset?
23:37 < BrandonW> In case we ever royally fucked up the archive to the point that the OS can't boot, gets stuck in defragmenting loops, etc. Which we've done.
23:38 < BrandonW> It's actually not possible to permanently damage it through software.
23:38 < BrandonW> Unless of course you got in some sort of loop of erasing sectors or something.
23:38 < BrandonW> But even then, I think that would take months.
23:39 < BrandonW> And no one's going to hook up their calculator to AC power and let it sit to find out.
23:39 < BrandonW> There is ONE way to screw up an 84+/SE so badly that you can't recover from it.
23:39 < BrandonW> Well, you can, but it requires exploits that I doubt even TI knows about.
23:39 < BrandonW> And that would be destroy.zip.
23:40 < jackmcbar> ?
23:40 < BrandonW> http://brandonw.net/calcstuff/destroy.zip
23:40 < jackmcbar> i take it i should only use on an emulator
23:40 < BrandonW> I did it to an 84+ once.
23:40 < BrandonW> And recovered it.
23:41 < jackmcbar> how?
23:42 < BrandonW> The readme explains it.
23:43 < BrandonW> It's an exploit in the link protocol in the 84+/SE boot code so you can send an unsigned OS to it.
23:43 < BrandonW> And from there, you can wipe the corrupted certificate with a program, and from there you can send signed OSes again.
23:43 < jackmcbar> i wont do it anyway ;)
23:44 < BrandonW> It's really quite a beautiful thing, it's one of the better things I've written I think. It installs a dummy 0004 key override in the certificate so that the boot code will always try to use it to validate an OS, and because it's garbage, it'll never work, not even with official TI OSes.
23:45 < BrandonW> Really pretty dumb on their part, but I *THINK* it might be possible to send a new certificate over the link, which would fix it. I've never seen any proof of it and there's nothing released by TI which would allow that.
23:45 < jackmcbar> any other evil ti stuff like ptt i should know about btw?
23:45 < BrandonW> That's pretty much it.
23:46  * jackmcbar sets his 2 calcs up with a toolkit: dislink + fake + pttpatch'd os
23:48 < jackmcbar> opinion on krolypto?
23:49 < BrandonW> No complaints.
23:50 < BrandonW> I personally have no use for it.
23:50 < jackmcbar> ok
23:50 < jackmcbar> well ty for your help
23:51 < BrandonW> You're welcome.
23:52 -!- Merthsoft [~Shaun@140.141.26.108] has joined #tiasm
23:59 < BrandonW> This PC hasn't been restarted in 42 days.
23:59 < jackmcbar> little idea for Fake app
--- Log closed Wed Jan 28 00:00:08 2009