> A big problem trying to create color images from my own face was getting them off the gameboy camera. ... What was left was the great method of taking images of the screen.
There is another option! You can get a backup device called the "Mega Memory Card" and an EMS64M Game Boy flash cart. Back up the GB Camera's SRAM with the Mega Memory Card and restore to the EMS64M. Then you can use the flash cart's transfer the save to PC and dump with software.
I regularly use this method together with a little utility I wrote[1] to get GB Cam images onto my website. The Game Boy Camera is a cool little gadget!
I'm currently taking 374 (the new 373). Unfortunately Jeff isn't leading my lectures, but the couple times he's subbed in were excellent. Really looking forward to taking 473 with Jeff next semester!
Starting with the X230 series of ThinkPads, Lenovo has used flash write protection to prevent "unauthorized" BIOS modifications. Owners of X220 laptops and below are able to reflash the BIOS to remove Lenovo's whitelist of WLAN/WWAN cards; the X230 models are currently stuck with Wi-Fi N and Gobi 3000 3G-only cards due to Lenovo's whitelist. Would this exploit allow ThinkPad owners to reflash their BIOS chip without desoldering and flashing with external hardware?
My coworker replaced his BIOS/UEFI with an open source version (thinkpads enable this). It allowed him bypass Lenovo’s whitelisting of “approved” hardware, so he could install his own 3g modem.
He repurposed an old Arduino into an SPI flasher and a chip clip to sit on the bios flash chip.
Is the open source version you speak of Libreboot? That's the only open source BIOS replacement I know for any thinkpads. That Thinkpad looks a bit new for full-fledged librebooting! Did he have to reflash the ME firmware back on?
Most likely not; the flash protection is not done by the firmware, but by the Intel Management Engine and a public key burnt into silicon (Intel Boot Guard).
The current exploit only runs far later, after the validation is performed. So unless you manage to mangle the code execution flow of the authentic firmware to the point that it skips the whitelists, you can't get rid of it.
On X220 and previous, the whitelist is removed by creating a modified version of the BIOS without the included whitelist, then flashing it to the BIOS chip. Technically, this can still be done on X230, but as it has the flash write disable unless a signed Lenovo image is to be flashed, the user must desolder the BIOS chip and flash it with the modified image using an SPI chip flasher. As this exploit can remove this flash write protection, perhaps a modified BIOS image can be flashed from the system itself, bypassing the Lenovo signature check?
Huh, here[0] is a a tutorial on removing the whitelist for the X230, via desoldering and an SPI flasher. Looking at the images, the chip looks like an SOIC-8. I wonder why they didn't just use a test clip like this one[1]...
EDIT: The obvious answer would be that they didn't have one handy and were competent enough that de- and re-soldering the chip was not a big deal.
EDIT (again): Also, they wanted to flash a NEW chip with the contents of the original so that they could fall back to the original in the event of failure.
>I wonder why they didn't just use a test clip like this one
Because they tried and it didn't work (third post). It seems to depend on the mobo as well as the programmer you're using, but sometimes SPI programming without removing the chip doesn't work, which has to do with the mobo consuming the power you're supplying to the chip. Some people work around that by supplying separate power but even then it's a crapshot.
Huh, interesting. I managed to do it successfully on my X201, but only after supplying power through the RasPi I was using to flash it (no power to the board, battery and clock battery disconnected, though I doubt the latter was necessary).
The Sierra cards seem to have the explicit ability to change the USB ID (this is how they signal the OS to use serial or newer packed based drivers), so I would think you could easily use a newer card with the USB ID set to one of the old ones? I have not tested this yet.
There is another option! You can get a backup device called the "Mega Memory Card" and an EMS64M Game Boy flash cart. Back up the GB Camera's SRAM with the Mega Memory Card and restore to the EMS64M. Then you can use the flash cart's transfer the save to PC and dump with software.
I regularly use this method together with a little utility I wrote[1] to get GB Cam images onto my website. The Game Boy Camera is a cool little gadget!
1: https://github.com/excelangue/gbcdump