really enjoying the series

Mighty impressive. Apart from looking forward to running custom sw on my device, I've just learned a whole lot. As an EE dabbling in embedded this is fantastic.

Wow, this part is the most impressive development yet!

This is a great series. Listening to you go through your thought process and research steps is a great learning experience.

You're piecing this instruction set together like I'm watching the process. Half of what you say here is Chinese to me, but the more I watch the more puzzle pieces find their way home. Thanks for another epic upload. -Jake

Can't wait for the next part! I'm addicted!

It would be awesome to see a custom fw running on this platform.

It's really, really enjoyable and educational to follow your work. Thank you for letting us look over your shoulder and learn from and with you!

Awesome, awesome! Thanks for the link to that polish bloke's website (which I will be digesting in a wee moment) and for that binview site too. Just had a moment where I had to scrape away a substantial amount of cobwebs - the last time I used assembler was on my old amiga, but all's gravy now :) Watching this has triggered a productive brainfart which is actually productive procrastination, if there is such a thing (an excuse to sit infront of a screen for hours)....thanks mate! This weekend has now taken a turn for the best. Until the next one and thanks for uploading!

This is really interesting... looking forward to seeing how far you can get with this

cool video series. im already excited for episode 4 :)

im really diggin this series, please continue afterwards with more cheap devices :-)

Lol. Is it me or can I hear a cat needing attention in the background? At first I thought it was one of my cats :-) 🐈🐈🐈🐈

i can be wrong but.. it looks like a "C-SKY" architecture..

So now even hdmi extenders could start mining crypto currencies.

Since you can modify the flasher, why dont you just bypass the checksum computation? Redirect the CPU to Checksum-OK directly.

I wonder if some of the Kaitai Struct tooling would help with the workflow of visualizing things in-place

Fantastic

You big bloody tease.

just make the checksum-comparition function to always return "true" or correct firmware, so the you can change anything you like in the rest of the file and it wont be overwritten on boot.

(@7:37) - You may be looking at interleaved code here, where alternate instructions are loaded into the instruction pipeline; this is common on Intel architectures. If this were a SISD (like the old 8-bit micros), you would expect the instructions to load the value 0x000b9f7d to immediately follow one another, otherwise, the problem is that the “call $pc+(30796*4)” might modify register 3. Given that the chip (as seen from video 1 in this series) has 3 cores (a main core, an a/v core, and a security core), this may even be a 3-way interleave, but this is just a guess.

Is there a good community like Discord, IRC, or Forum to talk to people to learn more about how to modify hardware and put your own firmware on it like you are doing in this series? I'm interested in taking old hardware like DVRs, printers, scanners, smartphones, dongles etc into stuff like open linux machines, plotters, reusing smartphones in the place of Arduinos, etc

I think your cat had some thoughts at 14.17....

One ideea and probably I'm way off, but since we are seeing references to other Atmel chips in the text section , is it possible one of those has a known architecture and by finding the corresponding firmware we could then break it down for a known architecture first?

It would appear ive fallen down the wrong rabbit hole and now im lost and confused. Im very far from your level of knowledge and understanding but it has brought light to the reason I never throw electronics away. I have for years looked at boards similar and well just about every board ever made and wished I could command it to well be my bitch. LOL Gld ive found your channel its very intresting.

MediaDSP3200/MediaDSP3201 (or MD32 for short) architecture: slideplayer.com/slide/15233183/ person.zju.edu.cn/person/attachments/2017-09/07-1506579034-711542.ppt edit: r-type encoding seems different...

Forgive me for stating the obvious, but can you not just NOP out the call to the checksum check?

Could it be a Tensilica core?

Probably I've found compression library. Same name, BSD license and It might be it. github.com/antirez/smaz