Arduino / Atmega in the wild - security?

Discussion in 'Embedded Systems and Microcontrollers' started by bob332, Feb 23, 2011.

  1. bob332

    Thread Starter Member

    Feb 14, 2011
    80
    0
    just out of curiosity, how secure is arduino or programmed atmega chips like a atmega 168 or 328 once in the wild? using either the arduino ide, AVRISP mkII or stuff you guys know about that i am not aware of, how easy is it to reconstruct a program?

    can it be read and the converted back into assembly? and then from assembly back into something else?

    thanks,
    bob
     
  2. nerdegutta

    Moderator

    Dec 15, 2009
    2,517
    785
    I don't know about Arduino, but with PIC, when I program/burn the chip, there is an option called "Code protection" or something.

    I've tried it, and when I check the box, I cannot read the code back in the programming software. I have to blank/erase all.

    BTW I'm using the Piccolo and the Asix UP program.
     
  3. t06afre

    AAC Fanatic!

    May 11, 2009
    5,939
    1,222
    No I do not think you can protect code in an arduino. The arduino use a bootloader concept. And I am quite sure that only a programmer unit do have access to the fuse-bits. So anyone with a Atmel programmer unit. Will be able to download your code. In machine code format. I am not an expert on arduino. So I suggest you pay your friend Google a visit. And ask him to seek up the following words arduino protect code
     
  4. Papabravo

    Expert

    Feb 24, 2006
    10,148
    1,791
    A determined assault on a microcontroller will probably produce a list of hexadecimal numbers representing the machine code.

    With some additional effort a disassembly listing can be produced. Even with a Harvard architecture like the AVR there are still constant tables that need to be accounted for. A disassembly of a constant table does look like gibberish.

    Without documentation understanding that assembly listing is difficult, but not impossible. Creating a C program from the assembly language program is probably more work than writing the C program from scratch after understanding and documenting the assembly language version. That is my opinion based on half a century of programming experience. Your mileage may vary.
     
  5. bob332

    Thread Starter Member

    Feb 14, 2011
    80
    0
    thank you all for your information. i do have an avrisp mkII programmer and will see what happens when i try to read the code from the isp pins on an older arduino i have access too. my main concern is the arduino sketch i am working on twitters, so the twitter u/p is in the code and that is what i am worried about.

    would i search for 'disassembler'? sorry for my newbness about this situation.

    bob
     
  6. GetDeviceInfo

    Senior Member

    Jun 7, 2009
    1,571
    230
    I would second that, but IDA pro is a wonderful tool.
     
Loading...