Automatic deletion

Steve2381

Senior Member
Hey all. Been a while since I tinkered with a Picaxe

Has anyone ever come up with a way of 'deleting' the contents of a Picaxe remotely?

We have items of equipment at work that require some logic control. BUT... this stuff is forever being stolen and basically hacked by rival companies.
So, I was thinking of some kind of method of protecting our projects. If they try to download the IC code, it is lost forever.

Any super clever ideas?

My only thought was to actually deliberately fry the IC so that is was unreadable.
Say... 12v through a transistor into the serial pin of the IC (Would that kill it?) that is operated by an early line in the code, unless a jumper is set on the PCB.
 

steliosm

Senior Member
Hello Steve.
It's not very clear what it is that you need to protect? Is it the program stored inside the chip or the functions the chip performs in order not to be replicated by a competitor?
In the first case, I do believe there is no way to download what is stored on the chip, unless is stored on the chip's EEPROM. For the second case, I'm afraid I can think of any way, besides physical security, to protect the chip.
 

westaust55

Moderator
As steliosm indicates, it is not possible to retrieve the tokenised (and compressed) BASIC program that has been loaded into a PICAXE chip.
Many in the past have asked if this can be done, ostensibly because they failed to save their program before closing the Programming Editor but the answer is the same: NOT POSSIBLE.
 

Jeremy Harris

Senior Member
I'm also pretty sure there is no way to be able to read the code out from a Picaxe once programmed. I've wished there was, a few times, when I've not kept proper records of the code that's been downloaded into a Picaxe and that's been working OK for some time!

All your competitors would be able to do is reverse engineer what the code is doing, by monitoring the pins on the chip whilst the code is running. This isn't something that is easily preventable, as far as I can see, unless you do something like physically prevent access to the chip pins, perhaps by potting with something that's tough enough to prevent physical access without breaking something.
 

Steve2381

Senior Member
In all the years I have used Picaxe chips, I didn't realise you could not download the code back to the PC. Heh.

I am in the special effects/TV industry and backwards engineering is the norm. Something comes out new, we buy one and take it to bits to see how they did it.

Other companies do the same with our stuff. We have decided its time to make that process more difficult, as you have to stay ahead of the curve in this industry.

I like the potting Idea... never thought of that. If I covered the pcb with an aluminium 'lid' and potted the whole thing, that really would make life difficult.

Thanks all
 

Bill.b

Senior Member
You could also remove all identification from the chips so that identifying the type of processor is unknown.


Bill
 

Goeytex

Senior Member
I once had a customer that was a notorious "slow pay" and had a reputation for stiffing contractors on the last payment after delivery of a working system or prototype.

So I put a little bug in the code where after a certain number of power cycles the main program would not run and the display just showed black squares. It looked like a system failure but a certain button press sequence with the correct timing would then unlock the device and allow it to work again. Final Payment gave them the key and disabled the bug. As a practice I never delivered complete source code until final payment is received.

Might could do something similar but after say five more power cycles if the correct button press sequence is not implemented then a reserved I/O pin turns on and blows a small fuse killing the entire system. Or have 2 spare I/O pins physically connected together and have the code set one ON and the other OFF creating an internal chip failure.

Combine something like this with potting and the culprits will have a very hard time.
 

Steve2381

Senior Member
Thanks for all these suggestions. Very helpful.
Along the same lines as you Goeytex... I have been developing some custom (very complicated) systems for a local company as a freelancer.
Now that the project is 75% complete, they suddenly decided that I was not needed and gave me some old twaddle about not finishing the project (bearing in mind its got 25k in materials buried in it).
I have only charged day rates at the moment, and the main 'profit' was in the commissioning and a final payment.
I have installed chips (Arduino's and Picaxes), but they did not know that at the end of each day, I swapped out the chips for blanks ones.

I got an email this morning from their in -house engineer asking for a backup of the programming files 'just in case'. Nope
 

erco

Senior Member
WOW. Sad story, but way to anticipate the situation and end with control. I'm sure you've heard this one...

There was an engineer who had an exceptional gift for fixing all things mechanical. After serving his company loyally for over 30 years, he happily retired. Several years later the company contacted him regarding a seemingly impossible problem they were having with one of their multimillion dollar machines.

They had tried everything and everyone else to get the machine to work but to no avail. In desperation, they called on the retired engineer who had solved so many of their problems in the past.

The engineer reluctantly took the challenge. He spent a day studying the huge machine. At the end of the day, he marked a small "x" in chalk on a particular component of the machine and stated, "This is where your problem is".

The part was replaced and the machine worked perfectly again.

The company received a bill for $50,000 from the engineer for his service. They demanded an itemized accounting of his charges.

The engineer responded briefly: One chalk mark $1 Knowing where to put it $49,999 It was paid in full and the engineer retired again in peace.
 
Last edited:

edmunds

Senior Member
erco, very nice storry :)

I recently had a pitch to investors of one of our potential products that has a picaxe component in it. The investors came with two engineers of their own to see if we make any sense. The discussion went into 'what if this gets stolen from the chip'. I explained, this is unlikely possible the best I could because of the interpreted programming language we use. They have looked into it since and seem very impressed with this advantage (among others) of me using a picaxe for the project. So, these days, I'm quite at ease of 'not having enough speed' because more often than not, there is a workaround. The simplicity, no black boxes in the form of libraries you kind of have to use, but do not have access to (look at arduino or stm32), excellent support and now extra layer of intellectual property protection on top are so much more important after all.


Cheers,

Edmunds
 

premelec

Senior Member
I'm reminded of the good old days with Commodore floppies that someone made a "Death Sector" which when you tried to copy the disk it destroyed it when you read that sector... I guess with PICAXEs some who knew to try could simply ask for version of chip and it would report - then you know what chip it is... ;-0 for every lock there may be a key...
 

erco

Senior Member
Another workaround would be to require a password at regular intervals, either in run time or power up cycles. Update the total in EEPROM so it stays current and survives power-down. Program won't run without the password. A really smart guy would have the password change itself regularly, based on a hidden predictive algorithm that only you know. That way they'll keep coming to you every month for the new password. Maybe paying you every month if they stiffed you on final payment.

Nice doing business with you fellas. Keep my number handy!

https://www.youtube.com/watch?v=RfiQYRn7fBg
 

Buzby

Senior Member
A few years ago a friend who owns a hairdresser shop asked me to help sort his accounting computer.

It ran custom software that needed a new password every year, so my friend had to phone the author, pay £500, and get a new password.

But one year the author didn't answer the phone, or reply to letters, so I was asked to help.

The software was written in dBase, and a quick decompile revealed that the 'password' was just the next expiry date x-ored with a fixed pattern.

I went to his shop, typed in some digits, and asked for free haircuts for the next 60 years. ( I thought that was fair, as I'd set his expiry date to 2999 )

There was a key for this lock !
 

geoff07

Senior Member
I used to know a guy who used to work at a military wipe-up centre, where stuff was repaired. Apparently, they used to de-pot kit that the Americans thought was disposable but we poor Brits felt the need to fix. I don't know how they did it but I imagine chemicals were involved. So potting might not be a solution if the opposition was determined. They also had an industrial ultrasound cleaner, which was great for alloy wheels, or so I was told.
 

Steve2381

Senior Member
Well they have not paid their last 4 invoices, so I am not returning until that issue is resolved!
I am writing some PLC code and designing several GP-Pro touchscreen interfaces for the same equipment. I sent them some nice - totally useless - screenshots of the touchscreen interface. That is as far as that is going for now.

They have their own employed engineer, and I go in as a freelancer and assist. But in reality, he sits on his backside all day and I do all the building. Then when it works or is completed, he suddenly appears as if he had any input.

I think I will pot the boards from now on and remove all IC information.

Quite a lot of this equipment is internet enabled and wireless. Maybe I should have a 'destruct' button at home!
 

techElder

Well-known member
... Maybe I should have a 'destruct' button at home!
Steve, there is this bluster, and I've been there myself, but then there are also lawyers.

Demanding payment before delivery is one thing, but destruction after delivery can/may be met with a legal challenge.

I believe that a software upgrade policy (disclosed up front) is the proper way to handle these scofflaws. If they don't upgrade in a given period, then it's likely the software will start acting erratically for some valid reason. The "valid reason" could very well be some kind of calibration data needed by the software.

The upgrade is where you make up for the lost revenue.
 

Steve2381

Senior Member
I realise the legal issues here. Once the equipment is built, as long as I get paid... its not my problem after that. If they don't want to keep the equipment maintained or updated, that is their choice.
I hold all the cards here really at the moment anyway. They have somewhere in the region of 46k spent on equipment that are in pieces or in mid-development (their money, not mine). One project is 25k in materials alone, sitting in RS boxes waiting to be assembled.
I have all the design drawings (I did them), I have all the wiring diagrams, and their engineer does not have the first clue how to assemble it all.
I await my cheque
 
Top