how is this hacking tool legal?

it's pronounced "spy", also GO CHECK OUT LOW LEVEL ACADEMY ITS PRETTY NEAT lowlevel.academy (poggers?)

So now a flash-reader is considered a "hacking tool"?

I recommend buying CH341a version 1.7 as it has selectable voltage and this is suitable for more chips

Be aware of voltages! This device puts 5V on data lines to 3V3 TOE even when supply to TOE is set to 3V3. Look for 3v3 mod for ch341.

It took me a bit to realize he meant SPI not a special "spy" chip.

This is not a hacking device.... It's a simple tool... Stupid click bait title.....

The TH-cam algorithm will love these comments about the SPI / SPY topic. Maximum engagement, well played Ed!

that engineer is a SPI

He doesn't mention this in the video, but that CH341 device doesn't always work to read flash chips without desoldering. The problem is that in order to read from the flash chip, you have to power it. The CH341 can power a flash chip, but it can only output a limited amount of current. If the VCC rail connected to the flash chip is directly connected to other components too, it's possible the CH341 won't be able to power all those components, including the flash chip. In these cases, it's often best to just desolder the flash chip.
Alternatively, you could connect a logic analyzer to the DI and DO pins of the flash chip, then power up the device. Use the logic analyzer to record the data stream as the CPU reads the flash contents. You may need to write a small program to convert the recording back into binary data though.

IMO, consumers should either:
1. Legally have FULL access to firmware
OR
2. The C-Suite should be held legally liable for security breaches and face legal consequences equal to someone who makes and distributes malware as that's what they sold you.

I tought that nothing can hurt my brain more than the pronouncing of SQL as "squeal" but here we are

This is the first time I have encountered someone pronouncing SPI as ‘SPY’. I have only heard ‘S-P-I’ previously. Thank you for the info.
As an embedded software developer, I can say that if someone stores unencrypted firmware on an external flash, you are free to read it.

If you buy this, make sure you voltage mod it. Can be used at full 5v and full3.3
Or just buy the pgraded version with green pcb and voltage selector.

Oh come on, such ridiculous clickbait. It's not a 'hacking tool' that should be potentially illegal.
I used one to switch around some options and button functions on a multimeter. It's a valid utility like any of a hundred other tools. Geeze...

It's funny when people question the "ethics" of pulling the firmware off a device *they* purchased. You own the device, it's your firmware.

Dude, my ears are literally bleeding from him pronouncing SPI as some Cold War Soviet fear

I actually used one of these for the first time recently! I bricked my Chromebook while flashing the stock firmware after having windows on it 😅. Pretty fun tool to mess around with and see how things work :)

I actually have one of these lying around, I once bought to fix a broken BIOS. Interesting to see what you can do with them. I had no idea how common these kind of chips where. Or that you could use the flashrom command line tool to interact with it. You always learn something new!

The only special thing about this product is the ZIF socket you're not even using for its purpose. For general SPI dumping you can use any old arduino or rpi lying around. Or if you get a more feature rich product such as bus pirate or tigard, you can do i2c, uart and others in addition to dumping SPI chips' memories.

The "green screen give away" When the device in your hand disappears into the background.

A CH341 is just a bus converter chip and those are used for all kinds of stuff. Another popular manufacturer is FTDI. You'll see the FT232 in many things, for instance.

"S-P-I", not spy. Maybe it's okay to say "spy" in casual settings, but this is a tech discussion.

There is a bug in the video at 11:18 (chroma key overflow).

im sorry but SPI is pronounced S.P.I. not SPY! The hell is that???

Please use manual focus if your camera is not keeping up :)

Openwrt is awesome, I had a couple of routers that I didn't use, after discovering openwrt I could use for something useful, but unfortunately the routers only had 4mb of flash and 32mb of ram, so I modified the openwrt partition system for my device to fit inside an 16mb chip, so now I had more storage, but the ram was still an issue, so I flashed a custom bootloader that could work with different ram chips, and then I replaced the ram with a 128mb and now the router has the latest update and I'm able to use all the extra features of openwrt, this is only possible because openwrt is opensource, thank you all for that :D

Can you also rewrite the firmware in rust?

Oh man, I remember in the 90s, if you discovered a bug in such a way and disclose it ethicaly to the company, they would start to hunt you and sue you as if you are trying to sell defense secrets.

Actually it may need the 3.3v mod because the all the data lines are at 5V (because the chip is running at 5v).

I used this to fix a expensive monitor that needed a chip reflashed after a power outage. So cool!

you are the very first person I have ever heard call it 'spy' also, its not a hacking tool just like the screwdriver you opened that router with ;)

I keked every time you pronounced SPI as SPY

I wish more new devices were still using SPI flash for more than eeprom config storage these days. TSOP isn’t too bad but requires more expensive readers and BGA just makes me want to cry.

I’m glad your name is no longer low level learning.

Wow thanks for that video! Just got mine ch341a and into ezviz camera to see what dodgy stuff (that I saw on wireshark) they are actually doing. Least to say private keys are handled on a plate and they even managed to ship C source code into production so I don't even need gidhra 🙃 It's amazing how security assumptions were defeated with an 8$ chinese tool. Thanks again!

I used that to program bios chip on my laptop 🤣 because it broke after an update

Funfact: in some cases you don’t even need to use a flash reader to get the firmware. Most firms provide updated firmware’s that also often come in the .bin format and you could simply run these through binwalk. Even in the most up-to-date „secure“ version there are a lot of jucy CVEs waiting to be discovered. Ask me how I know lmao

IT'S NOT SPY IT'S SPI

Is SPI commonly pronounced like "spy" [spai]? I usually pronounce it spelling it S-P-I [es-pi-ai].
If you do a lot of EEPROM work you should check the XGecu T48 or newer T76 and associated chip adapters.

Video starts at 5:29 you're welcome

1) Firmware is usually downloadable from manufacturer website , no need to dump it off the router
2) This programmer is not usually 3.3v logic level and requires quite finekey soldering
3) this programmer is massively unstable , writes , forget about it
4) bad drivers
5) don't cook your devices by reading it in circuit , it is a possibility , always desolder
Wait till they findout how much you can do with just uart on some of these devices

I think I actually preferred the old camera style and video background (or lack thereof).
Do like seeing new things though. Props for adding in pizzaz :)

This is my first time checking out one of your videos. I enjoyed it and subscribed! It's funny, at first I thought you were Sheldon grown up. LOL

Please be consistent and call I.S.P. "ISP"!

11:20 "with this device", as the spi programmer fades into the green screen. lol.

Spy flash? I always pronounce it "Ess Pee Eye"

Good timing! Just as I m waiting for mine to ship.

Thanks for finding your channel. big up man keep on going

I used this exact tool to get the data from my BMW's 8 pin flashed onto a $50 replacement gauge cluster from eBay. Something that would have cost a trillion dollars at the dealer. Works like a charm.

Fun drinking game: take a shot every time he mispronounces SPI

you're saying "spy" instead of SPI so many times, maybe I'll get used to it in the end...
never mind it's impossible for me to get used to it, but I tried 😅
Nice video though, great work! ☺️

The last time I needed a tool to read and write to SPI flash, I just got a Raspberry Pi. You might need to configure it to expose SPI interfaces (my 3b+ can do like 2 independent interfaces) over GPIO, and then you can just run flashrom directly on the device.
Also, when dumping chips, a standard practice is to read the chip twice and diff the readouts to avoid any read errors corrupting the file. If you don't have a cable on your clip, you should use whatever cable that is the shortest and works for you, I remember reading that 20 cm is the upper bound, and I think I used 10 cm cables to connect the clip to my GPIO pins.
The reader doesn't really matter if it works, but you might have one laying around without knowing it, and just need a clip to use it with for in situ reading and flashing. It's pretty much a requirement to do most coreboot and libreboot installs on computers, but taking ownership of the firmware you run is pretty cool and lets you do things that are otherwise impossible.

This is the first time in my life I've ever heard anyone pronounce SPI as "SPY".
But you're obviously a way superior low-level and embedded programmer than I am, so I'll follow your pronounciation from now on :D

not desoldering the chip may cause the opcodes being sent to other chips connected to the board and may cause issues

fun fact: you can use a multitool such as flipper zero to dump SPI memory chips too!

big downside with these i find is if the board has more current draw then the chip or your usb port it wont read because it doesnt have enough current to turn the chip on -and- everything thats also connected to that 5v bus

Love how when you mention "this device" for bug hunting, and hold it up... it mysteriously disappears! {ROFL}

I used one of these to unbrick my G75VX laptop in college after asus quoted me $900 to fix it after the laptop bricked when I told it to boot off the dvd drive lol

Most of well developed electronics will not have an easy access flash storage for their code. Either they use an encrypted binary on their flash or they use internal flash, which is not that easy to access.

gotta love the hacker background

Love this device!
Used it myself to remove the "whitelist" of acceptable wifi-adapters on a laptop years ago. It turned out it only accepted 4 devices in the whole world. It declined to boot if u used a good adapter that was not whitelisted. Damn i love that device.
Have used it on alot of routers to bug-hunt aswell, and also decrypt firmware updates, since the key had to be stored in plaintext on the chip. :)

This tool can you let you recover a failed BIOS update using another PC

ah yes the spy flash. my favorite type of flash. lol

The device can also with the correct software read spi-nand chips.

I also use CH341a to edit SFP I2C EEPROM information, very useful to change or crack SFP vendor lock!

I'm with this thing on my hands right now

The title is misleading, as the tool makes reading firmware easier, but hunting bugs is a completely different matter which requires the source code or disassembling the binary.

11:39 Something even cooler than this?! Say it ain't so!

I've reported many bugs in the past, never once got a bug bounty. Most I've been given is a thank you. Million dollar companies will not pay you. Don't waste your time helping them.

Reverse engineering has been deemed to be completely legal if you do it in a clean room environment….basically disconnected from outside influence. You have to reverse engineer the firmware yourself without other input into how it’s done

I used one of these to put Coreboot on my Thinkpad!

literally just started playing with mine last night, pulled a BIOS off an old device, if you have a flipper you can also do this with the SPI memory application, raspi can do this as well, that's what I used back in my coreboot days. I found the soic-8 clip on this particular model to be much better quality than some of the other ones i've seen on amazon.

Wow the best advertisement for the old CH341a I have seen in my life!

9:27 -M for .. Matryoshka? The doll inside a doll inside a doll..
Guess that's how you can also label "recursive"

This is like calling screwdrivers 'murder weapons'..

To be fair anyone that can buy a standard USB and can write 1 line of code can break a computer with worm malware they created. It is more about knowing how it’s used so you can combat against it. The number one rule in ethical hacking is to believe the black hat is always 1 step ahead. So we are always playing catch up in security.

It's your property - you bought it, you own it.
Why would it be illegal to play with it?

For the same reason a knife is legal. It's not the tool itself, its how you use it that determines if its legal or illegal

Vim probably appended a newline after your file when you changed the string. By changing it to U-boo you would have changed the alignment of everything after so you probably would not have had it boot correctly.

I see a lot of people having a hard time understanding the deffinition of Hacking in the comments ... Forget the morality of making title clicbait away for algo/view purpous, this is still Hacking
Hacking is the creative or unconventional use of tools, systems, or technologies to achieve a goal, often in ways they weren't originally intended to be used. It can involve exploring, modifying, or repurposing resources to solve problems, gain insights, or push boundaries. While hacking is often associated with computers, it can apply to anything where innovation or "thinking outside the box" comes into play.

great contentn, im totally buying it but your cam is out of focus :(

10:30 if it uses GPL-like licensed parts, like linux, you actually need to be able to replace that bit. Of course, the root file system may contain other parts. And - if you report a bug, prepare to get sued.

As a newbie to hardware development, this is interesting

you should really make longer and more detailed videos. I'd rather sit here for 20-40 minutes listening about a single topic (one that can even be talked about for that long - this one is great for that) than watching multiple short vids of different topics.

Pronouncing SPI as an acronym, "spy" is plainly dumb as it can be confused with a common English word. That's why we have initialisms. e.g.: NASA vs FBI; NOAA vs NAACP.

I have one! Bought to fix a samsung tv which died after power gone for half a second.

I'm surprised that any current devices still boot from an easily available, external, unencrypted, unsigned flash chip.

So I clicked on this video thinking that USB device would find BUGS as in covert listening devices in my home or AirBnB rental, and not to pull firmware off of a router. 😂

Would love more hardware hacking content like this! Keep it up!

Because it is not a hacking tool. It is a hardware development tool that you can use for hacking. Similar that the hammer which is normally used to drive nails into wood when building can be used to break windows and possible doors during a burglary. You cannot make random things illegal because people start using them for illegal things.

D: my router has a SPY chip in it

That backdrop is a green screen double whammy. Looks like someone plugged in a bad USB stick and got assimilated

what keyboard are you using? sounds really good

It is not pronounced "spy". It is an acronym of Serial Peripheral Interface, so it is pronounced "S" "P" "I". And since when is a flash reader/writer a hacking tool? I don't deny that it could be used for hacking, but that is not their primary purpose. As much as I normally enjoy your content, this is just clickbait trash.

this "programmer" has 5V data lines, it must be modified or a logic level converter must be used, before connecting to a router like this 🙄

Been a fan since your first ARM assembly vid, but I gotta say man you're better than this clickbaity title.

There is a better one a newer version of the programmer you have shown. The one you are using could brick and fry some SoC

No affiliate link to the device? Why?

Two points * Having low knowledge is not the same as having low IQ or low wisdom. * It takes more wisdom to avoid the curse of knowledge and you seem to do that well.

I am not sure I buy the “open source is more secure” argument.
After all you had people complaining about them, not fixing audio drivers for over a decade with problems that they knew existed in Linux.
The first WORM that was ever written, was written by the son of an engineer who had access to the source code for the operating system.
I knew guys who cracked games back in the 90s, but they had professional dev tools and games were only a few megabytes. Combing through even a few megabytes of an Assembly language for a platform you’re not familiar with is really hard. it’s way easier to find exploits in C source code.