+-Discord Shoutbox

Alternatively, join us on Discord directly.
You can help CodeWalrus stay online by donating here.

TI-84 Plus CE downgrade protection with Boot 5.1.5+

Started by critor, April 02, 2017, 04:19:09 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.


April 02, 2017, 04:19:09 PM Last Edit: April 02, 2017, 04:33:49 PM by critor
Owning a TI-8x Flash calculator had always been a synonym for freedom.  ;)

You could update and then downgrade freely. ;D

With the only exception of TI-84 Plus coming preloaded with Boot 1.03, in which TI had moved from a 512-bits RSA signature to a 2048-bits one - so the only accepted OS were 2.55+ (so 2.55 only, as no update has been released since).
But the intent wasn't to prevent downgrading, or they would simply have checked the version.
They wanted to prevent us from being able to install modified OSes, for example with a patched exam mode...

Those were the good old days.
For the first time in history, we now get a downgrade protection on a TI-8x Flash calculator, the TI-84 Plus CE. :'(

In fact, it is very similar with the TI-Nspire downgrade protection, except that just the first 3 version digits are being checked.

The TI-Certificate following the header of any 5.1.5+ OS file is now holding 2 versions number :
- the OS file version
- the minimal allowed OS version to set

When an OS install suceeds, the minimal allowed OS version, if higher, is written to the calculator Flash memory, in the TI-Certificates page, a zone which you can't reset with official menus.
When you start an OS transfer, the TI-Certificate being at the start of the file is among the first sent things. So the calculator immediately checks if the received version is higher or lower than the minimal allowed OS version. In the later, the transfer is immediately aborted.

Apparently, the downgrade protection is only functional on TI-84 Plus CE coming preloaded with Boot Code 5.1.5.
The OS installation code from previous 5.0.0 Boot Code versions doesn't seem to care about the new minimal allowed version TI-Certificate field.

All OSes 5.1.5 to 5.2.2 have a minimal allowed version set to 5.1.5, which might appear as non-excessive to you.
But when you know that since OS 5.1.0 you can easily crash your calulator with only 3 short lines of TI-Basic, it's still being harmful to all TI-84 Plus CE owners.  >:(

Source : https://tiplanet.org/forum/viewtopic.php?t=19793&p=214887#p214887 and https://tiplanet.org/forum/viewtopic.php?t=19803&p=214964#p214964


Can't you modify an older/custom OS to have the version number of the current OS ???


Quote from: c4ooo on April 02, 2017, 04:44:51 PM
Can't you modify an older/custom OS to have the version number of the current OS ???
I did to confirm how the protection works.
By faking the OS version in the file certificates, the OS transfer does start. :)

But the certificates are included in the zone being protected by the RSA signature, and thus the OS is still going to be rejected, but after the transfer on the difference.

DJ Omnimaga

Sucka they are adding this to new calcs. Thankfully, I have no reason to downgrade, unlike the CX, but I wish they spent more time fixing bugs than adding anti-downgrades
  • Calculators owned: TI-84 Plus C Silver Edition, TI-84 Plus CE, Casio fx-CG10, HP Prime, fx 1.0 Plus, fx-7400G Plus, fx-9750G Plus, fx-9860G, HP 39gII
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Nintendo 64, Wii U

Powered by EzPortal