On 7/23/21 1:58 PM, Matt DeVillier wrote:
Ironically, the inability to attach a flash programmer in-circuit to a Chromebook having Google's H1 security chip represents a kind of security failure. Specifically, how is the boot flash content to be verified with the certainty that the true content has not been hidden by Cr50, or by, for instance, flashrom running from eMMC root, when the AP is used to read the boot flash?
Inability? due to it being a WSON-8 chip or? Every Chromebook since ~2013 has supported ISP, AFAIK. And up until recently, most used a clippable SOIC-8 chip.
Lucky for me, the Chromebook 4 still uses the SOP8 208MIL package. Or, it might be argued, unlucky for me, that I would bother the boot flash chip.
"Inability" only based upon the theory that maybe the Chromebook multiplexer was damaged when I connected the TUMPA to the flash chip.
Of course, I still don't really know what the problem is. It might be the result of the way I connected the TUMPA - operator error. It may be that this Chromebook was already defective upon receipt. Or, there may be some obscure bug in my current build of Google flashrom. Or, it might just be some unlucky unlikely random hardware glitch.
So, "inability" may be inappropriate here, and I'm in a mood, feeling frustrated. But I do appreciate your help. Something will work out - one step at a time.
James