Maelgrum wrote on 2023-09-27, 00:32:
it needs to be proven.
One way to prove - is to write software dumper (if it's possible), and then compare dumps from different cards.
I presume hardware dump is very complicated to be made - I don't know how those dumps here were made, but in the past I found picture(s) of the setup used by @TubeTimeUS to dump CT1351 V202 , wrote about it here:
Re: Sound Bank rom dumps - how are made?
and it was literally insane as complexity.
So, let's hope software approach is possible.
I don't know how relevant it is, but I remember - very vaguely now, because it was over 10 years ago that I read a book (don't even remember the name of it) about 8051 assembler in which with some magic self-modifying code it was possible to dump the whole firmware, but you still need an entry point - maybe it's some famous attack on 8051, I don't know. In any way back then I tried it and it was working and it was working even on very modern device, because I tried it on PCI-Express controller with build-in 8051 controller (actually it was PCIe sound card with 8051 controller inside the PCIe chip for handling the HDA commands and I was able to dump the 8051 firmware with that attack in software). So, if you think it's relevant and you don't know the attack - let me know, I will search old HDDs, etc if I can find the book and the attack.