When will the core2 chips be cracked?

[DisgruntledVirus]

Originally posted by: Perry404

Originally posted by: The Boston Dangler

Originally posted by: Perry404

Originally posted by: DisgruntledVirus
Just buy the EE edition from Intel, or the Black edition from AMD and call it a day.

Or just do a FSB OC and call it a day

I have an e6300 oc'ed to 3.2ghz via fsb. I have fried 2 680i motherboards with this same setup. My nb temp is 74. Who knows what temp the rest of the mb is. With an unlocked multiplier I might get 3.8 or 4.0ghz with very little excess heat.

you're on your 3rd $200-250 motherboard, to squeeze more out of a $175 chip? you're either lying or very foolish.

Hey fuck you. Call me a lier. In fact I was wise and bought my board from eVga who has a lifetime warranty and replaces the motherboard free no questions asked.

If you're going to insult him at least spell "liar" right.

Well at least you got your replacement mobo's for free, but I still fail to see why you want to unlock the C2D to try to hit 3.8 ghz+. That is a 100%+ OC. What are you doing that you want to OC your chip that much? Bragging about it isn't that big of an accomplishment (no offense meant either), as somebody will have a higher OC to brag about (unless its just in your group of friends, but burning out the chip to try and out OC a friend seems pointless personally).

 

[HeXploiT]

Originally posted by: DisgruntledVirus

Originally posted by: Perry404

Originally posted by: The Boston Dangler

Originally posted by: Perry404

Originally posted by: DisgruntledVirus
Just buy the EE edition from Intel, or the Black edition from AMD and call it a day.

Or just do a FSB OC and call it a day

I have an e6300 oc'ed to 3.2ghz via fsb. I have fried 2 680i motherboards with this same setup. My nb temp is 74. Who knows what temp the rest of the mb is. With an unlocked multiplier I might get 3.8 or 4.0ghz with very little excess heat.

you're on your 3rd $200-250 motherboard, to squeeze more out of a $175 chip? you're either lying or very foolish.

Hey fuck you. Call me a lier. In fact I was wise and bought my board from eVga who has a lifetime warranty and replaces the motherboard free no questions asked.

If you're going to insult him at least spell "liar" right.

Well at least you got your replacement mobo's for free, but I still fail to see why you want to unlock the C2D to try to hit 3.8 ghz+. That is a 100%+ OC. What are you doing that you want to OC your chip that much? Bragging about it isn't that big of an accomplishment (no offense meant either), as somebody will have a higher OC to brag about (unless its just in your group of friends, but burning out the chip to try and out OC a friend seems pointless personally).

Sorry but he insulted me. Why do I want to overclock? That's a silly question. Because I can.

 

[drebo]

That's a silly answer.

Would you jump off a bridge just because you can?

So why would you ruin your computer equipment just because you can?

 

[CanOWorms]

Originally posted by: BrownTown
meh, I guess maybe in theory, but in practice Intel ain't exactly giving out their layout files, so we would never know where to even begin. All academic really though since the FIB is a few orders of magnitude more expensive than the Extreme models, would be easier to jsut buy one, or if you wanna be cheap to steal one.

FIB equipment is quite expensive, but sending out for FIB work at an external laboratory is not. Just 1 cut would cost perhaps $100.

Not that I would recommend leaving a used internal net floating around like that.

 

[Extelleron]

Back to the subject, an end user is never going to be able to unlock the multiplier on a modern chip, just as a user can no longer unlock the pipelines on a graphics card - disabled pipelines are laser cut, and multipliers are impossible to unlock without access to technology.

It is possible to unlock the multiplier on a regular chip, however - AMD does this with the Black Edition, and I'm sure Intel does the same thing with the Extreme Edition CPUs. They are just regular CPUs when fabricated, but they go through another process to unlock the multiplier, as far as I know of course.

 

[CTho9305]

Originally posted by: Extelleron
Back to the subject, an end user is never going to be able to unlock the multiplier on a modern chip, just as a user can no longer unlock the pipelines on a graphics card - disabled pipelines are laser cut, and multipliers are impossible to unlock without access to technology.

It is possible to unlock the multiplier on a regular chip, however - AMD does this with the Black Edition, and I'm sure Intel does the same thing with the Extreme Edition CPUs. They are just regular CPUs when fabricated, but they go through another process to unlock the multiplier, as far as I know of course.

I assumed there were just fuses that were burned differently... burn one value into the fuses and get a normal part; burn a different value and get an unlocked part.

 

[covert24]

Originally posted by: Extelleron
Back to the subject, an end user is never going to be able to unlock the multiplier on a modern chip, just as a user can no longer unlock the pipelines on a graphics card - disabled pipelines are laser cut, and multipliers are impossible to unlock without access to technology.

It is possible to unlock the multiplier on a regular chip, however - AMD does this with the Black Edition, and I'm sure Intel does the same thing with the Extreme Edition CPUs. They are just regular CPUs when fabricated, but they go through another process to unlock the multiplier, as far as I know of course.

i would think the multiplier would already be unlocked on all of the processors and then the regular chips would go through the process to permanently 'lock' the chip at one specific multi. it seems more realistic if i look at it that way. and as far as 'cracking' there is no way to do it. cracking refers to the software side of the spectrum and obviously no software alone can modify a chip in such a way that would change its physical properties. That being said you would have to get a chip directly from one of intels fab. labs to get a truly unlocked chip. or as many have said just buy a EE version...

 

[jagec]

Originally posted by: covert24

i would think the multiplier would already be unlocked on all of the processors and then the regular chips would go through the process to permanently 'lock' the chip at one specific multi. it seems more realistic if i look at it that way. and as far as 'cracking' there is no way to do it. cracking refers to the software side of the spectrum and obviously no software alone can modify a chip in such a way that would change its physical properties. That being said you would have to get a chip directly from one of intels fab. labs to get a truly unlocked chip. or as many have said just buy a EE version...

That is certainly how things used to be done. Doesn't anyone remember re-joining the bridges on the old Athlons to unlock the multiplier? The multipliers probably get locked after they test and bin processors according to speed.

 

[covert24]

Originally posted by: jagec

Originally posted by: covert24

i would think the multiplier would already be unlocked on all of the processors and then the regular chips would go through the process to permanently 'lock' the chip at one specific multi. it seems more realistic if i look at it that way. and as far as 'cracking' there is no way to do it. cracking refers to the software side of the spectrum and obviously no software alone can modify a chip in such a way that would change its physical properties. That being said you would have to get a chip directly from one of intels fab. labs to get a truly unlocked chip. or as many have said just buy a EE version...

That is certainly how things used to be done. Doesn't anyone remember re-joining the bridges on the old Athlons to unlock the multiplier? The multipliers probably get locked after they test and bin processors according to speed.

yea i remember that! good times..

 

[Foxery]

Originally posted by: Lord Banshee
But i do not think the only reason to do is not for overclockers, but so OEM dealers don't sell cheaper processors that work at higher multipliers.

I believe this actually happened a few years back, and is Intel's biggest motivation for locking up its chips.

Honestly, the tweaks motherboard manufacturers let us get away with these days are amazing workarounds. You take it for granted that you can buy RAM beyond normal specs and adjust your FSB. I remember when this idea was new, and most chips couldn't tolerate being pushed anyway!

Now, with the added option to select all kinds of ratios between your RAM and FSB... it's an amazing revelation that lets you do whatever you want to the CPU. A locked multiplier doesn't seriously hamper any motivated enthusiast any more.

 

[covert24]

Originally posted by: Foxery

Originally posted by: Lord Banshee
But i do not think the only reason to do is not for overclockers, but so OEM dealers don't sell cheaper processors that work at higher multipliers.

I believe this actually happened a few years back, and is Intel's biggest motivation for locking up its chips.

Honestly, the tweaks motherboard manufacturers let us get away with these days are amazing workarounds. You take it for granted that you can buy RAM beyond normal specs and adjust your FSB. I remember when this idea was new, and most chips couldn't tolerate being pushed anyway!

Now, with the added option to select all kinds of ratios between your RAM and FSB... it's an amazing revelation that lets you do whatever you want to the CPU. A locked multiplier doesn't seriously hamper any motivated enthusiast any more.

Very true. just think. everything that has to do with the BIOS is basically a 'hack' obviously nobody calls it that but all of the overclocking abilities are ways motherboard manufacturers found out how to manipulate the processor and ram in such a way that everything you change in the bios actually relates to something. Just think all the combination's of different ram timings there are. changing just one of those timings actually has an effect on something. On the user end it wont make nearly any difference but when it comes to electronics, its actually cutting off the default ram timings, inserting its own information and sending that modified info back into the the rest of the computer. sorry, im rambling....

 

[CTho9305]

Originally posted by: covert24

Originally posted by: Foxery

Originally posted by: Lord Banshee
But i do not think the only reason to do is not for overclockers, but so OEM dealers don't sell cheaper processors that work at higher multipliers.

I believe this actually happened a few years back, and is Intel's biggest motivation for locking up its chips.

Honestly, the tweaks motherboard manufacturers let us get away with these days are amazing workarounds. You take it for granted that you can buy RAM beyond normal specs and adjust your FSB. I remember when this idea was new, and most chips couldn't tolerate being pushed anyway!

Now, with the added option to select all kinds of ratios between your RAM and FSB... it's an amazing revelation that lets you do whatever you want to the CPU. A locked multiplier doesn't seriously hamper any motivated enthusiast any more.

Very true. just think. everything that has to do with the BIOS is basically a 'hack' obviously nobody calls it that but all of the overclocking abilities are ways motherboard manufacturers found out how to manipulate the processor and ram in such a way that everything you change in the bios actually relates to something. Just think all the combination's of different ram timings there are. changing just one of those timings actually has an effect on something. On the user end it wont make nearly any difference but when it comes to electronics, its actually cutting off the default ram timings, inserting its own information and sending that modified info back into the the rest of the computer. sorry, im rambling....

It's not really a "hack" - they're not "finding out" how to get the processor to do things. You should find pretty much everything you want documented in the BIOS and Kernel Developer's Guides. For example, to control RAS to RAS delay when using a family 10h processor (e.g. barcelona, phenom), see page 174-175. Software (usually the BIOS) reads the RAM chips' SPDs and uses information within the BKDG to tell the CPU what timings to use. It doesn't have to tell the CPU the timings that the RAM is rated for - it can pick any values it wants. Granted, the info was harder to find without signing an NDA back when memory controllers were in the chipset, but this stuff is all thoroughly documented.

 

[DisgruntledVirus]

Originally posted by: Perry404

Originally posted by: DisgruntledVirus

Originally posted by: Perry404

Originally posted by: The Boston Dangler

Originally posted by: Perry404

Originally posted by: DisgruntledVirus
Just buy the EE edition from Intel, or the Black edition from AMD and call it a day.

Or just do a FSB OC and call it a day

I have an e6300 oc'ed to 3.2ghz via fsb. I have fried 2 680i motherboards with this same setup. My nb temp is 74. Who knows what temp the rest of the mb is. With an unlocked multiplier I might get 3.8 or 4.0ghz with very little excess heat.

you're on your 3rd $200-250 motherboard, to squeeze more out of a $175 chip? you're either lying or very foolish.

Hey fuck you. Call me a lier. In fact I was wise and bought my board from eVga who has a lifetime warranty and replaces the motherboard free no questions asked.

If you're going to insult him at least spell "liar" right.

Well at least you got your replacement mobo's for free, but I still fail to see why you want to unlock the C2D to try to hit 3.8 ghz+. That is a 100%+ OC. What are you doing that you want to OC your chip that much? Bragging about it isn't that big of an accomplishment (no offense meant either), as somebody will have a higher OC to brag about (unless its just in your group of friends, but burning out the chip to try and out OC a friend seems pointless personally).

Sorry but he insulted me. Why do I want to overclock? That's a silly question. Because I can.

That is not a reason IMO to OC and void warranties. OC'ing can be rewarding yes, but would I overclock my grandparents system they use for email, web browsing, and some card games? No. If you have a use for the OC, say because you actually need the speed for video encoding, that is different. To OC a chip to almost double the clock speed just because you can is pointless, the same as adding NOS to a station wagon is pointless.

To each his own, but to answer your question the C2D (and all current CPU's for that matter) are hard wired to prevent the user from doing what you want to do. If you want an unlocked cheap chip go with the AMD Black Edition chip, if you want the fastest performance and such go with an Intel EE. But unless you get one of those two series chips you will not have access to the multiplier.

 

[Throckmorton]

When you put the heatsink on wrong

 

[pm]

Originally posted by: Foxery

Originally posted by: Lord Banshee
But i do not think the only reason to do is not for overclockers, but so OEM dealers don't sell cheaper processors that work at higher multipliers.

I believe this actually happened a few years back, and is Intel's biggest motivation for locking up its chips.

This was, in my personal experience, the ONLY motivation for locking microprocessor clock ratios. I was directly involved in the first ratio locked CPU's shipped from Intel - I worked on the later steppings of the P54CS product (P54CS was the 133-200MHz Pentium product). After the P54CS release, there was widescale "remarking" of 133MHz parts as 166MHz and 120MHz parts as 150MHz in various parts of the world. Merely by changing the engraving on the top of the chip (by, for example, putting a sticker over it), an unscrupulous vendor could increase their markup by $100-200. Within a year, there were whole organizations that would do this as almost a production line.

The problem was that when the CPU's that had been "remarked" failed, then the customer turned to Intel for a replacement, and were generally unhappy with the quality of this expensive CPU that they had bought, which reflected poorly on Intel.

So, a metal mask change was made which "locked" the ratio to either 120/133 or 150/166 or 200MHz. This was a low-level mask change, there was absolutely no way that anyone could override it - even with a FIB (Focused Ion Beam - a large device the size a refrigerator that can rewire chips) because you'd have to cut through higher level signal wiring (there was no backside FIB back then because the Pentium was direct wirebond attach).

I was in the design review where this decision was approved. I worked on the team and sat next to the engineer who implemented the lock. At no time did anyone mention overclocking, or anything like it. It was all about eliminating the grey market. I know this for a fact, because I was there.


As far as the original concept of the thread - everyone who replied above is correct. There are two ways to change the ratio setting of a Core 2 Duo or similar CPU once the fuses are blown, but neither are practical for an end-user. You could do a backside FIB - which would be prohibitively expensive and FIB'd parts are known for very short operation (like a couple of months) due to the way the backside is prep'd. Alternatively, if you knew the TAP unlock, and you had insiders knowledge of the scan chains that control the ratio, you could theoretically do a TAP scan-chain override through the JTAG port. But these unlock commands are not known by more than a handful of people within Intel (I know this also from personal experience) and doing a scan override is tricky even when you have access to the documentation, and experts who can help - I also know this from personal experience.

The idea that someone could hack a CPU on the surface seems like it wouldn't be that much harder than unlocking a cell phone, but in reality it is vastly harder. Among other things, the firmware on a cell phone is meant to be modified. It's software essentially and it's designed to be changed. In addition, cell phone components are sold across vendors - like the baseband for a cell phone might come from one chip company, while the firmware is from another, and other components from other companies. In order to make this work, specifications need to be written to be communicated between companies, and software needs to be written to enable developers to develop on it - so there are essentially instructions on how to modify the components which exist and SDK's to help people author firmware. None of this is true inside of a CPU, there is an internal specification but it is not shared outside of the compnay, and there's no such thing as an SDK for modifying a CPU - mainly because it's hard if not impossible to do.

So, in reply to the OP, there is no way that is practical to unlock or hack a CPU. It can't be done - if it could, then there would be a multi-million dollar business opportunity for criminal organizations and they would be doing it.


Patrick Mahoney
Intel Corp.


edit: Since this is the internet, one may be inclined to doubt my claim that I really was present at the design review where the first Intel processor to be ratio locked was... locked. This is my bio, with a reference to my stint on the Pentium design team: http://www.ewh.ieee.org/r5/den...2005_03_Montecito.html ( yes, that's me with the "deer in the headlights" look and, yes, below that would be a photo of me with my eyes closed).

 

[veri745]

Originally posted by: covert24

Originally posted by: Extelleron
Back to the subject, an end user is never going to be able to unlock the multiplier on a modern chip, just as a user can no longer unlock the pipelines on a graphics card - disabled pipelines are laser cut, and multipliers are impossible to unlock without access to technology.

It is possible to unlock the multiplier on a regular chip, however - AMD does this with the Black Edition, and I'm sure Intel does the same thing with the Extreme Edition CPUs. They are just regular CPUs when fabricated, but they go through another process to unlock the multiplier, as far as I know of course.

i would think the multiplier would already be unlocked on all of the processors and then the regular chips would go through the process to permanently 'lock' the chip at one specific multi. it seems more realistic if i look at it that way. and as far as 'cracking' there is no way to do it. cracking refers to the software side of the spectrum and obviously no software alone can modify a chip in such a way that would change its physical properties. That being said you would have to get a chip directly from one of intels fab. labs to get a truly unlocked chip. or as many have said just buy a EE version...

This is definitely how it works. The CPU FID (Freqency ID) is a register that gets read out of the fuses on the CPU. There are also fuses that 'lock' the FID to the fused value. In order to unlock the multiplier, you would have to 'un-blow' the fuses that are set after testing.

 

[FallenHero]

Originally posted by: pm

Originally posted by: Foxery

Originally posted by: Lord Banshee
But i do not think the only reason to do is not for overclockers, but so OEM dealers don't sell cheaper processors that work at higher multipliers.

I believe this actually happened a few years back, and is Intel's biggest motivation for locking up its chips.

This was, in my personal experience, the ONLY motivation for locking microprocessor clock ratios. I was directly involved in the first ratio locked CPU's shipped from Intel - I worked on the later steppings of the P54CS product (P54CS was the 133-200MHz Pentium product). After the P54CS release, there was widescale "remarking" of 133MHz parts as 166MHz and 120MHz parts as 150MHz in various parts of the world. Merely by changing the engraving on the top of the chip (by, for example, putting a sticker over it), an unscrupulous vendor could increase their markup by $100-200. Within a year, there were whole organizations that would do this as almost a production line.

The problem was that when the CPU's that had been "remarked" failed, then the customer turned to Intel for a replacement, and were generally unhappy with the quality of this expensive CPU that they had bought, which reflected poorly on Intel.

So, a metal mask change was made which "locked" the ratio to either 120/133 or 150/166 or 200MHz. This was a low-level mask change, there was absolutely no way that anyone could override it - even with a FIB (Focused Ion Beam - a large device the size a refrigerator that can rewire chips) because you'd have to cut through higher level signal wiring (there was no backside FIB back then because the Pentium was direct wirebond attach).

I was in the design review where this decision was approved. I worked on the team and sat next to the engineer who implemented the lock. At no time did anyone mention overclocking, or anything like it. It was all about eliminating the grey market. I know this for a fact, because I was there.


As far as the original concept of the thread - everyone who replied above is correct. There are two ways to change the ratio setting of a Core 2 Duo or similar CPU once the fuses are blown, but neither are practical for an end-user. You could do a backside FIB - which would be prohibitively expensive and FIB'd parts are known for very short operation (like a couple of months) due to the way the backside is prep'd. Alternatively, if you knew the TAP unlock, and you had insiders knowledge of the scan chains that control the ratio, you could theoretically do a TAP scan-chain override through the JTAG port. But these unlock commands are not known by more than a handful of people within Intel (I know this also from personal experience) and doing a scan override is tricky even when you have access to the documentation, and experts who can help - I also know this from personal experience.

The idea that someone could hack a CPU on the surface seems like it wouldn't be that much harder than unlocking a cell phone, but in reality it is vastly harder. Among other things, the firmware on a cell phone is meant to be modified. It's software essentially and it's designed to be changed. In addition, cell phone components are sold across vendors - like the baseband for a cell phone might come from one chip company, while the firmware is from another, and other components from other companies. In order to make this work, specifications need to be written to be communicated between companies, and software needs to be written to enable developers to develop on it - so there are essentially instructions on how to modify the components which exist and SDK's to help people author firmware. None of this is true inside of a CPU, there is an internal specification but it is not shared outside of the compnay, and there's no such thing as an SDK for modifying a CPU - mainly because it's hard if not impossible to do.

So, in reply to the OP, there is no way that is practical to unlock or hack a CPU. It can't be done - if it could, then there would be a multi-million dollar business opportunity for criminal organizations and they would be doing it.


Patrick Mahoney
Intel Corp.

Holy Crap.

/thread

 

[The Boston Dangler]

Originally posted by: FallenHero


Holy Crap.

/thread

with authoritah!

 

[Blitzkreig75]

.......This was, in my personal experience, the ONLY motivation for locking microprocessor clock ratios. I was directly involved in the first ratio locked CPU's shipped from Intel - I worked on the later steppings of the P54CS product (P54CS was the 133-200MHz Pentium product).......

Great stuff, man 😀

 

[Nathelion]

Cool. I have been wondering about this for some time.

I can't help but wonder though - there wasn't as much OCing being done back then, so let's assume that some other cheap and effective way had been found to control black market OCd chips. Would Intel still have locked their chips, in order to make enthusiasts buy more expensive chips?

I could see it argued either way. On the one hand, they'd want people to pay as much as possible for their chips. On the other hand, the effective cost of the low end chips people would buy would be significantly diminished, since OCing voids the processor manufacturer warranty. In other words, their support costs would go down (assuming that there's an effective way to detect overclocking).

...

 

[dmens]

Originally posted by: pm
edit: Since this is the internet, one may be inclined to doubt my claim that I really was present at the design review where the first Intel processor to be ratio locked was... locked. This is my bio, with a reference to my stint on the Pentium design team: http://www.ewh.ieee.org/r5/den...2005_03_Montecito.html ( yes, that's me with the "deer in the headlights" look and, yes, below that would be a photo of me with my eyes closed).

nice pics.

i heard from a rumor that the tap lock was augmented after motherboard vendors sold hacked BIOS sequences that messed around with the productized TAP command strings. intel definitely would not like that happening.

either way, i agree, hacking the TAP now is an impossible task unless you are completely involved in the debug process.