Not an expert, but my read of the article was that he had code execution already, but needed to dump the bootloader so he could gain access to peripherals. You could no doubt pull the chip and read it out with a programmer: this has been done for many other devices, i have no trouble believing you could do the same with an iPod. The method he developed is noninvasive, though, simply requiring a soundproof box and some analysis software. Thats what makes it cool, to me.
No comments yet.