Excellent #38c3 talk (last month) on reverse engineering the radio interface of a TI RF microcontroller (that can do Bluetooth and various other protocols). They found both a MCE (ARM M0 core for modem control) and an RFE (custom 16-bit RISC core for real-time RF control), via a built in mechanism that effectively uploads new protocols to the radio side from the application core. (~40 minute talk, given December 2024)
https://media.ccc.de/v/38c3-beyond-ble-cracking-open-the-black-box-of-rf-microcontrollers#l=eng&t=0
=> More informations about this toot | More toots from ewenmcneill@cloudisland.nz
text/geminiThis content has been proxied by September (ba2dc).