|
|
|
|
|
|
by tshaddox
1941 days ago
|
|
|
Yeah, they definitely must do decryption on the device, which means they must have some tamper-proof chip that has never been broken (as far as I can tell, there's no leaked decryption key). That's actually pretty surprising to me. |
|
|
Looking at teardowns of the current Onyx radio [0], the NXP LPC4078FET180 has both a unique ID and some mechanisms to make it very difficult to read the programmed code externally. One option would be to store the key there, and use that mcu to run all the audio decryption, processing, device activation, and protocol updates (under the control of the TMX570 running the UI etc).
[0] https://fccid.io/RS2SXPL1/Internal-Photos/Onyx-Plus-Internal...