Sorry WHAT?! I was under the impression this whole time that this wasn't feasible due to asymmetric key encryption with the private keys baked deep into the hardware. Perhaps I'm misremembering but Cliff (the founder) is very big on protecting trade secrets so I'm rather surprised you were able to. Or do you mean you were able to flash new firmware, not reverse-engineer the existing one?

Either way I don't blame you for not writing it up. The same guy just recently accused another industry player of "infringing on [his] idea" with a product because he "filed a preliminary patent". I've been using Fractals since long before they were cool but based on the guy's forum posts I think he's having a hard time navigating the modern internet cultural landscape (the tenuous nature of his legal argument notwithstanding). It's a real shame as he's clearly super talented but I think trolls have gotten to him.

I never encountered any encryption/protection of any kind on the II (had 3 bootloaders: a simple memory loader -> a huffman tree decompressor -> another simple memory loader) and even though I got pretty far on the III I could see there being some kind of key embedded in the firmware somewhere. I was able to disassemble any .syx firmware release that came out. I wrote my own IDA Pro modules for the TigerSHARC (II) and TI-C66x (III). II took a while but I learned a lot. When the III came out I started over. I spent a lot of time reverse engineering the amp block code, but stopped about 8 years ago. Back then he wasn't even compressing the firmware yet, so it was easy.