At this years Blackhat USA briefings, the ATMEGA2560 was shown as an example of an unsecure vs. secure device. We have received a few requests for more information on this research so here it goes...
The device did not even need to be stripped down because of designer lazyness back at Atmel HQ. All we did was look for the metal plates we detailed back in our ATMEGA88 teardown last year and quickly deduced which outputs were the proper outputs in under 20 minutes.
Atmel likes to cover the AVR 'important' fuses with metal plating. We assume to prevent the floating gate from getting hit with UV however the debunk to this theory is that UV will SET the fuses not clear them!
Image above shows you the location of the plates and two small red marks inside smaller, higher mag'd image.
For those who must absolutely know how to unlock the device, just click on the, "Money Shot!"