alt Hacker NewsThanks, makes a lot more sense now, I guess if Vcc was lower the effect would be more pronounced if anything, never really considered this as an attack vector, but looking online now it seems to well established, I'm surprised Microchip engineers didn't pick it up.
Another good trick is to replace the crystal with a bit stream.
If you can identify the cycle where the security bits are being read you can insert a runt pulse that is much faster than the norflash read time.