±Partners and Sponsors

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 1
New Yesterday: 2
Overall: 26966
Visitors: 67

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

JTAG & CHip offs

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2 
  

Re: JTAG & CHip offs

Post Posted: Thu Jan 24, 2013 6:01 am

I would like to underline that the two things fall into two very different categories (IMHO).

The JTAG is essentially "software" and the "hardware side" of it is minimal, little less than being able to open the device is needed.

The chip-off is at the same time "hardware" AND "software", but the kind of experience/knowledge you need is more belonging to "hardware" (or at least this part is essential to avoid making a disaster).

What I mean is that if I had to hire two guys (with no specific experience with JTAG or chip-off) I would choose them preferably:
  • for the JTAG someone with previous programming experience
  • for the chip-off someone with some previous experience as an electronics repairman

And yes I do know quite a few brilliant and experienced, capable electronic engineers, with a higher level of education, that simply don't know which side of a soldering iron is the handle Shocked (and this DOES make a difference when it is on Wink ).

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: JTAG & CHip offs

Post Posted: Thu Jan 24, 2013 5:17 pm

Mr. Green

There are different problems with each, in my experience.

With JTAG/SPI/I2C, finding the test points is the hardest part. Minor headache is interpreting the resulting data dumps.

With chip-off the concern are untangling the "translation" layers and sometimes encryption of the dump, minor problem is getting the pin-out for unknown chips.

But, no disagreement with you or Bob.

By the way, I almost made it to your class in DE, Bob, but I think my boss just nixed it Sad  

jhup
Senior Member
 
 
  

Re: JTAG & CHip offs

Post Posted: Fri Feb 08, 2013 11:50 pm

So i can use a J-TAG box to take a dump of a locked phone and then use Xtract (XRY) to interpret the results and find out the code? what other useful things i can extract from the dump?  

CopyRight
Senior Member
 
 
  

Re: JTAG & CHip offs

Post Posted: Sat Feb 09, 2013 12:03 am

You can recover deleted items as you will have a physical acquisition of the flash memory. Some tools like Cellebrite P.A. and XRY Complete will parse out the password, you can also use the CCL Forensics Python scripts to get them. Some of the JTAG tools will put the physical dump into a logical file system for you and you can export out the SQLite Databases for pretty much anything and recover data form call logs, text messages, contact, user data from applications, phone setting, gps and other location type data, and much much more..... (-: I sound like a commercial (-: As you have a physical dump, the items you can recover are endless. More so with Chipoff and it goes a bit deeper and the Pare Area is in place to allow Cellebrite P.A. and XRY Complete to rebuilt the logical file system on supported phones. Getting the deleted data form the physical dump can take some time, you need to use techniques to find the data and then decode it at the HEX Level to get date and time stamps, attributes, details (eg. incoming, outgoing, dialed, missed etc.) and other information related to the artifact you have found, again time consuming be very rewarding......  

sideshow018
Senior Member
 
 
Reply to topicReply to topic

Share this forum topic to encourage more replies



Page 2 of 2
Go to page Previous  1, 2