Join Us!

Notifications
Clear all

Chip off or JTAG  

Page 1 / 2
  RSS
4Rensics
(@4rensics)
Active Member

So, more of a general discussion, but our forensic team is looking to move into one of these ( or both ) areas.

At the moment we are torn. Obviously costs are a concern and having just attended F3 I saw an eye opening talk from the Canadian Mounted Police (I forget his name, sorry) and he was talking about £200k and upwards for equipment.

What would people choose and what are people thoughts on either of the solutions.

Personally, I think JTAG is cheaper and obviously less destructive and would be my choice.

4Rensics

PS. If you were there, I didn't win the iPad! (But I did win something…) 😉

Quote
Posted : 08/11/2013 9:00 pm
jaclaz
(@jaclaz)
Community Legend

…. he was talking about £200k and upwards for equipment.

Does that include the nuclear posimegatranscontrasuperfragilistic accelerator ? ?

Sorry to interfere with your poll, but I would like to see a list of equipment that sums up to UK£ 200,000 (and upwards) that is actually needed. 😯

jaclaz

ReplyQuote
Posted : 08/11/2013 10:01 pm
Bulldawg
(@bulldawg)
Active Member

Maybe that includes the building.

ReplyQuote
Posted : 08/11/2013 11:12 pm
DCS1094
(@dcs1094)
Active Member

…. he was talking about £200k and upwards for equipment.

Does that include the nuclear posimegatranscontrasuperfragilistic accelerator ? ?

Sorry to interfere with your poll, but I would like to see a list of equipment that sums up to UK£ 200,000 (and upwards) that is actually needed. 😯

jaclaz

I 2nd jaclaz comment - must be some setup to justify 200k's worth of equipment!!

I'm guessing their setup accommodates for every possibility with chips including if the chip is damaged and the bonding wires need replacement/realigning. I am aware of Chip Programmers that cost in region of 75k, however you can get ones cheaper that do the job!

…having said all that, chip-off all the way! 8)

ReplyQuote
Posted : 08/11/2013 11:15 pm
bartekdre
(@bartekdre)
New Member

First JTAG. Where JTAG is not enough you have to do Chip off. simple.

ReplyQuote
Posted : 09/11/2013 2:25 am
jhup
 jhup
(@jhup)
Community Legend

How often do you get damaged devices?

JTAG if you get more un- or slightly damaged devices.

ReplyQuote
Posted : 11/11/2013 9:16 am
4Rensics
(@4rensics)
Active Member

I'm guessing their setup accommodates for every possibility with chips including if the chip is damaged and the bonding wires need replacement/realigning.

I think this could be it.

It was beyond ridiculous. They had ultra (something) scanning equipment to see into the chips (basically xrays)

They were repairing the wiring on the boards, everything. It was crazy! (super cool, but crazy!)

If I can find the slides from the conference I will put them up for download.

ReplyQuote
Posted : 11/11/2013 3:50 pm
ddewildt
(@ddewildt)
Active Member

If I can find the slides from the conference I will put them up for download.

Which, it goes without saying, you would only do once you get permission from both F3 and Dan (the presenter) at RCMP.

I think the point of the talk was to say to people that its not just a case of whipping off the chip, connecting it up and away you go with the data. You need to know what you are doing. The reason they use all that equipment is so that they make sure they are not damaging things as they go along.

I have no experience in either area, but the thing I took away from the presentation was that you need to make sure whoever is doing it knows the potential damage they can cause.

ReplyQuote
Posted : 11/11/2013 5:04 pm
DCS1094
(@dcs1094)
Active Member

I think the point of the talk was to say to people that its not just a case of whipping off the chip, connecting it up and away you go with the data. You need to know what you are doing. The reason they use all that equipment is so that they make sure they are not damaging things as they go along.

I have no experience in either area, but the thing I took away from the presentation was that you need to make sure whoever is doing it knows the potential damage they can cause.

Hit the nail on the head!

It's not as simple as it looks and a lot of things can go wrong, but if done correctly the results can be well worth it. There's many different setups/rework stations and additional equipment (such as auxiliary camera's etc) which cater for different situations with different devices. Always best to do a lot of testing/research first before you invest, to find the methods which suite your needs.

ReplyQuote
Posted : 11/11/2013 5:38 pm
jaclaz
(@jaclaz)
Community Legend

It's not as simple as it looks and a lot of things can go wrong, but if done correctly the results can be well worth it. There's many different setups/rework stations and additional equipment (such as auxiliary camera's etc) which cater for different situations with different devices.

Still, I would like to see a simple list that sums up to 200 K pounds.
(it is still - in my simplicity - an awful lot of money)

jaclaz

ReplyQuote
Posted : 11/11/2013 7:01 pm
DCS1094
(@dcs1094)
Active Member

Still, I would like to see a simple list that sums up to 200 K pounds.
(it is still - in my simplicity - an awful lot of money)

jaclaz

I do agree it is a lot…

I'm not aware of all LE tools, but i know a couple of programmers which cost 75k. They must have a large demand for chips offs for high profile cases and maybe they have been told they have to be able to cater for an event on quick turnarounds; whether that means them obtaining a large range of equipment (different rework stations, programmers, adapters, extractor fans, software) out there and so on etc… so its ready at their disposal without them having to later on try to get hold of it?

Either way it would be interesting seeing their facility and setup! (i wish) wink

ReplyQuote
Posted : 12/11/2013 2:26 pm
4Rensics
(@4rensics)
Active Member

Sorry, no slides. F3 or the corresponding speakers do sometimes make them available, but no such luck. Unfortunately you will have to take my word for it.

I have been tasked with pricing these up, so I think I'm going to focus on the JTAG side for now and hunt down some costings for this in the UK.

ReplyQuote
Posted : 12/11/2013 2:58 pm
sideshow018
(@sideshow018)
Member

When working on phones, one should follow Sam Brother's pyramid and work from the bottom up, the least destructive first. So to answer the first question, JTAG first and then Chipoff for a number of reasons

Chipoff is destructive to the device, no going back unless you are an uber guru in chip rework processes, not impossible, but very hard to do.

JTAG is cost effective, you can put together a very decent kit for 1500.00 to 2000.00 USD.

JTAG is a nice progression to the Chipoff process.

Chipoff costs are higher, much higher, but if you think that you have to have hundreds of thousands of dollars of equipment to do this process effectively, you are mistaken. The three letter agencies will spend that kind of money as they have it, us little police agencies don't, so we work with what we can get.

Our Chipoff's are done with about 10,000.00 dollars of equipment and we are getting the same results as the three letter agencies.

The agencies that can afford it will use the NFI's programmer that runs at about 90,000.00 USD or the Dataio programmer that runs about 25,000.00 USD (+more for the adapters $$$$$). For our purposes, we use the UP828 programmer and adapters. They read the chips just as good as the big guns and they focus on the chips that we find on Mobile Phones. This kit runs about 2,500.00 and then when you buy a number of adapters, you can get up into the 6,000.00 to 8,000.00 depending on what kind of device you are coming across.

With mobile phones moving towards the eMMC memory chips, we are now using a kit called eMMC SD Burn in Socket to read the chip without a programmer. The chip rests in the socket and you place the board in a write blocked SD card reader and image just like computer. This runs about 1200.00 for 1st generation set and 2,200.00USD for the newer 2nd generation set.

In our training, where the UP828, C-Ming, Dataio and Xeltek programmers have failed to read an eMMC chip, these eMMC SD adapters have been successful, great product.

For both the JTAG and Chipoff processes, you will need a cell phone repair kit (a good one with all the tools you will needs runs about 1100.00) and workspace, keep that in mind when it comes to applying for money.

For both processes, make sure you take some training first. Why go through all the troubleshooting yourself, why not take a course where the training entity has done all the hard work for you and show you how to do it properly. There are training companies in the UK, NFI has a program for LEO and in Canada and the USA (coming overseas soon) there is Teel Tech Training.

Cheers!

ReplyQuote
Posted : 19/01/2014 12:36 pm
jaclaz
(@jaclaz)
Community Legend

For both the JTAG and Chipoff processes, you will need a cell phone repair kit (a good one with all the tools you will needs runs about 1100.00) and workspace, keep that in mind when it comes to applying for money.

Still being (extremely) cheap 😯 , can you post a link to an example of these "cell phone repair kits" (one that runs for around 1K bucks)?
(to understand what is in one of them ? )

jaclaz

ReplyQuote
Posted : 19/01/2014 5:16 pm
sideshow018
(@sideshow018)
Member

http//www.ibreakityoufixit.com/shop/wp-forensics-kit

Kits can be bought through Teel Tech Canada or USA as well, make sure you specify your power specs, 110 or 220 before hand.

ReplyQuote
Posted : 20/01/2014 1:28 am
Page 1 / 2
Share: