DEF CON 16 – Christopher Tarnovsky: Inducing Momentary Faults Within Secure Smartcards

good evening everybody my name is uh Christopher Trotsky and I’m with flat logic engineering and glad to see a big turnout for the last track of the day so this track is going to basically consist a very deep analysis of an older microcontroller from infineon at black hat we decided we do the infamy on 44 series used in some smart cards from silent have yet anybody ever heard of silent data security you know Lincoln krypter seems like this trust your data with them on your laptop so forth who uses smart horse here anybody awesome you guys probably use much newer one it’s the problem with the newer ones is the principles you’re going to hear today all apply to two tomorrow as well but you’ll you have viewer challenges as everything starts to shrink the average smart card today is about 180 nanometers what will play on this afternoon this evening is going to be about 1,000 nanometers what average smart card today is getting meshed now with active machine to keep this type of stuff from getting direct access to the bus lines or the memory outputs things like this I’d like to go through a quick quick overview of what I talked about a black hat and then get as much time as possible probing with you guys and will actually sit on the bus of this chip will these drop it and I’ll explain some points because some of you will probably be thinking well we’re unencrypted busing encrypted a dress fit you know fetching scrambling who knows what and honestly it’s it’s it’s that’s good but these principles apply to everything because there’s always a way another way to skin a cat who uses the 6805 or the 8051 excellent how do you guys know assembler most excellent you guys count classical’s good because we’re going to count some clock cycles so this chip is again it’s pretty old but if you can grasp what what we’re going to talk about you can do it to anything if you get you know but you have got some challenges obviously ahead of you so momentary fault what is it basically it’s it’s it’s opening up the chip to get to the substrate and temporarily changing the behavior of this state machine that’s running is that’s really what a microcontroller is its complex state machine with specific behaviors and dynamic behaviors so the change is always going to be precisely calculated it’s it’s it’s guaranteed as soon as you do your homework and do your calculations of where to apply it most of the time the fault lasts no more than a few clock cycles I had wanted to do demonstration with a stack overflow however it took a little much too much time given the probe set up the way it is so i’m going to show you basically a destruction of a loop that reads bites out of the east core of the chip normally we will get 16 out and with one glitch with a needle I’ll make it spill 256 and I could keep repeating this loop as well this particular glitch is going to last one clock cycle period inside the core of the of the 44 series infineon part sometimes though I may hold the fall forever maybe I want to you know freeze the instruction launches and make the code maybe make the chip latch a 2-byte fetched instruction of some kind with like an instruction in an operand something like this is very very favorable to a hacker and most of the smart cards today still don’t have any defenses against this the only well that I take that back they fences the meshing the size and such but once someone overcomes these there’s no defenses you know for allowing me to read out all the memory mess with the MMU changed memory mapping if it’s over 64 K things like this so the long is going to be challenges but what you’re going to see today is applies to it it’s just you may need to think a little bit of outside the box to get it to work I just put the slide up I should have asked you guys you want to sit on the bus does anybody do reverse engineering here okay what I mean substrate reverse engineering with microscopes needles and things anybody okay this ship any chip is no different than it then then a PCB if you lay out PCBs anybody to do PCB board design things like this okay excellent so the only difference is instead of doing a scan on a PCB I’m like a scanner to look at the tracks if you’re trying to trace out wires or using an ohmmeter you need to use a microscope and the testees want the wires there much weaker than we are on the outside world we need to use like a very low capacitance buffer or not BAM for example something something very light so the wire doesn’t sink down and and the slough rates don’t get destroyed for the transition between a 0 to 100

120 the driver needs to be capable an hour and for our purposes of this talk an op am won’t work because an amp amp is only going to take the signal out amplify it and bring it to you that’s just listening we’re not going to just listen we’re going to listen and then we’re going to momentarily induce a fault that we’ve chosen at what point in time to do it so we know their clock counts we know where they are at what precise point in time and we’re going to physically change the value on the bus at that moment the driver needs to be low capacitance needs to be capable of driving a one or a zero because this way gives you the flexibility if it’s a one you can make it a zero if it’s a zero you can make it a one if it’s 189 a nanometer technology or smaller maybe and you know maybe the voltage you can’t make a one let’s say it’s too you don’t have a driver that supports like one point six five volts maybe maybe find then an instruction that you want to instead drive to a zero because it’s very easy to force a line to ground through through a driver that’s running at two point you know five volts or 3.3 volts or five volts even just as long as you don’t drive fire or you know 3.3 or whatever into it so the chips are getting smaller getting lower voltage there’s you know new challenges but all of these techniques today will apply to anything tomorrow so why do we do it why do we do it we do it because maybe we want to override the stack pointer make this loop as you’ll see soon repeat as many times as we’d like I’ve only prepared it to do it once it’s not really useful to do it more than once because the high side of the data planner is not getting incremented so we’re stuck in a page of two 456 anyway but maybe this is not a microcontroller because this is not just smart cards this is also any type of silicon device that you’ve got any digital circuit we can apply these techniques to maybe it’s a cryptographic ASIC of some kind and you want to falsify a Mac or an H Mac or or a cryptogram of some type this is the technique can apply again it just takes a little bit of effort on your part on the attackers part so to put the fall into the chip we’re going to need to physically touch the substrate so we’ve got to open it up with some assets none of this is being discussed today you can see the video on wired has anybody seen the video and wired okay I was very tired but I’m good trying to good good did you understand most of what you saw good even better good so you take that and you again apply it to today there are some new challenges but it’s still it’s the principle of what I did in that video that it with a little bit of thought you can do it infineon 66 88 s have a mesh 220 nanometer technology 5 metal layers with the mesh so use a fib bridge the into the out and then use my wet chemical techniques and blow a hole right through and get right down to the core of the of the 66 p ok so this is a Thompson 19 series processor don’t remember which one but something I took a long time ago and it’s it’s very interesting so you can see the yellow the yellow track is the data bus of d0 the the blue line is a trigger some trigger that I had the green line is the clock and again just going back to these this ship versus that ship this should happen to run on an internal clock so this green clock you see actually had to get plucked out of the CPU with a needle so this was many needles take five needles on the substrate and but for this point in purpose we care about d0 and the fact that we’re in sync with their internal clock the purple line is reset so this is literally like five or six instructions on the d0 bus bus line d0 is the LSB of the instruction fetch on the or the data bus it it’s it’s also a bit that flips the most and you know you make a 0110 change 24 to 25 you know anything in motorola like 21 22 20 21 22 23 they’re all the complements of each other in 8051 it’s a little harder because it’s like 20 or 30 jump if not bid jump if bid but you move the needle to them to fit for instead then I prefer to use d0 though as much as possible so you can see here we’re just listening there is my blue line is some type of a trigger point truck it’s probably the trigger point that tells the driver to fire fire meaning I’ve already prepared my higher low level glitch so I’ve set that side of the 126 that I’m using it to be able to you know the gun you know the chamber and that trigger is basically the trigger so here in the next picture we changed it we physically induced 0 when it should have been a 1 and so you can see I changed the entire instruction processing afterwards now we’re only sitting on d 0 so we can clearly see

that what came afterwards is uh is some of our other fetches and some of them would the one was on high a lot of periods and then down low and on high again the instruction cycle period here is is a it’s pretty it’s pretty quick it’s like 10 or 12 megahertz for a smart card anyway so this is the theory this a whole theory before we do a glitz you don’t just randomly throw you know you don’t put a needle on the bus and just start jamming it down to ground or jamming and high and stuff you’re just going to go nowhere so the first thing to do is for us to take what’s called what I call the running code so it means that we basically put an evil on d0 we come out of resend wit so we turn on we turn on VCC we have the reset line low we start the clock and then we release reset and we just basically we take we take it’s a 32 kilobits of samples on d 0 then we save it in our in the software and then we move the needle to d1 and then we do d1 and we can put down two or three needles which one do them in batches of 2 or 4 etc it’s quicker for me to use one needle and walk the bus so to speak to do this running long than it is to manipulate to each time how many needles do you think it takes to dump one of these smart cards you guys think it takes a sim to dump one of these smart cards to go anybody know what’s this scan sentence it’s getting electron beam microscope does anybody use a sim or juice em prepping it’s a pain in the butt and I I don’t use this him I don’t even use a fib for half the chipped out there today and you’ll hear all these rumors that fitness em and university level is needed it’s never been needed and it’s only now needed since say 2002 ish when they started to get below 350 nanometers anything above 350 is typically only three metals it’s really easy to get to metal three or two if it’s below 350 typically it’s going to be a four metal layer could even go up to five and plus a mesh maybe the microchip the micro the microsoft licensing device 8-pin saic and every one of your wired or wireless controllers used on an xbox 360 a little infineon chip inside infineon so paranoid that you’re going to get to their logic underneath that they laid a double triple mesh so they got to active meshes with a ground plane in the middle infineon kept practice and took it to the SLE a 88 does anybody use the 88 series SLE no 32-bit risc from infineon 66 single mesh very easy so we’re going to sell your ending code on this chip none of these principles about meshing and things apply the chips very opened up we’re going to look at the code see where it went and we’re going to pick an instruction that we want to change and instruction is going to give us something that we want it to do and not what it should have done such as keeping a loop that fetches it by and transmits to the bite to the outside world keep it going so if a DJ and Z is one at what happens it looped one more time but when that goes to zero it’s decrement jump if not zero your jump stops and you fall through to the next code you know piece of code so what if when it goes to execute that instruction I change in this instance here that one being read out to go into the AO you to decrement it because that’s exactly what happens in this 8051 it you see the program counter low on the bus you see the opcode fetch you then see beyond the DJ NZ of our or whatever you’ll see the value come out of the register into the AO you you’ll see it get decremented and stored back again so if it comes out with a one and I hold it 2-0 it goes in as a zero it under flows becomes F F F F’s 255 we get 255 more bites back from the loop so be very careful when you do like move exit a at the data pointer increment data pointer you know that type of thing in a loop we don’t always play with the data bus although we will today the data bus could be encrypted it could be in the clear it honestly it doesn’t matter you can kind of tell what’s going on with behaviors of CPUs typically unless there’s some wacky zany crazy you know no one knows the instructions that cpu maybe fifty ones 0 to 255 possibility for what the instruction really was that got fetched if you are encrypting it 6805 same boat a VRS things like this are a little wider of an instruction the changes the rules but again these principles apply in theory address bus so can change you know location 0 I can make you go to a location one instead you don’t know but whatever came out is going to be a you know is going to be what we used by whatever is being done that that behavior at that state of time I versus Falls typically I’m only going to play with them on a cryptographic memory type devices at mo crypto memory Dallas one wire type parts things like

this things where I don’t really have control I can read out public areas of memory but i can’t read out private areas where you hide your key material or secret seeds things like this so it knows if it gets to 80 that it needs to it throws a MUX and you can’t read out that data so it sends you zeros or ffs depends who’s who did it you know everybody’s got their own way to do things so what if we tell it to read zero but I forced bit seven high on the address bus what’s that become I just ordered something into the bus becomes 80 so let’s say 80 is protected but I gave you address 0 to read from so I told the chips logic with the firewall area of the chip is saying oh it’s 0 it’s ok let it go but I mooring in bit 7 later on behind behind the address bus drivers well behind behind logic work and back feed and it works beautifully so 0 becomes a t1 becomes 81 and so forth does anybody have any questions if you do stand up please and just ask I want this to be very interactive and I want you guys to come up on stage and put a needle down to anybody want to play with the needle okay cool cool excellent anybody have questions then right now am I going too fast because I’m trying to cram this in you sir absolutely two needles to five meals is easy to you start to go about five needles it starts to get really hard the more needles people that I talk to that don’t really appeared you know that maybe are telling little lies and stuff they typically tend to exaggerate the needle count on how many it would take to extract the code from a processor or something but if i can make behavior repeat if i can make it a fault repeat i can maybe do do it in two needles but with this technique i can do it in one needle let’s say you’re doing software and you know you may say oh well we do software randomizations or we do hardware and randomization you know so you’re randomizing things in hardware like the cores randomizing things with dummy bus cycles and stuff that’s fine then I’ll put down another needle and I’ll eavesdrop the internal latches of where the instructions coming in and now the only time though that I would need to clock in data is when those latches open and close but I would miss some of the bites too I would miss operands because they’re the latches will not open and close on there so you generally honestly one to two needles I’m done two needles I’ll do it quick one needle I’ll build a script let me rephrase us with two needles i can not care about what’s in the code and i can simply freeze up freeze an instruction in the code and basically walk the bus and read out memory in most cases or i can let something run freeze it and then let something else for on this type of thing maybe skip over signature check i ate to do anything by freezing instructional matches but it’s also very beneficial for a 64k memory map to do a readout like on the older 60 80 flights from thompson motorola this this stuff the newer stuff has mm use a memory management unit so you have more than 64 k a physical memory so you’ve got a kind of let the processor work for you and then when you get that page map to the memory then do your attack things like this but two needles one you know you pretty much your good does that does that answer your question sir okay yes sir somebody had a question over here yes Jim we’ll go there in about five minutes so you mean a structure wise how do I know what I’m looking at yeah we’ll go there in a few minutes and I think if that’s kind of something you kind of learn what experience if you’ve got the time to play but you can pretty much tell who laid it out once you’ve went as you open up devices because maybe they won’t mark infineon on on a smart card although they do typically or st they do the cell library is going to look just like it does on the office on the off-the-shelf stuff of that feature size of that geometry um you know and like for example today until it’s down at forty five nanometers that’s pretty small but I don’t need to probe the lot at the actual logic I need to get to the wires and that’s we’re going to go there in one minute anybody else have any questions before we continue yes on specific rates of addresses let’s see b14 they for rio grande Isle that you you asked for a dresser wrong given to you what’s the children hitachi area Renaissance I go I i I’d

have to see it and read the spec read the specs going to tell you a lot I mean they well I’ll give you a good example this badge has a 9s 08 on the back of it anybody used the 9s 08 nobody anybody used the motor of the freescale Motorola I call Motorola still the motorola freescale 908 like the JV 12 things like this the 90 way it was more secure than a 9 SOA and then I know I 9s 08 got shrunk it’s a TSMC process it’s a 215 animator for metal layer and I already here is they tried to make you believe that it’s super super secure now so they tell you if the last address in memory has to be a complemented like a 10 combination on two bits unlike bit 0 and 1 and they tell you so when we do when you do evoke the only way to clear this is a thorough bulky race blah blah blah that’s great but what if I tell it to bulky race on one second then they warn you once you bulk erase it you need to make sure that you set those bits back to 10 because they become FF all ones in itself it’s back to 10 before the next reset so what’s that tell you that tells you that in logic they tried to they just execute a bulky race and then they turn them in their communities actual bits that would normally load that address and store that mi locked or not they clear those for you so what if I cut the VPP line does anybody know what happens if I cut the VP VP line and then till it the bulky race it doesn’t do anything except clear those two bits and then I read your chip out so I mean just food for thought there’s a lot of ways to get into these back door monitors and such that run and a lot of these chips are being fed by TSMC like free ops freescale I’m trying to think here who else I see it a lot you see it a lot though there’s a data data biz Wiz or something out of like irvine they’re making a smart card it’s got like 10k of static ram on it 32 bit ALU 16 but i’ll cook pitch it’s a TS NC same exact memory model once I learned the memory model on the off-the-shelf rescale parts I can just buy their smart cards at ten bucks apiece and I can whack them you know hey I know exactly what database outputs are clocks address about structure be careful database faults are all we’re going to focus on today and it’s it’s the most probable choice it’s a very easy to spot the date of us and this is what your question was about before it’s got to come out of the memory and it may come out of the memory encrypted but that doesn’t mean that you can’t understand at least you can understand one it loops because if it’s encrypted if it if it if it if a 20 let’s say it’s a 2020 fe that’s the wrong chip but that’s so 6805 branch to yourself so let’s say it’s a nadie se a short jump to yourself in 8051 either of those two let’s say they’re encrypted and they’re coming out as you know 1055 who knows you’re going to see on the bus during to 1055 255 you’re gonna see that’s come out constantly so you know that you don’t know really what it is but you can tell it’s a branch to itself and it’s sitting there forever in an endless loop so you just figure it out to instructions from that address point about what they decoded to but you may not even need to know that you can see encrypted code running in Luke’s let’s say I know as 66 is a non ISO reset does anybody know what non nice or reset is is is in an infinite aion 6644 it’s when you hold the io line low and you release it out of reset and that for about 400 clock cycles and then you release adopt back to a pulled up state to a 1 it then identifies you it’s chipped lot and things like this this is what we’re going to exploit today if it’s encrypted code I can see the loop where I can see encrypted code that says basically you know do a fetch from wherever the data pointer points transmit the bite and I’m and then you can see the you know decrement whichever register it is go back up and do it again if it’s not done you can see it clip you just don’t understand it but you can make heads and tails out of it quickly if you if you’re focused enough so be careful if you run encrypted data buses and these techniques are still going to apply anyway cryptographic we can make key spills as I explained before execution step same thing determine when to an in fall to induce it we may want to repeat the fault we can if we want to just you need to precisely time things I want to get into more of log traces that I’ve done and takes them with you guys at this time and show you code some code snippets from this cypress chip which is like defunct over 10 years old and show you what I see on the bus and show you where we’re going to do our attack and then weĆ­ll demo you can basically watch exactly what I’ll do but in my lab it’s much quicker because this is the wrong equipment but this is something you guys could build yourself to this was built purely for for like a show-and-tell otherwise the procession is over 300 pounds okay so I mean technology it’s improving and it’s getting good it gets great and the whole theory here is how much money is it going to take how long’s it going to take the person to it

to do it to be successful and then will they get the reward back and that’s really what you need to focus on and I think a lot of these companies are on the right track to do it but there’s still a lot of room for improvement and there always will be everything every smart card to date that’s ever been made by these manufacturers except possibly the 88 series of infineon has been broken if it’s by pirates if it’s been used in an area where they can sell counterfeit things and it’s not just like conditional access for television it could be satellite radio for examples XM satellite radio the reason to Thomson 19 I don’t know why they’re use it it’s not secure scientific atlanta they’re hiding in thompson 16 and 19 in their set-top box why it’s ups its obscurity and I’m securities not security it’s a layer it’s made by human it can be taken apart by human so I’m going to get out of this and I’m going to try to kind of work with you here dining a little more dynamically and and interactively so this is does anybody like like rom bits and things like this you heard people talking about doping roms to read them back out that’s probably the most useful technique of today and the reason for that is because most likely if you’re not encrypting the address you’re scrambling it they’re scrambling it and make it and it needs to be decoded so that means not only do you have to you have to study the put the bits all back together the way they went and you may make a mistake optically you need to understand the address decoding logic as well it’s a lot of work and effort and this the method we’re about to get into is mud is a lot easier but if you did want to study the ROM you can play around like this this is the actual instruction dispatcher table of this 44 that we’re going to play with this is a 500-pound 500 magnification view of the ROM stripped down to its Polly diffusion area and so now you can you can kind of see I didn’t finish this and you guys are welcome to all these pictures and such I just didn’t want to post them on a public link but if anybody would like them I’ll have business cards at the end or the press my emails on the presentation email me and just ask for it and i’ll give you a link off my server you can download the whole archive it’s gonna be about eight hundred megabytes yes this is a photograph through an optical microscope as ice axe you’re trying to with confocal scanning it’s a 500 it’s 50-50 of subjective with a 10x mag so it’s basically a 500 x magnification of the area again this is a 1000 nanometer process is very pretty big I mean anything under 130 I need UV I need to use ultraviolet to wit camera and and I have to make mosaics to to study the logic but again the wires I can see them I just can’t see the actual gate structures but you can make out based off of the way things come into metal one what the circuit might be doing and then if you can put a needle on it you can figure you can just deduce the behavior immediately so you can see here I drew little lines it’s a 36 across this is common 44 infineon 44 series of instruction dispatched able to it’s a 256 by nine you know 256 elements with 9 bits across if you want to look at it as a table it’s in bid form though it’s 36 across and 64 down so you can see that right from here to here there’s 32 plus 4 more that gives you thirty six and then each one of these rows there’s sixty four rows so this has been chemically wet etched with hot buffered hydrofluoric acid before this image could be seen like this I then took a dark field reflected light image of the area it’s four or five images it’s promote for six images excuse me tiles stitched together as one and basically you can see everywhere I mean I didn’t finish but if you guys wanted to play with this in Photoshop like I started anywhere you see right here for example that would I would put a dot there put a dot there wherever the blue and the red lines cross if there’s if you see the glasses connected the poly or that right here put a doctor and then it’s either that then you can what every so this would be a this this would be a bit this would be a bit this would be a bit and so forth every first one for let’s say address 0 it may not be decoded that way though but that’s just a hypothetical example and then you may have it backwards the dot maybe a one or maybe a zero it all depends on the remainder of the logic how they’ve laid it but we’re not going to go any deeper but you can have the pictures all right so we’re going to go into this chip it’s it’s got a mathematical coprocessor net again it’s doing RSA internally all right does anybody know what our say is the graphical map algorithm okay I don’t think it’s any larger than a 512 bit RSA type mathematical setup however you can see it you can tell this is crypto block it’s it’s isolated by itself it’s actually been like an extension to the to this to this chip they took their normal 44c 80 and they added this math

block to it and it’s basically a ton of ram and some shift registers and you know to modular multiply whatever you need to do square but this is really where we care about we don’t we don’t care about this area so just will forget about this area and we’ll go right into here does anybody know what this area is right here this is the non volatility non-volatile ee prom it’s only 8k and it’s a pretty large element your statigram this is going to be your smallest size element but largest area consumed for the amount of cells that they’re giving you so you’ve got some static Ram here you’ve got rom here I believe 32k and you’ve got eight kv prom so you know that there’s a busing there’s busing structures that are going to tie into here then we can see there’s some type of a rom here and some type of aram here here’s the ground here’s the IO line here’s you know VCC reset and clock I so 7816 every most of you guys know what this is ject explain it half-duplex smart card after reset sends out answer to reset tells you what about itself okay so this is a 5 X mosaic 50 50 x mag it’s too small for us to try to look we can’t see anything we’re looking we see like there’s some busing structures we see the static Ram is right here it’s connecting we can count the lines I mean this is a thousand nanometer so 50 X Magus is good for a general blow-up of what where we look what are we what are our goals what our challenges where do we see to kind of plan your attack we see some lines coming out we see some lines here coming up it kind of meet in the middle area so something’s telling me that this is going to be a pretty good area to kind of sit on and sit in we know that the 8051 has them as a multiplex data bus so we know that the low address of things is going to be are going to be present on it and static Ram is connected to it as well as the East square and the ROM there was no mm you because we know it’s within 64k of a physical of a virtual memory Mapple so we take this we already located where we want to be we want to look in here we’re very curious so we image it at a higher mag in that area only this is about this is two rows of 10 a 10 each so this is not just two pictures here ironically the older chips do not look as pretty as the newer ones do the newer ones have a lot of different colors and stuff so we look at this and we start to see some bits some these lines that we saw at the 50 X mag at the 500x mag now we can see we can see a little bit better where they’re viizaar how they’re plugged down things like this so we see one two three okay look at that this one’s plugged into that same track and it goes up towards that static Ram so we’re on the right shade of music or we’re heading in the direction that we got another one here there’s another plug another one another one another one and it keeps going so this looks like it could be a good candidate to be data bus to this chip it is the day of us of the chip to cut to the chase so it’s pretty easy to find the date of us a lot of times because you know the RAM is connected to it that’s that’s the moral of story here it’s not the case and all in all smart cards and such because they try to isolate things nowadays and throw them muxes what area memory are you and things like this but you can always go to the edge of the wrong because you know the chip powers out of it’s wrong so you know it’s running right there and the data bus drivers are always pretty pretty straightforward of what they look like you can see here that there’s actually you can’t see here because I didn’t go enough but you can see down here if i zoom in more you can see this is repetitive logic here does anybody have any idea anybody do logic that has an idea what these are what do you think they are yeah they’re latches they’re the instruction latches so there’s two ways we could set the code out of this chip we could induce a bunch of false we can study the behavior of the running code which will do and we could then like look at what was happening on this bus and we can change the instructions as they’re happening to force an overflow the stack possibly it takes a long time it takes me maybe a whole morning to do this to get this Trojan to work but when i’m done i just put a single needle down and press a key and the key and it executes like clockwork on any of these and so that’s the easy way that’s the hard way to do it but the payoff is the reward is tenfold when i’m done yes siggno it’s a very good question actually I didn’t even talk about that in the intro the point is to do maybe maybe maybe you want to know the RSA key of this chip maybe you know how r SI works you know that you send in whatever it and it process it was sooo with its secret key and it returns a result maybe you want to make a clone of this car door well I don’t know why you want to do it but if you’re in if you’re in like satellite TV pirate you’d want to make a physical change this to turn on all the services for example or maybe maybe it’s a crypto memory and you can’t you can’t right unless you know the secret so you have to sign something to get it in things like this is why you’d want to you’d want to get the code out or make a

change to it oh you do well you need to do it so basically you need to look and see him okay I’m sorry he’s asking like how do you make a stack overflow work and it’s no different than if you guys write in a way you know if you guys are windows hackers or something or you know these guys writing these windows exploits it’s the same theory you basically right further into memory than you should be allowed to because we change the instruction to make it continued in its loop receiving data and storing it indirectly so an indirect pointer basically is writing in memory the stack has to reside into memory somewhere it would be nice if it was in its own private area such as a pic microcontroller has its stack privatized but in most cases it doesn’t it’s right there as well so what we find some locations in memory that are abuse we already have seen a lot by looking at the running code so we can pick addresses to jump to off the stack so we’re basically I’m just going to reload the stack adjust any type of loop pointers to make it stop and hope it hits a return soon to execute the the sequences that we’ve pushed into place kind of but these pushes should never have happened they’re happening because we’d executed this physical glitch with a needle or you know if it’s 6805 beautiful beautiful yes so he’s asking about executing rim of code from ram that’s even better on the 1605 you can you can instead load your worm into the RAM and then tell the staff now jump to jump to 100 or wherever your ramp your code went and you know where it’s getting stored because you’ve already looked analyzed the running code of the chip the goal or for the other goals either and the goal is to get the secrets our get the key material out or maybe do a permanent modification to the chip to where now you have free right access to it most of these chips do not let you write to the e square or anything useful so the only your room going to do it is to kind of invasively or through voltage glitching you might have heard of undue burst things like this make it skip an instruction or in our case and modify an instruction this to abuse something and do it once it’s done though you have complete control okay so we’re going to look at up some logs actual logs taken today I’ll show you a couple logs actually there’s too many chips to get into I try I wanted to get into the 66 on a gem plus does anybody here work for Jim plus really you’re gonna love me so I have like some 6805 gym plus cards here and from the IBM smart card secure way as anybody does anybody use this to secure their laptops or files and stuff no okay how about gem safe does anybody is gem safe has anybody ever seen this little orange card Durrani ebay actually both of these cards are an ebay for like pennies and that’s where these came from you just buy 100 200 of them for pennies and then you can do all your R&D to hack them that you want to leapfrog does anybody ever heard of leapfrog they made they went out of business this is again this is the same processor is this without the crypto okay GSM SIM card anybody clone your gsm sim card it’s exactly why we’re here except today they use a lot of at mullavey ours and such any infineon 66 PS things that are hard to get to but they did use easier chips 28 years ago I mean I’ve had a 38 or a 3 yeah yeah you know the precum 128 whatever one algorithm out for 67 years now because they put it in an ad 51 they put it in the 1605 they put it in chips that we’re never really that secure that got you know Cece certain criteria certified phipps whatever the Phipps is 180 or 11 for 140 certified and so forth so here we go I’m looking for the better log of a commented lot more than that one okay so basically what what you’re about to see is basically the dumped code that came out some snippets so we can kind of line up just so you can understand that what we’re seeing on the needle with the needles is actually it’s the same as what you’d write in assembler it’s just you kind of have to you don’t see the it clock one o’clock two o’clock three you have to kind of parse it apart and I do this by manually by hand typically

although I do have tools to automated so I bear with me one second yeah this is actually I I want to show it to you but I’m just looking I have 1 i’m trying to find it that that’s dot heavily documented on a lot of the instructions to kind of show you otherwise it’s kind of really the lowest level that you can get inside of here unless you really want to start tearing the poly apart and you know and see the gates and everything and that is something I mean I do it I do it carsten Knoll does it a lot there’s a lot of people bunny Wang we all do it but this is much easier than starting to tear apart logic and decode it and put things back together okay I think okay this is fine this will work perfect okay so this is a log I made a while back so the check powers up the manual barely even tells you what clock cycle early starts running at this particular chip takes a while to fire up they clear some ff2 down to f/8 and ram to a zero and so you can see it here you see on clock cycle 0 clock cycle 1 so this is basically what period of time the processor was on when I took the sample but I didn’t just take the sample once I had to repeat this eight times so I put one needle down and walked across the bus eight times just let the code run if you got randomizers i’ll see it because all of a sudden then know the code that looks normal will go to will become garbage basically and so i’ll just look in front of what happened before that went to garbage and i’ll just whack that and stop it that’ll be glitch one you know so no I’m here I’m very serious a lot i see a lot of ships with like each nice where’s this has a seed value that then seeds suffer a randomization and it’s great you guys should be randomizing things and trying to take time between the ATR first by in the second bike coming out and things like this you’ve got to get to the first bite out fast and then they suddenly send it out fast and then they try and randomly change the delay between the second bite in the first and that first bite and I mean I guess it’s good but there’s other you know there’s other things that they should be worried about um but everything you can never not do enough that’s really don’t forget that so we sit here boom finally at clock 3f hex this should from fires up can everybody see this I don’t know let me see if I can zoom in oh is that better okay I have no idea what it does it’s like a function icon on my laptop okay so it works you know ok so at clock 3f we’ve got a zero on the bus guess what the program counter the low side of the program counter remember I told you the 8051 is a multiplex data bus it means you’re going to see it makes it take more time to because that’s a waste of clock cycle right there so you wonder why that move of an immediate value into a register on this 8051 took I believe 10 clock cycles it’s because three of them were addressing address sets of the low of the low side so with pcl gets set to a0 boom all of a sudden a 75 is sitting on the bus on the next clock cycle sample and then again there’s a 75 on the clocks like next clock cycle sample then we see a pcl of one come onto the bus and then we see the operand then we see a 2 and we see the operand and here’s the end this would be the end so this is the complete this is exactly what’s on the bus of an infinity on 44 series 8051 during a move a move move move an immediate value of 80 into register d8 which I’m no idea what it does because I’ll have the data sheet does anybody have any questions now okay are you guys boarded okay good good I’ll go all night but we got to put some needles down to is though don’t forget ok so then boom here we go with a program counter low of three and it just continues and continues so I’m flowing the code on every clock cycle I see what’s going on I mean now we can go let me shrink this let me shrink of this and let’s put these two next to each other and i run linux by the way as well I got some there were some comments online at all these windows and most of my toes or windows it’s so easy but i have my servers linux oh you know quad core eight Y Z on it’s good so here we got we’ve got that same listening I’m just trying to get synchronized here so now it’s too small is it too small for you guys or can you see it ok so originally on this chip i had i had sat on a bus and read it and then I just decided to take in too much time so i tried the instruction latch approach that worked but i was missing the for some reason this particular chip gave me some trouble with this it doesn’t always work like you hope it would and so i went back to the in the invasive single needle glitches and the problem with that is the time as i said the nice thing about this was i realized that

infineon power up all of a sudden has this like taking some bites from the outside world and stuff them into memory indirectly and you know decrement register and loop well it’s beautiful because the stack is at seven or eight still we’re very powers up to and the loop should be like 10 bytes and we just we whack the r3 and we can overwrite the whole stack load our program in and go and go wherever we want but to load the program in we needed to first do a lot of running logs maybe send an fight ISIL header into it see what it wants can we overwrite the step through the ISO header would probably can in most cases they loop that too or they loop some of the bytes coming out of the her2 if you want to read out the entire memory space or ET square let’s say so we see here here’s the initial power of code we see there’s that move of a d8 that 10 this is the clock count right here this is the line of code it was on these are the Opera the the whatever number of opera you know of instruction and operands are present a clear a takes three clock cycles it’s an e3 where is it there it is right there so boom program counter low comes out efore instruct re4 instruction it clears the accumulator what’s next and it just continues and continues and continues and so basically there’s some strange behavior that nobody would know unless you’re at this level and this is something that we were examining earlier when we wrote the script that you’ll see get executed and things like our one touches of increments it starts it and then it finishes it during the next instructions dispatch it’s just the weirdest behavior but I mean they can do it as long as they get both things done sequentially so if we go back to this line of code we see that there’s this like thing and power parade here is his jump and by the way guys this code is pretty much static across any 44 series if I show you it from the 66 it’s going to be static in the P or the S with some very some variety to it sometimes but pretty much all the s’s would be the same at all the people the peas would be the same all the 44 series are the same every infineon 4466 is going to do this thing that we’re going to abuse so if the aisle line is high execute the the person’s the wrong code that you wrote in your the the designers wrote but if it’s low they go into this this what i call CMS hello which is like the hollow of the affinia on part give you a lot number of things like this it’s very cool though they start with the data pointer at 8,000 and then they read out 10 bytes or or it could be 11 bites it depends on which series this is for practical for our hands on it’s not really a loop that’s easily abused because the high side of the data pointer is not getting incremented so we’re stuck in the page of 256 of where they set it and if you look up above they had set it to eight to 80 so because they set this to a tee we’re only going to be able to glitch and get out 88,000 to 8,000 FF in in the memory map but it’s a square and there’s a lot of Secrets a lot of times and these peoples codes up in the front and then they put all all of the of their code later in time I was just going to get into that so with a little more effort I can start playing around and I can start be exactly make it 81 make it 82 make it 83 but it’s a pain it early is there so I would find a better loop if I really wanted to do this and there is a better look because the sack pointer abuses in here too so but it for today quick demo I had I did it on the machine in my room this afternoon we’re going to basically bring it into this area and notice it says move in a 10 into r2 so that means it basically are two is going to become their counter and it’s going to think it’s going to send out 16 bytes of the eeprom to us well it’s going to send out 256 when we’re done so there’s a little delay here they pull a value from from e square so this is a special instruction from these guys and will abuse it but notice only our one gets incremented so since our 10 is the only thing getting implemented it’s not going to get us too far but maybe there is something we do need like a secret backdoor key or or maybe the only key that you need is in the clear right there at that point of memory or its encrypted but you know how to decrypt it things like this so hypothetically this will be fun when it’s done it does some things we don’t care about this it’s going to end up freezing because the chip is not in infinii ons test mode any longer if we did want to read it out we wouldn’t have come here we would have followed this jump to 45 right here we let all this stuff could we do it would actually we would glitch this or we would glitch this to the it’s a check that they do because infineon claims that you can never get back into test mode they’re liars but they’re nice months because I mean you really normally can’t get back in but I can get back in you know so so we make we can change the address of this fetch or we can change the data fetch from the address there’s a bunch of ways to skin the cat but I prefer to keep the line to keep one needle only down and never move

it so it’s much easier if you don’t have a laser cutter you don’t want to be moving trying to open up to different tracks and so here you can open the track with like a sewing needle and 45 degree angle kind of stab the silicon and you can pop the glass off the top this will work for you but down to about 350 nanometers if the wires are spaced apart if they’re if they’re too close together you’ll probably short two wires together two tracks and it may still run though so you may still be okay okay so we’re gonna glitch this if we wanted to overwrite that stack we were talking about before we continue there’s an where we would be changing the behavior so instead of going towards normal power up it goes towards getting back into their test mode its behavior they’re trying desperately to keep us out of so this is just one check of several checks that you’d have to get through you did we’d have to change this one then we have to change this a call if if this a call comes out the way it the way it’s written it’ll freeze on this next instruction so yes we’re by password I don’t remember it’s oh the four but I know the for my password is something they said in memory it needs to be like um it’s a for my infineon password that says yeah you’re in test mode still type thing and when you’re done it’s an OTP value I think it’s 99 it’s like it it’s actually the a9 is one of the bytes if I remember correctly and the 33 shouldn’t be 33 n so those two are two of them but when they’re done the 8,000 bite becomes the 33 they took away from that some of the other bits and the a9 i believe they destroy that to something else and then they write the lock code in on all the good stuff so that it’s a four by password but we destroy the end at a call and that’s see so what am I saying here I’m saying 51a for so oh do you see what I did so this used to be 51 be five so uh so oh I’m sorry no no this is here I just tried this a call with with it so instead of being a five I make it a 4 x by grounding out the the bit 0 that fetch so we then we’ve done some glitches to get past like this for my password and things like this and now we’ll do a glitch here to make sure that this jump if not carry is this is a goes in a good way and not a bad way or it’s going to freeze us right there but again if it freezes us right there we could do something to change that too it’s just probably not going to sit on d0 anymore they’ve got um some weird thing here I thought it was maybe out a race vulchy races because you’re trying to get back into their East their test mode of the so they’d sometimes they try to bulky erase memories but it’s not I have no idea what it does they do some silly things we don’t care about and then he call this this routine at c5 and this I’ve never seen in any of the other 40 fours that I worked on that was more that were used by my old employer but on the commercial ones in gsm this the Leapfrog card the silent card every commercial over the shelf 88 sorry 44 otherwise has this in it and I don’t know why so when I’m done building the script overwrite the stack it will work on pretty much all of these popular 44 public chips so C 5 says receive a bite stored in wherever our one’s pointing increment the pointer decrement are three if it’s not zero continue fetching bites one squash of that are three and we can override the stack and we’re done it’s amin if you’ve got to prepare everything and make sure it’s the right stacking of the what you know whatever you’re going to do and you it will work fine so today how many people want to put any needle actually down do you want to see me walk the bus and build i can do should i walk the bus i mean i want your input here should i walk the bus and build this script like you see here similar to that in front of you so you can see exactly how it’s being built and you can see how if i had things wrong and the data boss was wasn’t right there always laying their data buses in like a sequential ordering of 0 to 7 720 even today the latest infineon 66 is claims all this address by scrambling that’s great but i’m not going to sit out there on the rom i’m going to go right to the heart the core and it’s right in series again sequential ordering again some people never learn I you know Thompson same thing anybody use st Thompson products you yes or no I didn’t see any hands st yeah so the like the whole smart car 19 series line is on microcode infineon 66 runs on microcode these are no nose for today because these point me right to the instruction latches of these artists architectures 220 nanometer 180 nanometer they can’t be any smaller than 150 or they’d be copper and they’re not copper processes or they turn gangrene a day later so these chips are are getting smaller but they’re still running on old-school techniques they’ve got the room to lay pure love pure logic implementation like an IVR has em luvr has no microcode or PLA in it whatsoever freescale likes to do it thompson st a lot of them there there are hackers

dream you know to to go backwards through the maze kind of so well so i need about two minutes to set up I think it’d be great if you guys wanna like come up and hang out i think if you you know maybe that’s easier i’ll try to talk into the mic and we’ll build the log interactive if you guys want one of you guys can hit the key for me to like take the samples and you can then when we’re done you guys can try to put the needle down which is very hard so so basically this is a used car lewis ph 150 micro positioner these things are about six thousand dollars new uniform the surplus market when you get them used they don’t come with the little arms the nice little arms that that I’ll show you a picture on the screen what you know so basically it’s hard to see so i’ll show you here um that’s a probe neato right there you can see the little needle it’s going into now le BR it’s just used in some type of power device or something about when it back when I was with my old employer you know gets cut out of anything one needle can get it out so with one needle I can turn off a lock bid on a lock microcontroller and it’s funny because I build these libraries of chips that I’ve whacked Thompson 19-5 needles the codes out I’ve got it down to four needles now so you can see like you could see I’ve got like 1 2 3 4 5 micro positioners laid around the table laid around this die this little wire that you see going over here it’s it’s it’s going to a different board I build these little boards out of CD carriers and then the radio shack parts and then you can see there’s a smart card slot that I put a hole in ok I don’t know if everybody could see it but I wish I I tried to get a camera hooked up here but I couldn’t do it so there’s a little hole there the smart card goes in and if the smart cards have been opened one of these is opened you’ll see it through the hole and the needle can can touch it we’re going to work with one that I that ivory bonded down so I’ve actually thrown it completely into acid actually here’s a smart card so it’s a whole nother it’d be a whole day to show you guys like opening these chips and stuff the best thing would be to see the wired video so this I mean we all just pass it around they probably never come back that’s fine actually listen we’ve got a bunch of trying to give away later so but this is what an open smart card looks like it’s still alive all the bond wires are attached to it um I I’ll use I’ll typically use like another smart card and kind of take an exacto knife and just chop out ok chuff out check out the module it kind of clean up the area where it will live and I’ll tape it back into place with some scotch tape to make sure I don’t obviously isolate you know any of the conductor the context that I need like round VCC and so forth so these are actually really handy to be a carrier as well and there’s only a few different module types of where they sit in their positioning to to make the contact when it when it’s live in but a smart card again it’s just it’s just a month it’s a microcontroller that’s been upgraded as you know meshing is added to it things like this today but it basically the fundamental of it was some type of off-the-shelf chip before the needles you can’t really see them but I’ll pass this one around to just that if you touch the end you’ll damage the tip and the tip is shaped to a very it’s under a mic cuts don’t call me honest I think it’s under point 10 microns they shave it with a mechanical chemical mechanical process and so there’s a little cat whisker at the end of this some people choose to buy 2 by pico probe like model 12c is anybody ever heard of that it’s basically it’s an active buffered like a needle holder tip to hold needle on and you have to buy their $30 needles and it’s very expensive these needles are five dollars each and then I believe in making my own buffers with the lowest capacitance possible and I succeed up to about 40 megahertz which no smart card has ever gotten two today and if it did I can slow it down by finding the ring oscillator and just jamming a new signal into it you know so and if I if I kill Thompson 19 good example they left a big fat test pad right on the ring oscillator so if I insert if I inject the my little FPGA board here can can do 24 megahertz down to divide it down to 3 1.5 if you wanted to typically I run 3 megahertz so I just on the 19 series I used to inject a 3 megahertz signal into the oscillator it would slow down to about one hundred fifty kilohertz and the the sensors and everything are all like based off of this so all this low frequency high frequency detection it just went out the window so I’m literally single stepping this processor with the magic it’s got a

mesh over it and such and and it was that it was not in the wired video but I’d be glad to show you pictures of the break of the breaches in the mesh if you want to see them so this is a needle I’ll pass it around um just don’t touch the tip up maybe look at it in that light and change the angle and you’ll see there’s a little whisker at the end of it just like in the picture what do you guys work with typically like what kind of chicks you use that Molly very which one just stuff tiny stuff okay this is the office shoulder I don’t this is not most of my pictures are not another another drive this I have like 60 gig in pictures you know some of these pictures are 300 4 megabytes and things like this and so I have like all these pictures and not enough space to storm on my laptop drive as I had to like delete some of them and i wanted to i had like msp430 for travis quit speeds talk and things like this but I’m so here’s a mega 647 anybody use it no so this isn’t just an overall of the die it’s got a little dirt on it but it Ron estate you know it’s firm you’re not supposed to really be seeing this it’s for me but it gives me an overall where things live so you know this is three metal layer 350 nanometers process I actually don’t know where the RAM is its buried in here somewhere you’d have to strip off top metal to see more underneath because of the wires are hiding things but here’s the flash and then here’s the e square and then the fuses should be over here on this particular one I think actually here so what then what I did after I found them is I make a little nice little photo like this and basically it there’s a fuses they were on the edge it’s just there’s so many varieties of where they live on a VRS it’s tough and so you put down to needle on these two wires or highlighted in red you hold them low and you read the chip back out like it was never locked and then you wonder why your code got stolen or you know or whatever happened to it you know people hijack everybody’s I see all the time and unfortunately it’s it’s hard to protect against it look the fpga board for so this FPGA board used to be a custom micro controller design board that i did when i was in nds is actually the first pga board i ever made and it has a lot of flaws on it believe it or not it’s like eight eight eight layers nine layers something like this but it was our first PGA base design and so we didn’t bring enough test pads out and there’s a bunch of patches and then then you know USB serial came out and so I tied it into a ftdi 232 hi Steve and there was a lot of cuts drilling to this to fix shorts so but I’m we got our act together and we did a new version of this board and the new version of the board I just can’t get the instruction center agreed on and I call it the wasp and I don’t remember what it stood for cuz i did it in 2005 but it has a 16 mega of 16 megabyte megabytes by eight of static ram and then it has eight actually here i think i have an image of the know maybe i don’t have this set anyway it had i actually have the route i have it in my room but so it has a eight individual air like eight needles could come into it or drive things like this it can voltage just from one point six five volts up to 5.5 digitally through a digital potentiometer design with individual regulators there’s actually nine of them but eight of them are meant for needles so there’s like little five there’s an 85 pin header rows because I basically need I need I need I need five can I read five wires on my little homemade drivers that I make I need I need VCC ground I need the sense I always want a sense what I’m seeing on the needle I and I need do the drug overdrive or high Z which what do I want to do I want to listen or do I want to actually make a change and then if I do make a change what’s the value going to be that’s yellow so yellows what’s the value Green is hit it or don’t hit it type thing and orange is always returning the value so that this is basically the original design and that I tried a long time ago and this works up to about 12 megahertz but after that I have a better one than this that’s a Phillips 126 with only two drivers and it’s good down to 1.65 volts and it’s uh it’s what i normally using but i didn’t want to take this apart and it just I figured leave it leave good good so anybody else have questions I didn’t finish the fe j that’s right well the fpga ok i’ll get the code out let’s say it’s just gonna be a you know bit stream and I can clone you like this but your find like vertex for vertex five

type thing like how about alter max 7000 series yeah so let’s say you were running a cool runner or you’re running xilinx I I hit him I’ve had a lot of this stuff when I say hit I mean I’ve analyzed it and I’ve studied it and just kind of got an idea but the attacker if he does get your coat out it’s pretty expensive probably and when he’s done it um he won’t know what you did he’ll just know how to copy it you know and write the same bit stream in so you take like an altera 70-64 maybe my next class should just be like showing you guys pictures the whole time but um so I’ll Tara 1996 died these guys really had their act together does anybody work for all Terra no well if anybody knows I’m really in altura this is really nice because this is 1996 they had some good techniques and they got better and better and of course today they’re 65 nanometer FPGAs so it took me like three weeks to find what you’re seeing in five minutes that they have test pads laying around the die so these are test pads like this guy and this guy this guy this guy the designers thought they might need to touch you know to come back later and look at it and so they lay these big fat huge pads that I can come down in touch with with a needle very easily touching this pad compared to touching this wire for the average Joe it’s pretty hard unfortunately with some practice you can get it for really quick but these pads tell an attacker not only like you know it’s well I should rephrase that these pads make things easy for the attacker but they also make him say why did you leave that pad there there’s a reason you left the pad there if you were the designer so I’m gonna find out why so the first thing he may do is open up every one of these pads put down a needle and say it locked what’s it look like it’s unlocked what’s it look like or if or just read it back and drive it or don’t you know drive 20 driver one drive it calm the inverse of the state things like this none of these pads didn’t did any good the fuse was actually it was very under this like what would like here we go again it’s buried under this pseudo mesh so this is not really active so to say but it but it works because what altera did was they routed every conductor from the left side of the of this picture way like hundreds of micrometers to the left they routed them completely across the die and they’re all pretty much equal length covering every one of the logic cells that stores the configuration so now you to get you know the fuse is in there somewhere where is it it’s a single cell of non-volatile w prom so it can be erased or set and they claim that it’ll only get cleared once you do a bulky rest of the chip it’s not always the case so full you know sometimes you can start the erase kill the power and it erases the lock bit first and then does the bulky race instead of the other way so so you can see like this is before I learned how to use photoshop so my lines aren’t straight got little dots on it because it’s just too hard to keep it straight you know where there’s a will there’s a way so pull out the book and dig and you figure out you know what shift does and things like this so but I’m they made one mistake on this design UV set the fuse so ultraviolet light after 45 minutes to an hour set an unlocked part to a lock state so guess what I did I opened about 10 of these things and put nail polish masks down all over here we go in with the nail polish from the video start laying nail polish to nail polish blocks UV and hf hf though for the record it will only block it for about 30 to 45 seconds and it starts to kind of like you know make it like moist enough to kind of saturate through and get down but you’re going to rinse in 15 okay so you follow it down here it comes from metal metal to it goes down to metal one and then it goes across and you can barely see what’s underneath here it’s this is not a planarized die which means they didn’t polish it smooth at all on the under layer so you can see the ripples of where wires are underneath like you can kind of see tracks in these pictures going going up and down versus across as well but so the fuses buried under here and a lot of work and effort showed me that this line right here was the magic line to make it unlock itself you guys using a VRS and 89 series at mels they’re very secure against UV light attacks because they actually set their fuse under UV instead of clearing the fuse we’re like a Cypress USB controller does anybody use Cypress the 63 I don’t know what they are but they’re like the most popular USB controllers for dumbbells dongles security dongles Aladdin ito can pro 60 uses a combination of a smart card ship and one of those controllers not sure what you’d find in something like this but some of these dongles just have that with any square it’s very insecure UV light nail polish UV light boom you got the code out in five minutes okay so let’s go do and some needles I was going to get into this but we don’t there’s no way in heck we’ll ever get into this I talked about it a black hat if you guys were there but this is Thompson 16 CF 54 and this had a measure on the top of it it was a very

old-school mesh but again the principles that they they applied today like they did yesterday so here’s a remainder of the mesh after I hit it with hf with a mask and then here’s the data bus right in the middle of the chip and you and you can see I mean it’s just beautiful it’s a one metal layer with a poly and this is just like a test a test hit with a laser and then there’s your eight tracks and you see their 027 or 720 I don’t remember which way it went so here’s a here’s a good question here’s some here’s some microcode you’ve got again you’ve got these rom tables let me open that back got a different picture here to show you actually exposed it’s a layer it’s always exposed somewhere the where is that expose or is it routed correctly are together as the question but it’s always going to be explode exposed in coming out of the memory for example here I’ll go to a newer chip this is kind of an older device and if we go to it something newer let’s see what we have here this is what you’ll deal with a lot today this is an act of mesh on a 66 p so it’s for conductors you can see them basically what this is is like where it comes in and out of the bottom of the chilla to check security it’s basically like certain it’s like four circuits that come in and out of it and in and out the problem with infineon its design is the in and the outer about not even 50 micrometers away from each other so to get through this beautiful 220 nanometer substrate to get underneath this I just need a focus on being workstation and to do 48 cuts you know basically open open the in and the out of each of the four circuits and then deposit metal across the two to shorten together there’s no type no chip to date that I’ve seen has ever had any type of analog meshing and to to where we’re with an analog mesh I’d have to open it measure cut it measure what I’m about to patch around and then lay a certain resistance in metal deposit I prefer to deposit with tungsten it’s and but some prefer platinum for so it’s it’s pretty it’s pretty easy I usually focused on be more stations so it’s like 5 nanometer precision ion beam that fires down into onto your chip I might have some pictures of what I of when I’ve been done with it on here and it can basically mill or it can deposit you can deposit silicon dioxide or you know like an ox insulator where you can deposit metal and metal choice would be tungsten or platinum and basically any food can do either but they’ll tell you a camp up they can it’s just a temperature change and tell the tell the system you know plot number of tungsten is inside but then you want to eat holes too but the FIB won’t eat through this mesh is nice as wet chemical as well because you’ll get uneven etching you’ll get where the fit will will leave the metal tracks but all the oxide been removed and it’s a big problem and that’s the reason that there’s actually probably a space between the lines but what chemicals is a ballgame so you can mix wet chemicals from the wired video with with those techniques with with the fitting techniques so maybe I don’t know where the data bus was I think you ask that it’s not always in order but here we are in the core of a 66 p this thing’s still produce today I mean it’s still it’s their flagship 8-bit 8051 processor they’re producing does anybody here work for infineon or did I ask that yeah I asked okay does anybody work for any of these major chip companies okay what time I’ll get to you in one second okay so um the silence is the same way his Islands has actually reverse kind of almost like a reverse polish notation calculator altera set their lock set their lock bits with UV you guys clear them it’s bad bad bad no no so in your case all I need to do is mask where this where the where the bit streams been stored in like say say an XC 95 you know CPL d or coolrunner a coroner I haven’t spent much time on but I have some images of them just I need a reason and one when I was in nds I didn’t care i had all the time in the world to do this kind of stuff but now I kind of have to take jobs that accompanies come to me and said hey we want to know how strong is this chip really but the vendor always is always going to tell you how strong it is so to speak in the data she’s going to tell you like obscured bussing and all this like the 66 right here but this is not obscured this isn’t this is physically in order this is ordered from 0 to 7 now if you can get to this area good luck because if you do need a fib so you need a fib to do the bridge of the mesh and eat needs to remain you need to then use wet chemicals to open up and then there’s another ground plane over this area so you’ve got a kind of fib twice but once you’re through and you’ve prepped all this you’re good to go it’s only running at about 10 megahertz and if you drop vdd down to under like 3.3 volts vs. 5 volts the chips all tend to slow down a little bit because propagation delays grow

as the voltage level drops so let’s see we’ll go to the xilinx and I better get rolling here you guys are gonna miss the parties no okay well I I don’t know where the parties are my wife on our winner in so if you guys know gonna be great chum where how do I get in is it okay a little talk later okay cool i’ll bring the pro station so okay so i mean basically um I don’t know anybody work for HD thanks yea though I actually don’t have violence with me I have it with me but it’s in my room it’s on that other drive I ran out of space as I was saying so basically let’s go back to the to the task at hand here and let’s get rockin yeah exactly see the guy says let’s probe something we and we shall okay so we’re gonna focus our whole area in here I’m going to keep it up on the screen to actually I can’t keep it up on the screen I’m gonna do my best to keep it on the screen so here’s what we’re looking at this is all we care about on this ship we care about this area I’m going to rotate it this is how it’s gonna look for us under the microscope so basically this is data bus bit 0 this is data bus bit 1 2 3 4 5 6 & 7 we’ll what we’ll do first we’ll do a running cope will pull the running code of the of each you know so we’ll sample each of these lines first say 32,000 clock samples see what was on the bus and stuff you’re going to get basically the same log file that I had showed you earlier then we can look at that actually it’ll be a different log file because we’re gonna go into that non I so reset mode instead of normal power up so after we do that i’ll show you the location that we’re going to squash I’ll show you how brook hill and I timed it earlier up and up in my room and we’ll do this sample to basically repeat those steps over again and then you can kind of be in my world of how I would do it but but again this is just kind of proof of concept to you because the it’s not that useful because it’s only a hundred 256 bytes hundred hex all right so the fpga board that was asked about before it’s basically today it’s I wrote a little like a risc processor into it like that it’s only a bit fetches this and it’s because the way I like to write little scripts it’s a pain to kind of stuff 36 or 32 bits across the new one that I came out with that I can’t agree on the instruction set on is very long instruction word 36-bit fetch using a synchronous static Ram but again the problem is I don’t like the way like here I say like you know i said i can say like you know on one line buff i plus you know i’m filling a buffer and then I just ship it down to the board and then the board begins executing at 24 megahertz each line so to speak and doing certain things I can tell it what clock cycle I can tell it you know divide the clock by whatever our clock is here 24 makers / 8 that’s typically what I do do run the smartcard nice and slow they all except three megahertz if it’s running on its own internal clock that really doesn’t do anything for me except to talk to it that’s the only thing I’m gonna have to pluck their clock out I can tell the board though give them a clock but take their clock from a needle and fee and you run on that clock instead and so let externally clocks basically I can also tell it which edge to clock the data in on positive or negative edge of that clock signal coming in I had thought to try to run it through a PLL but then I realize some of these for some of these chips like the infineon 66 they run an asymmetric clock cycle so it’s like 100 nanoseconds and 200 nanoseconds hypothetically it’s not a hundred and one hundred and nice square wave so PLL goes crazy and doesn’t come out with them all you know the right multiplied frequency so we can also tell it if it is running on our clock such as the chip will work on we can tell it I want to be on for example I can I can / sample if i want to but there’s no reason to so we’re just going to take one sample per clock cycle there’s no reason to take two per clock cycle because i only have I think on the inside the xilinx 256,000 by two bits wide of memory space it’s an 8 12pm extended memory so we can tell it take a sample and we’re in that window we want it to be in an eighth so we can tell it walk into the walk into the when the clock fires wait two eighths and then sample or wait 18 and then sample or wait eight eighths but I don’t know why you wait that long you know that’s not honestly not going to work with so if it’s pretty pretty pretty well what you can do with the board and I’m always adding things to it so now what I’ve done is I’ve froze the design it’s frozen it was done in Leonardo spectrum in Verilog and it’s just I write in persisted since the system verilog now instead so I don’t want to mess with the design a converted or anything I just want to leave it frozen and just get the new one working

but it’s too it’s a lot it’s a lot of time so does anybody read my blog the fly logic blown yeah yeah Karsten Noel’s gonna start writing for it well for me to help me out I have no time to write guys I have a 4000 for that I need to post the intel 4004 from MIT MIT told me that’s the highest resolution pictures they’ve ever seen in the 4000 for its 1971 november i think it came out and that’s the thing the net masks back then or the master said the quality that the payments like is ancient you know so the optical resolution at 200 mag that I did on it is just phenomenal it’s really lights up and there’s poly layer and there’s the metal air I think it’s an in moss or might be P moss I forget it’s fun though to trace out the circuitry so that will get posted soon I and I’m always answering emails it’s just the blog is kind of it’s the last thing I can do you know that means I’m busy so so this script is like basically you know turn off the over driver if we are going to run the overdrive I can do I have to to overdrive circuits here versus eight on the new one that’s just the drop talking about the new one that will focus on this one so we have we have two over drivers that we can do we only have one needle right now though I have a second but it doesn’t want to stay down so we’re going to work with one we have limited space on this whole thing and its really flimsy and it’s it’s going to be a challenge to put the needle down because everything’s moving and this is thick the base is fixed and normally the base you can move the base normally I’ll kind of nudge a needle into position I’ll get it right around it and I’ll kind of nudge a little bit on the base with the with the micro positioner and kind of just and it goes in and here we can so we’re it’s going to be a challenge but I’ve done it and you guys are going to do it so we will be glitching low when we do finally glitch this is some stuff I have a fifo in here that can receive data and store and just hold it in a fifo I can I can block read the bytes in to stay in Italy this in a precise sync timing if I need to the board can can if you were randomizing your software and I don’t feel like figuring out where the call was or how it works or I can’t destroy the call what i can do is i can take a sample and then i can take two needles and i can bring them both in and i can say i want you to sample up to 64 bits don’t like a logic analyzer base basically don’t start sampling until the 64th transition of the what I the pattern i just gave you comes in and so now you’re randomizer just went down the tubes because you’re eventually going to I’m going to pick up a location that is out after it and so you know it’s going to my origin wait until it sees a pattern and its depth is up to 64 bits so basically it’s just they’re just little commands that we write little nano commands you know do this do that i’ll make the iowa pull up turn on the receiver fifo do a delay fire then this is the kicker right here it’s going to be to fire the overdrive line to basically drive that zero so earlier before we let chip come out of reset we told it to we prepared it to say drive a low so this instruction put aloe on our little yellow line that I talked about earlier so we’re ready to drive and when we do drive it’ll be a low signal a low pulse sometimes you do do multiple glitches though so I mean I didn’t have to do that it’s just convenient to kind of lay it in up in the front so basically we’re gonna fire the overdrive we’re going to leave the overdrive on momentarily for about ten clock cycles this still this is a 24-bit delay that I wrote into the logic so it sees this this little command and then it takes three values three operand values it’s another reason why 36 bits is uh would make it a better a better execution than fetching four bytes of three bytes so we do we hold the overdrive on after a specific count psycho count clock clock cycle count we hold it on and we do this small 24 you know so that’s 10 times 24 hour megahertz whatever reciprocal is of it in timing the delay well basically so we’re going to momentarily overdrive that signal down to ground which is going to swash the decrement jump if not zero of our three but what it’s going to squash is the one coming out on the bus to become a 0 and so basically what this instruction says in logic is decrement the value if it’s not zero to stay in the loop remember branch relative so we don’t want to kill anything else we just want to kill that one coming out and we but we remember the one coming out forces a zero means it goes into the Lu as a zero as a zero now then under under flows and becomes an FF because there’s only eight bits if we’re too long it would become like Fe it would come out as an Fe because we’d still be driving low so we’re only going to drive for ten times the reciprocal of 24 megahertz whatever that is for nano seconds it’s going to be like 16 maybe 6 mm what’s 50s 20s can figure it out I use a calculator do too much so we we turn it off and we just kind of wait some time because now we need we need to

wait time to let the you are fetch the remainder of these bytes that are going to come in so one glitch will destroy this loop and the loop over it will remain in the loop for another 255 clock repetitions and then this just says turn off the the little sniffers that our stance sampling on whatever I previously told us a sample so there’s a whole bunch of parallel blocks of logic in here that are doing different tasks and that’s about it but that’s only one part of this program but I have to take the mag off because I can’t see so I have to undo what Brooke and I did in the room earlier or it’s going to just glitch the card right away when we want to actually just sample the card at first so I’m going to comment comment it out for us I’m going to put the mic down though guys so basically we want to get honestly you know I’m going to comment more than this out a bunch of this is basically we just basically want to power up the chip and let it and let it run and just listen okay one more second this should be good so basically when when this flow of code hits this sniff-off statement it’ll turn off sniffing the sniffer too because if it’s too much it’s going to wrap around and it’s going to overwrite samples i originally took in the beginning so will delay some sample some clock period of time it’s something some value I pick I think it’s like one a hex cycle one a thousand hex cycles will delay and that’s just enough to get the entire reset out of the chip okay I I do yeah but the pumps starting to seize up on me today so can everybody hear me off the mic yeah ok so the pump started to seize up on me today so I’m gonna actually don’t laugh at this but this is why we’re working on such a big chip too because you guys could put the needle sound and the pumps going out it’s the one thing that I should have brought two of that I didn’t it’s the only thing I didn’t ring to of and Finn’s the pumps going out I’m an electrical tape the position or in place after its vacuum down I mean this is crazy you know you shouldn’t be able to do this you can you know and so because we can you guys can play too so that’s that’s the whole point all right so I actually have to change the needle too is that needle good did you guys touch it no I mean I can use it still is it if it didn’t get then if it’s it’s either venner it’s not okay awesome awesome hey I sometimes I burn through these things so fast and i’m like five dollars five dollars four dollars so well that’s the thing if it’s the Pico I have to go pro 12 seas and I have a ton of needles form and stuff and and they’re good but you have to you have to just pass it into your loading on them and stuff and its unique per device typically and and the needles are too expensive I mean really really hard so I think I don’t know what they are now but the these needles used to be like 350 and then when I called an ordered like 100 needles a year ago she was like it’s been like four years since they’ve been you know 350 and I was like more I need to meet making needles and not be making this you know crack and chips you know okay so so we’re going to work on this ship this is that this is the silent chip wherever they went so this chip is in here and if we take a razor blade which we could but it’s buried under there and we cut out this area you could actually see it underneath the you know the card without popping the module or you just pop the much a lot whatever so basically I throw it into fuming nitric let it be completely edged I’m afraid to pass it around because it’s got five little bond wires that if they get broken off and well we won’t be able to play but you’ll see it when you look at it to the microscope objective so I mean I’m going to try to kind of set this up and if anybody has questions please ask this whole station is basically a velcro set up this is something bunny bunny Wang and I built for a torque on nine Lester if you guys ever go to Chris work on we’ll probably do something like this again it’s a lot of fun as you know everybody can get some time to play and have the whole day to do it that’s

really we actually did we did a two-part lecture kind of an hands-on on the infineon ssl lee 44-42 wit which is kikos anybody know the kinkos yeah it’s that processor that’s actually not why we did it that we did it just cuz it was a fun old chip that I didn’t care about and I thought it’d be a good experience and it was fun it’s actually a lot of fun so this year we’ll do something better maybe more logic you know and stuff so but anyone over principles for like first principles and then we got into second principles which is more the way I work I really study logic unless I have to but if I have to that’s not a problem it just takes me time I don’t live in you know a world of poly in the metal and and what doping czar they but it’s not that hard to figure out where the PE vets are and where the infants are and when you do figure it out that whole row is going to be peas and that whole row is going to be is going to be ends 448 yeah sure you want to see it I have it on here I’ve torn everything apart and it’s about you know I mean just to see what is it how it you know is it really that secure and I can’t float the any of the capiam network strips never seen them now but it’s more of a larger scale than what I would mess with the SLA 4444 28 oh no what is it what is it exactly it’s 4442 so base or something but the 40 because this is a 44-28 oh I’ve seen it I’ve seen it I’ve seen it yeah and I’ve also seen the st it’s also used alone so it’s basically the same family members this one I thought you said the 28 which is what this is so this is a 28 and the 28 I couldn’t get the whole thing to stitch stitching these chips when it’s repetitive memory areas and things like this it’s hard because there are always many many pictures wyd this is another old ship though from them and stuff and but this is a see that’s not the part number what I’m highlighting with the mouse it’s the m12 65 blah blah blah that’s really a 44-28 that’s what it is so you have to build a library up 44-42 is maybe close to what you’re talking about bridges was the one yes and then now they have a 55 series i’ve seen that one have you have you seen it no i don’t know if i’ll have to look this up i’ll take a look at it but it’s part is going to be something like this if it’s a 44 series it’s this era of a technology i believe this was and moss but it may have been p moss and again look at all these test pads here it’s secure this is some secure memory if they if they can’t inject if they can’t be between if the between the Machine and the card when the password sent they won’t guess the password because you I think three tries but what if I sit on the data bus guess what I see I see the password come right out you brought up a good point too I can show you the 44-42 run I think no I can’t I thought I could but you have to leave the tram thing between this matter machinery yes we’ll get you simulator simulator I can simulate it in my lab because I know where the logic is the mux that throws the muck stuff did you supply the PSC or not the PSC is the pin code or something that they call at PSC in the 4442 the forty fifty five fifty fifty-five forty-two but really not much changed here the pit what’s that I know I’m trying Triton no more questions ok I’m like it fifty-five forty-two I like here’s the busing to like zero two four six and then there it is again I’m like leaving a little comments about the bus and you can see there it the plugs if this is a very old ship but these chips are great to learn on and this duck actually controls if it if it lets you read back the password or not if you will so I mean it’s so weird the Ducks pointing at the secrets so like like this too if you if you take this test pad and you drive it low it’s either this test pad or this chest pad and you can see it if you know the PSC and use your write it in you’ll watch the at that line on what on one of those two signals the line goes low when it’s finally been given valid so if that line is low you can it lets you read out the PSC if the line is high throws a MUX and the muck says set a zero instead so bereft of the well-known feel encrypted you dislike strong Carlson did you just sniff that you sniffed the traffic and you know the average Joe just since the traffic and he um he knows the password so now kinkos the company makes kinkos smart cards randomizes the password and has like a few bites that can tell it how to generate what the password is so they run it through some type of hash or something and the result is what the password would be

so now you got to steal the machine you know but I’m like this is their latest stuff and if you read about this they’re telling their telling you stuff like highly secure 1.2 micron you know CMOS process and I’m thinking 1.2 micron that’s twelve hundred nanometer process now they went up instead of down you know but um but I mean honestly I talk about these chips and I make jokes about him I love to work on infineon Thompson Dallas maximum microchip atmel AVR SI love all these chips and I mean it’s the reason I have all the libraries of them the ones i can’t stand are like Renaissance all these weird architectural ones that are large and no i just get more more thrill from these guys sigh labs it’s a TSMC production i forgot to that’s the one of the other brand i was thinking to mention earlier which celebs no know which side live show oh so sigh labs i thought i had see this is my bad instructor it’s not up to date because I ran into space but sigh labs i have i have a whole ton of celebs parts done it’s the same thing it’s basically do a bulky race till it you bulk erase it but don’t but don’t don’t let the bulky races happen and that the register lock bits get cleared because they assume it happened when it really didn’t and you read memory out or you can do an address bus attack we talked about that earlier that’s another reason that i didn’t think of to do an address bus attack you know they fetched from the very last address in memory they read that bite out and then bit to that fight represent i’m locked or I’m unlocked etc it’s a bad way to implement security um because we a how to make that flash return ffs so if you’re doing a password where oh it’s a 32 byte password you know I mean how many bits it is that would be but you know they give you these large bit numbers and they tell you this in that eighth by password on freescale jbjb 16gb 12 that’s great so I short this one track down to ground and I get zeros for the password short another track down the ground I get F F’s for the password and so I and you can do your own tests on this because you can take apart that you bought from digikey and you can open it up and you can load it and just read from the memory and play around and just induce a fault into the memory and see what’s the what’s the what’s the result I grounded this line out with momentarily or I I or I short it or I forced it high as long as it’s not like a direct VCC or ground connection you’re fine anything else and you probably blow your driver or you know if it’s a BCC or ground you probably blow your driver out and you look can tell because you won’t see any waveforms anymore or you may see like noise but it won’t work it won’t give you any type of toggling like a everything you things are the basic question you’re what to talk to somebody like myself that makes them all apart I mean no that’s I mean that’s honestly my business models to work work with the you know companies to help them make sure their products wrong well I mean securities layer it’s not gonna come overnight and so infineon learns and that’s that’s that’s always going to happen obviously but a lot of these companies making the chips are very they’re very arrogant and they believe that that they know what’s best and that’s that’s not true because if it was then you wouldn’t see revisions of the dye come out and marked or unmarked and I wouldn’t get into the next time oh yeah you know things like this happen and so I mean they don’t they design the chip but they don’t really they don’t have they know what they did and they kind of the blinders come on and and they’re not in a black box to reverse-engineer it and it’s ironic that you said because when i do do an analysis for some of these big companies I give them I don’t tell them what to do i give them suggestive solutions of what to do what i would recommend maybe trying to do but don’t tell me what you did and and then my hope is that you’ll then implement your own way of doing things and send it back to me and say analyze it now um and it’s difficult for me because they tend to say we’re going to take this into it over on every chip now this will become the baseline and you know thanks for I logic you know you got 12,000 or fifty dollar or some low amount of money and we’re gonna make our whole platform secure now so that part of my business model is kind of broken but I’m you know but they’re so stingy they’d right they don’t care otherwise so it’s like it’s I’m trying to find that win-win here to how best to help everybody you know and so but anyway another then no comments they sabotage or something you know for that wouldn’t want to do that and you know but I mean uh that’s partially the blog to the blog is like a teaser but the blog kind of shows them that I’m not joe blow off the street I really do tell your chips apart I know what they’re doing and I know how to unlock these chips and stuff like this and and I think I do believe it’s helped and I mean today I am working with a lot of the major companies of microcontrollers I I would love to work with infineon or st these guys I don’t know there I know infineon knows what I’m doing though because they’re got scared and I heard through the grapevine that they’re very worried but I’m not a

bad guy so okay let’s keep going here so I got I’ve got the chip mounted down here um it’s mounted in the socket everybody can see it and if you can’t see it you’ll see it shortly because you can come up and look through the eyepiece and stuff I pieces and stuff I’m very dehydrated just FYI um thank you so I don’t know it’s gonna get hot I don’t know if it’s cool now you may feel like you’re in harris give it a five minutes so um basically you can come up and look through it and so on so forth that’s a dead package chip and would it use to get to like what tools are machine in boosting do that there there is there is machine to do that thank you we’re looted I told you guys we have all night all right let’s see so basically i use a kns wire bonder it’s a 4524 and this is basically what the Machine looks like and so you take this machine you have this little mouse over here and I run one mill most of the guys that do failure analysis and least at this type of a level is really that’s what I’m doing I’m doing security risk analysis so it’s falls into kind of the subcategory of failure analysis so they’ll use like a one mil wire anything smaller than one milli used like point seven is really hard for the average just Joe Blow to work with it breaks a lot it’s very brittle and the wire is not very strong because we needed floating in the air we don’t really have the epoxy shell to hold it in place and so one mil is is is the better wire for like the what was that why you don’t like the person like us t is yeah so basically the machine has this little needle it’s got the little mouse right here and the average person’s going to leave it in like manual Z mode and not semi-auto semi-auto is another mode it can be and where it you you know the height and how much force to put down in the time and you’re going to bond 50 of the same package so you know if I was going to do 50 of these I’d put it in semi auto and it what kind of helps automate the process but when I do a onesie twosie or five of them I leave it in manual Z and basically I i manually the more i push this little black button on the mouse right here this little black button the more i push it the lower the lower this little needle goes down that you can kind of not you can almost see it it’s a little white thing so that’s called the capillary and so the Capital Area is a needle that’s hollow in the middle and the gold wire comes you i think i have another photo that you can see it you can see the capillary kind of there so the wires coming down through here it’s got solenoids and such ultrasonic solenoids are keeping it the tension proper and then it goes right through the middle of this little white thing and and it uses a lot gonna left a high voltage to to like make the ball the little ball it’s a little ball on the bottom of it so that’s why it’s called a ball bonder so there’s two types of honors there’s wedge bonders and ball Bonners wedge binders are typically aluminum and they don’t need heat although they can they can be heated and a ball bonder always will be heated although you don’t really need that much heat I keep it at I think 30 30 degrees Celsius I make you betta 50 degrees Celsius because I use are you super glue to keep the chips glued down because conducted the epoxy I have to bake it it’s a pain in the butt just like somebody said why don’t you use photoresists that want the type that will wash away after i paid it with UV patches for making masks against nail polish because that works as well to block hydrofluoric you and things and I said because I have to cook it I have to bet has to be baked done it’s a pain it’s more easier to just take some nail polish in like a red color drop the drop and spread it so anyway this thing makes a little ball connects and then you use the mouse to let you let go of the black button and you move it over to the landing pad where you want to place it you press it once more all the way and then it comes down and it automatically cuts it and makes a new ball with the high voltage and the connection is what is done the gold is nice though it’s very convenient because I can drop a ball I can go ad to B to C to D if I needed to sometimes on like msp430 s I take at does anybody use an msp430 so you blow the jtag views on a lot of these I just come over if it’s like a 2000 series or a lot of these thought of the newer dive reps from 2005 and on from TI there the jtech faces up is csv is visible from top metal and the junction that that it they blew open that they’ve created an open on is actually on top metal so you point a needs to get the point B bits been severed so point a is actually that test pin you know pin one for example on some of these 20 pin SOI CS so i take my my laser cutter and I blow a big hole on the B side and then I come down with this wire butter and I just slap up a big ball right over that hole that I made and then I take it right to pin one and so the jtag fuse without even putting a needle down now has just been repaired permanently forever so um it’s

pretty it’s it’s okay actually maybe patient’s internally right so you’re saying no no in some cases well so like let’s say you have a big VCC plane for your internal core voltage and I want it for some reason I believe it or not I have in the past from my own to be at the same exact logic level with my drivers I’ll take your beat one of your thick VCC planes do the same thing open a big hole if it’s not big enough open several big holes and then you know the more metal I exposed the better oh no we didn’t even probe yet can we have one more hour can we have like 20 minutes um is there something whoa can we take this in Scotland where some is Joe branch air Joe Pesci yoga ran wanted me to already that’s even easier can everybody help take something Joe gran wanted to bring this up to the sky box the hardware hacking thing or something so um really on every wonderful day on the table that’d be great if we could just take the table they be actually excellent yellow hard work energy pretty good neighbor even though no no no no this cream is good oh you can we stay here