Wow. That's some serious skill that went into this.
If the author is reading: how did you develop that multi-layer board? Do you have a PCB fab that can print a board in, say, one or two days time? And how did you assemble that PCIe inject board, given those ultra small SMD parts? Did you order a fully-built PCB or did you do all this by hand?
Not the author but I can answer your questions. Anyone can have a multilayer board fabbed by uploading the Gerbers to a fab house -- the board shows up on your doorstep anywhere from a day to a month later, depending how much you want to pay. Fine pitch SMD parts can be hand soldered with hot air and a binocular microscope; rework techs routinely do it every day.
If you want a multi-layer board done up on the cheap (or fast, pick one haha) Oshpark is my go-to. They do 4-layer PCBs for $10/sq in.
Small Batch Assembly (haven't used them yet) should be able to put it together for you if you'd rather not DIY. If you'd like to, though, Osh Stencils, tweezers, some solder paste and a rework station (or a heat gun if you're feeling brave) and you can do a lot at home.
Also, designing a FPGA board is 'half' of the job, putting a verilog or VHDL code is a totally different thing.
The DDR3 routing, the BGA chip, everything on this board 'screams' very hard work, probably not by a single person ( i have to admin I checked the FPGA/board part only )
I'd wager 100<n<1000. This requires a specific skillset of low-level reversing and hardware hacking but I wouldn't put it past anyone who is smart and driven to understand how things work.
Does this allow circumvention/dumping of the SecureBoot keys? Its an impressive looking piece of kit for sure, but the English leaves me confused as to what they were able to actually accomplish.
I would assume that the signature scheme uses some sort of public key system, so dumping the keys in the boot ROM wouldn't let you sign new code. Gaining access to the bootloader code would allow you to analyze it and potentially find vulnerabilities. There's no guarantee that vulnerabilities could be found, but the chances are a lot better than if you were just poking at it blind.
It looks like they did succeed in dumping the full contents of the boot ROM. They don't appear to have done anything with that dump (yet).
I really hope that jailbreakers will be able to downgrade iPhone 4S from iOS 9.3 to iOS 6. I stayed current when Apple released updates, even with terrible performance, but now it's really doesn't make any sense to stay on that laggy iOS 9, if I could use blazing fast iOS 6.
The big "A" suggests it is an ammeter measuring the current, not a voltmeter. An analog display is often quicker and easier for a human to interpret when only a rough measurement is wanted.
Check out some of the Chinese iPhone rework docs - they rebuild iPhones using chips from dead phones - and debug them by knowing the current flow at various points in the debug cycle
If the author of the blog is reading this, the site seems to be unavailable from my location on the Shaw Canada network. I thought it was down, but it appears there's some sort of network error preventing my packets from making it from here to there. This happened on the previous (and very interesting) article as well.
[+] [-] mschuster91|9 years ago|reply
If the author is reading: how did you develop that multi-layer board? Do you have a PCB fab that can print a board in, say, one or two days time? And how did you assemble that PCIe inject board, given those ultra small SMD parts? Did you order a fully-built PCB or did you do all this by hand?
[+] [-] 5cactuses|9 years ago|reply
[+] [-] arcticbull|9 years ago|reply
Small Batch Assembly (haven't used them yet) should be able to put it together for you if you'd rather not DIY. If you'd like to, though, Osh Stencils, tweezers, some solder paste and a rework station (or a heat gun if you're feeling brave) and you can do a lot at home.
[+] [-] potrebitel|9 years ago|reply
The DDR3 routing, the BGA chip, everything on this board 'screams' very hard work, probably not by a single person ( i have to admin I checked the FPGA/board part only )
[+] [-] deegles|9 years ago|reply
[+] [-] mmastrac|9 years ago|reply
[+] [-] agumonkey|9 years ago|reply
Most programmers today are not electronics saavy, even electricity saavy. But it's not Quantum Mechanics.
[+] [-] a2tech|9 years ago|reply
[+] [-] mikeash|9 years ago|reply
It looks like they did succeed in dumping the full contents of the boot ROM. They don't appear to have done anything with that dump (yet).
[+] [-] IshKebab|9 years ago|reply
[+] [-] vbezhenar|9 years ago|reply
[+] [-] laacz|9 years ago|reply
[+] [-] Unklejoe|9 years ago|reply
[+] [-] vizzah|9 years ago|reply
[+] [-] pjc50|9 years ago|reply
[+] [-] wernercd|9 years ago|reply
[+] [-] felixfurtak|9 years ago|reply
[+] [-] jburgess777|9 years ago|reply
[+] [-] Taniwha|9 years ago|reply
[+] [-] kurinj|9 years ago|reply
[+] [-] mmastrac|9 years ago|reply
archive.is link for anyone else having this issue: http://archive.is/bA9Ak
[+] [-] nullpage|9 years ago|reply
[+] [-] jlgaddis|9 years ago|reply
[+] [-] unknown|9 years ago|reply
[deleted]