[ad_1]
Psst! Hey child! Need to reverse-engineer some iPhones? Effectively, do you know that trendy iPhones use PCIe, and particularly, NVMe for his or her storage chips? And in that case, have you ever ever questioned about sniffing these communications? Marvel no extra, as this analysis group shows us how they tapped them with a versatile printed circuit (FPC) BGA interposer on an iPhone 6S, the primary iPhone to make use of NVMe-based storage.
The analysis was completed by [Mohamed Amine Khelif], [Jordane Lorandel], and [Olivier Romain], and it reveals us all of the nitty-gritty of getting on the NVMe chip — offered you’re snug with BGA soldering and maybe obtained an X-ray machine helpful to test for errors. As analysis progressed, they’ve efficiently eliminated the reminiscence chip coping with underfill and BGA soldering nuances, and added an 1:1 interposer FR4 board for the primary check, that proved to achieve success. Then, they made an FPC interposer that additionally faucets into the sign and knowledge pins, soldered the flash chip on prime of it, efficiently booted the iPhone 6S, and scoped the information traces for us to see.
That is wanting just like the beginnings of a enjoyable platform for iOS or iPhone {hardware} reverse-engineering, and we’re ready for additional outcomes with bated breath! This team of researchers particularly is prolific, having already been poking at issues like MITM assaults on I2C and PCIe, in addition to IoT machine and smartphone safety analysis. We haven’t seen any Eagle CAD recordsdata for the interposers printed, however fortunately, a lot of the know-how is in regards to the soldering method, and the paper describes a lot. Need to study extra about these chips? We’ve lined a different hacker taking a stab at reusing them earlier than. Or maybe, would you wish to know NVMe in additional depth? If that’s the case, we’ve obtained just the article for you.
We thank [FedX] for sharing this with us on the Hackaday Discord server!