Andrew Zonenberg

@[email protected]
3.3K Followers
466 Following
27.1K Posts

Security and open source at the hardware/software interface. Embedded sec @ IOActive. Lead dev of ngscopeclient/libscopehal. GHz probe designer. Open source networking hardware. "So others may live"

Toots searchable on tootfinder.

ngscopeclienthttps://www.ngscopeclient.org/
Bloghttps://serd.es
LocationSeattle area
GitHubhttps://github.com/azonenberg
Andrew Zonenberg2h ago

Well that's a first. Got followed by a PCB company sales rep with an obvious slop profile picture.

On linkedin that's normal background radiation but on fedi it's... Not common. Thankfully

Andrew Zonenberg3h ago

Probably going to do another lunch-break reworkctf stream tomorrow around the same time, will announce details and share a link in the morning.

Goal for this round is going to be running through as many challenges as I can in the available time.

Show threadAndrew Zonenberg6h ago
On this board at least - I have no idea how consistent the failure is. Like I mentioned in another post, engineering for 0% yield is about as hard as engineering for 100% yield. If I made 20 of these boards odds are I'd probably have decent contact on at least one of them.
Show threadAndrew Zonenberg6h ago

The simulated reflow defect is the bit I was most concerned about: I put no solder paste apertures on those balls in hopes of creating an open circuit failure, but I didn't know if I might have a good-enough contact between the ENIG and the SAC305 ball sans flux/paste to still make some level of contact.

I got exactly the result I wanted, it failed open.

Show threadAndrew Zonenberg6h ago

Banged up some quick grader firmware.

Confirmed challenges 3 and 13 (the only two I've attempted to bodge to date) are passing, all others failing as expected including the simulated reflow defect on balls A2 and A3.

Show threadAndrew Zonenberg8h ago

Post stream: the board is fully populated and challenges 3 and 13 have been (hopefully correctly) solved, but I won't know for sure until I get firmware written to electrically test the connections.

I've hooked up JTAG and the MCU is alive, still need to write firmware to actually grade the challenges so that will be the next step.

Andrew Zonenberg12h ago
There are very few problems in the human condition which cannot be solved by an appropriately trained, equipped, funded, medicated, and caffeinated team of engineering catgirls.
Andrew Zonenberg13h ago

Going live at noon Pacific (just under 2 hours from now): second stage of the ReworkCTF playthrough

Plan is to do the pre-assembly rework of the BGA site (challenge 13), populate the board, then get as far as I can working my way through the challenges.

https://www.youtube.com/watch?v=cuiM8zESF1w

ReworkCTF part 2: Under-BGA prep, front side assembly, and more

YouTube
Andrew Zonenberg1d ago
Conn, sonar... Bratwurst in the water bearing 278
Andrew Zonenberg1d ago

Ordered an extra VSC8512, the same Ethernet PHY I'm using on my switch project, as microscope food.

I've always been curious what the die looks like especially considering it has a ton of SERDES of several different designs, at least one and possibly two embedded CPUs, a DRAM controller, and is generally a nerfed switch ASIC.

I don't expect to be able to dump the 8051 firmware ROM optically but if I can find at least a rough idea of where it is from the optical images maybe I can come back and SEM it if I get my home delayering setup dialed in a bit more.