Hacker Tactic: Internal ESD Diode Probing

December 14, 2023 by Arya Voronova 15 Comments

Humans are walking high voltage generators, due to all the friction with our surroundings, wide variety of synthetic clothes, and the overall ever-present static charges. Our electronics are sensitive to electrostatic discharge (ESD), and often they’re sensitive in a way most infuriating – causing spurious errors and lockups. Is there a wacky error in your design that will repeat in the next batch, or did you just accidentally zap a GPIO? You wouldn’t know until you meticulously check the design, or maybe it’s possible for you to grab another board.

Thankfully, in modern-day Western climates and with modern tech, you are not likely to encounter ESD-caused problems, but they were way more prominent back in the day. For instance, older hackers will have stories of how FETs were more sensitive, and touching the gate pin mindlessly could kill the FET you’re working with. Now, we’ve fixed this problem, in large part because we have added ESD-protective diodes inside the active components most affected.

These diodes don’t just help against ESD – they’re a general safety measure for protecting IC and transistor pins, and they also might help avoid damaging IC pins if you mix. They also might lead to funny and unexpected results, like parts of your circuit powering when you don’t expect them to! However, there’s an awesome thing that not that many hackers know — they let you debug and repair your circuits in a way you might not have imagined.

Continue reading “Hacker Tactic: Internal ESD Diode Probing” →

A multimeter connected to the EEPROM chip with crocodile clips, showing that there's a 0.652V diode drop between GND and one of the IO pins

Dead EPROM Dumped With Help Of Body Diodes

August 26, 2022 by Arya Voronova 9 Comments

[Jason P], evidently an enjoyer of old reliable laser printing tech, spilled a drink (nitter) onto his Panasonic KX-P5400 SideWriter. After cleanup, everything worked fine — except that the PSU’s 5 V became 6.5 V during the accident, and the EPROM with LocalTalk interface firmware died, connection between VCC and GND seemingly interrupted inside the chip. Understandably, [Jason] went on Twitter, admitted the error of his ways, and sheepishly asked around for EPROM dumps.

Instead, [Manawyrm] wondered — would the chip have anti-ESD body diodes from GND to IO pins, by any chance? A diode mode multimeter check confirmed, yes! It was time for an outlandish attempt to recover the firmware. [Manawyrm] proposed that [Jason] connect all output pins but one to 5 V, powering the EPROM through the internal VCC-connected body diodes – reading the contents one bit at a time and then, combining eight dumps into a single image.

After preparing a TL866 setup, one hour of work and some PHP scripting later, the operation was a success. Apparently, in certain kinds of cases, dead ROM chips might still tell their tales! It’s not quite clear what happened here. The bond wires looked fine, so who knows where the connection got interrupted – but we can’t deny the success of the recovery operation! Need a primer on dumping EPROMs that are not dead? Here you go.

Continue reading “Dead EPROM Dumped With Help Of Body Diodes” →