How to Read a Nand Flash Chip Without Removing It

What does it have to recover iPhone data?

Can you just read the data from the memory fleck?

Many of our incoming requests ask us to fix their telephone if we can, but if not possible then *Merely* become the data.  If only it were that easy!

The deplorable answer to "Can we only read the data from the retentiveness chip?" Is Yes, but....it's gibberish.

We all know that there must exist some sort of retentiveness scrap on the iPhone, and indeed there is!  The wink retention storage fleck, or NAND chip, is near the size of your thumbnail.  The NAND acts like the difficult drive of the phone and contains all of the user data.   It isn't a huge deal to desolder the NAND scrap and there are many inexpensive NAND readers out there that you lot can plug the flake into and read it.   Simply then what?

Your data is stored on the NAND as gibberish--it's encrypted.  And this actually makes good sense!

Our phones take become our miniature handheld brains.  They contain all of the important details of our lives.  Our photos, calendar, bank information and browser history are all written to the NAND wink memory.   What would information security look like if it really were as simple equally just reading those details directly off the NAND in patently text?  What would it take to but take hold of your phone, unscrew the logic board, pop off your NAND chip and read it?  Information technology would have about fifteen minutes and full equipment costs that come up in under the cost of a nice vacation.  Not having encryption of the stored data isn't that far from not having a passcode at all.

In society to go on our information secure, Apple engineers take adult pretty amazing security compages on your iPhone that you can read about in glorious details in the public Apple security document here.

Your data is stored on the NAND in an encrypted form using the Advanced Encryption Standard (AES).  This is the exact same cryptographic magic that is deemed robust plenty past the NSA to encode US top secret government transmissions.

The time it would take for modernistic supercomputers working at top speed to suspension the encryption would exceed several human lifetimes.   Information technology is widely accepted inside the cryptography community that the AES encryption is secure.      For this reason, there is no "merely" get the information from the NAND flash retentiveness.   Nosotros can read information technology, but your mom's special guacamole recipe that you lot saved is gibberish without the native decryption procedure.

You Accept to Become the iPhone to Kick and Decrypt the Data Naturally.

If you lot wonder, how does the data get decrypted and presented natively as you effortlessly motion picture from saved picture to saved picture on your phone?
The answer is a remarkable dance.  It starts with unique keys tattooed inside the hardware fries themselves.  These silicon fingerprints tin can't be read straight by software or firmware.  The Unique ID marries YOUR CPU to YOUR NAND so that neither can simply exist swapped.  Stemming from these immutable electric keys and built-in AES engines are an array of software checks, double-checks, and verifications.  In that location are keys generated just to unlock other keys, fail-safes, protections, and isolation of secure processes that volition make your head spin.

The nutshell is that the ONLY path to meaningful data for iPhones is making them dance the trip the light fantastic toe.

Nosotros have to make the phone work once again *enough* to boot into the iOS and accept your passcode.  This is the method that ALL data recovery companies utilise to endeavour to go your information.  If the phone can't be fixed to boot into the iOS, then the data is not recoverable.  Reading ones and zeros from the NAND only results in a big pile of ones and zeros.

Permit's talk about the Data Dealbreakers.

With the goal of getting the telephone to work again, you'd exist amazed how many phones can exist recovered through experienced diagnosis, and competent motherboard microsurgery to correct hardware problems.  Even so, to avert the data dealbreakers, the phone must accept:

i.) A working CPU

Let'due south look at the hardware side. From the Apple tree security document: "When an iOS device is turned on, its awarding processor immediately executes code from read-only memory known equally Boot ROM. This immutable code, known as the hardware root of trust, is laid down during chip fabrication, and is implicitly trusted."   Let'due south put that in our own words.  Every iPhone'southward CPU flake is unique.  The processor itself has a special unique key burned into the silicon die of the bit during manufacture.  A CPU can't exist replaced because nosotros tin can't duplicate that randomly generated unique code.  This makes the CPU 1 of the data recovery dealbreakers---Your native CPU MUST BE FUNCTIONAL in order for your data to be decrypted.  The CPU itself is heavily protected from water, simply it is very susceptible to electric damage.   1 of the most difficult parts of our task is telling families that their take chances at information recovery was ruined considering someone put too much heat on their CPU resulting in electrical death from bridged solder brawl connections nether it.  In some models, like the iPhone 7/7p, the CPU is also very susceptible to drop damage.

2.) An undamaged NAND wink memory chip / No Permanent Software corruption.

Similar the CPU, the NAND is impervious to water.  However, it tin get physical harm from drop or bend.  We can right loss of physical connection between the NAND and information technology'due south partner CPU, but nosotros can't correct software abuse.  While most phones are recoverable, the ones that are not are more often than not in this category.  The structure of the data must exist intact and readable.  Phones with dealbreakers in this category are frequently ones that are autobooting to DFU or recovery mode out of the blue, failed in the heart of an update,, can't laissez passer an update despite no hardware problem etc.  The immense pressure of the iPhone design teams to prioritize security over all else generate the side effect of data loss whenever anything goes wrong at the software level.

Through feel, diagnostics, and extreme microsurgery, we tin can place and correct almost any hardware problem every bit long as the unique chips (NAND, CPU, EEPROM) are intact and functional.  Notwithstanding, some phones have uncurable software corruption.  For example, a phone that is living with a water damaged battery can accrue bombardment data errors in the NAND flash memory that ultimately results in an inability of the arrangement to communicate with the NAND--much as if error letters just consumed all the available space.   In cases like this, the problem is Inside the user data partitioning.  We know that simply erasing the user data in those cases will lead to a fully functional phone after the initial hardware faults are corrected.  These problems are less mutual, simply when they do occur the information is not recoverable with today's technology.

3.) An intact EEPROM scrap.

The tiny rice-sized EEPROM chip is just as important as the big CPU for data recovery.  This piddling chip has a big task---it creates virtual walls that prevent access to user information after "anti-replay" events such as passcode alter.   In short---the unique picayune EEPROM dude has gotta be there.  We have solved phones that can't kicking into the iOS because of h2o damage corrosion eating abroad one of the 0.2 mm solder balls that connect the EEPROM chip to the logic lath by desoldering, reballing, and reinstalling the EEPROM.  Similarly, we have solved phones that had flexion-impairment that separated the CPU's connexion to the EEPROM past drilling into the CPU itself and soldering sparse neurons fabricated of delicate wire to the die of the CPU to restore the connection.  Only nosotros have too seen phones with prior repair attempts that have carelessly smashed, or simply discarded the oh-then-important EEPROM.

four.) The right passcode.

Once the damaged logic board has had plenty surgery to boot into the iOS, the software-side of data protection all hinges on the passcode.  Nosotros REQUIRE THE Right PASSCODE for information recovery.  Many of the states that routinely utilize biometrics similar fingerprint sensor and FaceID to unlock our phones forget that these are just convenience tools to relieve y'all the trouble of entering that passcode.  But in a information recovery situation, the biometrics won't work.

Fingerprint can't help you become into a locked phone for data recovery.

The device will not permit you to utilise biometrics if any of the following situations exist.  You will have to enter the right passcode to unlock the device.  By the time a device is in need of data recovery, 1 of the following near always will exist.

 •The device has merely been turned on or restarted.
•The device hasn't been unlocked for more than than 48 hours.
•The passcode hasn't been used to unlock the device in the last 156 hours (six and a one-half days) and a biometric hasn't unlocked the device in the last 4 hours.
•The device has received a remote lock command.
•Afterwards five unsuccessful biometric match attempts.
•After initiating ability off/Emergency SOS.

What nigh phones that are Disabled after besides many passcode attempts?

In the past, disabled phones were considered "unrecoverable" but today at that place are a few express options.

If a phone has continued to a computer in the past, the trust document stored on that computer *may* allow the device to requite you lot one more crack at the passcode.  Forcefulness the phone to recovery fashion, and endeavor to update the software (not restore) in iTunes.  When the phone passes update, y'all may be prompted to enter the passcode over again.

If that doesn't work, then yous may desire to reach out to your local constabulary enforcement agency.  The recently developed GrayKey device---contractually limited to criminal cases only tin can circumvent the software lock on a disabled telephone.   The territory of passcode circumvention is tough to navigate.  Practise we want others to have the peace of heed and closure that tin can exist gained from access to our passcode locked phones when we are no longer around, or do we value personal privacy more?  Every bit painful as it is to so many families, we REQUIRE the correct passcode and take not invested in passcode circumvention tools.

What is the chance that I can get my pictures back?

The respond is 'information technology depends'   For water damaged phones that have no prior repair attempt, our success charge per unit is close to 100%.   When a phone has already had previous repair attempts the gamble of success goes down.    Phones with no driblet or bend that are auto-booting to recovery or DFU fashion and failing software updates have only a slim take chances that their trouble is anything other than an incurable software corruption that does not accept a repairable hardware component failure.  Our favorite problems are sudden onset "phone merely died", stopped working while on charger, and "telephone got hot" all bespeak to our favorite problems--curable hardware defects!

Got a case you desire to run by united states of america?

Give u.s.a. a call, we always love to talk data recovery.  585 397 4174
Or improve yet, Cheque out the details of our iPhone Data Recovery Service.

bradleyghave1959.blogspot.com

Source: https://www.ipadrehab.com/article.cfm?ArticleNumber=33

Share this post