XIAO nRF52840 vulnerable to APPROTECT bypass. New revision coming?

Products & Technology XIAO
#1

Nordic Semi chips come with a feature called APPROTECT which prevents to enable SWD debugging when active in order to prevent reverse-engineering, dumping the firmware or keys stored in its flash.

Unfortunately this protection was disabled by default in the nRF52840 rev.2 AAD0, the one in the XIAO BLE Sense (at least my unit). It is possible to bypass it with a glitch attack.

The concept was published by LimitedResults in 2020 and is demonstrated by Aaron Christophel in this video:

Nordic Semi issued a new hardware revision: Rev.3 AAF0, as seen on the updated USB Dongle:

I am considering using the XIAO nRF52840 Sense for a commercial project where most of the cost will be software engineering. However I am concerned that the moment someone would clone the hardware with a copy of the firmware the whole venture would become economically impractical.

I would like to get started with the XIAO board, then possibly move to a custom PCB design once the sales and growth allow it.

Would Seeed Studio consider upgrading the XIAO nRF52840 with its 3rd revision chipset for everyone?
It would help sales by making this board a platform suited for more commercial products.

Otherwise, is it the purpose of Seeed Studio Product Customization Services?

#2

I too would like this, However I believe Round Pork Will Fly before SEEED does that is my bet. Hope they prove me wrong, but over the past two years the output from Engineering has been inconsistent IMO, too busy chasing the latest shinny thing than improve documentation
or support for existing products and examples.
GL :slight_smile:
PJ

1 Like
#3

I found one of these I’ve had for a while, However the "cape "schematic for the Glitcher is not available but basically has a USB port type A and some (2)FET’s connected to GPIO’s and a input Gpio connection. From the pictures easy to figure out and crank up a pcb to fit and add some features.

20230915_122115
20230915_1221151440×2560 238 KB

20230915_122037
20230915_1220371440×2560 214 KB

HTH
GL :smiley: PJ :v:

1 Like
#4

Yeah @PJ_Glasso there is indeed choice between boards in order to accomplish the glitch :sweat_smile:
Either fully automated with an ESP32 like demonstrated in the video or LimitedResult’s PocketGlitcher

It would be nice to have some attention from Seeed here. I started to look into how people design their own boards, maybe I will go in this direction once prototyping is complete. Then my product would not include XIAO boards.

Although I would much prefer to launch with a XIAO board inside, and switch to a custom PCB later on if needed.