Best scope for 5-6k

[2N3055]

Definitely need at least 4 channels, and somewhere between 200-500 MHz depending on price. We are measuring primarily audio equipment, power regulators, some digital signals and assessing clock timing.

Why do you need 500MHz bandwidth for that?

I'm quite happy with my Siglent SDS1104X-E, even though it's "just" an 8-bit scope. Maybe it's good for you to get a scope in that price and performance range. I'm not saying it's the scope you need, but at 10% of your budget it's starting to get into the "lunch money" category.  I thought a while about buying a scope in the Siglent 2000 series, but I just don't need it. I'd like the bigger screen and the extra cost is not a big issue, but I just don't need it.

Just had a look at some prices, and you can now get a Siglent SDS1102X HD for EUR 1150, or an Siglent SDS1204X HD  for EUR 1650. And that's on the low end of the bandwidth with a "mere" 200MHz

Design of your DPO4034 is apparently from 2010, now 16 years ago. And that is quite a lot for scopes. One of the recent changes is many scope manufacturers are now switching to 10 or 12 bit ADC's for all but their lowest cost entry scopes.

One of the few reasons I can imagine for really needing a more expensive scope is for very advanced triggering features, and those are (sort of) brand specific, at least in their details.

Even SDS800xHD has very advanced triggering, in the level of high end scopes 10-15 years ago..
SDS2000X+ and SDS2000xHD and up have zone trigger as well.

[BillyO]

LOL!

Not to take this off topic too far.  It seems the Chinese and Russians get blamed the most for cyber espionage and other countries pushed to the background, especially the US.

In a previous life I was working with the federal government here in Canada.  My company was the provider for most of their security software.  The interesting thing I learned from that engagement was that the US was responsible for more than 60% of the cyber attacks on the Canadian government systems.  And we were their most trusted ally (yeah, that's history now).

No wonder people in the US are so paranoid.  They just think everyone else is doing what they are doing.   They are, but to nowhere near the same extent. 

So, does your company think a Siglent scope will send worms out through your systems, collect all the undoubtedly hugely valuable information therein and send it back to Xi Jinping? 

[KungFuJosh]

They are, but to nowhere near the same extent. 

That's not quite true. They all are at different extents and with different goals. Some do it better than others. Some use their cyber skills to sway elections on social media to allow a toddler to take control and destroy a country from within. Some just want credit card numbers. 🤷

[pdenisowski]

Disabling the built in ethernet on your PC and using an "off brand" Ethernet card is apparently effective to thwart Intel's "Management Engine" (And AMD's equivalent).

Even more effective is using GPIB - I have yet to see an exploit carried out over a GPIB bus.

(And no, this is not a joke - we (R&S) still offer GPIB even on most of our new "flagship" products)

[abeyer]

I have yet to see an exploit carried out over a GPIB bus.

quick, hold my beer 

[pdenisowski]

I have yet to see an exploit carried out over a GPIB bus.

quick, hold my beer 

In all seriousness - if you can show a GPIB based-exploit* of a "tier 1" test and measurement instrument, I will buy you an entire case of beer.  Not joking - it would be totally worth it 


*By "exploit" I mean "compromising the operating system and/or installing malware"  Not just crashing the box over GPIB - I can do that myself 

[abeyer]

In all seriousness - if you can show a GPIB based-exploit* of a "tier 1" test and measurement instrument, I will buy you an entire case of beer.  Not joking - it would be totally worth it 

I was joking, as I'm certainly not the one to do it... but I wouldn't put that bet to someone who was.

The fact that it is so easy to crash many devices over gpib makes me suspect there's some memory safety issues in there, and a far more talented hacker than me might be able to exploit them to get local code execution. Further, the fact that gpib is seldom publicly accessible makes it a less attractive target for people to explore,  so I wouldn't be shocked if there were undiscovered exploitable issues.

[n55_6mt]

Man, I feel like I've really derailed this topic...

On the GPIB topic though, I know some of my older HPIB PCI cards were set up with DMA so I'm sure a malignant actor could probably wreck some havoc if they really wanted to...

Back on topic though: I put in the requisition for my MXO3 today, so hopefully in a few weeks I can find out what a modern big-boy scope feels like to use.

[asmi]

And these kinds of per-country restrictions are more common than most people think.  I've had numerous (non-government) customers who would not even let sales reps into the building to talk about their products if they worked for non-US / non-NATO companies.

I wonder how they would react if they learn that those "NATO products" consist pretty much entirely from parts manufactured in non-NATO countries...

[dxl]

I have yet to see an exploit carried out over a GPIB bus.

quick, hold my beer 

In all seriousness - if you can show a GPIB based-exploit* of a "tier 1" test and measurement instrument, I will buy you an entire case of beer.  Not joking - it would be totally worth it 


*By "exploit" I mean "compromising the operating system and/or installing malware"  Not just crashing the box over GPIB - I can do that myself 

I just repaired a keysight Signal generator (about 10 years old) that let's you happily upload elf files and execute them. Does that count? And the official firmware upgrade also flashes firmware/fpga files via network without any authentication.

[J-R]

Of course it's expected that many cyberattacks can originate from the US, as there are many well-connected zombie devices here.  Also, the US also has approximately 10 times as many datacenters as the next country in the list, so it's likely a malicious actor would leverage a cloud service in the US for many attacks, for example, and it's an easy way to mask the true origin of the attack.

With regard to purchasing Chinese-made devices, there is perhaps some ignorance in this area. It's unlikely that the CCP would force manufacturers to add "backdoors" to exported products wholesale under normal circumstances, since if discovered it would cause sales of Chinese products to crash.  Also, backdoors get a lot of attention, but in reality there isn't really a difference between a backdoor and an exploit that only you know.  So modern "backdoors" are probably just snafus that were discovered but kept secret in case it might be useful in the future, especially for high-value targets.

The primary concerns typically revolve around two areas, in my opinion.

First, a lot of Chinese products are popular due to their low price, and it costs money to hire skilled coders with security experience, provide continued firmware updates after the sale and offer bug bounties to keep your product secure.  So ultimately a lot of the cheap stuff we buy ends up being a security risk not specifically via CCP pressure, but simply due to the targeted price point.

Second, there IS an elevated general risk of devices being exploited in the future, especially if there was a conflict.  Plenty of devices phone home and/or check for/download updates automatically, and this would absolutely be a major attack vector.

So ultimately it's very logical to simply ban such devices out of caution, and that is also simpler than having to test and maintain an exhaustive list of approved/not approved products.

[asmi]

Second, there IS an elevated general risk of devices being exploited in the future, especially if there was a conflict.  Plenty of devices phone home and/or check for/download updates automatically, and this would absolutely be a major attack vector.

So ultimately it's very logical to simply ban such devices out of caution, and that is also simpler than having to test and maintain an exhaustive list of approved/not approved products.

All it takes to solve this problem is to isolate those devices from outside world (and from everything else which is not required for said device to perform it's intended function) via private network. That 100% guarantees that these devices won't do any harm even if they do contain anything malicious. Though historically pretty much all security vulnerabilities were caused by human mistakes or lack of relevant experience, not malice.

[Zucca]

I have a mint full loaded KS MSOX3104T if you want it, $6K. Located in the USA.

https://www.keysight.com/us/en/product/MSOX3104T/mixed-signal-oscilloscope-1-ghz-4-analog-16-digital-channels.html

[pdenisowski]

And these kinds of per-country restrictions are more common than most people think.  I've had numerous (non-government) customers who would not even let sales reps into the building to talk about their products if they worked for non-US / non-NATO companies.

I wonder how they would react if they learn that those "NATO products" consist pretty much entirely from parts manufactured in non-NATO countries...

We (R&S) do most of our own manufacturing in Europe.  And we also produce most of the parts ourselves too  

https://www.rohde-schwarz.com/us/about/news-press/all-news/rohde-schwarz-invests-around-eur-60-million-in-center-for-cutting-edge-technology-in-memmingen_229356-1325063.html

[asmi]

We (R&S) do most of our own manufacturing in Europe.  And we also produce most of the parts ourselves too  

Not according to teardown photos I've seen. Almost 100% of everything I was able to identify is manufactured in Asia - mostly China and Malaysia. Can you give some examples of parts you produce in Europe?

https://www.rohde-schwarz.com/us/about/news-press/all-news/rohde-schwarz-invests-around-eur-60-million-in-center-for-cutting-edge-technology-in-memmingen_229356-1325063.html

Too much marketing fluff, too little relevant details...

[mikeselectricstuff]

We (R&S) do most of our own manufacturing in Europe.  And we also produce most of the parts ourselves too  

Not according to teardown photos I've seen. Almost 100% of everything I was able to identify is manufactured in Asia - mostly China and Malaysia. Can you give some examples of parts you produce in Europe?

By "Parts" they mean parts that are replaceable as per their service policy, i.e. whole PCBA = 1 "part"

[asmi]

By "Parts" they mean parts that are replaceable as per their service policy, i.e. whole PCBA = 1 "part"

That's not parts - parts are what is on those PCBs, not PCBs themselves. And as far as I can tell, there are exactly zero parts which I could positively identify as made in Europe (or any other NATO country for that matter). Maybe some connectors or similar stuff which are hard to identify from photos - not sure about that.

[KungFuJosh]

By "Parts" they mean parts that are replaceable as per their service policy, i.e. whole PCBA = 1 "part"

That's not parts - parts are what is on those PCBs, not PCBs themselves. And as far as I can tell, there are exactly zero parts which I could positively identify as made in Europe (or any other NATO country for that matter). Maybe some connectors or similar stuff which are hard to identify from photos - not sure about that.

You don't get to define the words for the company. A PCB is a part of a device. Components on the PCB are another story. You're being pedantic for no reason.

[asmi]

You don't get to define the words for the company. A PCB is a part of a device. Components on the PCB are another story. You're being pedantic for no reason.

You don't get to tell me what I can or can not do. And there is a reason I'm pedantic - which is to demonstrate that all scopes regardless of origin are built from pretty much the same parts sourced from the same manufacturers. And to poke fun at stupidity and ignorance of those idiots coming up with such ridiculous restrictions.

[KungFuJosh]

You don't get to define the words for the company. A PCB is a part of a device. Components on the PCB are another story. You're being pedantic for no reason.

You don't get to tell me what I can or can not do. And there is a reason I'm pedantic - which is to demonstrate that all scopes regardless of origin are built from pretty much the same parts sourced from the same manufacturers. And to poke fun at stupidity and ignorance of those idiots coming up with such ridiculous restrictions.

I don't disagree on the ridiculousness, and I also enjoy poking fun. But neither of us define any language(s), or business / marketing practices for any major corporations.

Anyway, I'll guess you're probably a Carl Sagan fan? Your parts logic reminds me of his quote: "If you wish to make an apple pie from scratch, you must first invent the universe."

[tautech]

You don't get to define the words for the company. A PCB is a part of a device. Components on the PCB are another story. You're being pedantic for no reason.

You don't get to tell me what I can or can not do. And there is a reason I'm pedantic - which is to demonstrate that all scopes regardless of origin are built from pretty much the same parts sourced from the same manufacturers. And to poke fun at stupidity and ignorance of those idiots coming up with such ridiculous restrictions.

100%

Really it's just paranoia and plain laziness that has company IT departments eliminating all potential risk rather than managing risk so the lab techs have access to the most cost efficient tools to do their job.

Several companies we supply manage instrument connectivity and its contact with the WAN in different ways.
Air gapping the LAN is the most common or locking lab LAN's from accessing the WAN should be well within the capabilities of most IT techs....you would think. 

Even when air gapped or WAN access is restricted, company policy often prohibits us from taking a cellphone or USB stick into their business place and especially into a lab.....otherwise you just don't get in the door !



Even this dummy can build a totally air gapped LAN so to give all his demo instruments access to a PC in order to show exhibition visitors webserver remote control and such.....an old ADSL router, some network switches and a heap of cabling....all nicely hidden behind plain black bed sheets. 
Then to set all those instrument IP's and open all the browser tabs so just a click has you remotely operating any one of them......a full days work to setup all of this:

[nctnico]

You don't get to define the words for the company. A PCB is a part of a device. Components on the PCB are another story. You're being pedantic for no reason.

You don't get to tell me what I can or can not do. And there is a reason I'm pedantic - which is to demonstrate that all scopes regardless of origin are built from pretty much the same parts sourced from the same manufacturers. And to poke fun at stupidity and ignorance of those idiots coming up with such ridiculous restrictions.

100%

Really it's just paranoia and plain laziness that has company IT departments eliminating all potential risk rather than managing risk so the lab techs have access to the most cost efficient tools to do their job.

Several companies we supply manage instrument connectivity and its contact with the WAN in different ways.
Air gapping the LAN is the most common or locking lab LAN's from accessing the WAN should be well within the capabilities of most IT techs....you would think. 

Even this dummy can build a totally air gapped LAN so to give all his demo instruments access to a PC

Ah, and where does this PC go afterwards? Back into an office LAN and connected to internet? Air gapped also means that nothing external gets connected. Not even temporary. There is such a thing as cross contamination.

[tautech]

You don't get to define the words for the company. A PCB is a part of a device. Components on the PCB are another story. You're being pedantic for no reason.

You don't get to tell me what I can or can not do. And there is a reason I'm pedantic - which is to demonstrate that all scopes regardless of origin are built from pretty much the same parts sourced from the same manufacturers. And to poke fun at stupidity and ignorance of those idiots coming up with such ridiculous restrictions.

100%

Really it's just paranoia and plain laziness that has company IT departments eliminating all potential risk rather than managing risk so the lab techs have access to the most cost efficient tools to do their job.

Several companies we supply manage instrument connectivity and its contact with the WAN in different ways.
Air gapping the LAN is the most common or locking lab LAN's from accessing the WAN should be well within the capabilities of most IT techs....you would think. 

Even this dummy can build a totally air gapped LAN so to give all his demo instruments access to a PC

Ah, and where does this PC go afterwards? Back into an office LAN and connected to internet? Air gapped also means that nothing external gets connected. Not even temporary. There is such a thing as cross contamination.

Ah and you missed the part where mention of lazy IT staff was made ?

So a PC gets shifted from a secure LAN to somewhere else that has access to WAN.....and by whom............. normally the IT staff ....... 

[asmi]

Ah, and where does this PC go afterwards? Back into an office LAN and connected to internet? Air gapped also means that nothing external gets connected. Not even temporary. There is such a thing as cross contamination.

There are ways to make that happen. For example, you can have a PC which has two network interfaces - one facing the rest of the network and outside world, and another one connected to private lab network, without any routing between those interfaces. This way that PC can access both lab stuff and the rest of the world, while still keeping lab network isolated in a sense that no other equipment connected to that network can access anything outside of it. And with VLANs and managed switches you don't even need to make those networks physically isolated - though I would still recommend doing so whenever possible and/or practical.

[nctnico]

Ah, and where does this PC go afterwards? Back into an office LAN and connected to internet? Air gapped also means that nothing external gets connected. Not even temporary. There is such a thing as cross contamination.

There are ways to make that happen. For example, you can have a PC which has two network interfaces - one facing the rest of the network and outside world, and another one connected to private lab network, without any routing between those interfaces. This way that PC can access both lab stuff and the rest of the world, while still keeping lab network isolated in a sense that no other equipment connected to that network can access anything outside of it. And with VLANs and managed switches you don't even need to make those networks physically isolated - though I would still recommend doing so whenever possible and/or practical.

And how is this air gapped??? There is no way your proposed solution will be accepted for any even mildly secured system. Air gapped means there is no physical link between two systems which can carry random data, let alone execute code. And no transfer of systems from one place to the other to prevent cross contamination.

For that reason mission critical systems often use very dedicated serial style protocols to convey pre-defined blobs of information with the outside world. Often with electrical isolators in between. By design such interfaces can't convery any other type of information than what they are intended for.