Language Selection

English French German Italian Portuguese Spanish

Devices/Embedded: Loongson Pi 2K, E-paper, Wind River, Raspberry Digital Signage and More

Filed under
GNU
Linux
Hardware

More in Tux Machines

Web Standards

  • Inrupt, Tim Berners-Lee's Solid, and Me

    All of this is a long-winded way of saying that I have joined a company called Inrupt that is working to bring Tim Berners-Lee's distributed data ownership model that is Solid into the mainstream. (I think of Inrupt basically as the Red Hat of Solid.) I joined the Inrupt team last summer as its Chief of Security Architecture, and have been in stealth mode until now.

    The idea behind Solid is both simple and extraordinarily powerful. Your data lives in a pod that is controlled by you. Data generated by your things -- your computer, your phone, your IoT whatever -- is written to your pod. You authorize granular access to that pod to whoever you want for whatever reason you want. Your data is no longer in a bazillion places on the Internet, controlled by you-have-no-idea-who. It's yours. If you want your insurance company to have access to your fitness data, you grant it through your pod. If you want your friends to have access to your vacation photos, you grant it through your pod. If you want your thermostat to share data with your air conditioner, you give both of them access through your pod.

  • World wide web founder scales up efforts to reshape internet
  • Sir Tim Berners-Lee's Inrupt is Redesigning the way the web is to Work and Apple is working with them on their Data Transfer Project

    Inrupt, the start-up company founded by Sir Tim Berners-Lee to redesign the way the web works, is expanding its operational team and launching pilot projects in its quest to develop a "massively scalable, production-quality technology platform."

  • Inconsistent user-experiences with native lazy-loading images

    The specification for web browser native support for lazy-loading images landed in the HTML Living Standard a week ago. This new feature lets web developers tell the browser to defer loading an image until it is scrolled into view, or it’s about to be scrolled into view. Images account for 49 % of the median webpage’s byte size, according to the HTTP Archive. Lazy image loading can help reduce these images’ impact on page load performance. It can also help lower data costs by clients that never scroll down to images far down on a page. Historically, lazy-loading was implemented by responding to changes in the scroll position and tracking the image element’s offset from the top of the page. This could degrade page-scrolling performance. Comparatively, the new native lazy loading for images is easier to implement and doesn’t degrade scrolling performance.

Security and Scare for Sale

  • Malware Attack Takes ISS World's Systems Offline

    Founded in 1901, the Copenhagen, Denmark-based company provides cleaning, support, property, catering, security, and facility management services for offices, factories, airports, hospitals, and other locations all around the world.

    At the moment, the company’s employees don’t have access to corporate systems, as they were taken offline following a malware attack earlier this week.

  • The rise and rise of ransomware [iophk: Windows TCO]
  • Security flaws belatedly fixed in open source SuiteCRM software

    According to Romano, a second-order PHP object injection vulnerability (CVE-2020-8800) in SuiteCRM could be “exploited to inject arbitrary PHP objects into the application scope, allowing an attacker to perform a variety of attacks, such as executing arbitrary PHP code”. SuiteCRM versions 7.11.11 and below are said to be vulnerable. [...] “We have put a notice on our open source community channels and advice via social media. We have a dedicated community that works around the clock to spot vulnerabilities and produce suitable fixes, which is one of the key benefits for a business when choosing to use open source software.”

  • With the rise of third-party code, zero-trust is key

    The surface area of website and web application attacks keeps growing. One reason for this is the prevalence of third-party code. When businesses build web apps, they use code from many sources, including both commercial and open-source projects, often created and maintained by both professional and amateur developers. Web application creators take advantage of third-party code because it allows them to build their websites and apps quickly. For example, companies are likely to add a third-party chat widget to their site, instead of building one from scratch. But third-party code can leave websites vulnerable. Consider the July 2018 Magecart attack on Ticketmaster. In this data breach, hackers were able to gain access to sensitive customer information on Ticketmaster's website by compromising a third-party script used to provide chatbot functionality. The challenge is that this third-party functionality runs directly on the customer's browser, and the browser is built to simply render the code sent down from a web server. It assumes that all code, whether first-party or third-party, is good.

  • New company BluBracket takes on software supply chain code security
  • BluBracket scores $6.5M seed to help secure code in distributed environments

    BluBracket, a new security startup from the folks who brought you Vera, came out of stealth today and announced a $6.5 million seed investment. Unusual Ventures led the round with participation by Point72 Ventures, SignalFire and Firebolt Ventures.

Openwashing and the Latest Microsoft Fakes

Devices: RasPi, MoveIt/ROS, Neuroscience Hardware Hack Chat and More

  • [Available now] Raspberry Pi Zero based open source checkra1n jailbreak dongle (Ra1nbox) with screen is in works

    Do you have an iPhone? Did you migrate from Android? In case you did, you can probably reminisce the first few weeks. It might have been difficult for you to get along with the whole ecosystem with limited customisation options. Setting the price aside, the main advantage of having an Android device is numerous options to change the default features. In order to gain an elated level of privilege, you can even go through a few steps to root the phone.

  • MoveIt, the Popular Open Source Platform For Robotic Arms, Releases ROS 2 Version

    PickNik Robotics is pleased to announce today the release of a much anticipated new version of MoveIt for use with the industry-advocated ROS 2. PickNik Robotics and its partners Intel, Amazon, Open Robotics, and many worldwide contributors to MoveIt, are excited to see this big step forward in providing next generation open source robotics. MoveIt 2 will enable many compelling advantages over its predecessor, namely faster, more reactive planning through realtime control of robot arms. The new platform version will enable more reliable robot behaviors, based on industry feedback.

  • Open-Source Neuroscience Hardware Hack Chat

    Join us for the Open-Source Neuroscience Hardware Hack Chat this week where we’ll discuss the exploration of the real final frontier, and find out what it takes to invent the tools before you get to use them.

  • Glasgow Interface Explorer open source multitool for digital electronics

    A new project soon to launch via Crowd Supplied is the Glasgow Interface Explorer, offering a highly capable and extremely flexible open source multitool for digital electronics. Created for embedded developers, reverse engineers, digital archivists, electronics hobbyists, and anyone else who wants to communicate with a wide selection of digital devices. The Glasgow Interface Explorer development board has been designed for “maximum reliability and minimum hassle” science creators and can be attached to most devices without the need for additional active or passive components.

  • ADLINK Industrial-Pi (I-Pi) SMARC Development Kit Features Rockchip PX30 SoC

    ADLINK Technology has just announced the Industrial-Pi (I-Pi) SMARC Development Kit to help engineers quickly design prototypes for industrial applications using peripherals and sensors.

  • Bluetera II open source development board created for motion-based IoT applications

    Bluetera II is an open hardware IoT solution powered by 9-axis motion sensors, an MCU with support for BLE 5.0, and an SDK based on Google’s Protocol Buffer technology. The small development board will be soon available to purchase via the Crowd Supply website. Offering a full stack development board using protocol buffers for motion-based IoT applications and has been created to fill the gap for an open source platform that satisfies the following requirements :