Language Selection

English French German Italian Portuguese Spanish

GNU/Linux on Devices and Open Hardware

Filed under
Hardware
  • Linux-driven module and starter kit tap Renesas RZ/G2

    TQ’s “TQMaRZG2x” module runs Linux on a dual- to octa-core, Cortex-A57 and -A53 based RZ/G2 processor with up to 8GB LPDDR4 and 64GB eMMC plus an optional dev kit and -40 to 85°C support.

    When reporting on the SMARC 2.0 SoM collaboration between Renesas and RelySys last week featuring Renesas’ scalable, 64-bit RZ/G2 processor, we saw that we missed a September announcement from TQ Embedded about its own RZ/G2 module. The 77 x 50mm TQMaRZG2x is listed as “new” and is available with an optional new Embedded Starterkit STKaRZG2x evaluation board. The module is the first of several Renesas based products from TQ.

  • Mass-Produced, Librem 5 Linux Smartphone Begins Shipping to Customers

    Their announcement notes their work on software making desktop applications "adaptive" to phone form factors, adding "This suite of software has now become the most popular software stack to use on other handheld Linux hardware." And they close with an appreciative comment from Purism's founder and CEO Todd Weaver:

    "Shipping the Librem 5 has been an immense multi-year developmental effort. It is the culmination of people's desire to see an alternative to Android and iOS and fund it, coupled with dedication from a team of experts addressing hardware, kernel, operating system, and applications that has turned a lofty near-impossible goal into reality. We have built a strong foundation and with the continued support of customers, the community, and developers, we will continue to deliver revolutionary products like the Librem 5 running PureOS."

  • Understanding Open Source Hardware

    Open source hardware is “a set of design principles and legal practices, not a specific type of object,” says Opensource.com. Thus, although the term is often associated with electronics, it can apply to other objects as well, including boats, houses, industrial machines, and medical devices.

    The main principles defining open source hardware are similar to those of open source software. The Open Source Hardware (OSHW) Definition 1.0 is in fact “based on the Open Source Definition for Open Source Software, which was created by Bruce Perens and the Debian developers as the Debian Free Software Guidelines.”

  • Evaluating Precursor’s Hardware Security « bunnie's blog

    Hardware security is a multi-faceted problem. First, there is the question of “can I trust this piece of hardware was built correctly?”; specifically, are there implants and back doors buried in the hardware? We refer to this as the “supply chain problem”. It is a particularly challenging problem, given the global nature of our supply chains, with parts pulled from the four corners of the world, passing through hundreds of hands before reaching our doorstep. Precursor addresses this problem head-on with open, verifiable hardware: the keyboard, display, and motherboard are easy to access and visually inspect for correct construction. No factory or third-party tool is ever trusted with secret material. Precursor is capable of generating its own secret keys and sealing them within the hardware, without additional tools.

    We also use a special kind of logic chip for the CPU – an FPGA – configured by the user, not the factory, to be exactly the CPU that the user specified. Crucially, most users have no evidence-based reason to trust that a CPU contains exactly what it claims to contain; few have the inspection capability to verify a chip in a non-destructive manner. On the other hand, with an FPGA, individual users can craft and inspect CPU bitstreams with readily available tools. Furthermore, the design can be modified and upgraded to incorporate countermeasures against hardware exploits discovered in the FPGA’s underlying fabric. In other words, the current trustability situation for an ASIC-style CPU is basically “I surrender”, whereas with an FPGA, users have the power to configure and patch their CPUs.

    [...]

    Once Precursor has been glued shut, we propose the easiest method to recover the ciphertext and to gain access to the JTAG ports is to put the Precursor device into a precision CNC milling machine, mill out the PCB from the back side, and then place the remaining assembly into a pogo-pin based mechanism to perform the readout. This of course destroys the Precursor device in the process, but it is probably the most direct and reliable method of recovering the encryption keys, as it is very similar to an existing technique used for certain types of attacks on iPhones. Storing keys in BBRAM can greatly complicate the task of milling out the PCB by creating a high risk of accidental key erasure, but a sufficiently precise CNC with a non-conductive ceramic bit, or a precision laser-based ablation milling system can reduce the risk of key loss substantially. Cryogenic cooling of the FPGA chip itself may also help to preserve key material in the case of very short accidental power glitches.

  • ASUS unveils Tinker Board 2 SBC with faster Rockchip RK3399 / OP1 processor

    ASUS surprised the maker community in 2017 with the introduction of the Rochchip RK3288 powered Tinker Board to compete as Raspberry Pi 3 Model B. It was followed by Tinker Board S with built-in storage and other new features, as well as Tinker Board Edge T and Edge R SBC’s both with an AI accelerator namely Google Edge TPU and the NPU inside Rockchip RK3399Pro. The company has now launched a new model called Tinker Board 2 without AI accelerator, but featuring Rockchip RK3399, or more exactly the higher grade Rockchip OP1 used in Chromebooks, delivering 96% faster single-thread performance and a 64% boost in multi-core performance compared to the Rockchip RK3288 processor found in the original Tinker Board, while the GPU is around 28% faster with glmark2-es2 off-screen benchmark.

  • $89 Lite3DP resin 3D printer fits in the palm of your hand (Crowdfunding)

    I thought Selpic A-star 3D printer we recently covered was already small, but if you’re looking for an ultra-portable printer, it will be hard to beat the Arduino-based, open-source hardware Lite3DP resin 3D printer that can fit in the palm of your hand, and weighs just around 350 grams.

Huang: Evaluating Precursor’s Hardware Security

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Genode OS Planning For PinePhone Bring-Up, Better GPU Support In 2021

For those wanting to run a micro-kernel operating system for your low-cost, open-source friendly PinePhone, the Genode OS framework plans to port to the PinePhone this year. Genode OS and its Sculpt general purpose platform are also wanting to better embrace GPU support in 2021. The Genode operating system framework that features an original, open-source micro-kernel abstraction layer and a set of user-space components in development since 2008, published their road-map for the year. Like many in the open-source community, Genode OS developers and users have been intrigued by PINE64's PinePhone that offers an Allwinner A64-powered open-source smartphone with 2GB of RAM, 16GB eMMC, and other basics for just $149~199 USD. While there are many Linux distributions supporting the PinePhone, Genode OS wants in on the action too and plans to port their operating system framework to it this year. They want Genode on PinePhone to serve as "a feature phone, covering basic web-browsing needs, placing calls, and SMS." Read more Also: Genode OS Framework is adding PinePhone support

KaOS Linux’s First ISO Release in 2021 Adds Linux Kernel 5.10 LTS and Qt 6

KaOS Linux 2021.01 is now available for download, the first ISO release of this KDE focused and desktop oriented rolling GNU/Linux distribution inspired by Arch Linux to ship with the latest and greatest Linux 5.10 LTS kernel series, which, as expected, provides state-of-the-art hardware support. In addition, KaOS Linux 2021.01 is the first ISO release to ship with the latest Qt 6 open-source and cross-platform application framework, which is already used by some apps, including Poppler, Qtkeychain, Qsynth, Strawberry, and others. Qt 6 is accompanied by the PyQt 6.0 stack, which includes PyQt6-sip, PyQt-Builder, and Sip 6. Read more

Android Leftovers

today's leftovers

  • Kafka destination improved with template support in syslog-ng - Blog - syslog-ng Community - syslog-ng Community

    The C implementation of the Kafka destination in syslog-ng has been improved in version 3.30. Support for templates in topic names was added as a result of a Google Summer of Code (GSoC) project. The advantage of the new template support feature is that you no longer have to use a static topic name. For example, you can include the name of your host or the application sending the log in the topic name. From this blog you can learn about a minimal Kafka setup, configuring syslog-ng and testing syslog-ng with Kafka.

  •  
  • Announcing Istio 1.8.2

    This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.8.1 and Istio 1.8.2

  • 2.5-inch "Industrial Pi" Pico-ITX SBC offers PoE , mini DP++ port

    The company also provides a 15mm thick heat spreader for fanless operation, and support for Windows 10 IoT Enterprise (64-bit) and Linux operating systems.

  •   
  • ZimaBoard Intel Apollo Lake SBC and micro server goes for $69.99 and up (Crowdfunding)

    The board is passively cooled by its enclosure acting as a heatsink, and ships with Linux by default, although we’re not being told which distribution, possibly Ubuntu 20.04.

  •       
  • Algolia Search in Jekyll

    I am relieved and delighted to have finally managed the Algolia search setup for Unix Tutorial. I’ve been looking to upgrade search for a long time but had not enough JavaScript and CSS knownledge to replace the default search with Algolia’s one. I’m going through a short technical course about Vue (JavaScript framework), so this must have put me into the right mindset.

  •  
  • Partners Feel ‘Betrayed,’ ‘Taken Aback’ By Microsoft’s Direct Calls To Customers

    A California MSP learned a lesson years ago when a software vendor tried to go direct with his end users. So when Microsoft demanded contact information for his customers, he gave them an email address that went directly to him instead. Earlier this week that email account, which was set up about 18 months ago in the hopes that it would not be used, received a message from a Microsoft business development specialist offering his customer “free training.” “That’s exactly what I would do if I was trying to steal someone else’s business,” said the MSP, who asked not to be named because he fears retribution from Microsoft for speaking out. “It’s just wrong. It’s just wrong. Plain and simple.”

  •  
  • Windows 10 bug corrupts your hard drive on seeing this file's icon

    In August 2020, October 2020, and finally this week, infosec researcher Jonas L drew attention to an NTFS vulnerability impacting Windows 10 that has not been fixed. When exploited, this vulnerability can be triggered by a single-line command to instantly corrupt an NTFS-formatted hard drive, with Windows prompting the user to restart their computer to repair the corrupted disk records. The researcher told BleepingComputer that the flaw became exploitable starting around Windows 10 build 1803, the Windows 10 April 2018 Update, and continues to work in the latest version. What's worse is, the vulnerability can be triggered by standard and low privileged user accounts on Windows 10 systems.

  • The Linux Foundation launches 7-part open source management training program
  • Open source software security in an ICT context – benefits, risks, and safeguards

    In a recent report, contributors to free and open source software (FOSS) claimed they spent only 2.27 percent of their contribution time on security. In our latest blog post, we delve into open source software security, and discuss why it’s key for building robust and open interoperable networks. [...] Is open source software better than proprietary software when it comes to security vulnerabilities? Elias Levy, the person behind the infamous (vulnerability) full disclosure mailing list, Bugtraq, said two decades ago: “No. Open Source Software certainly does have the potential to be more secure than its closed source counterpart. But make no mistake, simply being open source is no guarantee of security”. Building and delivering complex system software without security vulnerabilities requires investment and due diligence, regardless if the code is open sourced or proprietary (see figure 1, below). As the Mozilla Foundation states: “Security is a process. To have substantial and lasting benefit, we need to invest in education, best practices, and a host of other areas”. Tools and resources are available. With safeguards in place, OSS can be used effectively at low risk to realize its intended benefits. ICT products relying on OSS must be developed using methodologies and safeguards that ensure the expected level of security is met. OSS can accelerate innovation, reduce the development timeline, speed time to market, realize cost savings, and be secure. ICT vendors must take responsibility and practice a higher level of due diligence when using OSS components.

  • Email is the messenger you should migrate to

    But the most important thing: Delta Chat allows you to communicate even with people who don’t use Delta Chat at all, all you need is an email address! If you write to someone without Delta Chat, they will just get a normal email. I would argue that even beats Matrix or XMPP.

    Conclusion: If you are concerned about security when chatting and would rather use a decentralized messenger (no silo), you are in good hands with email and Delta Chat.

  • IMAPS specialisations – call for participation in the public review of LIMAPS, OIMAPS, SIMAPS and TIMAPS!

    The objective of this public consultation is to produce updated releases of the IMAPS specialisations, which will provide insights on specific interoperability viewpoints of the digital public service, i.e. the legal, organisational, technical and semantic interoperability viewpoints. Both IMAPS and its specialisations assess the various areas of a digital public service in terms of behavioural interoperability specifications, capabilities and manifestations. The update of the releases of the IMAPS specialisations will be based on change requests coming from stakeholders interested in the solutions.