Language Selection

English French German Italian Portuguese Spanish

Hardware

Tiny IoT gateway built on Raspberry Pi Compute Module wears HATs

Filed under
Linux
Hardware

CompuLab’s IOT-GATE-RPi mini-PC/gateway builds on the RPi CM3 with 2x GbE, RPi HAT expansion, and optional WiFi, BT, 3G, LTE, and -40 to 80°C support.

CompuLab has added another Linux-friendly member to its IOT-GATE family of ultra-compact mini-PCs, following the IOT-GATE-iMX7, which is built around its NXP i.MX7 based CL-SOM-iMX7 computer-on-module. For the new IOT-GATE-RPi, CompuLab opted for a third-party COM: the popular Raspberry Pi Compute Module 3, a COM version of the Raspberry Pi 3.

Read more

Atari’s Linux Games Console Now Has a Controller

Filed under
GNU
Linux
Hardware
Gaming

Back in September we wrote about the Ataribox, a new Linux-powered console from Atari — today we get a look at its new joystick.

Over on Facebook Atari shows off the new Ataribox Joystick that will (presumably) come bundled with the video games (and home entertainment) machine when it goes on sale next year

If you’ve been sleeping under a pile of E.T. carts, the Ataribox is pitched as the “ultimate video game & entertainment box”, offering classic Atari games, thousands of PC & indie games, and streaming apps from major content providers.

Read more

Also: The Linux-powered Ataribox Joystick has been revealed, looks delightfully retro and rather stylish

First Renesas based Raspberry Pi clone runs Linux

Filed under
Linux
Hardware

iWave’s “iW-RainboW-G23S” SBC runs Linux on a Renesas RZ/G1C, and offers -20 to 85°C support and expansion headers including a RPi-compatible 40-pin link.

iWave’s iW-RainboW-G23S is the first board we’ve seen to tap the Renesas RZ/G1C SoC, which debuted earlier this year. It’s also the first Renesas based SBC we’ve seen that features the increasingly ubiquitous Raspberry Pi 85 x 56mm footprint, layout, and RPi-compatible 40-pin expansion connector. The board is also notable for providing -20 to 85°C temperature support.

Read more

Also: GameShell Is An Open Source And Linux-powered Retro Game Console That You’ll Love

Linux/Android hacker SBC with hexa-core Rockchip SoC debuts at $75

Filed under
Android
Linux
Hardware

The Vamrs “RK3399 Sapphire” SBC is on sale for $75, or $349 for a full kit. Vamrs is also prepping an RK3399-based “Rock960” 96Boards SBC.

Rockchip’s RK3399 is one of the most powerful ARM-based system-on-chips available on hacker boards, featuring two server-class Cortex-A72 cores clocked to up to 2.0GHz, as well as four Cortex-A53 at up to 1.42GHz and a quad-core Mali-T864 GPU. The hexa-core SoC has appeared on T-Firefly’s Firefly-RK3399 SBC and RK3399 Coreboard computer-on-module, as well as Videostrong’s VS-RD-RK3399 SBC and Theobroma’s RK3399-Q7 Qseven module. Now we have a new contender: Shenzhen based Vamrs, which built the limited edition Rockchip RK3399 Sapphire SBC as the official RK3399 dev board for Rockchip, is now re-launching the board, which features a 40-pin Raspberry Pi compatible connector, with “many in stock” for a discounted price of $75.

Read more

Linux Boards with Intel (Back Doors)

Filed under
Linux
Hardware
  • Arduino Create Expands to Support Linux on Intel Chips

    When we talk about open source hardware, we often think about the Raspberry Pi and other community-backed single board computers running Linux. Yet all these communities were modeled on the success of the 14-year-old Arduino project, in which Linux has been only tangentially involved, and only over the past four years. The two platforms should grow closer, however, now that Arduino has extended its Arduino Create development environment to support Linux on x86 platforms.

    With the new Linux support, “users are now able to program their Linux devices as if they were regular Arduinos,” says Arduino. Arduino Create works in concert with embedded Linux distributions – initially Ubuntu or Intel’s Wind River Pulsar Linux – to let developers load Arduino sketches to control lower level interfaces to sensors and other Internet of Things peripherals.

  • 3.5-inch SBC comes in 6th and 7th Gen Intel flavors

    Commell’s 3.5-inch “LS-37K” SBC supports 6th or 7th Gen Core S-series and Xeon-E3-1200 v5 CPUs with up to 16GB DDR4, triple displays, 2x SATA, and mSATA.

    Commell announced a 3.5-inch SBC with Intel’s 6th (“Skylake”) or 7th (“Kaby Lake”) Gen Core S-series and Xeon-E3-1200 v5 CPUs. The LS-37K’s layout and feature set are similar to that of its Skylake based LE-37I and LE-37G 3.5-inch boards. As usual, no OS support is listed, but Linux should run with no problem.

  • Apollo Lake DIN-rail computer packs a lot in a little

    Axiomtek’s Linux-friendly “ICO120-83D” IoT gateway runs on a dual-core Apollo Lake Celeron, and offers mini-PCIe expansion and extended temp support.

    Axiomtek has launched an ICO120-83D Internet of Things gateway that runs on Intel’s dual-core, 1.1GHz Celeron N3350 SoC with 6W TDP. The system has the same Apollo Lake processor and fanless DIN-rail design as the recent ICO300-83B gateway, but with a more compact 125 x 100 x 31mm. 0.3 k footprint and a reduced feature set.

MINIX: ​Intel's hidden in-chip operating system

Filed under
OS
Hardware
Security

Why? Let's start with what. Matthew Garrett, the well-known Linux and security developer who works for Google, explained recently that, "Intel chipsets for some years have included a Management Engine [ME], a small microprocessor that runs independently of the main CPU and operating system. Various pieces of software run on the ME, ranging from code to handle media DRM to an implementation of a TPM. AMT [Active Management Technology] is another piece of software running on the ME."

In May, we found out that AMT had a major security flaw, which had been in there for nine -- count 'em -- nine years.

"Fixing this requires a system firmware update in order to provide new ME firmware (including an updated copy of the AMT code)," Garrett wrote. "Many of the affected machines are no longer receiving firmware updates from their manufacturers, and so will probably never get a fix," he said. "Anyone who ever enables AMT on one of these devices will be vulnerable."

[...]

The Electronic Frontier Foundation (EFF) has called for Intel to provide a way for users to disable ME. Russian researchers have found a way to disable ME after the hardware has initialized, and the main processor has started. That doesn't really help much. ME is already running by then.

But Minnich found that what's going on within the chip is even more troubling. At a presentation at Embedded Linux Conference Europe, he reported that systems using Intel chips that have AMT, are running MINIX.

If you learned about operating systems in the late '80s and early '90s, you knew MINIX as Andrew S Tanenbaum's educational Unix-like operating system. It was used to teach operating system principles. Today, it's best known as the OS that inspired Linus Torvalds to create Linux.

So, what's it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don't know exactly what version or how it's been modified since we don't have the source code.

Read more

Purism Librem 13 v2 privacy-focused Linux laptop -- great hardware, frustrating software [Review]

Filed under
GNU
Linux
Hardware
Reviews

As a computer user in 2017, privacy is always on my mind -- as it should be. I suppose I have always cared about securing my information and data, but in recent years, we have learned so many troubling things about government hackers -- including the USA -- that it seems more important than ever. Patriot Edward Snowden really shone a light on the unfortunate state of privacy, or lack thereof, in modern days.

This is why I was very intrigued by the Purism line of laptops. These are computers that are designed with privacy in mind. The Librem 13 v2, which I have been testing, features two hardware kill-switches -- one will cut the webcam and microphone, while the other kills the Wi-Fi and Bluetooth radios. By cutting access on the hardware level, hackers cannot access these things when switched off. Instead of using a traditional bios system for booting, it even leverages Coreboot. It runs a Linux-based operating system called "Pure OS" which aims to be very secure and private. Unfortunately, the OS ends up being a little too secure, and the weak link of the overall package. But does that really matter?

Read more

Raspberry Pi CM3 fuels touch panel and network media player

Filed under
Linux
Hardware

Distec’s 10.1-inch “POS-Line IoT” touch-panel PC is built on its RPi CM3 based “Artista-Iot” board, which also drives a VideoPoster IV media player.

In February, Germany based Distec announced its Artista-IoT touchscreen controller board based on the Raspberry Pi Compute Module 3, and has now announced a POS-Line IoT touch-panel computer built on the sandwich-style board combo. Primarily aimed at Point-of-Sale (PoS) applications, the touch-panel can also be used for HMI devices, digital whiteboard and production visualization, medical, aerospace, and signage applications.

Read more

Another Dead Microsoft Product

Filed under
Hardware
Microsoft

Success! Beelink S1 Running Linux – Courtesy of the Open Source Community

Filed under
GNU
Linux
Hardware

We recently published a post summarizing why the Beelink S1’s hardware specs look so promising for an inexpensive Linux mini PC. But I hit a brick wall when trying to install any flavour of Linux on the machine. I simply could not get the machine to boot a live Linux distro, either from a USB DVD or USB key.

I contacted Shenzhen AZW Technology Co. Ltd., the manufacturer of the Beelink S1, twice to see if they could offer any support. They replied recommending I get used to running Windows 10, as they contend Ubuntu is difficult to install on this mini PC. The second email has yet to elicit a response. I must have exhausted my support quota. Undeterred, I made a call for help to Linux enthusiasts. And half a dozen good folk promptly stepped forward to offer a simple solution, which I’ll detail below. This is one reason why I love Linux; the community.

Read more

Syndicate content

More in Tux Machines

Mint 18.3: The best Linux desktop takes big steps forward

I run many operating systems every day, from macOS, to Windows 7 and 10, to more Linux desktop distributions than you can shake a stick at. And, once more, as a power-user's power user, I've found the latest version of Linux Mint to be the best of the best. Why? Let's start with the basics. MacOS has been shown to have the worst bug I've ever seen in an operating system: The macOS High Sierra security hole that lets anyone get full administrative control. Windows, old and new, continues to have multiple security bugs every lousy month. Linux? Sure, it has security problems. How many of these bugs have had serious desktop impacts? Let me see now. None. Yes, that would be zero. Read more

Today in Techrights

Security: NSA, Microsoft Debacles, and FOSS Updates

  • Script Recovers Event Logs Doctored by NSA Hacking Tool
    Security researchers have found a way to reverse the effects of an NSA hacking utility that deletes event logs from compromised machines. Last week, Fox-IT published a Python script that recovers event log entries deleted using the "eventlogedit" utility that's part of DanderSpritz, a supposed NSA cyber-weapon that was leaked online by a hacking group known as the Shadow Brokers. According to Fox-IT, they found a flaw in the DanderSpritz log cleaner when they realized the utility does not actually delete event log entries, but only unreferences them, merging entries together.
  • Pre-Installed Keylogger Discovered on Hundreds of HP Laptop Models
    A keylogger that can help record pretty much every keystroke on the computer has been discovered on HP’s devices, with a security researcher revealing that hundreds of laptop models come with this hidden software pre-installed. Michael Myng says in an analysis of the keylogger that the malicious code is hiding in the Synaptics Touchpad software and he actually discovered it when looking into ways to control the keyboard backlight on his laptop. According to his findings, the keylogger isn’t activated by default, but it can be turned on by any cybercriminals that get access to the system. The list of affected models includes hundreds of laptops like EliteBook, ProBook, Spectre, Zbook, Envy, and Pavilion.
  • Laptop touchpad driver included extra feature: a keylogger [Ed: This is the second time in recent times HP gets caught with keyloggers; This is no accident, it's intentional.]
    Flaws in software often offer a potential path for attackers to install malicious software, but you wouldn't necessarily expect a hardware vendor to include potentially malicious software built right into its device drivers. But that's exactly what a security researcher found while poking around the internals of a driver for a touchpad commonly used on HP notebook computers—a keystroke logger that could be turned on with a simple change to its configuration in the Windows registry.
  • Microsoft Needed 110 Days to Fix Critical Security Bug After First Ignoring It
    Microsoft needed more than 100 days to fix a critical credential leak in Dynamics 365 after the company originally ignored the bug report and only reacted after being warned that details could go public. Software engineer Matthias Gliwka explains in a long blog post that he discovered and reported a security flaw in Microsoft’s Customer Relationship Manager and Enterprise Resource Planning software in August, but the software giant refused to fix it on claims that administrator credentials would be required. Gliwka says he came across a wildcard transport layer security (TLS) certificate that also included the private key, which would in turn expose communications by anyone who could decrypt traffic. The developer says that extracting the certificate grants access to any sandbox environment, with absolutely no warning or message displayed to clients.
  • UK Spy Agency Finds Severe Flaw in Microsoft Antivirus in Kaspersky Bye-Bye Push
  • Security updates for Monday

OSS Leftovers

  • What is a blockchain smart contract?
    Now, in a blockchain, the important thing is that once the state has changed, you then ensure it's recorded on the blockchain so that it's public and nobody can change or challenge it. But there are other uses for blockchain technology, as I explained in "Is blockchain a security topic?" Permissionless systems, often referred to as distributed ledger technologies (DLTs) are a great fit for non-transactional state models, largely because the sort of people who are interested in them are closed groups of organisations that want to have complex sets of conditions met before they move to the next state. These aren't, by the tightest definition, blockchains. Banks and other financial institutions may be the most obvious examples where DLTs are gaining traction, but they are very useful in supply chain sectors, for instance, where you may have conditions around changing market rates, availability, and shipping times or costs, which may all play into the final price of the commodity or service being provided.
  • Running a successful open source project
    Running an open source project is easy. All you have to do is make your source code available and you’re open source, right? Well, maybe. Ultimately, whether or not an open source project is successful depends on your definition of success. Regardless of your definition, creating an open source project can be a lot of work. If you have goals regarding adoption, for example, then you need to be prepared to invest. While open source software is “free as in beer”, it’s not really free: time and energy are valuable resources and these valuable resources need to be invested in the project. So, how do you invest those resources?
  • New package repositories are now enabled by default
    During this year’s coding sprint in Toulouse (which I was able to attend, thanks to being in Europe on a study-abroad program), I spent a lot of time massaging HaikuPorts to generate a consistent-enough state of packages for us to switch to them by default, and then making the in-tree changes necessary for the switch. Thanks to this and mmlr’s comprehensive overhaul of the HaikuPorter Buildmaster over the past couple months, we have finally switched to the new repositories by default as of hrev51620. If you’ve installed a nightly image from after this, you should be able to just pkgman full-sync and upgrade away.
  • Haiku OS Is Very Close To Their Long Awaited Beta, New Repository Working
    The BeOS-inspired Haiku operating system should be issuing its long-awaited beta release by early 2018. For months there has been talk of the long-awaited beta for Haiku OS while it looks like roughly within the next month we should be actually seeing this milestone.
  • DeepVariant: Tool to call out variants in sequencing data goes open source
    Megan Molteni, Wired, decoded, at least, the very nature of the challenge to know more about our human puzzle. "Today, a teaspoon of spit and a hundred bucks is all you need to get a snapshot of your DNA. But getting the full picture—all 3 billion base pairs of your genome—requires a much more laborious process. One that, even with the aid of sophisticated statistics, scientists still struggle over." DeepVariant was developed by researchers from the Google Brain team, focused on AI techniques, and Verily, the Alphabet subsidiary focused on life sciences. It is based on the same neural network for image recognition, but DeepVariant, is now making headlines not for cat IDs but as a way to scan a genetic code for mutations. DeepVariant has gone open source. The GitHub definition of DeepVariant: "an analysis pipeline that uses a deep neural network to call genetic variants from next-generation DNA sequencing data."
  • Open source VPN clients vs VPN provider apps: which is better?
    Power users love open source software for its transparency and flexibility – but what about open source VPN software? Are there any open source VPN clients that can stand up to being compared with the more popular VPN apps from premium providers like ExpressVPN, VyprVPN, IPVanish or NordVPN? The short answer is... not really. But the long answer depends a lot on your level of technical know-how, patience, and where you’re willing to place your trust.
  • Coreboot Conference 2017 Videos Now Available
    For those interested in the open-source Coreboot project that serves as a replacement to proprietary UEFI/BIOS, the videos from their European Coreboot Conference are now available. The European Coreboot Conference 2017 (ECC'17) was held in Bochum, Germany back at the end of October.
  • Election night hackathon supports civic engagement
    On November 7, 2017, members of the Rochester Institute of Technology (RIT) community came together for the annual Election Night Hackathon held in the Simone Center for Student Innovation. This marked the seventh anniversary of a civic tradition for the FOSS @ MAGIC community, in which students and faculty analyze civic problems in the local community, state, or country and propose a project to address them. MAGIC Center faculty and event organizers are on hand to help students choose open source licenses and publish and share their code.
  • What is a blockchain smart contract?
    Now, in a blockchain, the important thing is that once the state has changed, you then ensure it's recorded on the blockchain so that it's public and nobody can change or challenge it. But there are other uses for blockchain technology, as I explained in "Is blockchain a security topic?" Permissionless systems, often referred to as distributed ledger technologies (DLTs) are a great fit for non-transactional state models, largely because the sort of people who are interested in them are closed groups of organisations that want to have complex sets of conditions met before they move to the next state. These aren't, by the tightest definition, blockchains. Banks and other financial institutions may be the most obvious examples where DLTs are gaining traction, but they are very useful in supply chain sectors, for instance, where you may have conditions around changing market rates, availability, and shipping times or costs, which may all play into the final price of the commodity or service being provided.
  • Running a successful open source project
    Running an open source project is easy. All you have to do is make your source code available and you’re open source, right? Well, maybe. Ultimately, whether or not an open source project is successful depends on your definition of success. Regardless of your definition, creating an open source project can be a lot of work. If you have goals regarding adoption, for example, then you need to be prepared to invest. While open source software is “free as in beer”, it’s not really free: time and energy are valuable resources and these valuable resources need to be invested in the project. So, how do you invest those resources?
  • New package repositories are now enabled by default
    During this year’s coding sprint in Toulouse (which I was able to attend, thanks to being in Europe on a study-abroad program), I spent a lot of time massaging HaikuPorts to generate a consistent-enough state of packages for us to switch to them by default, and then making the in-tree changes necessary for the switch. Thanks to this and mmlr’s comprehensive overhaul of the HaikuPorter Buildmaster over the past couple months, we have finally switched to the new repositories by default as of hrev51620. If you’ve installed a nightly image from after this, you should be able to just pkgman full-sync and upgrade away.
  • Haiku OS Is Very Close To Their Long Awaited Beta, New Repository Working
    The BeOS-inspired Haiku operating system should be issuing its long-awaited beta release by early 2018. For months there has been talk of the long-awaited beta for Haiku OS while it looks like roughly within the next month we should be actually seeing this milestone.
  • DeepVariant: Tool to call out variants in sequencing data goes open source
    Megan Molteni, Wired, decoded, at least, the very nature of the challenge to know more about our human puzzle. "Today, a teaspoon of spit and a hundred bucks is all you need to get a snapshot of your DNA. But getting the full picture—all 3 billion base pairs of your genome—requires a much more laborious process. One that, even with the aid of sophisticated statistics, scientists still struggle over." DeepVariant was developed by researchers from the Google Brain team, focused on AI techniques, and Verily, the Alphabet subsidiary focused on life sciences. It is based on the same neural network for image recognition, but DeepVariant, is now making headlines not for cat IDs but as a way to scan a genetic code for mutations. DeepVariant has gone open source. The GitHub definition of DeepVariant: "an analysis pipeline that uses a deep neural network to call genetic variants from next-generation DNA sequencing data."
  • Open source VPN clients vs VPN provider apps: which is better?
    Power users love open source software for its transparency and flexibility – but what about open source VPN software? Are there any open source VPN clients that can stand up to being compared with the more popular VPN apps from premium providers like ExpressVPN, VyprVPN, IPVanish or NordVPN? The short answer is... not really. But the long answer depends a lot on your level of technical know-how, patience, and where you’re willing to place your trust.