SiFive Shield is an Open Security Platform for RISC-V Processors

SiFive WorldGuard

Most Arm processors and Armv8-M microcontrollers support Arm TrustZone security with hardware-enforced isolation built into the CPU. But so far, I had not read anything about equivalent solutions for RISC-V processors. It turns out Hex-Five’s MultiZone security is one of the RISC-V hardware-security providing an answer to Arm TrustZone, and besides checking out the presentation slides, you can also watch the video filmed at RISC-V Workshop Taiwan last March. But what brought me to write about RISC-V security is SiFive announcement for their Shield open security platform for RISC-V processors SiFive Shield Overview SiFive Shield is an open, scalable security platform designed for RISC-V processors.  It supports root-of-trust, customizations, and offers per-memory protected memory regions and multi-core privilege modes.  Combined with SiFive WorldGuard, SiFive Shield enables greater isolation. SiFive WorldGuard Isolation SiFive WorldGuard is a fine-grain security model for isolated code execution and data protection. It offers core-driven and process-id […]

FOSDEM 2020 IoT Devroom Call for Proposals

FOSDEM 2020 IoT Devroom

FOSDEM (Free & Open-source Software Developers’ European Meeting) takes place every year in Brussels, Belgium on the first weekend of February.  FOSDEM 2020 is scheduled for February 1-2, and now that developer rooms have already been announced, there are calls for proposals for each topic. Benjamin Henrion (aka Zoobab), a frequent reader and commenter of CNX Software, will be in charge of the IoT devroom and has now initiated a call for proposals for Internet of Things talks. The devroom will take place on Saturday or Sunday between around 10.30 and 18:00. Each talk will last 25 minutes with a 5-minute break between talks. The talks must be about fully open source projects that cover one of the topics below: Machine-to-machine (M2M) communication on small embedded devices Distributed applications in any field of interest for autonomous/self-controlled devices, (e.g. domotics, automotive, etc) Networking: TCP/IP, mesh networking, message queuing, cross-layer solutions Real-life […]

How I Adopted a Ubiquiti Unifi Security Gateway on my Existing Home Network

Ubiquity Security Gateway

Hey Karl here with a quick write up on how I adopted a Ubiquiti Unifi Security Gateway (USG) into my existing home network. I ran into a few issues so I wanted to share and hopefully help someone else. I have had 2 Unifi access points cover my home for several years now and I recently upgraded my internet to 100 Mbps. I was maxing out at about 95 Mbps with downloads on my existing 100 Mbps Linksys router and I knew I was leaving some bandwidth on the table. Spectrum is my internet provider and I have always got more than what I paid for. I placed an order on Amazon and 24 hours later it was delivered. I have a couple of things that made this challenging. First I run my network on a 10.0.0.1/24 subnet with devices that have static IP address and I host my own […]

Tiny USB WiFi Camera Supports Motion and AI Human Detection

USB WiFi Camera

When I first saw U21 HD camera it reminded me of SOOCOO G1 is action camera with a flexible stick, since the camera also comes with a flexible hose which allows you to orient it as you please. But it’s a different bear, as U21 is a surveillance camera powered over USB and featuring WiFi connectivity. I can’t see any motion detection, so it may have some dose of “AI” since it claims to support motion and human detection so you only get relevant alerts. It is currently sold (pre-orders) on Banggood for $33.65 including shipping with order starting to be processed on October 30th. U21 USB WIFI camera key features and specifications: MCU / WiSoC – No information (yet) Storage – MicroSD card slot up to 128GB for up to one month of recording (8GB = 2 days); Cloud storage via third party (paid) Camera – 14mm lens, HD […]

ISPs and Governments Don’t Seem to Like Security and Privacy-enhancing DNS over HTTPS (DoH)

DNS-over-HTTPS DoH

Now a lot of the traffic on the Internet is secure, and for example, if you visit this blog your traffic will be encrypted, so your ISP, government or hackers will not know which exact page you visit on the website. But unless you use a VPN or the Tor Network, they’ll still know/or find out you visited CNX Software as most DNS requests are now unencrypted. Hackers may also use a spoofed DNS to steal your credit card info while you think you input your details into a trusted website. Beside using a VPN service, one solution is to use DNS over HTTPS (DoH) which encrypts the DNS request so that even your ISP or the government (unless there’s a backdoor) may not know which websites you visit. On top of improving privacy, DoH also improves security, as it’s harder to spoof DNS servers and by extension internet websites. […]

USB Armory Mk II USB Linux Computer Targets Security Applications (Crowdfunding)

USB Armory Mk II

Back in 2014, Inverse Path launched USB Armory computer dongle running headless Linux from a MicroSD card and designed for security applications. The company got bought by  F-Secure Foundry in 2017, and the latter has now launched another crowdfunding campaign for an upgraded version USB Armory Mk II keeps a similar USB dongle form factor but replaces the NXP i.MX53 Cortex-A8 processor with a more efficiency NXP i.MX 6ULZ Arm Cortex-A7 processor, the USB type-A port with a modern USB-C port, adds 16GB eMMC flash, Bluetooth 5 LE connectivity, and new security features. USB Armory Mk II specifications: SoC – NXP i.MX6ULZ Arm Cortex-A7 @ 900 MHz System Memory – 512 MB DDR3 RAM Storage – 16 GB eMMC flash + external microSD Connectivity – Bluetooth 5 LE + mesh module (U-blox ANNA-B112) with Arm Cortex-M4 MCU (nRF52832) USB – 2x USB type-C ports: 1x DRP (Dual Role Power) receptacle […]

Signet High-Capacity Thumbdrive Supports 2FA, Password & Secure Data Storage (Crowdfunding)

Signet HC Crowdfunding Started The latest version of the Signet thumbdrive is the Signet HC. The HC has a number of enhanced features and a lower price point, making it an attractive alternative to other high-security flash drives.  The drive is high capacity storage, with secure storage technology, 2 Factor Authentication (2FA) token and encryption.  It also has a password manager and enhanced database features.  The company has started its crowdfunding campaign and there are several device quantity options and peripherals.  Features of the Signet HC The Nth Dimension has announced the Signet HC recently, bringing to the forefront of its latest device, the all-in-one aspects of the drive’s capabilities. The  Signet HC is certainly positioned to be one of the top featured, encrypted password protected, and 2FA storage devices of its size. The data on the drive is encrypted, and password protected and can be accessed through cross-platform […]

PhyWhisperer-USB Python Controlled USB 2.0 Sniffer Enables USB Security Testing (Crowdfunding)

PhyWhisperer-USB is a hardware USB sniffer & triggering platform that allows users to test the security of USB devices using side-channel power analysis and fault injection using a Python 3 interface, beside simply capturing packets. This has become especially important now as some USB devices include Bitcoin Wallets, FIDO2 keys, and encrypted drives with valuable data. PhyWhisperer-USB hardware specifications: FPGA – Xilinx Spartan 7S15 with 12,800 logic cells USB USB 2.0 Low/Full/High Speed mode PC connection – Micro-USB 2.0 HS port Host connection – Micro-USB port Target connection – USB-A female connector Trigger pattern – 1 – 64 bytes with mask Trigger delay – 0 – 1048576‬ cycles of 240 MHz internal clock derived from USB clock USB sniffer FIFO – 8192 bytes (FPGA block RAM, adjustable depending on FPGA utilization) Expansion – Spare digital I/O: 8 data pins, 1 clock pin routed to FPGA (on front panel) Clock output […]

UP 7000 x86 SBC