security

Posted on by Jean-Luc Aufranc (CNXSoft) - 5 Comments on Wanscam HW0029-4 is a Solar Powered All Weather IP Security Camera with WiFi, 3G/4G Connectivity

Wanscam HW0029-4 is a Solar Powered All Weather IP Security Camera with WiFi, 3G/4G Connectivity

I’ve just watched a video on ARMDevices.net about Enlaps Tikee solar powered device designed to take timelapses over several days and transfer the pictures / video over WiFi, 3G, or 4G. The project has been fully funded on Indiegogo at the beginning of the year, and shipping is scheduled for Q4 2016. It looks like an interesting device for a niche market, but since I’ve noticed some products launched on Kickstarter already exists in one form or another in China, I’ve decided to have a look on Aliexpress, and I found Wanscan HW00269-4 solar powered camera with 3G/4G connectivity, and while it addresses a completely different need, as a 720p IP security camera, I still decided to have a closer look. Wanscam HW0029-4 specifications: SoC – Hisilicon Hi3518E ARM9 processor @ 440 MHz Storage – Built-in 16GB, expandable to 128GB Camera / video recording 1/2 1MP Star light CMOS sensor 8mm […]

Posted on by Jean-Luc Aufranc (CNXSoft) - No Comments on UL Goes Beyond Electrical Safety with UL 2900 IoT Security Standard

UL Goes Beyond Electrical Safety with UL 2900 IoT Security Standard

UL is a company providing testing and safety certifications with electrical, building, fire, mechanical and other codes to ensure products sold to consumers and companies are as safe as possible, and follow their UL standards. For example, you should probably look for the UL logo on any 100~240V electrical appliances, power supplies, etc… to make sure you purchase safe products, and also in order to avoid voiding any insurance you may have in case of fire. The company is now getting into cybersecurity, specifically for IoT security, with UL 2900 standard. The standard is currently divided into three parts: UL 2900-1 – Outline of Investigation for Software Cybersecurity for Network-Connectable Products, Part 1: General Requirements UL 2900-2-1 – Outline of Investigation for Software Cybersecurity for Network-Connectable Products, Part 2-1: Particular Requirements for Network Connectable Components of Healthcare Systems UL2900-2-2 – Outline of Investigation for Software Cybersecurity for Network-Connectable Products, Part […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 3 Comments on Forlinx i.MX6UL Linux Single Board Computer Supports ESAM Embedded Security Control Module

Forlinx i.MX6UL Linux Single Board Computer Supports ESAM Embedded Security Control Module

Forlinx Embedded has introduced i.MX6UL single board computer (SBC) based on NXP i.MX 6Ultralite Cortex A7 processor with 512 MB RAM, 8GB storage, that includes two Ethernet interface, an LCD interface, a CAN bus, as well as ESAM (Embedded System Access Module) support via either a SIM card like slot, or a 8-pin DIP chip compatible with ISO7816 standard, and typically used in the financial, telecommunications, transportation sectors for authentication and secure data transfer. Forlinx I.MX6UL board specifications: System-on-module: SoC – NXP i.MX 6Ultralite ARM Cortex A7 processor @ up to 528 MHz with 2D graphics GPU System Memory – 512 MB LvDDR3 memory Storage – 8GB eMMC flash (but hardware manual says 1GB eMMC flash, but also mentioned MTFC8GACAAAM-1M WT so it must 8GB after all…) 2x 80-pin board to board connectors with signals for 2x CAN bus, 2x USB device, 2x SDIO, 2x 10/100M Ethernet, 24-bit RGB, 4x […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 2 Comments on BusyBotNet is a Fork of Busybox with Security Tools

BusyBotNet is a Fork of Busybox with Security Tools

Busybox provides a lightweight version of common command line utilities normally found on “big” Linux into a single binary, in order to bring them to embedded systems with limited memory and storage. As more and more embedded systems are now connected to the Internet, or as they are called nowadays the Internet of Things nodes, adding security tools, such as cryptographic utilities, could prove useful for administrators of such system, and so BusyBotNet project wsa born out of a fork of Busybox. Some of the tools implemented include: fenc to encrypt stuff with salsa algo tsh. needs work, backdoor shell aes enc rathole backdoor shell, blowfish enc ssyn2 ddos tool sudp udp ddos tool jshon sh wrapper for json hydra prism userspace icmp triggered reverse shell backdoor You can access the source code and instructions on busyboxnet github repo. I’ve quickly tried it in my AMD x86 computer running Ubuntu […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 3 Comments on Upcoming ARM TrustZone Webinars Explaining Embedded Systems / IoT Security to Non-security Experts

Upcoming ARM TrustZone Webinars Explaining Embedded Systems / IoT Security to Non-security Experts

Most people understand that securing the IoT is important, but security is a highly a complex subject, and as seen with the many security breaches, even specialists – who in theory should now better – get their devices or online accounts hacked. So even if you are not a security expert, but are involved in the development of embedded systems, it’s important to get acquainted with online and offline security and understand how all this all work, at least from a high level perspective, without necessarily having to dig into the technical details. ARM is organizing two webinars catering to people who are not security experts, and explaining how they can secure embedded systems using the company’s TrustZone technology. The first webinar entitled “How to build trust and security into your embedded device” will allow participant to gain an understanding of the security that will need to be applied in […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 1 Comment on Raspberry Pi 3 To Get ARM TrustZone Support with Linaro OP-TEE Port

Raspberry Pi 3 To Get ARM TrustZone Support with Linaro OP-TEE Port

If you ever wanted to experiment with ARM Trustzone, and IoT security, you’ll soon be able to do so with the Raspberry Pi 3 board thanks to a port of Linaro OP-TEE (Open Portable Trusted Environment Execution) by Sequitur Labs. Broadcom BCM2737 SoC found in Raspberry Pi 3 board already had TrustZone hardware for isolation and protection for sensitive material such as cryptographic keys, algorithms and data, but the upcoming software release will mean the feature can now be used, and it’s free for trial/evaluation, and  education. Trustzone is also used for DRM (digital rights management), but in the case of Raspberry Pi 3 it will most likely used to teach how to secure the Internet of Things (IoT). The release is scheduled for July 11, with source code and documentation to be available in OP-TEE github account. All you’ll need to get started is a Raspberry Pi 3 board, […]

Posted on by Jean-Luc Aufranc (CNXSoft) - No Comments on Synaptics Natural ID USB Dongle Brings Fingerprint Authentication to Older Laptops and Computers

Synaptics Natural ID USB Dongle Brings Fingerprint Authentication to Older Laptops and Computers

Many new smartphones features a fingerprint scanner, and some computers such as Kangaroo Mobile Desktop also include one, but you’ll soon be able to add a USB dongle to your existing notebook thanks to Synaptics USB dongle reference design featuring the company’s Natural ID secure fingerprint authentication module. The dongle will allow secure authentication with a single touch of a finger, and be compatible with Windows Hello and Microsoft Passport. So I’m not sure the press release claim that it will work “on any notebook PC” is valid if you use Linux or an older Windows operating system that is not Windows 10. The solutions is also FIDO Certified (Fast IDentity Online), so it will be compatible with other certified software, services, and devices. The company is now showcasing the solution at Computex 2016.  USB dongles will sample in Q3 2016, with mass production scheduled for Q4 2016. But if […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 10 Comments on Yubikey NEO is a $50 USB & NFC Key Used to Secure your Computer and Smartphone

Yubikey NEO is a $50 USB & NFC Key Used to Secure your Computer and Smartphone

YubiKey NEO is a dongle that supports both contact (USB) and contactless (NFC, MIFARE) communications to secure your Windows, Mac OS or Linux computers and/or Android/iOS smartphones using two factor authentication. It supports one-time password (OTP), smart card functionality (OpenGPG, PIV…), as well as FIDO Alliance’s Universal 2nd Factor (U2F) protocol. The key can be used in a variety of applications, such as logging into your computer, accessing gmail, github, dropbox, and other accounts, and disk encryption. It also works with password manager such as Lastpass or Dashlane. You’ll need to both enter your password, and connect the Yubikey to your computer to be able to login, and for NFC enabled smartphones, you’d need to tap the key on the device. In case you lose your key, online services usually have recovery mechanism in places, and some support registration of up multiple YubiKeys. The latter can probably be used for […]

UP 7000 x86 SBC