UL IoT Security Rating System Ranks IoT Devices Security from Bronze to Diamond

UL IoT Security Rating

Underwriters Labs (UL) is better known for its electrical safety certification programs, but in 2016, the company introduced three UL 2900 IoT security standards that defined requirements of software cybersecurity for network-connectable products. Four years later, you may not have heard many products adhering to UL 2900, and Laurens van Oijen, IoT security solution leader at UL, recognizes that ” the UL 2900 set the bar too high for most consumer electronics/IoT companies” according to a report on CE Pro. So instead the company has launched the UL IoT Security Rating System last May with 5 levels of “security capabilities” ranking IoT devices and products with either Bronze, Silver, Gold, Platinum, or Diamond. Those certifications are aimed to help both manufacturers and developers to improve the security of their solutions, and help consumers make better purchase decisions by knowing the level of security of IoT products by just looking at a label on the product package. The UL IoT Security …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Project Connected Home over IP (CHIP) Working Group is Backed by Google, Apple, Amazon, and the Zigbee Alliance

Project Connected Home over IP

Amazon, Apple, Google, and Zigbee Alliance have partnered to create Project Connected Home over IP (CHIP) working group aiming to develop a royalty-free, Smart Home standard to increase compatibility among products, and with security at the forefront. The new standard will be separate from Zigbee 3.0 / Pro, and Zigbee Alliance board member companies such IKEA, Legrand, NXP Semiconductors, Resideo, Samsung SmartThings, Schneider Electric, Signify (formerly Philips Lighting), Silicon Labs, Somfy, and Wulian will also join the CHIP working group and contribute to the project. The standard specified by Project Connected Home over IP will rely on existing technology from the networking layer including TCP/UDP transport protocol, IPv6 network and various physical & media standards such as WiFi, Ethernet, Bluetooth LE, Cellular, 802.15.4 and others. Instead, it will define what happens at the application layer level with the following points of focus: End-to-end data security and privacy among in-home and mobile devices, and cloud services. A unified and standardized baseline …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Zsync HTTP-based File Transfer Utility Transfers Large Files Efficiently

Zsync WorkFlow Diagram

Zsync is an opensource file transfer utility built on top of rsync algorithm. This helps to download partial/differential files over the HTTP protocol. The utility allows downloading only new parts of a file from a centralized location,  where the older version of the file is already within your computer. While rsync is for syncing data from one computer to another,  zsync allows file distribution, where the file hosted in a server using any web server can be distributed to many and downloaded seamlessly. How it works The command-line utility will do all the differential calculations in the client, instead of doing it in the server as in rsync. Server metadata will be created only once and stored as part of the control file. And rest of the operations and decision making will be handled by the client-side application. This will reduce the huge processing needed on the server-side, even when thousands of clients are trying to fetch the file. Server …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Tuya helps you easily Design & Manufacture your own Smart Home Solutions

I was recently informed about LSC Smart Connect 3 door sensor selling on Action discounter with over 600 stores across the Netherlands, Belgium, France, Germany, Luxembourg, Austria, and Poland. The door sensor is based on ESP8266, and people have bought a few and flashed their own open source firmware converting the device into a multi-purpose sensor device with ESPNOW protocol that enables direct and low-power control of Espressif devices without the need of a router. The module inside the door sensor is called TYWE3S, which one document on the FCC website refers to as “Tuya WiFi module” and further mentions “TYWE3S is a low-power consumption module with built-in Wi-Fi solution designed by Hangzhou Tuya Technology Corporation” that is based on ESP8266 WiSoC with 1MB flash, 50 kB RAM. One person in the LetsControlIt forum thread linked above explains the stock firmware can be updated over-the-air via a Raspberry Pi 3/3+ board using a project named Tuya-Convert. That looks fun already, …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

UpSwift – Manage IoT & Embedded Linux Devices Easily & Quickly

UpSwift

UpSwift offers a GUI based management interface to their customers to update, manage, control & diagnose IoT and embedded devices. The solution also supports OTA updates to any device which is running the Linux operating system including Raspberry Pi board and other Arm SBC’s. Because of the pull-based, client/server architecture, the client-side binary looks for updates in configurable frequent interval and executes the changes and updates. The communication between the client and the server is established over secured REST API’s. By monitoring the applications logs and other device parameters, UpSwift’s Cloud-Smart engine is capable of behaving intelligently by sending email alerts to the administrator. UpSwift Basic WorkFlow Post-registration and package selection with UpSwift Cloud-based dashboard, customers can start adding their devices into UpSwift dashboard. Depending upon the selected plans (number devices connected, features, etc.. will vary depends on the plan chosen), customers will be able to manage their products remotely. And post device registration, you will be able to download/install …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

How to Sandbox an arm64 GCC on aarch64 Hardware with armv7 Userspace

Arm64 GCC Armv7 Userspace

CNXSoft: Guest post by Blu about setting up arm64 toolchain on 64-bit Arm hardware running a 32-bit Arm (Armv7) rootfs. Life is short and industry progress is never fast enough in areas we care about. That’s an observation most of us are familiar with. One would think that by now most aarch64 desktops would be running arm64 environments, with multi-arch support when needed. Alas, as of late 2019, chromeOS on aarch64 is still shipping an aarch64 kernel and an armhf userspace. And despite the fine job by the good folks at chromebrew, an aarch64 chromeOS machine in dev mode ‒ an otherwise excellent road-warrior ride, is stuck with 32-bit armhf. Is that a problem, some may ask? Yes, it is ‒ aarch64 is the objectively better arm ISA outside of MCUs, from gen-purpose code to all kinds of ISA extensions, SIMD in particular. That shows in contemporary compiler support and in the difference in quality of codegen. Particularly with the …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Github Has Restricted Accounts of Users from US Sanctioned Countries

Countries such as North Korea, Iran, or Syria, as well as specific zones such as Crimea, are US sanctioned countries, meaning you are not supposed to do business with them. If you’ve recently opened a business bank account, you may have had to sign a document confirming you will not do any business with entities in those sanctioned areas at the risk of losing access to your bank account. For physical goods that’s pretty straightforward, but for online services, there’s more of a grey area, as people tend to move around. Nevertheless, there have been reports sanctions are now affecting users in Iran and Crimea, as Github has started to restrict the account of users who are registered in US sanctioned countries. Github is now owned by Microsoft, and large multinationals can’t just fly under the radar, and ignore rules and regulations. It all started from reports from users from Crimea and Iran, who are lost access to their Github …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Launching Embedded Systems Jobs Board and Company Database

Embedded Systems Job Website

CNX Software writes news, reviews and tutorials about embedded systems, open source, or other topics useful to makers and companies, so we thought it might be useful to get a place where embedded systems companies can be listed and publish related jobs. For that reason, we’ve now designed and launched an embedded systems jobs board in order to help companies find employees or freelancers that can help them achieve their goals. Even if companies have no open positions right now, they are invited to add themselves to the list of companies as they may also be contacted by prospective customers if they wish too. Please, only relevant companies, as we reserve the right to delete entry’s for your spouse’s hair salon or bakery ;).  Once a company is registered they can post jobs in one of five categories: Hardware, Software, Support & Documentation, Manufacturing, and Sales & Marketing. Let me know if we should add other categories.  For remote jobs, …

Support CNX Software – Donate via PayPal or become a Patron on Patreon