Posted on by Jean-Luc Aufranc (CNXSoft) - No Comments on GPU-less NXP i.MX 8XLite Cortex-A35/M4 SoC is aimed at IIoT & V2X applications

GPU-less NXP i.MX 8XLite Cortex-A35/M4 SoC is aimed at IIoT & V2X applications

NXP i.MX 8XLite

NXP i.MX 8XLite SoC is a cost-optimized version of NXP i.MX 8X automotive processor with up to two Cortex-A35 cores, one Cortex-M4F real-time core, and in a GPU-less configuration since it lacks the Vivante GPU found in i.MX 8X family. The headless processor also comes with dedicated Hardware Security Modules (HSM) to enable telematics solutions, vehicle-to-everything (V2X) applications including vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) solutions, road infrastructure connectivity, as well as IIoT applications such as industrial equipment and building automation. NXP i.MX 8XLite key features and specifications: Processor complex 1x or 2x Arm Cortex-A35 cores @ up to 1.2 GHz with 256KB L2 cache with ECC 1x Arm Cortex-M4F core for real-time processing Memory I/F – 16-bit DDR3L-1866 and LPDDR4-2400 with ECC protection Storage I/F 1x FlexSPI for fast boot from SPI NOR flash 2x SD 3.0 card interfaces 1x eMMC5.1/SD3.0 NAND (62-bit ECC support) Networking – 1x Gigabit Ethernet […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 7 Comments on BrakTooth vulnerabilities impact closed-source Bluetooth stacks used in chips from Espressif, Intel, Qualcomm…

BrakTooth vulnerabilities impact closed-source Bluetooth stacks used in chips from Espressif, Intel, Qualcomm…

BrakTooth

BrakTooth is a family of new security vulnerabilities in commercial, closed-source Bluetooth Classic stacks that range from denial of service (DoS) via firmware crashes and deadlocks to arbitrary code execution (ACE) in certain IoT devices. A team from Singapore has discovered 16 new security vulnerabilities after evaluating 13 Bluetooth devices from 11 vendors, but after browsing through the list of certified Bluetooth devices with impacted processors, they estimate it could impact 1400 devices. We can see the list of BrakTooth-impacted SoCs include some familiar names like Intel AX200 (found in many laptops and computers through M.2 cards), Espressif Systems ESP32, Texas Instruments CC2564C, Qualcomm CSR8811/CSR8510, Bluetrum AB32VG1 board (based on AB5301A SoC) which I’ve just reviewed, and more… The good news is that most vendors have either already submitted a patch or working on it. Espressif, Infineon (previously Cypress), and Bluetrum already have released patchsets for their firmware. It’s really […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 1 Comment on OpenSSL 3.0 released with pending FIPS 140-2 validation

OpenSSL 3.0 released with pending FIPS 140-2 validation

OpenSSL 3.0

OpenSSL 3.0 has just been released after three years of development, and over 7,500 commits and contributions from over 350 different authors with a new FIPS module that awaits FIPS 140-2 validation by the end of the year, improved documentation, and a change to an Apache License 2.0. OpenSSL’s reputation took a serious hit in 2014 with the Hearbleed bug that allowed attackers to steal the information protected by the SSL/TLS encryption used for most secure Internet communication. The bug was introduced in 2012, and it took almost two years to be fixed. Yet, despite the fix, many projects switched to other SSL libraries like LibreSSL, WolfSSL, or mbedTLS. But it’s good the project is still very much active, and OpenSSL 3.0 succeeds OpenSSL 1.1.1 released in September 2018. Who knows what OpenSSL 2.0… One of the main changes is support for the Provider concept, and OpenSSL 3.0 comes with […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 28 Comments on OpenWrt 21.02 released with WPA3, HTTPS, TLS enabled by default

OpenWrt 21.02 released with WPA3, HTTPS, TLS enabled by default

OpenWrt 21.02

OpenWrt 21.02 has just been released with higher security with WPA3, HTTPS & TLS enabled by default, as well as initial support for the Distributed Switch Architecture (DSA), the Linux standard for configurable Ethernet switches. OpenWrt is the most popular open-source Linux distribution for routers and entry-level Linux-capable embedded systems, and the latest release includes over 5800 commits since the release of OpenWrt 19.07 in January 2020. WPA3 was already supported in OpenWrt 19.07, but not enabled by default,  OpenWrt 20.02 changes that, together with TLS thanks to trusted CA certificates from Mozilla. That means LuCi interface, wget, opkg package manager can all support HTTPS out-of-the-box. Note that HTTPS redirection can be disabled for LuCI in the configuration files. Another security change is that SELinux is now supported by OpenWrt, but not enabled by default. OpenWrt 21.02’s DSA implementation replaces the current swconfig system, but not all targets have been […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 7 Comments on Realtek AP-Router SDK vulnerabilities could impact millions of routers and IoT devices

Realtek AP-Router SDK vulnerabilities could impact millions of routers and IoT devices

Realtek SDK vulnerabilities

The IoT Inspector Research Lab has discovered four high and critical vulnerabilities in the Realtek AP-Router “Jungle” SDK used for RTL819x SoCs that could impact millions of WiFi routers and dongles. An attacker can use a network attack, e.g. without physical access to the device, to generate a buffer or stack overflow helping him access the system and execute his own code. Realtek has released an advisory (PDF) with patchsets for all four vulnerabilities so you should upgrade the firmware if you can. Summary of the four vulnerabilities: CVE-2021-35392 – Realtek Jungle SDK version v2.x up to v3.4.14B provides a ‘WiFi Simple Config’ server called wscd or mini_upnpd that implements both UPnP and SSDP protocols. The server is vulnerable to a heap buffer overflow that is present due to unsafe crafting of SSDP NOTIFY messages from received M-SEARCH messages ST header. CVE-2021-35393 – Also impacts ‘WiFi Simple Config’ server (wscd […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 9 Comments on $23 N6110E NVR supports AI features, 10TB SATA drive, up to 10 video channels

$23 N6110E NVR supports AI features, 10TB SATA drive, up to 10 video channels

N6110E SigmaStar SSR621Q network video recorder

Network video recorders (NRV) typically cost a couple of hundred dollars, but in the past, we noted a low-cost, entry-level NVR with a single Ethernet port may sell for under $50. But now, I’ve been made aware that $20 Linux-based NVR’s had shown up on Aliexpress either based on XM8536D processor, or SigmaStar SSR621Q dual-core Cortex-A7 processor.  I’ll look at the N6110E model with the latter that sells for $22.99 plus shipping as it includes an enclosure and is said to support up to 10 channels, as well as AI features such as face & human body detection, “auto tracking” (vehicle tracking?), and mixed-traffic detection. N6110E NVR specifications: SoC – SigmaStar SSR621Q processor/DSP with two Cortex-A7 cores, 256MB DDR3 RAM according to linux-chenxing Video decoding – H.265 , H.264 up to 1x 8MP @ 30 fps, 1x 5MP @ 30 fps, 2x 4MP @ 30fps, 4x 3MP @ 20 fps, […]

Posted on by Jean-Luc Aufranc (CNXSoft) - No Comments on Foscam SPC WiFi Spotlight Camera Review – Part1: Unboxing and Teardown

Foscam SPC WiFi Spotlight Camera Review – Part1: Unboxing and Teardown

WiFi Spolight camera

I’ve been reviewing a few IP cameras with built-in AI features with Vacom Cam, Reolink RLC-810A, and Annke CZ400 AI security camera which had by far the most advanced features going beyond human detection with luggage monitoring, line crossing-detection, and many more. Today, I’ve received another model with basic human detection. But Foscam SPC security camera also happens to come with a motion-activated spotlight, and it is the first camera I’ve ever received with support for dual-band WiFi meaning 2.4GHz or 5 GHz WiFi can be used as needed. In the first part of the review, I’ll go through the specs, do an unboxing, and go through teardown photos to check the internals. Foscam SPC key features and specifications Some of the highlights listed in the user manual and package: Camera 4MP camera up to 2560×1440 resolution @ 25 fps, 156° view of view (diagonal) HDR support 2x white LED […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 16 Comments on TPM 2.0 modules quadruple in price, run out of stock following Windows 11 announcement

TPM 2.0 modules quadruple in price, run out of stock following Windows 11 announcement

TPM 2.0 module price

Microsoft announced Windows 11 with new system requirements that include having hardware with a TPM 2.0 chip. Yesterday, we noted that could be an issue, as not all computers, laptops, and tablets may come with a Trusted Platform Module (TPM), especially if version 2.0 is required. Microsoft explains it’s for a good reason, name improved security, but the requirement has already had an impact on the market, even though Windows 11 is not officially available just yet, as TPM 2.0 modules have quadrupled in price according to a Tweet from Shen Ye, senior director, global head of hardware products for HTC. Note that while the bottom scale shows dates, it only shows dates when the price changes and the price was indeed $24.90 before Microsoft’s announcement, and gradually went up to $99.90 within 12 hours. At the time of writing, that module is out of stock on Amazon. Shen further […]