security News - Page 3 of 46 - CNX Software

March 1, 2025March 5, 2025 by Jean-Luc Aufranc (CNXSoft) - 6 Comments

Tropic Square TROPIC01 is an auditable, open architecture, tamper-proof RISC-V secure element (SE) for IoT and microcontrollers

Tropic Square TROPIC01 is an auditable, open architecture, tamper-proof RISC-V based secure element (SE) designed to interface with microcontrollers in products such as hardware wallets, authentication solutions, biometric wallets, medical devices, and other IoT solutions. There are plenty of secure elements on the market, but their design is usually closed-source, so the design can’t be easily verified by third parties and flaws may remain hidden even when discovered. With its open designs, potentially flaws in the TROPIC01 can easily be found, disclosed, and fixed by the community, and such verifiable design improved trust in the security of the solution. TOPIC01 secure element specifications: CPU core – RISC-V IBEX Controller Core with secure firmware updates and customizable FW upon request Memory OTP to store x.509 certificate and keys Flash to store general purpose and PIN verification data Memory address scrambling On-the-fly encryption Error correction code protection Communication Interface SPI application control […]

February 21, 2025April 20, 2025 by Debashis Das - No Comments

Renesas RA4L1 ultra-low-power MCU family offers 168 µA/MHz operation, dual-bank flash, capacitive touch

Renesas has recently introduced the RA4L1 ultra-low-power Arm Cortex-M33 MCU family along with two evaluation/development boards. This new lineup consists of 14 ultra-low-power devices based on an 80 MHz Arm Cortex-M33 processor with TrustZone support and designed for metering, IoT sensing, smart locks, digital cameras, and human-machine interface (HMI) applications. The RA4L1 MCU family offers high power efficiency at 168 µA/MHz while active and a standby current of 1.70 µA while retaining SRAM. Additionally, they support segment LCD, capacitive touch, USB-FS, CAN FD, low-power UART, multiple serial interfaces (SPI, QSPI, I2C, I3C, SSI), ADC, DAC, real-time clock, and security features like the RSIP security engine with TRNG, AES, ECC, and Hash. Renesas RA4L1 microcontroller Renesas RA4L1 specifications MCU core Arm Cortex-M33 core (Armv8-M) Up to 80 MHz operating frequency Arm Memory Protection Unit (MPU) 8 secure regions (MPU_S) 8 non-secure regions (MPU_NS) CoreSight ETM-M33 Dual SysTick timers (secure & non-secure) […]

February 11, 2025 by Jean-Luc Aufranc (CNXSoft) - 1 Comment

Mekotronics R58-PTZ video surveillance/live streaming embedded computer features a PTZ camera, two HDMI input ports

Mekotronics R58-PTZ embedded computer with pan and tilt camera

I swear it’s not an AI-generated picture of a device, but the Mekotronics R58-PTZ is real and just another unusual Rockchip RK3588 hardware platform from the company that’s an embedded computer with a 3-inch display on the front panel and a PTZ (Pan-Tilt-Zoom) camera placed on top. Mekotronics describes it as a live-streaming box designed for video surveillance, so I assume its main use case is to leverage to built-in 6 TOPS NPU for live streaming with some real-time effect and/or surveillance applications detecting persons, masks, etc… especially it also offers two HDMI inputs for extra cameras. Mekotronics R58-PTZ specifications: SoC – Rockchip RK3588 octa-core processor with CPU – 4x CortexA76 cores @ up to 2.4 GHz, 4x CortexA55 core @ 1.8 GHz GPU – Arm Mali-G610 MP4 GPU with support for OpenGL ES 1.1/2.0/3.2, OpenCL 2.2, Vulkan 1.2 Video decoder – 8Kp60 H.265, VP9, AVS2, 8Kp30 H.264 AVC/MVC, 4Kp60 […]

February 8, 2025February 8, 2025 by Jean-Luc Aufranc (CNXSoft) - 2 Comments

OpenWrt 24.10 released with Linux 6.6, TLS 1.3 by default, and 1970 supported devices

OpenWrt 24.10 open-source lightweight Linux operating system for routers has just been released. It’s been upgraded to Linux 6.6 from Linux 5.15 in OpenWrt 2023.05, supports TLS 1.3 by default, improves support for WiFi 6 (802.11ax), and adds initial support for WiFi 7 (802.11be). After over one year of work since the release of OpenWrt 23.05, OpenWrt 24.10 adds over 5400 commits, and the total number of supported devices is now close to 2,000 at 1,970. It’s also the first stable release supporting OpenWrt One, the router directly designed by OpenWrt developers in collaboration with Banana Pi. OpenWrt 24.10 highlights: TLS 1.3 support in default images with MbedTLS 3.6 Activate POSIX Access Control Lists and file system security attributes for all file systems on devices with big flash sizes. Needed by docker. Note this is not enabled for all targets with the small_flash feature flag, including ath79/tiny, bcm47xx/legacy, lantiq/ase, lantiq/xrx200_legacy, […]

February 7, 2025February 7, 2025 by Jean-Luc Aufranc (CNXSoft) - 2 Comments

Nuvoton introduces the first security chip based on OpenTitan open-source silicon Root of Trust

OpenTitan demo board Nuvoton open source security chip

Google has announced the start of the fabrication of a Nuvoton security chip featuring OpenTitan open-source silicon Root of Trust (RoT), the first such production-ready chip. It will soon be available in lowRISC’s Voyager 1 demo board, and later this year in Chromebooks and data centers. We first wrote about OpenTitan open-source Root of Trust (RoT) chips in 2020 as a collaboration between Google, Seagate, Nuvoton, Western Digital, lowRISC, as well as some other companies, projects, and universities that aimed at “building a transparent, high-quality reference design and integration guidelines for silicon root of trust (RoT) chips”. OpenTitan itself reached commercial availability last year, after the first engineering samples were released in 2023, and Google now says the Nuvoton chip (yet to have a proper name) is the first production-ready OpenTitan chip. Hardware Root of Trust (RoT) are small secure microcontrollers that are the equivalent of Certificate Authorities (CAs) to […]

February 7, 2025February 7, 2025 by Jean-Luc Aufranc (CNXSoft) - No Comments

FOSSASIA 2025 – Operating systems, open hardware, and firmware sessions

The FOSSASIA Summit is the closest we have to FOSDEM in Asia. It’s a free and open-source event taking place each year in Asia, and FOSSASIA 2025 will take place in Bangkok, Thailand on March 13-15 this year. It won’t have quite as many speakers and sessions as in FOSDEM 2025 (968 speakers, 930 events), but the 3-day event will still have over 170 speakers and more than 200 sessions. Most of the sessions are for high-level software with topics like AI and data science, databases, cloud, and web3, but I also noticed a few sessions related to “Hardware and firmware” and “Operating System” which are closer to what we cover here at CNX Software. So I’ll make a virtual schedule based on those two tracks to check out any potentially interesting talks. None of those sessions take place on March 13, so we’ll only have a schedule for March […]

January 30, 2025March 29, 2025 by Debashis Das - 3 Comments

The Deauther Watch V4S IR is a Wi-Fi hacker watch that can run up to 21 scripts via IR remote for wireless and HID attacks

We previously wrote about the Deauther Watch X used for wireless pentesting. The company has now released the Deauther Watch V4S IR an Wi-Fi hacker watch with a built-in infrared (IR) remote control for executing several scripts stored on a microSD card. It supports deauther attacks, Bad USB (HID) attacks, WiFi packet monitoring, and real-time clock adjustments. The new version features a 1,000mAh battery that can be charged via USB and it comes with includes a Type-C power cable, acrylic cover, and software manual. You can modify the Ducky Script inside the text files but must keep the filenames unchanged for proper operation. These features make this tool useful for cybersecurity professionals and enthusiasts for network security testing, penetration testing, and more. Deauther Watch V4S IR specifications: MCU – ESP8266 WiFi SoC @ up to 160 MHz with 160KB SRAM, 4MB SPI flash Storage – MicroSD card (preloaded with 21 […]

January 27, 2025January 27, 2025 by Debashis Das - 6 Comments

NXP EdgeLock A30 Secure Authenticator chip enables battery authentication for compliance with EU regulation 2023/1542

NXP recently launched the EdgeLock A30 Secure Authenticator chip, a Common Criteria EAL 6+ certified secure authentication designed for IoT devices, including battery authentication applications. It complies with the EU’s Batteries Regulation 2023/1542, which mandates the inclusion of a Digital Product Passport (DPP), by 2027 to ensure traceability, sustainability, and safety in battery manufacturing and recycling. Alasdair Ross, Senior Director, NFC IoT Security, NXP explains: Secure authentication helps to ensure brand protection, consumer safety, and product traceability, fostering trust and shielding devices from physical damage. Smaller than a grain of rice, the EdgeLock A30 is designed to fit into even the smallest of devices. It supports multiple authentication use cases, making it easier for developers to support a variety of devices and accessories with a single solution, including device to device, cloud to device, counterfeit protection, and storage or protection of device identity. To address these requirements NXP’s EdgeLock A30 […]