Interview – NXP Linux BSP and Timesys Vigiles Maintenance Service & Security Updates

I’ve been interviewing Ed White, Manager of NXP’s Professional Support and Engineering Services, and Akshay Bhat, Director of Engineering, Security Solutions at Timesys by email to find out more about NXP Linux BSP development process, and how Timesys can help to keep it updated and secure with its Vigiles service. Q1. CNX Software readers recently discussed NXP Linux BSP update status. One person specifically noted Linux 4.14.98 used in the BSP was well over a year old, and there were various opinions about the topic, including one person suggesting NXP only provides a stable BSP and it was the ultimate responsibility of the customer to merge Linux security patchsets. Could you explain the typical development process for NXP Linux BSP, and why the company chose not to update the patchsets regularly? Answer: The kernel strategy for NXP’s i.MX family BSPs closely follows the annual cadence of kernel.org’s LTS kernel selection. As soon as kernel.org establishes the next official LTS kernel …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Aegis Secure WiFi Smart Deadbolt Works with Android/iOS Phones (Crowdfunding)

We previously wrote about smart lock systems that allow you to open your door with the help of your smartphone. Products covered including Xiaomi Sherlock M1 that only works with specific doors/locks, and K1 smart lock box that stores your keys in a rugged box meaning it works with all door mechanisms, but it does not seem particularly secure to me. BOSMA Aegis Bluetooth & WiFi smart deadbolt looks to potentially a more secure solution as it should work with any door, and complements your main lock which you may want to use when you are not at home for longer periods of time. Aegis smart deadbolt specifications: Connectivity – Built-in Bluetooth; WiFi via a WiFi connector shipped with Aegis Voice Assitant Integration – Google Home and Amazon Alexa Optional BOSMA Sentry smart doorbell with Storage – Up to 128GB via MicroSD card slot; cloud storage Video – 1080p video recording Audio – 2-way audio Sensor – Fingerprint sensor Security …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Nordic Semi nRF52 WiSoCs are Susceptible to Debug Resurrection using APProtect Bypass

Nordic Semi nRF52 are popular wireless Cortex-M4 SoCs with Bluetooth 5.0 and 802.15.4 radios. APProtect (Access Port Protection) is a new security feature of nRF52 MCUs designed to enable readback protection and disable the debug interface. This is supposed to prevent an attacker to obtain a copy of the firmware that would allow him/her to start the reverse engineering process or access some sensitive data such as keys and passwords. It’s all good, except “LimitedResults” managed to bypass APProtect and permanently resurrect the debug interface on nRF52840-DK and a Bluetooth mouse. This requires physical access to the hardware and relies on a fault injection technique. The APProtect background and hacking technique are all explained in detail on LimitedResults blog post, but basically he first had to remove some capacitors and use a low-cost homemade voltage glitching system combines with an oscilloscope to try to locate a particular pattern into the power consumption. The goal was to find when the User …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

UP Xtreme Smart Surveillance Combines Whiskey Lake SBC, Myriad X VPUs, and Video Management & Analytics Software

We’re seeing more and more computer vision products with built-in artificial intelligence accelerated features like face recognition or object detection including AI cameras, facial recognition systems, and AI NVR systems. It’s great as a consumer because of less frequent and more accurate alerts in security camera systems but more worrying as a citizen due to mass surveillance. But the trend is here to stay, and AAEON has just announced the UP Xtreme Smart Surveillance solutions powered by UP Extreme Whiskey Lake SBC with either an Intel Core i5-8365UE or Intel Core i7-8665UE processor, as well as two Intel Movidius Myriad X VPUs using OpenVINO SDK. The system also leverages Milestone video management software (VMS) and SAIMOS video analytics software. Based on the photo above, the hardware looks to be UPX-Edge Embedded Computer which we previously covered in details at launch last December. Instead of hardware, the focus of Up Xtreme Smart Surveillance is to provide a turnkey solution combining AAEON …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Advantech Edge AI Computer and PoE NVR Feature NVIDIA Jetson Xavier NX SoM

Following the launch of NVIDIA Jetson Xavier NX SoM last year, we noted several third-party carrier boards and embedded PCs had been announced, and we expected more to come soon. Advantech has now unveiled two systems based on NVIDIA latest module with respectively  MIC-710AIX edge AI computer and MIC-710IVX NVR system equipped with eight PoE ports. MIC-710AIX edge AI computer Specifications: SoM – NVIDIA Jetson Xavier NX with 6-core NVIDIA Carmel ARM v8.2 64-bit CPU, 6MB L2 + 4MB L3 caches 384-core NVIDIA Volta GPU with 48 Tensor Cores 2x NVDLA deep learning accelerators System Memory – 8GB 128-bit LPDDR4x Storage – 16 GB eMMC 5.1 flash Storage – M.2 2280 Key-M socket for SSD; SD card socket Video Output – HDMI up to 3840×2160 @ 60 Hz Networking – 2x Gigabit Ethernet (RJ45) via Intel i210IT controller USB – 1x USB 3.0 host port, 1x USB 2.0 host port, 1x USB 2.0 internal interface, 1x Micro USB OTG port …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

We live in a Sad World – Purism Anti-Interdiction Services are (Somewhat) Popular

A few years ago, we learned the NSA may intercept networking gear during shipping in order to modify it to provide backdoor access to the hardware, and it’s likely other national security agencies around the world also modify hardware on transit for spying purposes. I’d think most people would not really care, and only high-profile business and governmental targets may take preventive measures, but according to a recent post from Purism, their Anti-interdiction services are fairly popular among their customers. Wait… What? What is “anti-interdiction”. The only definition I know of is: “the action of prohibiting or forbidding something”. But it turns out there’s another definition that applies here: the action of intercepting and preventing the movement of a prohibited commodity or person. Purism laptops are not exactly prohibited, but you get the point, and the anti-interdiction services are meant, not to prevent, but detect interdiction of laptops or other purisms hardware on their way to the customer. The company …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Swissbit Secure Boot for Raspberry Pi Relies on MicroSD Card and optional USB Stick

Swissbit secure boot solution for Raspberry Pi consists of an 8GB or 32GB “PS-45u DP” Micro SD card pre-loaded with their secure firmware, and offering the following key features: Security policies with flexible and configurable authentication Access protection with configurable retry counter Protects Raspberry Pi boot loader Encrypts user and boot code to protect license, know-how, and IP The boot image can be set read-only to prevent unauthorized modification Restricting the access to data on the card by various configurable security policies: PIN or USB or NET policy Use 8GB PU-50n DP USB stick as 2nd authentication for secure boot Works with Raspberry Pi 2 and 3B+ (I suppose Raspberry Pi 4 support should come soon enough) Note that we previously wrote about an open-source Raspberry Pi 4 UEFI+ACPI firmware to make the board SBBR-compliant and support features such as UEFI secure boot, but Swissbit secure boot is completely unrelated and instead is a custom security and access control solution. …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

AI Network Video Recorder Combines Intel Atom X5 E3940 SoC, Two Myriad X VPUs, and Five Ethernet Ports

AAEON seems to launch a new “AI Embedded Box PC” monthly either equipped with an NVIDIA Jetson module or a solution combining an Intel processor and a Myriad X VPU card. Here’s another one with AAEON VPC-3350AI AI edge computer powered by an Intel Atom X5 E3940 Apollo Lake processor, as well as two Myriad X VPUs for AI acceleration, and equipped with five Ethernet ports – four of which supporting PoE – to get video data from IP cameras or other networked video sources that makes it especially suitable as an AI network video recorder. VPC-3350AI specifications: SoC – Intel Atom X5-E3940 quad-core Apollo Lake processor @ 1.6 GHz / 1.8 GHz with 2 MB cache, 12 EU Intel UHD graphics; 9.5W TDP; Option for Celeron N4200/N3350 and X5-E3950) System Memory – Up to 8GB, DDR3L via 204-pin SODIMM socket Storage – 1x SATA port for 2.5″ drives AI Accelerator – 2x Intel Myriad X Vision Processing Unit (up …

Support CNX Software – Donate via PayPal or become a Patron on Patreon