MT3620 Mini Dev Board is a Cheaper Microsoft Azure Sphere Board

MT3620 Mini Dev Board

Announced nearly one year ago, Microsoft Azure Sphere is an ecosystem comprised of Azure MCUs with Microsoft Pluton Security System, Linux based Azure Sphere OS, and a secure cloud service called Azure Sphere Security Service. The first official Azure development board – MT3620 Development Board for Azure Sphere – was launched last year for $84.95. The kit may not have attracted a large number of developers, so there’s now a cheaper version – MT3620 Mini Dev board – going for $34.90 on Seeed Studio. Note that’s a pre-order and shipping is scheduled for May 13, 2019. MT3620 Mini dev board specifications: CPU Module – AI-Link WF-M620-RSA1 module with Mediatek MT3620AN single core Arm Cortex-A7 processor @ 500 MHz with 4MB SRAM, dual core Arm Cortex-M4F real-time core @ 200 MHz with 64KB RAM, Pluton security sub-system, and WiFi. Storage – 2x 8MB dual channel quad SPI (TBC) Connectivity –  Dual band 802.11 a/b/g/n WiFi 1T1R with main and aux PCB antennas, …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

GearBest Database Was Left Unsecured For 2 Weeks

gearbest unsecured database

GearBest is one of the most popular Chinese online stores, and we often feature products sold by the company on the website. However, VPNMentor research team headed by Noam Rotem, a  hat hacker and activist, discovered a serious security breach in Gearbest, where their database was completely unsecured for a period of time. Specifically the research team was able to access the following databases in March 2019: Orders database with products purchased, shipping address and postcode, customer name, email address, phone number Payments and invoices database with order number, payment type, payment information, email address, name, IP address Members database with name, address, date of birth, phone number, (unencrypted) email address, IP address, national ID and passport information, (unencrypted) account password They discovered 1.5+ million records in total. They managed to login successfully to two accounts from the database breach for testing. Payment information included data related Boleta (used in Brazil) and Oxxo (used in Mexico) which would allow potential …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Cypress PSoC 64 Microcontrollers Target Secure IoT Applications

PSoC 64 Secure MCU

If you are like me, you probably don’t remember, but back in 2017 Arm announced the Platform Security Architecture (PSA) that defines a set of requirements to secure low cost Internet of Things devices. There’s now at least on PSA compliant microcontroller, as Cypress Semiconductor introduced their PSoC 64 Secure MCU at Embedded World 2019 last month. The press release claims that PSoC 64 MCU family is one of “the first Arm Cortex-M processors to be certified as Level 1 compliant within the Arm Platform Security Architecture (PSA) certification scheme, PSA Certified, utilizing a secure Trusted Firmware-M (TF-M) implementation integrated into the Arm Mbed OS open-source embedded operating system”. PSoC 64 secure MCU key features and specifications: Arm Cortex-M4F core with 22‑µA/MHz active power consumption Optional Arm Cortex-M0+ core with 15‑µA/MHz power consumption System Memory – 160KB to 1MB SRAM Storage – 512KB to 2MB flash Security HW Cryptography – Symmetric: AES, 3DES; Asymmetric: RSA, ECC; Hashing: SHA-256, SHA-512;True Random …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

FOSSASIA 2019 Schedule – March 14-17

FOSSASIA 2019 Schedule

As its name implies, FOSSASIA is a Free and Open Source Software  event taking place every year in Asia, more specifically in Singapore. I first discovered it last year, and published a virtual FOSSASIA 2018 schedule last year to give an idea about the subjects discussed at the event. It turns out FOSSASIA 2019 is coming really soon, as in tomorrow, so I’m a bit late, but I’ll still had a look at the schedule and made my own for the 4-day event.  Thursday – March 14, 2019 10:05 – 10:25 – For Your Eyes Only: Betrusted & the Case for Trusted I/O by Bunnie Huang, CTO Chibitronics Security vulnerabilities are almost a fact of life. This is why system vendors are increasingly relying on physically separate chips to handle sensitive data. Unfortunately, private keys are not the same as your private matters. Exploits on your local device still have the potential to grant bad actors access to your screen …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

$100 Reolink Argus 2 is a Wire-Free IP Camera with Optional Solar Panel

Reolink Argus 2 Security IP Cam

This morning I had a look at battery-powered IP cameras since they avoid the hassle of wiring power and/or Ethernet around the house. I could remember I covered Immedia Blink IP camera with up to 2-year battery life back in 2014, and the company did very well since it got acquired by Amazon, and Blink IP security camera is now sold on Amazon US for $99.99 and up. It’s probably one of the best, if not the best options, for low-cost battery-powered cameras but the problem is that they only ship to a limited number of countries. Last year, there was a new entrant with Eufy Evercam outdoor IP camera with up to one year of battery life, but again it’s not easy to purchase from overseas, and the price starts at $279.99 for a single camera system. I also covered a solar and battery powered IP camera made by Wanscam a few years ago, and it could do the …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

BOXER-8120AI is a Compact Jetson TX2 Mini PC for Drones, Robots and Surveillance Applications

Jetson TX2 Mini PC

AAEON has just launched BOXER-8120AI compact mini PC based on NVIDIA Jetson TX2 processor module with 8GB RAM, 32GB storage, and four Gigabit Ethernet ports. The fanless mini PC targets smart surveillance/ security/ parking, unmanned stores, drones and robotic controllers, or any applications that can leverage Jetson TX2’s 256 CUDA cores for A.I. workloads. BOXER-8120AI Jetson TX2 Mini PC specifications: Processor Module – NVIDIA Jetson TX2 with HMP Dual Denver 2 + Quad Arm A57, NVIDIA Pascal GPU with 256 CUDA cores, 4K (HEVC) video encoder, 4K 12-bit video decoder System Memory – 8GB LPDDR4 @ 59.7 GB/s Storage – 32GB eMMC 5.1 flash, MicroSD slot Display Interface – HDMI 2.0 type A Networking – 4x 10/100/1000Base-TX Ethernet USB – 2x USB 3.0 ports, 1x micro USB OTG port Serial – 2x COM ports (DB9) Misc – Power Button, Power LED, 2x SMA Holes, Remote Power On/Off Power Supply – 9~24V DC-in power input via lockable DC jack Dimensions – …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Adiantum Enables Faster File Encryption in Devices without AES Crypto Accelerator

Adiantum performance

File Encryption is enabled – even required – by default in most Android devices, as it protects your data would you lose your phone, or have it stolen. Encryption in Android leverages the Advanced Encryption Standard (AES), and most modern 64-bit processors – like the ones based on Armv8 – come with a crypto accelerator that boosts performance several folds compared to a software only solution. But there are also many low end devices, for example based on Arm Cortex-A7, that lack crypto extensions, and enabling AES encryption would make the devices even slower than they already are. So in order to provide file encryption on entry-level hardware without comprising too much on performance, Google has developed Adiantum encryption optimized to run on targets without crypto accelerator. As explained in a Google Security blog post, Adiantum uses the ChaCha stream cipher – as used in HTTPS – in a length-preserving mode since file systems work in 4096 bytes block. The …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

GL-USB150 OpenWrt Microrouter Looks Like a USB Flash Drive

GL-USB150 Microrouter

There are plenty of small low cost routers capable of running OpenWrt, including the TP-Link WR703N or Marstek MPR-N9 model which we covered several year ago. GL.inet also made several tiny routers that ended up being supported by OpenWrt, including their GL-USB150 microrouter that looks like a USB flash drive, but is really an Atheros AR9331 router that can be powered by any USB ports. GL-USB150 microrouter specifications: CPU – Qualcomm QCA9331 (Atheros AR9331) MIPS processor @ 400MHz System Memory – 64MB DDRII Storage – 16MB NOR Flash Connectivity – 2.4GHz 802.11b/g/n WiFi up up 150Mbps transmission rate Power input – 5V/1A via USB port Power consumption – <1W Dimension – 82x24x11mm Weight – 10 grams There’s no Ethernet port, no extra USB port to add 3G/4G connectivity, and the microrouter can either be accessed wirelessly when connected to a power bank, or via Ethernet over USB when connected to a computer. GL-USB150 microrouter is mostly sold as an OpenVPN …

Support CNX Software – Donate via PayPal or become a Patron on Patreon