Thoughts dereferenced from the scratchpad noise.

Latest posts


Hummingboard Pulse - first impression

Published at June 12, 2019 · Tomasz Żyjewski ·  5 min read

In this post, we will take a look at one of the SolidRun product - the HummingBoard Pulse. After power up the board we will try to boot operating system on it....

Categories: firmware

MuxPi - surprisingly powerful validation kit

Published at June 7, 2019 · Artur Raglis ·  6 min read

Wish to start real hardware and firmware testing? This post is what you are looking for! Start your validation journey with MuxPi testing board. Easy setup, rich user interface, full remote control over Device Under Test and much more...

Categories: manufacturing miscellaneous

Meltdown and Spectre on PC Engines apu2

Published at May 29, 2019 · Michał Żygowski ·  9 min read

As a continuation the Meltdown and Spectre blog post, this post present the vulnerability status and mitigation with microcode update on PC Engines apu2. Read the post and get to know the open source tools for vulnerability and mitigation checks, as well as exploiting proof of concepts....

Categories: firmware security

Reproducible builds

Published at May 22, 2019 · Krystian Hebel ·  3 min read

Recently we made sure that every build of PC Engines' firmware is built in a reproducible manner. This short post shows what exactly does it mean and why this should be important to firmware developers....

Categories: firmware

Building and running Bareflank

Published at May 15, 2019 · Krystian Hebel ·  13 min read

In this second post of a series, we will build and start our first hypervisor. It won't do much just yet, but it is good to get known with its build system....

Categories: firmware

The Bit Bang Theory with RTE

Published at May 8, 2019 · Łukasz Wcisło ·  4 min read

RTE used to control tested devices could be used as a programmer. But RTE doesn't have SWD interface, which is crucial. We tried to walk around this using Bit Banging method....

Categories: firmware manufacturing miscellaneous

5 terms every hypervisor developer should know

Published at April 30, 2019 · Krystian Hebel ·  11 min read

This is the first post of a series about developing bare-metal hypervisors. It introduces to Intel's VMX technology, describes interactions between a virtual machine and a hypervisor as well as gives some insight on the control structures required. This post should give some theoretical knowledge base required for the next ones, in which we will implement a basic hypervisor....

Categories: firmware

USB Sniffing With OpenVizsla

Published at April 24, 2019 · Łukasz Wcisło ·  11 min read

OpenVizsla allows to passively monitor the communication between a USB host and USB peripheral. It is a tool for developers working with USB and especially those who are using USB in embedded designs. We have tested its possible use cases and see it is really valuable, and has a lot of potential for further development....

Categories: miscellaneous security

How to mitigate ROCA TPM vulnerability?

Published at April 17, 2019 · Krystian Hebel ·  9 min read

ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. Discovering whether TPM is vulnerable All vulnerable keys have the same structure....

Categories: firmware security

Meltdown and spectre. What are they and what they are not?

Published at March 20, 2019 · Michał Żygowski ·  6 min read

Meltdown and Spectre At the turn of the year 2017 and 2018, the world of security and computing has shaken. It was the time when we first heard about vulnerabilities that affect almost every modern processor (mainly x86 architecture) manufactured during the last 20 years. They have been named as Meltdown and Spectre and belong to one family of flaws caused by speculative execution. In this post, I will describe what they are and how they are threatening the users of modern machines....

Categories: security



Archives

2019 (15)
2018 (16)
2017 (12)
2016 (10)
2015 (8)
2014 (6)
2013 (14)
2012 (24)