Archive 2019






3mdeb roadmap for August 2019

Published at August 19, 2019 · Artur Raglis · Łukasz Wcisło ·  2 min read

Thrilled about what we are doing to change the world right now? Interested in the fancy stuff we make? Check out our plan for August 2019, find out more about our recent projects and stay tuned with the most sophisticated tech-team in the neighborhood....

Categories: miscellaneous


Qubes OS and 3mdeb 'minisummit' 2019

Published at August 7, 2019 · Piotr Król ·  8 min read

In May we had pleasure to meet Marek Marczykowski-Górecki #QubesOS Project Lead in 3mdeb office in Gdańsk. We discussed various #QubesOS, #Xen, #firmware, #coreboot, #security and #TPM related topics. Results of that "minisummit" was presented in following blog post....

Categories: firmware os-dev security








Meltdown and Spectre on PC Engines apu2

Published at May 29, 2019 · Michał Żygowski ·  9 min read

As a continuation the Meltdown and Spectre blog post, this post present the vulnerability status and mitigation with microcode update on PC Engines apu2. Read the post and get to know the open source tools for vulnerability and mitigation checks, as well as exploiting proof of concepts....

Categories: firmware security


Reproducible builds

Published at May 22, 2019 · Krystian Hebel ·  3 min read

Recently we made sure that every build of PC Engines' firmware is built in a reproducible manner. This short post shows what exactly does it mean and why this should be important to firmware developers....

Categories: firmware


Building and running Bareflank

Published at May 15, 2019 · Krystian Hebel ·  13 min read

In this second post of a series, we will build and start our first hypervisor. It won't do much just yet, but it is good to get known with its build system....

Categories: firmware



5 terms every hypervisor developer should know

Published at April 30, 2019 · Krystian Hebel ·  11 min read

This is the first post of a series about developing bare-metal hypervisors. It introduces to Intel's VMX technology, describes interactions between a virtual machine and a hypervisor as well as gives some insight on the control structures required. This post should give some theoretical knowledge base required for the next ones, in which we will implement a basic hypervisor....

Categories: firmware


USB Sniffing With OpenVizsla

Published at April 24, 2019 · Łukasz Wcisło ·  11 min read

OpenVizsla allows to passively monitor the communication between a USB host and USB peripheral. It is a tool for developers working with USB and especially those who are using USB in embedded designs. We have tested its possible use cases and see it is really valuable, and has a lot of potential for further development....

Categories: miscellaneous security


How to mitigate ROCA TPM vulnerability?

Published at April 17, 2019 · Krystian Hebel ·  10 min read

ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. UPDATE 2021-10-20: provided new link for TPM firmware updates (old one was no longer working), added info about patch for openssl-1....

Categories: firmware security


Meltdown and spectre. What are they and what they are not?

Published at March 20, 2019 · Michał Żygowski ·  6 min read

Meltdown and Spectre At the turn of the year 2017 and 2018, the world of security and computing has shaken. It was the time when we first heard about vulnerabilities that affect almost every modern processor (mainly x86 architecture) manufactured during the last 20 years. They have been named as Meltdown and Spectre and belong to one family of flaws caused by speculative execution. In this post, I will describe what they are and how they are threatening the users of modern machines....

Categories: security


Yocto meta-rte is now open for everyone

Published at March 13, 2019 · Marta Szelecka ·  3 min read

Yocto meta-rte is now open for everyone We are happy to announce that our 3mdeb’s Yocto meta-rte is now available on our GitHub. But let’s say briefly what the Yocto Project is and why we decided to work with it. First of all, like everything that we love the most, Yocto Project is open sourced. The project is hosted by the Linux Foundation and gives you templates, methods, and set of interoperable tools for creating OS images for embedded Linux systems....

Categories: os-dev



3mdeb at Embedded World 2019

Published at February 23, 2019 · Marta Szelecka ·  2 min read

3mdeb at Embedded World 2019 We are excited to inform You that 3mdeb will take part in embedded world Exhibition & Conference - Embedded World 2019 next week! In place full of enthusiasts You can meet us personally between 26.02-28.02 in Nuremberg, Germany. Come and talk with us about amazing world of embedded systems. We will tell You not only about our work and innovations, but also share our knowledge, help and present to You our products and demos:...

Categories: miscellaneous


How to enable Core Performance Boost on AMD platforms?

Published at February 14, 2019 · Michał Żygowski ·  13 min read

Pushing hardware to its limits In the epoch of efficient and fast processors, performance becomes one of the most crucial aspects when choosing and working with hardware. We want our computers to execute their tasks with possibly highest speeds. But what really influences the performance of our platforms? It’s the processor’s manufacturer design one may say. In this post, I will show You how firmware may boost Your silicon to higher performance level....

Categories: firmware


Quick start guide to kas - best tool for setting up the Yocto projects

Published at February 7, 2019 · Maciej Pijanowski ·  8 min read

Introduction If you are using the Yocto Project, you certainly have encountered the hassle of managing multiple layers and tracking their revisions. I’ve been using the Yocto Project for nearly 3 years by now and have mostly been using the tool for this purpose. While I’m not a huge fan of it, it is relatively simple to use and gets the job of fetching layers and controlling their revisions done properly....

Categories: os-dev