Thursday, June 25, 2015

A Great Tagline

See this article from Tom's Hardware: the founder of Kapersky refers to IoT as the "Internet of Threats."

Wednesday, June 17, 2015

Samsung phone security problem

NowSecure reports here that they have found a way \for an attacker to use the keyboard update mechanism on several Samsung phone models to execute privileged code on the phone.  The vulnerability leverages the software update mechanism for the Swift keyboard software, which is from a third party.  Software updates download files in privileged mode but as a plaintext zip file. The exploit modifies this download zip and its associated manifest to install malicious files on the phone.

Thursday, June 4, 2015

Mac suspend/resume vulnerability

Reverse Engineering Mac OS X described here a bug in Mac suspend/resume code that allows malicious programs to modify BIOS, getting around traditional virus protection checks.  This isn't strictly embedded but given the emphasis on low energy in the embedded/CPS/IoT world, who knows what other devices have similar problems.

Wednesday, June 3, 2015

Hello, Cyber-Physical Sewing Machine

The gearbox on my mechanical sewing machine broke.  It sounded like it was mixing gravel; I didn't investigate further.  I decided to replace it with a cyber-physical model but one that didn't have a lot of features that I wouldn't use.  I think this model will have a strong drivetrain as well as fairly reliable electronics, but only time will tell.
My first sewing machine suffered an electronics failure, and a rather mundane one at that.  As we integrate electronics and computers into all sorts of devices, I hope that system designers keep in mind that consumer electronics devices (cell phones, audio players, etc.) are designed with very short lifespans in mind.  In contrast, many of the cyber-physical devices, such as sewing machines, have much longer lifespans.  All the components should be designed to have consistent lifespans.  This means building printed circuit boards and chips to higher quality standards than those to which the electronics industry has become accustomed.  And, of course, more components of any type means more opportunities for failure.

Monday, June 1, 2015

Software Bug on LightSail reports here on a software bug on LightSail.  It appears that when a log file reaches 32 MB, it crashes the OS.