This week Siemens revealed a new vulnerability in its S7-1500 CPU product family: Missing Immutable Root of Trust . What does it mean in simple words? The device can’t ensure the integrity of the code executed. One would say, let’s patch the vulnerability. Herein lies the big problem with this vulnerability. The origin is burned on a chip. Conclusion: No fix planned. And one advice: be careful with whom can access the product. Really?!
Happy reading!
Articles
A Comparison of SPARK with MISRA C and Frama-C
There is for sure a bias in this paper hosted on the Adacore website. Nevertheless, I find the comparison fair.
With the recent changes in the way Adacore licenses its libraries, and improvements in dependency management,
I feel that Ada can get its chance in the popularity charts.
Taking over a Dead IoT Company
It’s a fun reading, and there is more to it than the title share. The author analyzes why the defunct
NYC Train Sign
failed. From his point of view, mainly because
the BOM (Bill Of Materials) was too high and the retail price too low. He shares: “One trick I use is that
multiplying the BOM cost by 4 will often get you the retail price.” Do you agree with his approach as a back
of the enveloppe estimation?
What’re you telling me, Ghidra?
Many articles on reverse engineering something are using Ghidra. It could be intimidating to start right away
in an advanced subject. With this article, you can get yourselves familiar with the tool.
Welcome to Comprehensive Rust 🦀
Rust usage is spreading everywhere: In the Linux kernel, recently in the
Chrome web browser
,
and notably in Android. As a bonus, The team behind the course is maintaining
discussions on Github
where you can ask questions.
Whoops: Linux’s strcmp() For The m68k Has Always Been Broken
That’s a story that makes obvious how benefic the recent changes toward safety are. This subtle bug has been
found because the flag “-funsigned-char” is now enabled by default. Way to go Linux kernel team!
If you use a custom linker script, _start is not (necessarily) the entry point
Great article to complement your knowledge if you are starting your journey into custom linker scripts.
Tools / Libraries
WLED Project
A fast and feature-rich implementation of an ESP8266/ESP32 webserver to control many kinds of LEDs
Jobs
Blue Origin, Avionics Software Senior Manager – Advanced Development Programs, Seattle, WA $177k-$259k / year
We are a diverse team of collaborators, doers, and problem-solvers who are relentlessly committed to a culture
of safety. This position will directly impact the history of space exploration and will require your commitment
and detailed attention towards safe and repeatable space flight. Join us in lowering the cost of access to space
and enabling Blue Origin’s vision of millions of people living and working in space to benefit Earth.
Misc
Nixie Tube Audio Meter
It is such a beautiful project. I could not add it to the newsletter. As a bonus, the author shares his workflow
to generate animated 3D previews of the case with the PCB in.
Apollo Guidance Computer Restoration
The whole Youtube playlist is magnificent. If you love electronics, be careful. If you launch one of these videos,
you’re going to lose hours of your day.