Busy at the office or in vacations somewhere around the World Embedded Systems Weekly is another week here to bring you a bunch of great articles. I hope you will enjoy it! As a side note, I have made a poll few days ago and the result brings to my attention that around the half of you would be genuinely interested to see job offers added to the links. If you are in the position to publish a job offer, feel free to email me at embedsys@embedsysweekly.com and I will make some tries in this way.
Hardware
Building Faster Chips
Why better performance is back in vogue.
Adding RF to a non-RF ITEAD Sonoff
The Sonoff is an ESP8266 based smart switch by ITEAD which comes with a custom firmware that communicates with the manufacturer cloud to provide “smart” capabilities like remote switching or scheduling. The cool thing is that it has a line of pins that expose the VCC, GND, RX and TX pins of the ESP8266 and a buttons attached to GPIO0 so very soon it got hacked and there are a number of firmwares already available.
The habitat of hardware bugs
When hardware malfunctions in a single, specific way, software running on it usually fails in several different, seemingly random ways, so it sucks to debug it. Homing in on the cause is easier if you can guess which parts of the system are more likely to be buggy. When hardware fails, nobody wants a programmer treating it as a lawyer or a mathematician (the hardware broke the contract! only working hardware lets us reason about software!) Instead, the key to success is approaching it as a pragmatic entomologist knowing where bugs live.
Verifying against the official ARM specification
Software
Arduino complete language specifications for expert programmers
A 35 seconds walk through the Arduino language specifications and how to use it example
Tutorial: Debugging Custom Hardware with Linux
Tools to Make Your Hardware Engineers Love You
Malloc is an Antipattern
Dynamic allocation will always undermine determinism and performance of a system. Any call to malloc() requires at worst traversing a tree to find memory that fits. Calling free() can be equally expensive. And when resources are tight, dynamic allocation is a tax on your available memory. On top of this, paths where malloc() has returned NULL are not well tested. As a best case, this is where errors, instability and unreliable behavior creeps in. As a worst case, this becomes an exploitable flaw for attackers. But it gets scarier.
ModulaR bootloader: Encrypt Bootloader
Reversing and Exploiting Embedded Devices: The Software Stack
Over the course of the past few months Elvis Collado have been traveling around educating people on exploiting embedded devices. His slides alone aren’t able to provide enough information, so he wanted to write everything out for people to digest online.
Modern Memory Safety: C/C++ Vulnerability Discovery, Exploitation, Hardening
This repo contains the slides for a training course originally developed in 2012. It has been delivered to many students since its creation. It’s sold out at the Black Hat USA conference several years in a row. The content has gone through many iterations based on feedback from those classes. The original training focused mainly on browser vulnerability discovery and exploitation. This latest version still focuses on that but also covers more topics such as custom memory allocators, hardening concepts, and exploitation at a high level.
Misc