Reverse engineering or modifying a device often requires you to access the firmware stored on a microcontroller. Since companies are usually not fond of people who try to peek into their proprietary data, most commercial devices are readout protected. [rumpeltux] ran into this problem when he tried to dump the firmware on an HC-12 wireless serial communication module for yet undisclosed reasons. Hacking into the device was a challenge that he gladly accepted and in the end, he succeeded by building a low-cost setup for voltage glitching.
Voltage glitching is a form of fault injection that has, e.g., been successfully used to hack the Playstation Vita. It involves the injection of voltage spikes on the power line in order to force the bootloader to skip security checks. The hard thing is trying to find the right shape of the waveform and the best way to inject the signal.
While there are already open-source boards for fault injection like ChipWhisperer, [rumpeltux] chose to build his own setup around an FPGA. By using a cheap EPM240 board, some MOSFET, and a USB-to-Serial converter, the total costs of the glitching setup were under 20 Euros. [rumpeltux] then recorded a larger number of voltage traces on the VCC pin around the reset phase and analyzed the differences. This helped him to pinpoint the best time for injecting the signal and refine the search space. After some unsuccessful attempts to glitch the VCC and GND pins, he got lucky when using one of the voltage regulator pins instead.
Be sure not to miss Samy Kamkar’s talk at Supercon 2019 if you want to know more about hardware attacks or how to eavesdrop on people using a bag of potato chips.
How to install or upgrade to macOS Big Sur
Installing or upgrading to macOS Big Sur later this fall will be a quick, painless project by leveraging these simple commands for all your macOS-based devices.
Whether you plan to be an early adopter and migrate to Big Sur on day one or slowly make the transition over time, most enterprises won’t be skipping the upgrade to macOS Big Sur. Businesses should not sit this one out given the new security features, redesigning of the underlying OS, and the benefits it could bring to users and IT.
SEE: macOS Big Sur: A cheat sheet (free PDF) (TechRepublic)
Regardless of the timeline for your transition to macOS 11, one thing is certain: The deployment plan offers several choices that depend on your environment’s infrastructure and—in the age of remote working—where the devices are located and the resources they’re using. These, perhaps more than anything else, will define how the upgrade path will proceed.
One such path leverages the Content Cache service built-in to macOS to download and cache a copy of the installer file, in turn deploying it to all devices that are on the same logical network as the clients themselves. This is great to cut down on bandwidth utilization and speed up mass deployments but relies almost exclusively on devices being in-house, making it a no-go for devices off-site, such as employees working from home or abroad.
Mobile Device Management (MDM), or some form of remote management software, seems like the biggest advantage here for IT departments looking to ensure devices are working as intended and remediating it with policies while also keeping resource utilization to a minimum, regardless of whether devices are on- or off-site.
SEE: How to create a bootable USB installer for macOS Big Sur (TechRepublic)
With either strategy, the process is a relatively simple one, but may still trip up users with little experience managing their Macs. Or perhaps device policies in place prevent users from making system-level changes. Either way, the commands baked into the installer app will ensure that the upgrade or full installation occurs without issue and without requiring end-user interaction.
- macOS client computer(s) supported by macOS Big Sur
- macOS Big Sur installer saved to local storage
- Internet access (optional; but highly recommended)
- MDM or remote management software client
macOS Big Sur: Upgrade installation (in-place)
Whether creating an MDM policy or running the command remotely on the client device(s), the command below will perform the upgrade to macOS Big Sur silently, accepting the EULA and forcefully quitting any open apps but otherwise leaving data intact, including user accounts and home directories:
sudo /Applications/Install macOS Big Sur.app/Contents/Resources/startosinstall --agreetolicense --forcequitapps --nointeraction
macOS Big Sur: Full installation (wipe/reinstall)
Similarly, the command below will work as a policy enforced by MDM or when run remotely and will install macOS Big Sur silently just like the upgrade command above, but with a significant addition: The full installation command will perform a wipe, or erase, the HDD/SSD prior to installing macOS 11 from scratch. This command requires APFS as the file system and will delete all data from the drive, including accounts, home directories, and installed applications then create a new volume named Macintosh HD:
sudo /Applications/Install macOS Big Sur.app/Contents/Resources/startosinstall --eraseinstall --newvolumename "Macintosh HD" --agreetolicense –forcequitapps --nointeraction
If the existing APFS volume has other containers that need to be protected from erasure, appending the following syntax to the command will prevent other containers from being deleted when using the eraseinstall argument:
Lastly, the startosinstall command allows for chaining installations after the OS is updated/reinstalled. This is great for custom app deployments and for client-based packages that re-enroll devices to MDM servers if Apple’s DEP service is not being used to manage MDM hand-off during the setup phase:
The –installpackage argument may be specified multiple times in the command to include multiple applications in the chain. Also important to note is that applications referenced by this argument must be copied locally to the device’s storage for the command to run successfully.
Woz Enterprise, University of Phoenix partner to launch IT apprenticeship program
The program, which has received federal recognition, is available in 11 states with more to follow, the company said.
In an effort to address the widening technology skills gap and put Americans to work, Woz Enterprise–a division of Woz U–and the University of Phoenix have partnered to launch a US Department of Labor Registered Apprenticeship Program. The program trains community college graduates in STEM fields with day-one skills and places them in entry-level apprenticeship jobs, while setting them on a path to earn a bachelor’s degree in an in-demand field, Woz Enterprise said.
The program offers seven tracks with key skills taught:
- End user computing – incident response, operating systems networks, VPN troubleshooting
- Cybersecurity – monitoring/logging network appliances, penetration testing, network defense
- Software testing – testing automation selenium, continuous integration, scripting
- Application infrastructure – cloud hosting, AWS, Azure development, logging, monitoring
- Network administration – network configuration, network monitoring, network diagram scripting
- Application support – incident response logging, monitoring, querying, scripting, troubleshooting
The tech, education and government sectors needed to come together to make this happen, Woz Enterprise said.
“We have all heard about the tech talent gap. Hundreds of companies have been trying to address it, yet here we are in 2020, and the gap remains,” said Chris Coleman, president of Woz Enterprise, in a statement. “Truly offering relief to this talent-starved industry, at scale, requires collaboration from the private, education, and government sectors. This apprenticeship model is the game changer we have all been looking for.”
Through this program, apprentices learn while receiving a salary and gaining valuable work experience, according to Woz Enterprise, which builds and delivers the customized technology curricula that can result in credits toward a University of Phoenix Bachelor of Science in Information Technology (BSIT).
“This unique program comes at a critical time as companies today are looking for solutions to adapt the skills of their workforce to match the velocity of change of their businesses,” said Raghu Krishnaiah, chief operating officer at the University of Phoenix.
He said the partnership provides “an unprecedented education pathway that includes validated learning outcomes for community college graduates.”
The apprenticeship model launched this spring in 11 states in partnership with Infosys, a provider of digital, IT, and consulting services. Selected candidates completed an intensive, eight-week training program in one of the seven technology tracks to gain essential day-one skills to start a career with one of Woz Enterprise’s recruiting business partners.
Then they become full-time junior associates, and the individuals participate in a structured online learning program for 12 months, Woz Enterprise said. During this time, they continue working and earning a salary, which increases as they gain key competencies. Training hours can be applied for college credit at University of Phoenix, potentially shortening the time to obtain the BSIT.
“We believe it is a great value proposition for all involved, allowing us to supply quality training to meet the staffing needs of the technology industry in America while providing income and great, flexible higher education opportunities to individuals,” Coleman said. “We are embracing new perspectives and forming dynamic alliances to inject creativity and ingenuity in the technology sector.”
The company said it will build on this initial alliance with the University of Phoenix and Infosys to expand and broaden the scope of the apprenticeship program.
The COVID-19 pandemic has been a major money maker for video game console manufacturers
Compared to the same time in 2019, console sales are up by 36.54%. After all, what else are we going to do when stuck at home?
Video game consoles sales numbers from the first half of 2020 are up 36.54% over the same period in 2019, providing a window into people’s chosen form of entertainment during the COVID-19 lockdown.
The massive surge in console sales (the region was not specified) ramped up in March as lockdowns were announced, peaked in April, and have since dropped. Monthly sales are still far above where they usually are this time of year, however: In July 2019, 1,908,708 consoles were sold, but July 2020 saw over three million console sales.
SEE: COVID-19 workplace policy (TechRepublic Premium)
The consoles included in the sales data the Xbox One, PlayStation 4, Nintendo 3DS, Nintendo Switch, and sales of each correlated directly with the issuance of coronavirus stay-at-home orders, said Justinas Baltrusaitis of the UK-based Safe Betting Sites, which issued the report.
The massive rise in game console sales is unsurprising, especially when looking at the World Health Organization’s recommendation that more people play video games and other reports from early in the lockdown, like one from TechRepublic sister site CNET that said both anecdotal evidence and analysts saw massive rises in game sales and online gaming.
“Hordes of folks are playing online battle games like “Fortnite: Battle Royale” and “Call of Duty: Warzone.” They’re buying games like Nintendo’s new “Animal Crossing: New Horizons” at record rates. They’re spending more when they download titles on their phones. And they’re also whiling away an aggregated 10 million more hours each day watching other gamers play online through the streaming site Twitch.tv.,” said CNET’s Ian Sherr.
Video game consoles and software sales have made the entertainment side of the tech industry resilient during the pandemic, but early signs of resiliency elsewhere in the industry may be crumbling as we enter into the second half of 2020.
In May, it was reported that many areas of the tech industry were booming due to increases in remote work, a turn to e-commerce, and planning for a new normal in the education world. By late July, consumer technology sales and hiring numbers had both dropped.
As TechRepublic reported, tech job postings in late July were actually doing generally worse than non-tech postings in tech hubs, and were facing the same imbalance in 89% of non-tech centered cities.
SEE: Return to work: What the new normal will look like post-pandemic (free PDF) (TechRepublic)
It’s a good thing, experts told the LA Times, that the video gaming industry is booming during the pandemic. That means more people are staying home, which could reduce the spread of the virus.
Whether or not benefits to gamers expand to job seekers in the video game industry is harder to nail down: Analytics firm IBISWorld said that the gaming industry in the US is likely to remain resilient throughout the pandemic, but trends elsewhere in the tech sector, as reflected in recent reports linked above, indicate uncertainty remains as the pandemic continues.
Gnomes & Goblins to be Wevr’s Biggest Production, 10x Larger Than the Preview
Is It Worth Investing in a Website Builder?
How to Create a Cloud-connect AR Experience in 15 Minutes or Less
Mortal Blitz: Combat Arena’s PlayStation VR Open Beta Begins Next Week
AvidXchange Announces New “Tech Rising” Initiative to Remove Barriers to Technology Education
Swipe Is the Latest Project to Integrate Chainlink’s Price Oracles
Craig Wright Won’t Need to Pay Hodlnaut $60K Until Appeal Is Over, Says Counsel
Bitcoin a Hedge Against Elon Musk Mining Asteroid Gold, Say Winklevoss Twins
Solaris Offworld Combat has Been Delayed to September
Mastercard Announces Global Commercial Partnership With Pollinate
Oculus Social VR App ‘Venues’ to Get Overhaul in Preparation for ‘Facebook Horizon’
Thailand’s Central Bank Eyes DeFi Use Cases for Its Digital Baht
Bitcoin Proceeds of COVID-19 Business Support Scheme Fraud Seized
VR Giants’ Co-op Kickstarter Achieves Funding Success
Huntington Bancshares picks BillGo for faster payments
Banco Ripley goes live on Temenos Transact
OakNorth’s UK bank has approved £600m in loans since March
How a “Chad” minted Curve tokens early and briefly surpassed BTC’s market cap
Diplomatic ties Between Israel and UAE :Donald Trump
As the pandemic persists, New Zealand considers negative interest rates
Stock futures rise slightly after S&P 500 struggles to reach February record high
ABN Amro to slash size of investment bank after losses
Weed memes, explained
The $150 billion video game industry grapples with a murky track record on diversity
Cas & Chary Present: Top 10 ‘Half-Life: Alyx’ Mods So Far
J.B. Hunt’s 1st Delivery With Fully Electric Freightliner eCascadia
Sabesp anuncia resultados do 2T20
CarParts.com Announces Pricing of Public Offering of Common Stock
Four of the Top Five South Korean Banks to Offer Crypto Services
SABESP Announces 2Q20 Results
Alt Lending – week ending 14th August
Brussels Airport Company has selected Ecolog to perform COVID-19 Tests at the Brussels Airport
Coronavirus live updates: Congress leaves without passing relief bill; Fauci concerned with U.S. outbreak
Is Chainlink Poised for a Sell Off After Reaching New ATH?
China may never catch up with its commitments to the U.S. in ‘phase one’ deal, expert says
Danke Partners with Leading Chinese Media to Release 2020 College Graduate Housing Blue Book
$12K Bitcoin Price in Sight as Retail, Institutional Traders Turn ‘Greedy’
$99 Gas Fees on Ethereum Are Crippling DeFi’s Growth
UK’s Federation of Small Businesses Says Next Budget Must be “Most Pro-Business Ever” to Combat Negative Effects of First Recession in 11 Years
Former New York Times reporter Alex Berenson: I’m increasingly convinced that COVID-19 is a creation of the media/technology complex. (NO – I do not mean it’s not real or was bioengineered)
Gaming1 week ago
Server status – Is Fall Guys down?
Esports1 week ago
The best loadouts for the ISO in Call of Duty: Warzone and Modern Warfare
Esports1 week ago
Stuck on loading screen error in Fall Guys explained
AI1 week ago
AI Machine Learning Efforts Encounter A Carbon Footprint Blemish
Automotive1 week ago
What did you do during lockdown? Right, you were playing ‘Grand Theft Auto’
Esports1 week ago
The best Standard Hearthstone decks to try for Scholomance Academy
Mobility1 week ago
Photos: A first look at the Samsung Galaxy Note 20 and Galaxy Note 20 Ultra
Esports1 week ago
The best loadouts for the AN-94 in Call of Duty: Warzone and Modern Warfare