Connect with us

Code

The Cheap Way to Glitch an STM8 Microcontroller

Avatar

Published

on

Reverse engineering or modifying a device often requires you to access the firmware stored on a microcontroller. Since companies are usually not fond of people who try to peek into their proprietary data, most commercial devices are readout protected. [rumpeltux] ran into this problem when he tried to dump the firmware on an HC-12 wireless serial communication module for yet undisclosed reasons. Hacking into the device was a challenge that he gladly accepted and in the end, he succeeded by building a low-cost setup for voltage glitching.

Voltage glitching is a form of fault injection that has, e.g., been successfully used to hack the Playstation Vita. It involves the injection of voltage spikes on the power line in order to force the bootloader to skip security checks. The hard thing is trying to find the right shape of the waveform and the best way to inject the signal.

While there are already open-source boards for fault injection like ChipWhisperer, [rumpeltux] chose to build his own setup around an FPGA. By using a cheap EPM240 board, some MOSFET, and a USB-to-Serial converter, the total costs of the glitching setup were under 20 Euros. [rumpeltux] then recorded a larger number of voltage traces on the VCC pin around the reset phase and analyzed the differences. This helped him to pinpoint the best time for injecting the signal and refine the search space. After some unsuccessful attempts to glitch the VCC and GND pins, he got lucky when using one of the voltage regulator pins instead.

Be sure not to miss Samy Kamkar’s talk at Supercon 2019 if you want to know more about hardware attacks or how to eavesdrop on people using a bag of potato chips.

Source: https://hackaday.com/2020/07/04/the-cheap-way-to-glitch-an-stm8-microcontroller/

Code

How to install or upgrade to macOS Big Sur

Avatar

Published

on

Installing or upgrading to macOS Big Sur later this fall will be a quick, painless project by leveraging these simple commands for all your macOS-based devices.

macos11-bigsur.jpg

Image: Screenshot by Stephen Shankland/CNET

More about Apple

Whether you plan to be an early adopter and migrate to Big Sur on day one or slowly make the transition over time, most enterprises won’t be skipping the upgrade to macOS Big Sur. Businesses should not sit this one out given the new security features, redesigning of the underlying OS, and the benefits it could bring to users and IT.

SEE: macOS Big Sur: A cheat sheet (free PDF) (TechRepublic)

Regardless of the timeline for your transition to macOS 11, one thing is certain: The deployment plan offers several choices that depend on your environment’s infrastructure and—in the age of remote working—where the devices are located and the resources they’re using. These, perhaps more than anything else, will define how the upgrade path will proceed. 

One such path leverages the Content Cache service built-in to macOS to download and cache a copy of the installer file, in turn deploying it to all devices that are on the same logical network as the clients themselves. This is great to cut down on bandwidth utilization and speed up mass deployments but relies almost exclusively on devices being in-house, making it a no-go for devices off-site, such as employees working from home or abroad.

Mobile Device Management (MDM), or some form of remote management software, seems like the biggest advantage here for IT departments looking to ensure devices are working as intended and remediating it with policies while also keeping resource utilization to a minimum,  regardless of whether devices are on- or off-site.

SEE: How to create a bootable USB installer for macOS Big Sur (TechRepublic) 

With either strategy, the process is a relatively simple one, but may still trip up users with little experience managing their Macs. Or perhaps device policies in place prevent users from making system-level changes. Either way, the commands baked into the installer app will ensure that the upgrade or full installation occurs without issue and without requiring end-user interaction.

Requirements:

  • macOS client computer(s) supported by macOS Big Sur
  • macOS Big Sur installer saved to local storage
  • Internet access (optional; but highly recommended)
  • MDM or remote management software client

macOS Big Sur: Upgrade installation (in-place)

Whether creating an MDM policy or running the command remotely on the client device(s), the command below will perform the upgrade to macOS Big Sur silently, accepting the EULA and forcefully quitting any open apps but otherwise leaving data intact, including user accounts and home directories:

sudo /Applications/Install macOS Big Sur.app/Contents/Resources/startosinstall --agreetolicense --forcequitapps --nointeraction

macOS Big Sur: Full installation (wipe/reinstall)

Similarly, the command below will work as a policy enforced by MDM or when run remotely and will install macOS Big Sur silently just like the upgrade command above, but with a significant addition: The full installation command will perform a wipe, or erase, the HDD/SSD prior to installing macOS 11 from scratch. This command requires APFS as the file system and will delete all data from the drive, including accounts, home directories, and installed applications then create a new volume named Macintosh HD:

sudo /Applications/Install macOS Big Sur.app/Contents/Resources/startosinstall --eraseinstall --newvolumename "Macintosh HD" --agreetolicense –forcequitapps --nointeraction

If the existing APFS volume has other containers that need to be protected from erasure, appending the following syntax to the command will prevent other containers from being deleted when using the eraseinstall argument:

--preservecontainer

Lastly, the startosinstall command allows for chaining installations after the OS is updated/reinstalled. This is great for custom app deployments and for client-based packages that re-enroll devices to MDM servers if Apple’s DEP service is not being used to manage MDM hand-off during the setup phase:

--installpackage "/path/to/app1.pkg"

The –installpackage argument may be specified multiple times in the command to include multiple applications in the chain. Also important to note is that applications referenced by this argument must be copied locally to the device’s storage for the command to run successfully.

Also see

Source: https://www.techrepublic.com/article/the-easy-way-to-install-or-upgrade-macos-big-sur/#ftag=RSS56d97e7

Continue Reading

Code

Woz Enterprise, University of Phoenix partner to launch IT apprenticeship program

Avatar

Published

on

The program, which has received federal recognition, is available in 11 states with more to follow, the company said.

Young woman having online training, using laptop and wireless headset

Image: Prostock-Studio, Getty Images/iStockphoto

More about Innovation

In an effort to address the widening technology skills gap and put Americans to work, Woz Enterprise–a division of Woz U–and the University of Phoenix have partnered to launch a US Department of Labor Registered Apprenticeship Program. The program trains community college graduates in STEM fields with day-one skills and places them in entry-level apprenticeship jobs, while setting them on a path to earn a bachelor’s degree in an in-demand field, Woz Enterprise said.

SEE:  The most in demand jobs and skills as a result of COVID-19  (TechRepublic)

The program offers seven tracks with key skills taught:

  • Software development – Java12 or .net core JavaScript, Angular SQL Server, Scrum/agile
  • End user computing – incident response, operating systems networks, VPN troubleshooting
  • Cybersecurity – monitoring/logging network appliances, penetration testing, network defense
  • Software testing – testing automation selenium, continuous integration, scripting
  • Application infrastructure – cloud hosting, AWS, Azure development, logging, monitoring
  • Network administration – network configuration, network monitoring, network diagram scripting
  • Application support – incident response logging, monitoring, querying, scripting, troubleshooting

The tech, education and government sectors needed to come together to make this happen, Woz Enterprise said.

“We have all heard about the tech talent gap. Hundreds of companies have been trying to address it, yet here we are in 2020, and the gap remains,” said Chris Coleman, president of Woz Enterprise, in a statement. “Truly offering relief to this talent-starved industry, at scale, requires collaboration from the private, education, and government sectors. This apprenticeship model is the game changer we have all been looking for.”

Through this program, apprentices learn while receiving a salary and gaining valuable work experience, according to Woz Enterprise, which builds and delivers the customized technology curricula that can result in credits toward a University of Phoenix Bachelor of Science in Information Technology (BSIT). 

“This unique program comes at a critical time as companies today are looking for solutions to adapt the skills of their workforce to match the velocity of change of their businesses,” said Raghu Krishnaiah, chief operating officer at the University of Phoenix.

He said the partnership provides “an unprecedented education pathway that includes validated learning outcomes for community college graduates.”

The apprenticeship model launched this spring in 11 states in partnership with Infosys, a provider of digital, IT, and consulting services. Selected candidates completed an intensive, eight-week training program in one of the seven technology tracks to gain essential day-one skills to start a career with one of Woz Enterprise’s recruiting business partners.

Then they become full-time junior associates, and the individuals participate in a structured online learning program for 12 months, Woz Enterprise said. During this time, they continue working and earning a salary, which increases as they gain key competencies. Training hours can be applied for college credit at University of Phoenix, potentially shortening the time to obtain the BSIT.

“We believe it is a great value proposition for all involved, allowing us to supply quality training to meet the staffing needs of the technology industry in America while providing income and great, flexible higher education opportunities to individuals,” Coleman said. “We are embracing new perspectives and forming dynamic alliances to inject creativity and ingenuity in the technology sector.”

The company said it will build on this initial alliance with the University of Phoenix and Infosys to expand and broaden the scope of the apprenticeship program.

Also see

Source: https://www.techrepublic.com/article/woz-enterprise-university-of-phoenix-partner-to-launch-it-apprenticeship-program/#ftag=RSS56d97e7

Continue Reading

Code

The COVID-19 pandemic has been a major money maker for video game console manufacturers

Avatar

Published

on

Compared to the same time in 2019, console sales are up by 36.54%. After all, what else are we going to do when stuck at home?

Pretty and Excited Black Gamer Girl in Headphones is Playing First-Person Shooter Online Video Game on Her Computer. Room and PC have Colorful Neon Led Lights. Cozy Evening at Home.

Image: iStockphoto/gorodenkoff

Video game consoles sales numbers from the first half of 2020 are up 36.54% over the same period in 2019, providing a window into people’s chosen form of entertainment during the COVID-19 lockdown.

The massive surge in console sales (the region was not specified) ramped up in March as lockdowns were announced, peaked in April, and have since dropped. Monthly sales are still far above where they usually are this time of year, however: In July 2019, 1,908,708 consoles were sold, but July 2020 saw over three million console sales.

What’s Hot at TechRepublic

SEE: COVID-19 workplace policy (TechRepublic Premium)

The consoles included in the sales data the Xbox One, PlayStation 4, Nintendo 3DS, Nintendo Switch, and sales of each correlated directly with the issuance of coronavirus stay-at-home orders, said Justinas Baltrusaitis of the UK-based Safe Betting Sites, which issued the report. 

The massive rise in game console sales is unsurprising, especially when looking at the World Health Organization’s recommendation that more people play video games and other reports from early in the lockdown, like one from TechRepublic sister site CNET that said both anecdotal evidence and analysts saw massive rises in game sales and online gaming.

“Hordes of folks are playing online battle games like “Fortnite: Battle Royale” and “Call of Duty: Warzone.” They’re buying games like Nintendo’s new “Animal Crossing: New Horizons” at record rates. They’re spending more when they download titles on their phones. And they’re also whiling away an aggregated 10 million more hours each day watching other gamers play online through the streaming site Twitch.tv.,” said CNET’s Ian Sherr. 

Video game consoles and software sales have made the entertainment side of the tech industry resilient during the pandemic, but early signs of resiliency elsewhere in the industry may be crumbling as we enter into the second half of 2020. 

In May, it was reported that many areas of the tech industry were booming due to increases in remote work, a turn to e-commerce, and planning for a new normal in the education world. By late July, consumer technology sales and hiring numbers had both dropped. 

As TechRepublic reported, tech job postings in late July were actually doing generally worse than non-tech postings in tech hubs, and were facing the same imbalance in 89% of non-tech centered cities. 

SEE: Return to work: What the new normal will look like post-pandemic (free PDF) (TechRepublic)

It’s a good thing, experts told the LA Times, that the video gaming industry is booming during the pandemic. That means more people are staying home, which could reduce the spread of the virus. 

Whether or not benefits to gamers expand to job seekers in the video game industry is harder to nail down: Analytics firm IBISWorld said that the gaming industry in the US is likely to remain resilient throughout the pandemic, but trends elsewhere in the tech sector, as reflected in recent reports linked above, indicate uncertainty remains as the pandemic continues. 

Also see

Source: https://www.techrepublic.com/article/the-covid-19-pandemic-has-been-a-major-money-maker-for-video-game-console-manufacturers/#ftag=RSS56d97e7

Continue Reading
AR/VR6 hours ago

Gnomes & Goblins to be Wevr’s Biggest Production, 10x Larger Than the Preview

AI7 hours ago

Is It Worth Investing in a Website Builder?

AR/VR7 hours ago

How to Create a Cloud-connect AR Experience in 15 Minutes or Less

AR/VR7 hours ago

Mortal Blitz: Combat Arena’s PlayStation VR Open Beta Begins Next Week

Crowdfunding9 hours ago

AvidXchange Announces New “Tech Rising” Initiative to Remove Barriers to Technology Education

Blockchain9 hours ago

Swipe Is the Latest Project to Integrate Chainlink’s Price Oracles

Blockchain9 hours ago

Craig Wright Won’t Need to Pay Hodlnaut $60K Until Appeal Is Over, Says Counsel

Blockchain10 hours ago

Bitcoin a Hedge Against Elon Musk Mining Asteroid Gold, Say Winklevoss Twins

AR/VR10 hours ago

Solaris Offworld Combat has Been Delayed to September

Crowdfunding10 hours ago

Mastercard Announces Global Commercial Partnership With Pollinate

AR/VR10 hours ago

Oculus Social VR App ‘Venues’ to Get Overhaul in Preparation for ‘Facebook Horizon’

Blockchain10 hours ago

Thailand’s Central Bank Eyes DeFi Use Cases for Its Digital Baht

Blockchain11 hours ago

Bitcoin Proceeds of COVID-19 Business Support Scheme Fraud Seized

AR/VR12 hours ago

VR Giants’ Co-op Kickstarter Achieves Funding Success

Payments14 hours ago

Huntington Bancshares picks BillGo for faster payments

Payments15 hours ago

Banco Ripley goes live on Temenos Transact

Payments15 hours ago

OakNorth’s UK bank has approved £600m in loans since March

Payments15 hours ago

How a “Chad” minted Curve tokens early and briefly surpassed BTC’s market cap

Start Ups15 hours ago

Diplomatic ties Between Israel and UAE :Donald Trump

Publications16 hours ago

As the pandemic persists, New Zealand considers negative interest rates

Publications16 hours ago

Stock futures rise slightly after S&P 500 struggles to reach February record high

Payments16 hours ago

ABN Amro to slash size of investment bank after losses

Cannabis16 hours ago

Weed memes, explained

Publications16 hours ago

The $150 billion video game industry grapples with a murky track record on diversity

AR/VR16 hours ago

Cas & Chary Present: Top 10 ‘Half-Life: Alyx’ Mods So Far

Cleantech17 hours ago

J.B. Hunt’s 1st Delivery With Fully Electric Freightliner eCascadia

Science17 hours ago

Sabesp anuncia resultados do 2T20

Science17 hours ago

CarParts.com Announces Pricing of Public Offering of Common Stock

Blockchain17 hours ago

Four of the Top Five South Korean Banks to Offer Crypto Services

Science17 hours ago

SABESP Announces 2Q20 Results

Payments17 hours ago

Alt Lending – week ending 14th August

Science17 hours ago

Brussels Airport Company has selected Ecolog to perform COVID-19 Tests at the Brussels Airport

Publications17 hours ago

Coronavirus live updates: Congress leaves without passing relief bill; Fauci concerned with U.S. outbreak

Blockchain18 hours ago

Is Chainlink Poised for a Sell Off After Reaching New ATH?

Publications18 hours ago

China may never catch up with its commitments to the U.S. in ‘phase one’ deal, expert says

Science18 hours ago

Danke Partners with Leading Chinese Media to Release 2020 College Graduate Housing Blue Book

Blockchain18 hours ago

$12K Bitcoin Price in Sight as Retail, Institutional Traders Turn ‘Greedy’

Blockchain18 hours ago

$99 Gas Fees on Ethereum Are Crippling DeFi’s Growth

Crowdfunding19 hours ago

UK’s Federation of Small Businesses Says Next Budget Must be “Most Pro-Business Ever” to Combat Negative Effects of First Recession in 11 Years

Start Ups19 hours ago

Former New York Times reporter Alex Berenson: I’m increasingly convinced that COVID-19 is a creation of the media/technology complex. (NO – I do not mean it’s not real or was bioengineered)

Trending