Build Your UTM with Acrosser’s Network Appliance

UTM

ACROSSER Technology, a world-leading network communication designer and manufacturer, has released a video introducing its latest network appliance product line. The x86-based Network Platform enables network security appliance providers to develop its UTM devices in a unified structure.

In the video, Acrosser elaborates the 6 basic functions that an UTM device embodies: anti-virus, anti-spam, fire wall, intrusion detection, VPN and web filtering. These applications provide immediate protection for business owners from external Web attacks, keeping your network safe and clear. Connected with integrated networking software, Acrosser’s network appliance can perform advanced network management functions such as remote visibility control and bandwidth management.

Currently ACROSSER offers micro box and 1U rackmount for system integrators.  To learn more about our networking products, please visit our website for detailed information.

Create a “Wheel of Excuses” With BASIC and the New Raspberry Pi single board computer

Many years ago in the offices here at IEEE Spectrum, we had a “Wheel of Excuses” pinned to the outside wall of a embedded computer cubicle. So I turned to the US $35 Raspberry Pi single board computer, which had the final release of its first generation in July—the Model B+. Among other changes, the Model B+ has two more USB ports than the Model B along with an expanded general-purpose input/output (GPIO) connector, and it relies more heavily on HDMI for video output.

photo of Model B+ RaspberryPi
The Model B+ Raspberry Pi has an upgraded version of the I/O hardware in the Model B. RasPiO breakout board Using a RasPiO breakout board, I connected a button to the 40-pin GPIO header. screenshot of presented excuse Button presses generate excuses, which appear on a monitor attached via an HDMI cable. Old-school BBC Micro users will note my use of text mode 7, which supports Teletext commands for things like displaying double-height characters.

The Pi was first released in 2012 as a “spiritual successor” to the BBC Microcomputer System, which was created by Acorn single board computer in 1981 for Britain’s national Computer Literacy Project. The naming scheme for Pi models echoes that of the BBC Micro series, and like the original BBC Micro, the Pi has rapidly spread beyond the classroom.

The links to the BBC Micro are more than just circumstantial. The Pi is built around an ARM chip (a Broadcom BCM2835), and while ARM currently dominates the world of smartphones and tablets, the architecture was originally developed to provide a high-performance embedded computer coprocessor for BBC Micros, and it later powered the Archimedes line of PCs. The embedded sbc Archimedes came with RISC OS, a graphical user interface–based operating system that has since been ported to the Pi.

I first used Acorn’s dialect of BASIC way back in the day on a BBC Micro. One of the nice things about it was that it let you mix BASIC commands with assembly code for the BBC Micro’s 6502 processor. I was pleased to discover that RISC OS has retained a great deal of compatibility with the systems it grew out of, right back to that original dialect.

RISC OS’s version of embedded sbc BASIC—version VI—is, of course, greatly expanded compared with its 8-bit ancestor: As I said when I first tried it out, “it’s like meeting someone you palled around with in high school, and now they own a business and have two kids.” But it still includes an in-line assembler for combining machine code subroutines—now ARM code, of course—with BASIC. The single board computer integration allows for streamlined passing of variables back and forth between a BASIC program and machine code—for example, a set of BASIC integer variables, A% through H%, are automatically copied into the first eight embedded computer registers of the ARM chip when a subroutine is called.

This integration let me quickly write the spinning wheel animation and display code in BASIC, reaching back across the years to cobble together commands to draw colored segments of a circle and store the text of excuses using “data” and “read” commands. (When I started programming, BASIC embedded computer code would have been too slow for the wheel’s animation, but 30 years of Moore’s Law has solved that problem.) I needed to dip into assembly only in order to read the state of a button connected to the GPIO hardware. The button triggers the animation and has the program select and display an excuse.

I wired the button to the Pi’s GPIO port using a $10 RasPiO Breakout Pro, which provides basic protection against miswiring. (Unlike the more robust Arduino, which can handle enough current to drive a servo, the Pi’s GPIO can be damaged if connected to circuits that expose it to more than a few milliamperes or exceed 3.3 volts.) The Breakout Pro is designed for the GPIO on earlier Pi models, but the B+’s expanded port keeps the same pin configuration for the first 26 pins, so I was able to use the Breakout Pro and simply ignore the B+’s extra pins.

Reading the GPIO hardware was a good chance to get acquainted with the guts of a system using a reduced-instruction-set-computing architecture (so many registers!)—the last time I programmed on the metal was for the 6502. The Pi’s GPIO pins are mapped into the system’s memory as a series of 3-bit segments stored within 32-bit status words, so my machine code subroutine has to do some bit bashing to set a GPIO pin as an input. Then my subroutine reads the relevant GPIO status word and passes it back to BASIC. (For my code, I combined some snippets from Bruce Smith’s book Raspberry Pi Assembly Language RISC OS Beginners and a Raspberry Pi online forum.) My BASIC program then simply uses a loop that calls the subroutine and looks for any changes in the status word, indicating a button press.

With the embedded sbc software written, all that was left to do was build a case (from a few dollars’ worth of basswood) and hook the video output up to an old monitor. And voila! A new era of digitally driven excuses.

This article originally appeared in print as “Back to BASIC.”

refer to:
http://spectrum.ieee.org/geek-life/hands-on/create-a-wheel-of-excuses-with-basic-and-the-new-raspberry-pi

Vulnerable “Smart” Devices Make an Internet of Insecure Things among network appliance

According to recent research, 70 percent of Americans plan to own network appliance in the next five years, at least one smart appliance like an internet-connected refrigerator or thermostat. That’s a skyrocketing adoption rate considering the number of smart appliance owners in the United States today is just four percent.

Yet backdoors and other insecure channels have been found in many such network appliance devices, opening them to possible hacks, botnets, and other cyber mischief. Although the widely touted hack of smart refrigerators earlier this year has since been debunked, there’s still no shortage of vulnerabilities in the emerging, so-called Internet of Things.

Enter, then, one of the world’s top research centers devoted to IT security, boasting 700 students in this growing field, the Horst Gortz Institute for IT Security at Ruhr-University Bochum in Germany. A research group at HGI, led by Christof Paar—professor and networking aplliance chair for embedded security at the Institute—has been discovering and helping manufacturers patch security holes in Internet-of-Things devices like appliances, cars, and the wireless routers they connect with.

Paar, who is also adjunct professor of electrical and computer engineering at the University of Massachusetts at Amherst, says there are good engineering, technological, and even cultural reasons why security of the Internet of Things is a very hard problem.

For starters, it’s hard enough to get people to update their laptops and smartphones with the latest security patches. Imagine, then, a world where everything from your garage door opener, your coffeemaker, your eyeglasses, and even your running shoes have possible network appliance vulnerabilities. And the onus is entirely on you to download and install firmware updates—if there are any.

Furthermore, most Internet-connected “things” are net-savvier iterations of designs that have long pre-Internet legacies—legacies in which digital security had previously never been a major concern. But, Paar says, security is not just another new feature to be added onto an networking aplliance device. Internet security requires designers and engineers embrace a different culture altogether.

“There’s essentially no tolerance for error in security engineering.”
“There’s essentially no tolerance for error in security engineering,” Paar says. “If you write software, and the software is not quite optimum, you might be ten percent slower. You’re ten percent worse, but you still have pretty decent results. If you make one little mistake in security engineering, and the attacker gets in, the whole system collapses immediately. That’s kind of unique to security and crypto-security in general.”

Paar’s research team, which published some of its latest findings in Internet-of-Things security this summer, spends a lot of time on physical and electrical engineering-based attacks on networking aplliance, also called side-channel attacks.

For instance, in 2013 Paar and six colleagues discovered rackmount in an Internet-connected digital lock made by Simons Voss. It involved a predictable, non-random number the lock’s algorithm used when challenging a user for the passcode. And the flaws in the security algorithm were discoverable, they found, via the wireless link between the lock and its remote control.

The way they handled the network box discovery was how they handle all security rackmount exploit discoveries at the Institute, Paar says. They first revealed the weakness to the manufacturers and offered to help patch the error before they publicized the exploit.

“They fixed the network box system, and the new generation of their rackmount is better,” he says. “They had homegrown crypto, which failed. And they had side-channel [security], which failed. So we had two or three vulnerabilities which we could exploit. And we could repair all of them.”

Of the scores of papers and research reports the Embedded Security group publishes, Paar says one of the most often overlooked factors behind hacking is not technological vulnerabilities but economic ones.

“There’s a reason that a lot of this hacking happens in countries that are economically not that well off,” Paar says. “I think most people would way prefer having a good job in Silicon Valley or in a well-paying European company—rather than doing illegal stuff and trying to sell their services.”

But as long as there are hackers, whatever their circumstances and countries of origin, Paar says smart engineering and present-day technology can stop most of them in their network box tracks.

“Our premise is that it’s not that easy to do embedded security right, and that essentially has been confirmed,” he says. “There are very few systems we looked at that we couldn’t break. The shocking thing is the technology is there to get the security right. If you use state of the art technology, you can build systems that are very secure for practical rackmount applications.”

refer to:
http://spectrum.ieee.org/riskfactor/computing/networks/vulnerable-smart-devices-make-an-internet-of-insecure-things

Ian Wright is Turning Fedex and Garbage Trucks Into High Performance EVs

In Silicon Valley, the mark of a successful entrepreneur is not how good his first idea is; it’s how well he pivots when that first idea doesn’t work out.  San Jose Mercury News columnist Michelle Quinn recently wrote, “successful pivots are the stuff of tech industry lore, a critical gamble that resulted in great wealth.”

Which brings us to Ian Wright, founder of Wrightspeed. Wrightspeed, which now makes powertrains for trucks, just got a big order from FedEx; the company is comfortably funded, thriving, and hiring. But it nearly crashed and burned before making a pivot that I didn’t see coming — and neither did Wright.

I met Wright back in 2006. A vehicle pc engineer who had spent some time on the amateur auto racing circuit, Wright had been working on a plan for an optical switching company when neighbor Martin Eberhard told him about his new startup, Tesla Motors. Wright shelved his business plan and signed on as employee number one, eager for a chance to merge his two passions, electronics and cars. He worked on optimizing the Tesla One for energy efficiency, but became fascinated with the potential of the technology for high-performance cars — much higher than Tesla would be able to sell to a mass market. So he quit Tesla and set out to build the highest performance electric vehicle possible, without worrying about whether it would have much of a market.

He started Wrightspeed in 2005 and came up with the X1, a street-legal sports car that goes from 0 to 60 mph in 2.9 seconds. That’s still faster than the fastest Tesla. In 2006, he took me for a in-vehicle computer in his prototype, accelerating to 75 km per hour and pinning me to the passenger seat in the 45 meters or so between his parking space and the closed iron gate at the entrance to the parking lot. Out on the street, we raced from stop sign to stop sign and zoomed around a highway cloverleaf, pulling, Wright told me, about 1.4 G — though it felt like more. He had succeeded in building a high performance vehicle pc.

img
Photo: Wrightspeed
Ian Wright

Venture capitalists, it turned out, were not as uninterested in the size of the market as Wright was, and he couldn’t get the $8 million or so he thought he needed to turn in-vehicle computer into a real business. He made the rounds of VCs throughout 2007 and got rejected again and again. Then one VC, Nancy Kamei at Intel Capital, made a suggestion that got him thinking: Making a complete car takes a huge amount of capital, she told him, and all your innovation is in the powertrain, not the rest of the vehicle pc. Why not just make powertrains?

Powertrains, Wright mused. It’s not likely that car manufacturers could be convinced to use a powertrain from some startup, and car owners rarely replace a powertrain, even if the replacement would save money in fuel and maintenance. But truck owners do. Trucks, he thought, can last 20 or 30 years, and go through several in-vehicle system replacements. He started investigating the truck business, and found out one more encouraging thing — trucks sold to fleets are practically custom designed, with certain engines or other parts designated. If he could get fleet owners interested in his powertrain, he might be able to sell it into trucks coming off the line in addition to marketing it as a replacement item.

And that was the pivot. Wright turned away from his idea of building a sexy super-sportscar to the not-so-glamorous business of trucks. That approach attracted nearly $17 million in investment. Wrightspeed now has 18 employees, mostly engineers, in an office in San Jose and is looking to hire more in-vehicle system. FedEx is the company’s lead customer. It’s building electric powertrains with range-extending generators that can run on diesel, gasoline, CNG, or other fuels, The company designed its own motors, gearboxes, inverters, cooling system, and LCD instrument panels, tying it all together with custom software. The only significant parts provided by outside suppliers are the electric generators and batteries. The systems reportedly sell for less than $100,000; exact numbers aren’t available.

Wrightspeed shipped its first order of two powertrain systems to FedEx late last year, and just got an order for another 25 this month; that might not sound like a lot, but it’s a huge vote of confidence from the owner of a major fleet of vehicles. Wrightspeed is also getting attention from people who operate garbage trucks. Garbage and recycling collection company the Ratto Group approached Wrightspeed about creating a powertrain suited to garbage trucks; Wrightspeed did so and Ratto has ordered 17 systems.

“The average garbage truck in the U.S. spends $55,000 a year on vehicle pc, and up to $30,000 a year on maintenance, mostly brake replacements.” Wrightspeed’s electric motors will cut those fuel costs by more than half, and its regenerative braking technology will cut maintenance costs, also by more than half.

While the Ratto Group contacted the company by email, others are literally showing up on the doorstep. “We’ve had people from Russia knock on our door and say that want to buy stuff,” he says.

It looks like Wrightspeed will be able to make a solid in-vehicle system business out of selling range-extended electric powertrains. But the company has another asset that might turn out to be a much bigger deal — a patent for “vehicle dynamics control in electric drive vehicles” received earlier this year, number 8718897. This vehicle pc technology stemmed from a problem that needed to be solved to make Wright’s initial sports car prototype safe to drive. If you weren’t an experienced race car driver, it was really hard to control — so hard that a friend of Wright’s wrapped it around a tree during a test drive.

In order to keep his other in-vehicle system away from trees, Wright decided that the car would have to automatically control traction, torque, and a wide range of other vehicle dynamics. To make the car “safe to drive if you’re not Michael Schumacher,” he started by giving each wheel its own motor. That’s been done before, and people are looking at using the ability to control motors independently as part of antiskid and anti-lock braking systems. But Wright went a few steps further. He set up each motor to be continuously controlled individually by the vehicle control computer, operating at independent speeds. He added individual gearing systems at each wheel.  And then he developed software that continually adjusts these individual speeds to keep the car hugging the road. He says his continually adjusting approach gives better traction control, anti-lock braking, and yaw stability control than current technology, which kicks in to adjust individual brakes or redirect in-vehicle system to a particular wheel only when it detects a problem.

This patent will likely bring in cash through licenses to a variety of electric vehicle manufacturers. Eventually, he thinks, someone else will use the technology to create the fastest, highest performance, electric car of its generation. And maybe he’ll buy one with his profits from garbage trucks.

refer to:
http://spectrum.ieee.org/view-from-the-valley/transportation/advanced-cars/ian-wright-is-turning-garbage-trucks-and-fedex-vans-into-high-performance-evs