foss-gbg 2018-11: Mender and hacking

It is time for the November foss-gbg. We will meet on the 14th and listen to Mirza Krak talk about Mender, followed by a hacking workshop by Philip Karlsson, so make sure to bring a laptop!

Robust software updates on Embedded Linux devices is complex, and doing robust software updates over-the-air adds to the complexity. The hardships come of course from the embedded environment which differ in many ways compared to desktop or server Linux installations, where you must handle poor mobile network connectivity, sudden power-loss and never leave a device in a unusable state (brick) when doing the update OTA.

There are a lot of examples that have gotten attention in media, where unstable software update solutions have caused real-life problems which could have been mitigated by a robust software solution that is able to handle the corner cases that exist in the embedded environment.

In this talk Mirza Krak will present Mender, Apache 2.0 licensed end-to-end software update solution. This is a deep-dive session that will cover:

– project ecosystem and community
– technical insights
– security insights

And will of course include a mandatory demo.

Mirza Krak is currently part of the open source project to deploy OTA software updates to embedded Linux devices. He is an embedded Linux solution specialist with seven years of experience in the field with expertise in within Board Support Package development which ranges from hardware bring-up, boot-loaders, Linux kernel and build systems (Yocto/OE-core).

Mirza was an Mender community member for a couple of years which led to an employment in 2018 to continue to work on the Mender project full-time.

Mirza has spoken at various conferences including Embedded Linux Conference and foss-north.

The hacking workshop starts with the MiGiC Guitar to MIDI Converter and focuses on how the free software x64dbg can be used to understand how the copy protection to MiGiC was circumvented.Shortly after the commercial release of MiGiC 1.0, the product was found cracked at one of the more known torrent pages. Since development hours were spent trying to protect the product he became curious in how the attackers broke the protection. In order to investigate this the open source debugger / disassembler x96 dbg was acquired to perform an analysis of both the cracked and uncracked binary.

In the session Philip will show you parts of the analysis as well as presenting three so called ”crackmes” that you will get the opportunity to find weaknesses in using the x64dbg tool. Therefore, its a good idea to bring a PC so you can use the tool yourself.

The venue host for the evening are ictech. They will provide lighter snacks and beverages, as well as the location.

Image result for ictech logo sverige

As usual you can reserve your seat at meetup.

foss-gbg 2018-10: Workshop om

Det är dags för en workshop om Du kan se presentationen som startade det hela här:

Vi träffas den 16/10 och delar lite mat och skapar innehåll för websidan.

OBS! Om du deltar i detta möte så förväntas du bidra i arbetet!

Värd för träffen är Kuro Studio som står för lokal och enklare förtäring.

Reservera din plats på meetup.

Lyssna till Daniel Stenberg

Evolve Technology kör sin pre-standup meetup nästa vecka och Daniel Stenberg – mannen bakom curl – kommer till stan.

Daniel Stenberg, författaren av curl kommer till Göteborg för att berätta lite om hans resa med att få curl att växa från ingenting för att på 20 år finnas i varje uppkopplad apparat på jorden. Välkommen till Scandic Rubinen i Göteborg på en frukostföreläsning den 10e oktober klockan 08:30

Biljetter och detaljer hittar ni på meetupen.