Just got back from the USA where we delivered some HTC D4 Secure phones to customers and showed them how to set them up. We didn’t have to show them how to use them because it’s actually hard to tell you’re using a non-stock Android phone. They all seemed interested and initially happy with the product and now we’re eagerly awaiting their feedback and questions. It’s exciting to see our products leave the development cradle and hit the hands of actual users in the real world!
Continue reading “HTC, Secured by D4 Phone is Released”
Author: Carl Nerup
Carl is a long-time advocate for balancing security and privacy as a non-binary argument. Due to his limited number of IQ points, he also has the ability to take complex technologies and make them easy to understand. He is a strong advocate of the outdoors and will always tell you that he would rather be backpacking!!
SMMU support for NXP QorIQ ARM Processors
Operating systems and hypervisors use a processor’s MMUs to isolate processes and VMs alike. An often overlooked issue is DMA memory security; where a DMA capable device can be programmed to access memory in the system without being subject to MMU restrictions. This typically results in device drivers being used without security, or forcing them to reside in the kernel, hypervisor or a trusted VM.
System MMUs provide the ability to extend the memory protection controls of the OS or hypervisor to these DMA devices. Placed between the memory bus and one or more devices, a system MMU provides the ability to restrict the memory accesses of the device, as well as optionally remap IO memory space entirely.
Continue reading “SMMU support for NXP QorIQ ARM Processors”
Another day, another exploit
Many of the devices we use today, particularly those built using Android and Linux are essentially monolithic systems. They have a huge set of APIs and a massive code base, and while this is great for functionality, it makes them prone to successful attack.
To mitigate the threat of attack, a lot of effort has gone into hardening those APIs. Examples include SE for Android (now a part of Android), and work by companies including Samsung KNOX, Boeing, and many others. They are all essentially taking what exists today, and adding additional functionality (occasionally removing some too) to make it harder to compromise and ultimately reduce the chance of an attack being successful. In essence, they dabble around the edges.
Continue reading “Another day, another exploit”
Introducing the OKL4 Ironvisor – the new secure platform standard
The OKL4 Microkernel and Microvisors have for a long time been trusted to run many high security and high reliability systems. Not to mention being deployed in over a billion mobile phones. OKL4 has become synonymous with secure and trusted systems.
The OKL4 Ironvisor is our latest and most secure Separation Kernel and Hypervisor to date. Based on the OKL4 Microvisor, it has a reduced API and supports highly locked down and constrained partitions.
Continue reading “Introducing the OKL4 Ironvisor – the new secure platform standard”
Car Hacking Shouldn’t Be Easy
The recent WIRED article by Andy Greenberg – HACKERS REMOTELY KILL A JEEP ON THE HIGHWAY—WITH ME IN IT, highlights the disregard for security by some manufactures in the rush to implement features and bring online connected technology to market. This type of hack is both a canary for what is coming, and at the same time, is completely avoidable.
I’ve spent years developing solutions specifically designed to address exactly these kinds of problems, and our fears are finally starting to be realised. The technology to address security in the automotive, and the more general IoT landscape exists today, we and others have already developed it. What’s needed however is a greater focus on security and investment in this security technology by automotive companies.
Continue reading “Car Hacking Shouldn’t Be Easy”