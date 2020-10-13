GNU/Linux and Arduino on Open or Hacker-Friendly Hardware Jetson Nano Robot | Hackaday [Stevej52] likes to build things you can’t buy, and this Jetson Nano robot falls well within that category. Reading the project details, you might think [Stevej52] drinks too much coffee. But we think he is just excited to have successfully pulled off the Herculean task of integrating over a dozen hardware and software modules. Very briefly, he is running Ubuntu and ROS on the PC and Nano. It is all tied together with Python code, and is using Modbus over IP to solve a problem getting joystick data to the Nano. We like it when existing, standard protocols can be used because it frees the designer to focus more on the application. Modbus has been around for 40 years, has widespread support in many languages and platforms.

Ryzen Embedded module delivers 32GB RAM and quad displays Ibase’s “ET977” is a COM Express Basic Type 6 module that runs Ubuntu or Win 10 on a Ryzen Embedded V1000 or R1000 with up to 32GB DDR4 and up to quad display support plus GbE, PCIe x8, and a USB 3.1 Gen2 interface. In July 2019, Ibase announced an ET976 COM Express Basic Type 6 module with AMD’s Ryzen Embedded V1000. Now it has returned with a more advanced ET977 Basic Type 6 entry that adds support for the Ryzen Embedded R1000. Other recent Ibase products based on Ryzen Embedded include the 3.5-inch IB918 SBC and a fanless, embedded ASB200-918 computer based on it. [...] Although the manual lists only Windows 10, the announcement says the module also supports Ubuntu.

Arduino Blog » This LED coffee table reacts to whatever’s on top The YouTube team “Ty and Gig Builds” recently decided to make their coffee table a little more interesting, adding a chain of 96 addressable LEDs underneath its clear surface. This would have been neat enough by itself, but their project doesn’t just stop there and instead embeds 154 IR emitters and 154 IR receivers, allowing it to react to what’s on top. Beyond that, it’s able to display animations without using the sensors for a mesmerizing effect. The setup, as you might imagine, required a lot of wiring along with custom shift register and multiplexer boards to accommodate its vast I/O needs. These discrete I/O are eventually funneled down to an Arduino Mega for control, creating a one-of-a-kind table that should make for a great conversation piece while holding coffee and other knickknacks.

ESP32 CNC Controller Board Supports Grbl Arduino Firmware Grbl_ESP32 CNC development board is a breakout board for NodeMCU 32S board that also takes three stepper motor drivers, and designed to run Grbl open-source Arduino firmware to control wireless CNC machines. Grbl_ESP32 CNC breakout board specifications: Socket for NodeMCU 32S board with ESP32 WiFi and Bluetooth dual-core SoC 3 sockets for stepper motor drivers such as TI DRV8825 types and others.

Security Leftovers Microsoft Fixes RCE Flaws in Out-of-Band Windows Update The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution. Microsoft has issued out-of-band patches for two “important” severity vulnerabilities, which if exploited could allow for remote code execution. One flaw (CVE-2020-17023) exists in Microsoft’s Visual Studio Code is a free source-code editor made by Microsoft for Windows, Linux and macOS. The other (CVE-2020-17022) is in the Microsoft Windows Codecs Library; the codecs module provides stream and file interfaces for transcoding data in Windows programs.

Security updates for Friday Security updates have been issued by Fedora (dnf, kernel, libdnf, python27, and python34), SUSE (blktrace, crmsh, php7, and php72), and Ubuntu (containerd, docker.io, firefox, htmlunit, and newsbeuter).

Bluetooth flaw in Linux kernel allows nearby hackers to execute code Google engineer Andy Nguyen is reporting via a Twitter thread that a new security vulnerability has been found in Linux operating systems that run a Bluetooth software stack called BlueZ. Nguyen has named the vulnerability BleedingTooth and claims in his Twitter post that the vulnerability allows nearby hackers to conduct zero-click root-level code execution. Linux is an operating system very similar to Unix—it became popular over a decade ago as a research and educational tool due to its open-source licensing and zero cost. In more recent years, it has been used to create dedicated applications—NASA uses it for many of its space applications, for example. It has also become popular for companies making Internet-of-Things (IoT) devices because it allows them to avoid royalty fees.

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

An Uncommon 20 Years of Commonly Enumerating Vulns

This nasty botnet could being rented out as a proxy service | TechRadar Cybercriminals set up and use botnets to carry out DDoS attacks, steal data and send spam but now researchers from Bitdefender have found signs that the Interplanetary Storm botnet could be potentially be used for something else entirely. Interplanetary Storm (IPStorm) was first discovered by researchers from the cybersecurity firm Anomali in June of last year. However, Bitdefender came upon a new campaign using the botnet when it attacked the company's SSH honeypots in May of this year. The malware has continued to evolve since then as its creators have integrated new features in an attempt to try to hid its activities with innocuous traffic. IPStorm's capabilities include being able to backdoor a device running shell commands and generating malicious traffic by scanning the internet and infecting other devices.

NPM nukes NodeJS malware opening Windows, Linux reverse shells NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by NPM yesterday.