Long Term OLinuXino supply – How it works?

Screenshot from 2019-05-16 14-50-39

We got question from customer of ours: “We are using your A20-OLinuXino in our product and I’ve heard that you are going to stop the production soon, is this true?”

Most of our customers are industrial machine producers and they need long term supply from their vendors. They do certification for their machines which cost a lot and they can’t afford to spend more money every year because the Linux module is not produced or changed. We already wrote several post on our blog that we supply our boards until there is demand for them and that we have long term supply agreement with Allwinner, but some people spread rumors and I have to write it and make it clear again: We will produce OLinuXino boards until there is demand. It’s even included in our GTC.

When back in 2014 I posted that we can supply OLinuXino forever many people were skeptical (well yes it is exaggerated 🙂 ) and wrote back – do not believe Chinese suppliers, they will let you down etc. etc.

Allwinner though is keeping their promise and we can buy all Allwinner SOCs we use without problem. Our volumes allow us to meet their MOQ.

For instance A13 SOC is very old and Allwinner discontinued it several years ago, it’s even not listed on their web as product, but we still keep buying it and producing A13 boards for our customers. We have also many customers which used our boards as template to make their own variants and now we supply them with A13 SOCs so they keep manufacturing them. You will not find A13 for sale anywhere even in China, but we are expecting next lot of 90Kpcs A13 to come from Allwinner in few weeks. Yes we have to order such quantities as Allwinner need 3 month to produce the SOCs from the order to shipment.

Many customers ask can you guarantee 10-15-20 years of supply? I doubt anyone in industry can see so long ahead. Allwinner is young company, founded September 2007, i.e. less 12 years old. Who knows what they will do after 20 years? We see that Western companies with much more history change owners every year and no one knows what the new owner will decide to do, so no one can give you 10-20 years prediction or will simply intentionally or unintentionally mislead you.

For A13 and A20 this agreement works well last 7 years. Both we at Olimex and Allwinner has no reason stop production, which brings money to both of us. We got visit from Allwinner sales manager in March this year and he said that they never though they can sell A13 and A20 for so long time. Most of other SOCs they sell target consumer market where lifetime is 1-2 years top.

Linux and Open Source Hardware works well for them and prolong their sales.

Telegram founder Pavel Durov claims WhatsApp will never be secure

Screenshot from 2019-05-16 12-11-57

Probably everyone already read about the security breach with WhatsApp which allow malware to be installed by simple phone ring which you may even not answer. The attack exploiting again well known buffer overflow approach, which makes me sad. How come people didn’t learn that they should check their buffer boundaries and do such stupid mistakes again and again.

Pavel Durov one of Telegram founder made interesting post claiming that no matter what fixes they do now WhatsApp will never be secure.

TuxCon 2019 is coming on 8-9 June in Plovdiv, reserve these dates in your agenda and we are looking forward to see you there!

tuxcon

This year TuxCon Open Source Hardware and Software conference will be on 8 and 9th of June in Plovdiv.

This year the talks on 8th of June will be record numbers – 16 and will be held in 2 halls, there will be very interesting topics for FPGA, Home Automation, Car tuning, Linux, Robotics.

On June 9th there will be traditional soldering workshop in Olimex’s training building. We will have kits both for starters with just PTH components and for these who want to master SMD technology.

tuxcon-2

TuxCon is free to participate event, made by volunteers with aim to popularize the free and open source software and hardware.

SC1000 Open Source Pocket size Portable Scratch Digital instrument you can build by yourself and impress your friends

[rasteri] released small pocket size digital scratch instrument and the video above explains how to assembly one. A13-SOM256 is used inside with small PIC to sense the rotating plate position and potentiometers.

Looks like a fun project! We are very tempted to build one for ourselves 🙂

How secure are Allwinner SOC we use in our OLinuXino boards?

spyware

From time to time customers ask us:

You are using Chinese SOCs. I’ve heard that Chinese government forces all Chinese vendors to place back-doors in their SOCs which to spy on you. Can you guarantee that your Linux boards have no back doors to spy on us”

I already posted about Linux-Sunxi community, which develops the Allwinner SOC mainline Linux support. What I forgot to mention is that most of the SOC features and tuning they do is done almost without any official help or documentation from Allwinner and based mostly on tips from Allwinner employees and reverse engineering.

I do remember A20 CAN module was not mention at all as existent in Allwinner datasheets at the beginning and Linux-Sunxi developers found it while hacking the chip.

So I will have to disappoint people, who believe in such myths that no, A20 chips are for quite some time now and there is nothing hidden inside, even the Boot ROM which resides in the SOC internal ROM code and is executed first is disassembled and known code.

This for sure do not give any warranty that these SOCs are bug free and that someone latter may not find and exploit some bugs (I already wrote about the level of the SOC software developers in my previous post) and to create back door to install malware or spyware, but this is not done intentional and IMO above the capacity of the software developers working in the SOC vendors.

I still do remember Allwinner released few years ago SDK where they were forgotten to remove the debug flags and if you send message “rootmydevice” to /proc/sunxi_debug/sunxi_debug, you get root privileges, but was this intentional and forced by Chinese government? I doubt so.

We build our Linux Images from Armbian project sources using their repositories and our images has MD5, so if you load our Linux Images and use in our boards we are sure there are no back doors. I know the guys who are behind Armbian project and I can guarantee they do not work for the Chinese government.

Now you can say if you found undocumented CAN inside the SOC, there may be other undocumented modules as well which to spy on us. Yes, this is possible, but even if there are such hidden resources the software we run on the SOC does not take advantage of them and activate them, you can always monitor your USB/LAN etc traffic packets and see what information go outside the chip and so far for the last 6 years A20 is existent no one ever has detected such suspicious traffic.

Why we have so many OLinuXino Linux SBC with Allwinner SOCs

community

Many people ask us why we do OSHW boards with Allwinner SOCs and ignore other vendors. Allwinner do not do the best SOCs on the Chinese makers. Their software support is mostly about Android and are with proven GPL violations records.

The reason is simple – because the Linux-Sunxi community is the biggest and most friendly and if there is problem you have place where to ask for help or advice.

Most of the Allwinner SOC Linux mainlining work is not done by Allwinner software engineers but Linux-Sunxi community.

We want our boards to run Linux, and when we say Linux we mean mainline, not Linux 2.6 (what was the Freescale official iMX2XX, where all decent kernel work is also done by the community) neither Linux 3.X with patched Android kernels and binary blobs which usually all Chinese vendors provide.

This is why we are not interested to do something on these new SOCs which pop every 6 month and basically has nothing to offer differently as software support. We wait and release our boards when there is proper Linux support which we test or do not consider to waste our time on them.

Linux-Sunxi community was created naturally around 7 years ago after Luke Kenneth Casson Leighton rised a lot of noise for the new and cheap Allwinner A10 processor and later Tom Cubie (ex-employee of Allwinner) start to deliver some A10 based TV boxes to interested developers and revealed some inside “secrets” to the people who were gathered around the “ARM netbook project” which LKCL never delivered, but this is another story. At some point the developers just separated and formed what we know now as Linux-Sunxi. Since then Linux-Sunxi community is growing and is very active compared to all other SOCs communities and many talented Linux developers are contributing on daily basis. The Linux-Sunxi Allwinner SOCs mainlining efforts are here.

Unfortunately SOC vendors never have been good at writing software. This is expected as they are hardware vendors after all and their focus is the silicon. My guess is that they do want to offer good support, but they just have no idea how to do it. They can’t attract quality developers and lot of their developers leave after working year or two, leaving messy code to the next who comes.

Their management usually do not fully understand how important open source software support is for the longevity success of their silicon.

A20 for instance is SOC which is selling well for more than 6 years, Allwinner has no other processor which sells so well, why is this? Because there is mainline Linux support and because our OSHW reference designs which thousands of people use to make their own hardware.

So Open Source Software and Hardware create business for them, but I guess this is something they didn’t analyzed well. No one uses A20 with Android now (as the official A20 Android version is obsolete 4.2.2 and there are no updates since the chip release), but Linux help them to sell for years.

Linux-Sunxi developers do code mostly for hobby and fun in their free time. The result is that there are no deadlines to deliver code and when the code is delivered it’s good one. So good that Allwinner re-use it their own repositories instead the code of their own engineers.

A recent single line patch which triples the A20 SATA write speed just proves that the code done by the community is better than this one released by the SOC vendors.

With A10/A20 SATA the Allwinner developers delivered very poor code, which crippled the performance of their SATA controller and everyone believed that it’s so lame because this is poorly done at hardware level. It appears single value change in SATA DMA register triples the speed of the SATA write. Allwinner is supposed to know best their processors then why they do such lame initialization mistakes? My guess is lack of documentation and coordination between the different teams inside the company. They do not document well their silicone and other departments don’t know what what is doing.

Rockchip which 7 years ago was about the same level as Allwinner for software support has been pushed by Google as they use some of their chips in Chromebooks. So Rockchip is forced by Google to submit Linux upstream drivers support and patches, which is great., but what they produce is far from the best quality. For instance Recent GitHub repository I check contains Windows app to generate public and private keys used to encrypt their secure boot Linux images 🙂 I have just to guess which genius decide this approach, but it speaks well about what kind of decisions are taken in these companies.

EDIT: Jon is right Rockchip did it good, the windows apps to generate keys and encrypt images were in Allwinner SDK 🙂

 

Participate in our Weekend Brainstorm Discussion and you have chance to win Pioneer-FreedomBox-HSK!

Internet-of-Things-IoT-e1521969062826

This week we started the sales of Pioneer-FreedomBox-Home-Server-Kits, and got lot of exposure in the social networks. Immediately people start to send us ideas of how to improve and make the product even better.

This is the beauty of the Open Source – everything is open, everyone can check and review the sources and advice what and how can be done better.

Even regular users who has no great knowledge of Software and Hardware contribute with ideas and tips what they miss as features.

We are already thinking for design special hardware which to have four SATA interfaces and allow 2 or 4 HDDs to work in RAID, thus improving the data storage capacity and reliability.

Another direction we think is how to release lower cost version with only SD card, no battery UPS backup and slower Ethernet interface which to get closer to Mr. Moglen (FreedomBox Foundation founder) dream for $29 plug server.

Many people asked why FreedomBox software does not included private e-mail server, but only client. The major problem to implement it is how to keep such service clean, as spammers may compromise your ISP by infecting computers to send emails and your ISP IP addresses to be blacklisted, so you can loose your ability to send e-mails for reasons behind your control. We would love to hear your ideas about this.

We got interesting tip to add possibility two or more Pioneer-FreedomBox-HSK to work in-sync and backup/mirror the data, being physically separated by long distance. The idea is to keep your information safe even if one of the server is stolen, broken or bombed 🙂 This would be easy to do with rsync.

Our challenge for you this weekend is to provoke discussion about what would be useful new feature, which you want to see in Pioneer-FreedomBox-HSK software or  hardware improvement.

You can discuss here on our blog, in Twitter, Facebook or Mastodon.

One Pioneer-FreedomBox-HSK will be given away in Monday to random participant.

Have a nice weekend!

UPDATE-2019-04-30: sorry Monday was part Easter Holidays so we couldn’t update the recap for the Weekend Discussion, but here is summary of your feedback:

About the Software:

  1. Number of people requested PiHole to be included. What is PiHole? It’s DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. It’s Network level ad and spyware blocker.
  2. Many requested  NextCloud to be add in FreedomBox. It duplicated some of the existing software in FreedomBox.
  3. Some requested home Git server to be included, but if you want to work on Open Source project hiding your code in private Home Git may be not best approach.
  4. LibreSSL as alternative to OpenSSL.
  5. Diaspora pod may be good but I have no idea how much resources it needs.
  6. WireGuard as alternative to OpenVPN.
  7. IPFS we admit we never hear before for it but it look cool.
  8. Snips  this looks like nice open source alternative to Alexa and Google assistant.
  9. Btrfs
  10. FreshRSS
  11. Matrix/Riot
  12. HomeAssistant not sure how this relates to FreedomBox targets for distributed Internet and Privacy, but well related to Home server.
  13. Bitwarden
  14. Federation i.e. two FreedomBoxes to may replicate/backup each others data without having access to each others data.
  15. Containerized services (not sure how fast will work virtualization on our current processor and memory).
  16. encrypted email server

About the Hardware:

  1. RAID.
  2. Kill switch to wipe encryption key.
  3. Low cost model just SD-card and Ethernet.
  4. Dual Ethernet.
  5. Option for more RAM.
  6. WiFi/Ble this may be a conflict with Debian as they do not allow binary blobs firmware.
  7. mSATA / M.2
  8. miniPCIe.
  9. USB 3.0.
  10. Microphone, Speaker.
  11. UFS cards support.
  12. solar panel power supply support.

Wow a lot to consider 🙂 Thanks for your incredible feedback!

Random.org selected @Benjaminlj@mastodon.social as our winner!

Previous Older Entries