Participate in our Weekend Brainstorm Discussion and you have chance to win Pioneer-FreedomBox-HSK!

This week we started the sales of Pioneer-FreedomBox-Home-Server-Kits, and got lot of exposure in the social networks. Immediately people start to send us ideas of how to improve and make the product even better.

This is the beauty of the Open Source – everything is open, everyone can check and review the sources and advice what and how can be done better.

Even regular users who has no great knowledge of Software and Hardware contribute with ideas and tips what they miss as features.

We are already thinking for design special hardware which to have four SATA interfaces and allow 2 or 4 HDDs to work in RAID, thus improving the data storage capacity and reliability.

Another direction we think is how to release lower cost version with only SD card, no battery UPS backup and slower Ethernet interface which to get closer to Mr. Moglen (FreedomBox Foundation founder) dream for $29 plug server.

Many people asked why FreedomBox software does not included private e-mail server, but only client. The major problem to implement it is how to keep such service clean, as spammers may compromise your ISP by infecting computers to send emails and your ISP IP addresses to be blacklisted, so you can loose your ability to send e-mails for reasons behind your control. We would love to hear your ideas about this.

We got interesting tip to add possibility two or more Pioneer-FreedomBox-HSK to work in-sync and backup/mirror the data, being physically separated by long distance. The idea is to keep your information safe even if one of the server is stolen, broken or bombed 🙂 This would be easy to do with rsync.

Our challenge for you this weekend is to provoke discussion about what would be useful new feature, which you want to see in Pioneer-FreedomBox-HSK software or  hardware improvement.

You can discuss here on our blog, in Twitter, Facebook or Mastodon.

One Pioneer-FreedomBox-HSK will be given away in Monday to random participant.

Have a nice weekend!

UPDATE-2019-04-30: sorry Monday was part Easter Holidays so we couldn’t update the recap for the Weekend Discussion, but here is summary of your feedback:

About the Software:

1. Number of people requested PiHole to be included. What is PiHole? It’s DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. It’s Network level ad and spyware blocker.
2. Many requested  NextCloud to be add in FreedomBox. It duplicated some of the existing software in FreedomBox.
3. Some requested home Git server to be included, but if you want to work on Open Source project hiding your code in private Home Git may be not best approach.
4. LibreSSL as alternative to OpenSSL.
5. Diaspora pod may be good but I have no idea how much resources it needs.
6. WireGuard as alternative to OpenVPN.
7. IPFS we admit we never hear before for it but it look cool.
8. Snips  this looks like nice open source alternative to Alexa and Google assistant.
9. Btrfs
10. FreshRSS
11. Matrix/Riot
12. HomeAssistant not sure how this relates to FreedomBox targets for distributed Internet and Privacy, but well related to Home server.
13. Bitwarden
14. Federation i.e. two FreedomBoxes to may replicate/backup each others data without having access to each others data.
15. Containerized services (not sure how fast will work virtualization on our current processor and memory).
16. encrypted email server

About the Hardware:

1. RAID.
2. Kill switch to wipe encryption key.
3. Low cost model just SD-card and Ethernet.
4. Dual Ethernet.
5. Option for more RAM.
6. WiFi/Ble this may be a conflict with Debian as they do not allow binary blobs firmware.
7. mSATA / M.2
8. miniPCIe.
9. USB 3.0.
10. Microphone, Speaker.
11. UFS cards support.
12. solar panel power supply support.

Wow a lot to consider 🙂 Thanks for your incredible feedback!

Random.org selected @Benjaminlj@mastodon.social as our winner!

BurgasConf is this Saturday 30th of June (of course in Burgas) looking forward to see you there

BurgasConf is part of IT Tour – traveling IT events organized with the help of the local Burgas hacker space BurgasLab.

This Saturday it will start at 10.00 in Flora Expo Center.

Usually IT tour is focused more on Software than on Hardware, but this time we will try to change it a bit with Hardware related talk about the Flash memories.

These who come to the talk will learn about who invented the Flash memories, who are the major players and what are the trends. How the different Flash memories work, what we should know about how they wear and what precautions to take to minimize this, also are there security risks involved with their use.

We will not go in deep technical details, but enough to people learn what Flash memory is best for their application.

So looking forward to see you there!

How to root any Allwinner device running Android and most of the Chinese “Pi” clones which bet on Allwinner Android Linux Kernel

I got this interesting Tweet this morning from Ken Tindell @kentindell

I decided to check what is this about and expand the message … then LMAO!

David Manouchehri ‏@DaveManouchehri found interesting code in the Allwinner GitHub https://github.com/allwinner-zh/linux-3.4-sunxi

What does this means? If string “rootmydevice” pass through sunxi_debug process it assigns you root privileges.

My first though was who the hell will use the original extracted from Android Linux Kernel 3.4 made by Allwinner which contains binary blobs, when there is completely Free Open Source alternative developed by Linux-Sunxi community?

…and while thinking on it, scrolling down I found this:

some guy decided to try it on his Orange Pi – you see the result, he got root access to the device by simple echo command!

Damn! and this is put with non-conditional flags i.e. embedded always in the kernel you can’t remove it!

If the guys from Allwinner were smart enough they would at least hide this in the binary blobs, so no one could see it!

This is just yet another example what you are exposed to when use kernels which are with binary blobs inside, not speaking of the security quality of the code which Allwinner developers produce!

Fortunately we use Linux-Sunxi community kernel which is 100% open source and no binary blobs!

(well if you want hardware acceleration GPU drivers are still with binary blobs and no one knows what is inside, but this looks like heap of works and no one is interested to liberate them so far).

here is what OLinuXino Kernel responds on the same command:

What does this means? All devices which run Allwinner Linux Kernel 3.4 are subject to this backdoor security flaw and you can easily gain root access on any on them!

Interesting findings about iOS security or how Apple intentionally compromised it

Jonathan Zdziarski wrote interesting article about undocumented services running on iOS7 which allow security attacks.
This is purest example that when you use device with closed source software you are in vendor’s hands.
They can do with your data whatever they want behind your back.

 

Make Door Security Logger with A13-OLinuXino-WIFI + OpenCV

This is cool little project done in minutes with A13-OLinuXino running OpenCV. We were thinking what to make with OpenCV and with the use of GPIOs on A13-OLinuXino and decided to put small switch on our laboratory door connected to A13-OLinuXino GPIO:

then to wire A13-OLinuXino with Web Cam on the old ping-pong table in the front ot the door, so we can sense every time door is opened and closed:

OK, now we are ready and have just to write the python code to log the pictures with the Web-cam every time somebody enters the lab:

from cv2 import *
import sys
import time
import datetime
import A13_GPIO as gpio

def main():
    #init gpio module
gpio.init()
 gpio.setcfg(gpio.PIN36, gpio.INP)

    while True:
        #select /dev/video0 as source
cam = VideoCapture(0)
#wait for low level (door open)
        
        while True:
            g = gpio.input(gpio.PIN36)
            if(gpio == 0):
                break
            time.sleep(2)
 
            #take 15 pictures, and use only the last one
 for i in range(15): 
                s, img = cam.read()
 
            #get the current system time 
            now = datetime.datetime.now()
            k = str(now)
            if s:
                imwrite(k + ".jpg", img)
                print(k + " -> New image saved...")
            
            #wait for high level (door closed)
            while True:
                g = gpio.input(gpio.PIN36)
                if(gpio == 1):
                    break
 
             #wait some time (debounce)
             time.sleep(1)

if __name__ == '__main__':
   main()

You can download the project code and OpenCV installation instructions on GitHub: https://github.com/OLIMEX/OLINUXINO/tree/master/SOFTWARE/A13/A13%2BOpenCV%2BDoor-Security