Now there’s a secure boot add-on for Raspberry Pi. Oh, yay? | Ars Technica

Now there’s a secure boot add-on for Raspberry Pi. Oh, yay? | Ars Technica: "Raspberry Pi, the low-cost ARM-based system on a board, has gotten lots of attention from hardware hackers and people experimenting with embedded systems. Aside from various intelligence agencies building computing clusters out of them, Raspberry Pi boards have become an increasingly popular part of prototyping network-integrated industrial systems—that Internet of Things that people keep talking about. And now, it's getting attention from the software digital rights management (DRM) industry. At the Hannover Messe industrial technology fair in Germany today, the software licensing protection technology firm Wibu Systems introduced a "starter kit" for Raspberry Pi based on its CodeMeter technology that provides embedded systems developers a secure boot capability for Pi-based hardware. The kit, which includes a software developers' kit and the CmStick—a USB hardware "dongle" that can be used to ensure that only signed software with proper certificates can execute on the Raspberry Pi. This presumably prevents tampering with embedded code by an attacker. This isn't exactly UEFI for Raspberry Pi, however. The CmStick contains a SmartCard chip with about 384 kilobytes of secure memory and can store information on "thousands" of software products, according to Wibu literature, allowing the system it's attached to to check against a pre-approved set of developer certificates, as well as perform signature checking. The CodeMeter technology has previously been integrated with Wind River's VxWorks real-time OS; the SDK in the starter kit is intended to allow developers to integrate the CmStick's license and digital signature checking into the OS of their choice to prevent unsigned or forged code from executing."

Continue Reading...

'via Blog this'