10 interesting stories served every morning and every evening.




1 614 shares, 31 trendiness, words and minutes reading time

Germany bans Facebook from handling WhatsApp data

Germany’s lead­ing data pro­tec­tion reg­u­la­tor for Facebook has banned the so­cial net­work from us­ing data from WhatsApp users.

It fol­lows con­tro­versy of the mes­sag­ing ap­p’s lat­est pri­vacy terms which the au­thor­ity be­lieves are il­le­gal.

The move fol­lows emer­gency dis­cus­sions in Hamburg af­ter WhatsApp asked users to con­sent to the new terms or stop us­ing it.

WhatsApp is used by al­most 60 mil­lion users in Germany.

Johannes Caspar, head of the Data Protection Authority in Hamburg said: This or­der seeks to se­cure the rights and free­doms of the many mil­lions of users who give their con­sent to the terms of use through­out Germany.

My ob­jec­tive is to pre­vent dis­ad­van­tages and dam­ages as­so­ci­ated with such a black-box pro­ce­dure.”

The reg­u­la­tor sug­gested that the de­ci­sion was­n’t just about pro­tect­ing users’ pri­vacy but also to avoid the use of data to in­flu­ence vot­ers’ de­ci­sions to ma­nip­u­late de­mo­c­ra­tic choices”, cit­ing the up­com­ing 26 September par­lia­men­tary elec­tions in Germany,

The reg­u­la­tor will now sub­mit the case to the European Data Protection Committee, the body re­spon­si­ble for en­forc­ing the rules across the EU.

WhatsApp, which is owned by Facebook, ac­cused the Hamburg data pro­tec­tion au­thor­ity of mis­un­der­stand­ing the pur­pose of the up­date and said there was no le­git­i­mate ba­sis for the ban.

The mes­sag­ing app de­fended the lat­est pri­vacy terms, say­ing they won’t af­fect the con­fi­den­tial­ity of mes­sages ex­changed with friends and fam­ily, but was pri­mar­ily in­tended to help com­pa­nies com­mu­ni­cate bet­ter with their cus­tomers via the plat­form, no­tably to al­low them to sell their prod­ucts di­rectly on it.

A spokesper­son for WhatsApp said: As the Hamburg DPAs claims are wrong, the or­der will not im­pact the con­tin­ued roll-out of the up­date. We re­main fully com­mit­ted to de­liv­er­ing se­cure and pri­vate com­mu­ni­ca­tions for every­one.”

The reg­u­la­tory ac­tion has opened a new front in Germany over Facebook’s pri­vacy poli­cies, with its na­tional an­titrust reg­u­la­tor wag­ing a le­gal bat­tle over data prac­tices it says amount to an abuse of mar­ket dom­i­nance.

Since 2018, on­line pri­vacy in Europe has been sub­ject to the General Data Protection Regulation (GDPR). Under these rules, Ireland over­sees Facebook be­cause the com­pa­ny’s European head­quar­ters is there.

...

Read the original on www.euronews.com »

2 568 shares, 1 trendiness, words and minutes reading time

Amazon.com

Enter the char­ac­ters you see be­low

Sorry, we just need to make sure you’re not a ro­bot. For best re­sults, please make sure your browser is ac­cept­ing cook­ies.

Type the char­ac­ters you see in this im­age:

© 1996-2014, Amazon.com, Inc. or its af­fil­i­ates

...

Read the original on www.amazon.com »

3 553 shares, 22 trendiness, words and minutes reading time

Security flaws in all Wi-Fi devices

This web­site pre­sents FragAttacks (fragmentation and ag­gre­ga­tion at­tacks) which is a col­lec­tion of new security vul­ner­a­bil­i­ties that af­fect Wi-Fi de­vices. An ad­ver­sary that is within ra­dio range of a vic­tim can abuse these vulnerabilities to steal user in­for­ma­tion or at­tack de­vices. Three of the dis­cov­ered vul­ner­a­bil­i­ties are de­sign flaws in the Wi-Fi stan­dard and there­fore af­fect most de­vices. On top of this, sev­eral other vul­ner­a­bil­i­ties were dis­cov­ered that are caused by wide­spread pro­gram­ming mis­takes in Wi-Fi prod­ucts. Experiments in­di­cate that every Wi-Fi prod­uct is af­fected by at least one vul­ner­a­bil­ity and that most prod­ucts are af­fected by sev­eral vul­ner­a­bil­i­ties.

The dis­cov­ered vul­ner­a­bil­i­ties af­fect all mod­ern se­cu­rity pro­to­cols of Wi-Fi, in­clud­ing the lat­est WPA3 spec­i­fi­ca­tion. Even the orig­i­nal se­cu­rity pro­to­col of Wi-Fi, called WEP, is af­fected. This means that sev­eral of the newly dis­cov­ered design flaws have been part of Wi-Fi since its re­lease in 1997! Fortunately, the de­sign flaws are hard to abuse be­cause do­ing so re­quires user in­ter­ac­tion or is only possible when us­ing un­com­mon net­work set­tings. As a re­sult, in prac­tice the biggest con­cern are the pro­gram­ming mis­takes in Wi-Fi prod­ucts since several of them are triv­ial to ex­ploit.

The dis­cov­ery of these vul­ner­a­bil­i­ties comes as a sur­prise, be­cause the se­cu­rity of Wi-Fi has in fact sig­nif­i­cantly improved over the past years. For in­stance, pre­vi­ously we dis­cov­ered the KRACK at­tacks, the de­fenses against KRACK were proven se­cure, and the lat­est WPA3 se­cu­rity spec­i­fi­ca­tion has im­proved. Unfortunately, a fea­ture that could have pre­vented one of the newly dis­cov­ered de­sign flaws was not adopted in prac­tice, and the other two de­sign flaws are pre­sent in a fea­ture of Wi-Fi that was pre­vi­ously not widely stud­ied. This shows it stays im­por­tant to an­a­lyze even the most well-known se­cu­rity pro­to­cols (if you want to help, we are hir­ing). Additionally, it shows that it’s es­sen­tial to reg­u­larly test Wi-Fi prod­ucts for se­cu­rity vul­ner­a­bil­i­ties, which can for in­stance be done when cer­ti­fy­ing them.

To pro­tect users, se­cu­rity up­dates were pre­pared dur­ing a 9-month-long co­or­di­nated dis­clo­sure that was su­per­vised by the Wi-Fi Alliance and ICASI. If up­dates for your de­vice are not yet avail­able, you can mit­i­gate

some at­tacks (but not all) by as­sur­ing that web­sites use HTTPS and by as­sur­ing that your de­vices re­ceived all other avail­able up­dates.

The re­search will be pre­sented at the USENIX Security con­fer­ence and a longer talk with more back­ground will also be given at Black Hat USA

this sum­mer.

The fol­low­ing video shows three ex­am­ples of how an ad­ver­sary can abuse the vul­ner­a­bil­i­ties. First, the ag­gre­ga­tion de­sign flaw is abused to in­ter­cept sen­si­tive in­for­ma­tion (e.g. the vic­tim’s user­name and pass­word). Second, it’s shown how an ad­ver­sary can ex­ploit in­se­cure in­ter­net-of-things devices by re­motely turn­ing on and off a smart power socket. Finally, it’s demon­strated how the vulnerabilities can be abused as a step­ping stone to launch ad­vanced at­tacks. In par­tic­u­lar, the video shows how an ad­ver­sary can take over an out­dated Windows 7 ma­chine in­side a lo­cal net­work.

As the demo il­lus­trates, the Wi-Fi flaws can be abused in two ways. First, un­der the right con­di­tions they can be abused to steal sen­si­tive data. Second, an ad­ver­sary can abuse the Wi-Fi flaws to at­tack de­vices in some­one’s home net­work.

The biggest risk in prac­tice is likely the abil­ity to abuse the dis­cov­ered flaws to at­tack de­vices in some­one’s home net­work. For in­stance, many smart home and in­ter­net-of-things

de­vices are rarely up­dated, and Wi-Fi se­cu­rity is the last line of de­fense that pre­vents some­one from at­tack­ing these de­vices. Unfortunately, due to the dis­cover vul­ner­a­bil­i­ties, this last line of de­fense can now be by­passed. In the demo above, this is il­lus­trated by re­motely con­trol­ling a smart power plug and by tak­ing over an out­dated Windows 7 ma­chine.

The Wi-Fi flaws can also be abused to ex­fil­trate trans­mit­ted data. The demo shows how this can be abused to learn the user­name and pass­word of the vic­tim when they use the NYU web­site. However, when a web­site is con­fig­ured with HSTS to al­ways use HTTPS as an ex­tra layer of se­cu­rity, which nowa­days close

to

20% of web­sites are, the trans­mit­ted data can­not be stolen. Additionally, sev­eral browsers now warn

the user when HTTPS is not be­ing used. Finally, al­though not al­ways per­fect, recent mo­bile apps by de­fault use HTTPS and there­fore also use this ex­tra pro­tec­tion.

Several im­ple­men­ta­tion flaws can be abused to eas­ily in­ject frames into a pro­tected Wi-Fi net­work. In par­tic­u­lar, an ad­ver­sary can of­ten in­ject an un­en­crypted Wi-Fi frame by care­fully con­struct­ing this frame. This can for in­stance be abused to intercept a clien­t’s traf­fic by trick­ing the client into us­ing a ma­li­cious DNS server as shown in the demo (the in­ter­cepted traf­fic may have an­other layer of pro­tec­tion though). Against routers this can also be abused to by­pass the NAT/firewall, al­low­ing the ad­ver­sary to subsequently at­tack de­vices in the lo­cal Wi-Fi net­work (e.g. at­tack­ing an out­dated Windows 7 ma­chine as shown in the demo).

How can the ad­ver­sary con­struct un­en­crypted Wi-Fi frames so they are ac­cepted by a vul­ner­a­ble de­vice? First, cer­tain Wi-Fi de­vices ac­cept any un­en­crypted frame even when con­nected to a pro­tected Wi-Fi net­work. This means the at­tacker does­n’t have to do any­thing spe­cial! Two of out of four tested home routers were af­fected by this vul­ner­a­bil­ity, sev­eral in­ter­net-of-things de­vices were af­fected, and some smart­phones were af­fected. Additionally, many Wi-Fi don­gles on Windows will wrongly ac­cept plain­text frames when they are split into sev­eral (plaintext) frag­ments.

Additionally, cer­tain de­vices ac­cept plain­text ag­gre­gated frames that look like hand­shake mes­sages. An ad­ver­sary can ex­ploit this by send­ing an ag­gre­gated frame whose starts re­sem­bles a hand­shake mes­sage and whose sec­ond subframe con­tains the packet that the ad­ver­sary wants to in­ject. A vul­ner­a­ble de­vice will first in­ter­pret this frame as a hand­shake mes­sage, but will sub­se­quently process it as an ag­gre­gated frame. In a sense, one part of the code will think the frame is a hand­shake mes­sage and will ac­cept it even though it’s not en­crypted. Another part of the code will in­stead see it as an ag­gre­gated frame and will process the packet that the ad­ver­sary wants to in­ject.

Finally, sev­eral de­vices process broad­casted frag­ments as nor­mal un­frag­mented frames. More prob­lem­atic, some de­vices accept broad­cast frag­ments even when sent un­en­crypted. An at­tacker can abuse this to in­ject pack­ets by en­cap­su­lat­ing them in the sec­ond frag­ment of a plain­text broad­cast frame.

The first de­sign flaw is in the frame ag­gre­ga­tion fea­ture of Wi-Fi. This fea­ture in­creases the speed and through­put of a net­work by com­bin­ing small frames into a larger ag­gre­gated frame. To im­ple­ment this fea­ture, the header of each frame con­tains a flag that indicates whether the (encrypted) trans­ported data con­tains a sin­gle or ag­gre­gated frame. This is il­lus­trated in the fol­low­ing fig­ure:

Unfortunately, this is ag­gre­gated” flag is not au­then­ti­cated and can be mod­i­fied by an ad­ver­sary, mean­ing a vic­tim can be tricked into pro­cess­ing the en­crypted trans­ported data in an un­in­tended man­ner. An ad­ver­sary can abuse this to in­ject arbitrary net­work pack­ets by trick­ing the vic­tim into con­nect­ing to their server and then set­ting the is ag­gre­gated” flag of care­fully se­lected pack­ets. Practically all tested de­vices were vul­ner­a­ble to this at­tack. The abil­ity to in­ject pack­ets can in turn be abused to in­ter­cept a vic­tim’s traf­fic by mak­ing it use a ma­li­cious DNS server (see the demo).

This de­sign flaw can be fixed by au­then­ti­cat­ing the is ag­gre­gated” flag. The Wi-Fi stan­dard al­ready con­tains a fea­ture to authenticate this flag, namely re­quir­ing SPP A-MSDU frames, but this de­fense is not back­wards-com­pat­i­ble and not sup­ported in prac­tice. Attacks can also be mit­i­gated us­ing an ad-hoc fix, though new at­tacks may re­main pos­si­ble.

The sec­ond de­sign flaw is in the frame frag­men­ta­tion fea­ture of Wi-Fi. This fea­ture in­creases the re­li­a­bil­ity of a con­nec­tion by split­ting large frames into smaller frag­ments. When do­ing this, every frag­ment that be­longs to the same frame is en­crypted us­ing the same key. However, re­ceivers are not re­quired to check this and will re­assem­ble frag­ments

that were de­crypted us­ing dif­fer­ent keys. Under rare con­di­tions this can be abused to ex­fil­trate data. This is ac­com­plished by mix­ing frag­ments that are en­crypted un­der dif­fer­ent keys, as il­lus­trated in the fol­low­ing fig­ure:

In the above fig­ure, the first frag­ment is de­crypted us­ing a dif­fer­ent key than the sec­ond frag­ment. Nevertheless, the vic­tim will re­assem­ble both frag­ments. In prac­tice this al­lows an ad­ver­sary to ex­fil­trate se­lected client data.

This de­sign flaw can be fixed in a back­wards-com­pat­i­ble man­ner by only re­assem­bling frag­ments that were de­crypted us­ing the same key. Because the at­tack is only pos­si­ble un­der rare con­di­tions it is con­sid­ered a the­o­ret­i­cal at­tack.

The third de­sign flaw is also in Wi-Fi’s frame frag­men­ta­tion fea­ture. The prob­lem is that, when a client dis­con­nects from the net­work, the Wi-Fi de­vice is not re­quired to re­move non-re­assem­bled frag­ments from mem­ory. This can be abused against hotspot-like net­works such as eduroam and gov­roam

and against en­ter­prise net­work where users dis­trust each other. In those cases, se­lected data sent by the vic­tim can be exfiltrated. This is achieved by in­ject­ing a ma­li­cious frag­ment in the mem­ory (i.e. frag­ment cache) of the ac­cess point. When the vic­tim then con­nects to the ac­cess point and sends a frag­mented frame, se­lected frag­ments will be com­bined (i.e. re­assem­bled) with the in­jected frag­ment of the ad­ver­sary. This is il­lus­trated in the fol­low­ing fig­ure:

In the above fig­ure, the ad­ver­sary in­jects the first frag­ment into the frag­ment cache of the ac­cess point. After the adversary dis­con­nects the frag­ment stays in the frag­ment cache and will be re­assem­bled with a frag­ment of the vic­tim. If the vic­tim sends frag­mented frames, which ap­pears un­com­mon in prac­tice, this can be abused to ex­fil­trate data.

This de­sign flaw can be fixed in a back­wards-com­pat­i­ble man­ner by re­mov­ing frag­ments from mem­ory when­ever dis­con­nect­ing or (re)connecting to a net­work.

Some routers will for­ward hand­shake frames to an­other client even when the sender has­n’t authenticated yet. This vul­ner­a­bil­ity al­lows an ad­ver­sary to per­form the ag­gre­ga­tion at­tack, and in­ject ar­bi­trary frames, with­out user in­ter­ac­tion.

Another ex­tremely com­mon im­ple­men­ta­tion flaw is that re­ceivers do not check whether all fragments be­long to the same frame, mean­ing an ad­ver­sary can triv­ially forge frames by mix­ing the frag­ments of two different frames.

Additionally, against sev­eral im­ple­men­ta­tions it is pos­si­ble to mix en­crypted and plain­text frag­ments.

Finally, some de­vices don’t sup­port frag­men­ta­tion or ag­gre­ga­tion, but are still vul­ner­a­ble to at­tacks because they process frag­mented frames as full frames. Under the right cir­cum­stances this can be abused to in­ject pack­ets.

An overview of all as­signed Common Vulnerabilities and Exposures (CVE) iden­ti­fiers can be found on GitHub. At the time of writ­ing, ICASI has a suc­cinct overview

con­tain­ing ref­er­ences to ad­di­tional info from ven­dors (the CVE links be­low might only be­come ac­tive af­ter a few days). Summarized, the de­sign flaws were as­signed the fol­low­ing CVEs:

* CVE-2020-24586: frag­ment cache at­tack (not clear­ing frag­ments from mem­ory when (re)connecting to a net­work).

Implementation vul­ner­a­bil­i­ties that al­low the triv­ial in­jec­tion of plain­text frames in a pro­tected Wi-Fi net­work are as­signed the fol­low­ing CVEs:

* CVE-2020-26145: Accepting plain­text broad­cast frag­ments as full frames (in an en­crypted net­work).

* CVE-2020-26144: Accepting plain­text A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an en­crypted net­work).

Other im­ple­men­ta­tion flaws are as­signed the fol­low­ing CVEs:

* CVE-2020-26139: Forwarding EAPOL frames even though the sender is not yet au­then­ti­cated (should only af­fect APs).

* CVE-2020-26141: Not ver­i­fy­ing the TKIP MIC of frag­mented frames.

For each im­ple­men­ta­tion vul­ner­a­bil­ity we listed the ref­er­ence CVE iden­ti­fier. Although each af­fected code­base nor­mally re­ceives a unique CVE, the agree­ment be­tween af­fected ven­dors was that, in this spe­cific case, using the same CVE across dif­fer­ent code­bases would make com­mu­ni­ca­tion eas­ier. For in­stance, by ty­ing one CVE to each vul­ner­a­bil­ity, a cus­tomer can now ask a ven­dor whether their prod­uct is af­fected by a spe­cific CVE.

Please note that this de­vi­ates from nor­mal MITRE guide­lines, and that this de­ci­sion was made by af­fected ven­dors in­de­pen­dently of MITRE, and that this in no way re­flects any changes in how MITRE as­signs CVEs.

Our pa­per be­hind the at­tack is ti­tled Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation

and will be pre­sented at USENIX Security. You can use the fol­low­ing bib­tex en­try to cite our pa­per:

The pre-recorded pre­sen­ta­tion made for USENIX Security can al­ready be viewed on­line. Note that the tar­get au­di­ence of this pre­sen­ta­tion are aca­d­e­mics and IT pro­fes­sion­als:

* An overview of all

at­tacks and their pre­con­di­tions. It also con­tains two ex­tra ex­am­ples on how an

ad­ver­sary can: (1) abuse packet in­jec­tion vul­ner­a­bil­i­ties to make a vic­tim use a ma­li­cious DNS; and

(2) how packet in­jec­tion can be abused to by­pass the NAT/firewall of a router.

* Slides il­lus­trat­ing

how the ag­gre­ga­tion at­tack (CVE-2020-24588) works in prac­tice. Performing this at­tack re­quires trick­ing

the vic­tim into con­nect­ing to the ad­ver­sary’s server. This can be done by mak­ing the vic­tim down­load an

im­age from the ad­ver­sary’s server. Note that JavaScript code ex­e­cu­tion on the vic­tim is not re­quired.

* Detailed slides

giv­ing an in-depth ex­pla­na­tion of each dis­cov­ered vul­ner­a­bil­ity.

* Overview slides

il­lus­trat­ing only the root cause of each dis­cov­ered vul­ner­a­bil­ity.

A tool was made that can test if clients or APs are affected by the dis­cov­ered de­sign and im­ple­men­ta­tions flaws. It can test home net­works and en­ter­prise net­works where authentication is done us­ing, e.g., PEAP-MSCHAPv2 or EAP-TLS. The tool sup­ports over 45 test cases and re­quires mod­i­fied drivers in or­der to re­li­able test for the dis­cov­ered vul­ner­a­bil­i­ties. Without mod­i­fied dri­vers, one may wrongly con­clude that a de­vice is not af­fected while in re­al­ity it is.

A live USB im­age is also avail­able. This im­age con­tains pre-in­stalled mod­i­fied dri­vers, mod­i­fied firmware for cer­tain Atheros USB don­gles, and a pre-configured Python en­vi­ron­ment for the tool. Using a live im­age is use­ful when you can­not in­stall the mod­i­fied drivers na­tively (and us­ing a vir­tual ma­chine can be un­re­li­able for some net­work cards).

Apart from a tool to test if a de­vice is vul­ner­a­ble I also made proof-of-con­cepts to ex­ploit weak­nesses. Because not all devices cur­rently have re­ceived up­dates these at­tacks scripts will be re­leased at a later point if deemed use­ful.

You can reach Mathy Vanhoef on twit­ter at @vanhoefm

or by email­ing mathy.van­hoef@nyu.edu.

Yes! Mathy Vanhoef will be start­ing as a pro­fes­sor at KU Leuven University (Belgium) later this year and is looking for a PhD stu­dent. The pre­cise topic you want to work on can be dis­cussed. If you’re a mas­ter stu­dent at KU Leuven you can also con­tact me to dis­cuss a Master’s the­sis topic. Note that the DistriNet group at KU Leuven is also re­cruit­ing in se­cu­rity-re­lated re­search fields.

If you want to do net­work re­search at New York University Abu Dhabi in the Cyber Security & Privacy (CSP)

team where the FragAttacks re­search was car­ried out, you can con­tact Christina Pöpper.

Yes, you can use the logo, il­lus­tra­tions of the ag­gre­ga­tion

de­sign flaw (mobile ver­sion), illustrations of the mixed key de­sign flaw (mobile ver­sion), and il­lus­tra­tions of the frag­ment cache de­sign flaw (mobile ver­sion).

Thanks goes to Darlee Urbiztondo for de­sign­ing the logo. You can find more of her awe­some graphic works here.

When the 802.11n amend­ment was be­ing writ­ten in 2007, which in­tro­duced sup­ported for ag­gre­gated (A-MSDU) frames, several IEEE mem­bers

no­ticed that the is ag­gre­gated” flag was not au­then­ti­cated. Unfortunately, many prod­ucts al­ready im­ple­mented a draft of the 802.11n amend­ment, mean­ing this prob­lem had to be ad­dressed in a back­wards-com­pat­i­ble man­ner. The de­ci­sion was made that de­vices would ad­ver­tise whether they are ca­pa­ble of au­then­ti­cat­ing the is ag­gre­gated” flag. Only when de­vices im­ple­ment and ad­ver­tise this ca­pa­bil­ity is the is ag­gre­gated” flag pro­tected. Unfortunately, in 2020 not a sin­gle tested de­vice sup­ported this ca­pa­bil­ity, likely be­cause it was con­sid­ered hard to ex­ploit. To quote a re­mark made back in 2007: “While it is hard to see how this can be ex­ploited, it is clearly a flaw that is ca­pa­ble of be­ing fixed.”

In other words, peo­ple did no­tice this vul­ner­a­bil­ity and a de­fense was stan­dard­ized, but in prac­tice the de­fense was never adopted. This is a good ex­am­ple that se­cu­rity de­fenses must be adopted be­fore at­tacks be­come prac­ti­cal.

Likely be­cause it was only con­sid­ered a the­o­retic vul­ner­a­bil­ity when the de­fense was cre­ated. To quote a re­mark made back in 2007: “While it is hard to see how this can be ex­ploited, it is clearly a flaw that is ca­pa­ble of be­ing fixed.”

Additionally, the threat model that was used in the ag­gre­ga­tion at­tack, were the vic­tim is in­duced into con­nect­ing to the adversary’s server, only be­come widely ac­cepted in 2011 af­ter the dis­clo­sure of the BEAST

at­tack. In other words, the threat model was not yet widely known back in 2007 when the IEEE added the op­tional fea­ture that would have pre­vented the at­tack. And even af­ter this threat model be­came more com­mon, the re­sult­ing at­tack is­n’t ob­vi­ous.

First, it’s al­ways good to re­mem­ber gen­eral se­cu­rity best prac­tices: up­date your de­vices, don’t reuse your pass­words, make sure you have back­ups of im­por­tant data, don’t visit shady web­sites, and so on.

In re­gards to the dis­cov­ered Wi-Fi vul­ner­a­bil­i­ties, you can mit­i­gate at­tacks that ex­fil­trate sen­si­tive data by double-checking that web­sites you are vis­it­ing use HTTPS. Even bet­ter, you can in­stall the HTTPS Everywhere plu­gin. This plu­gin forces the us­age of HTTPS on web­sites that are known to sup­port it.

To mit­i­gate at­tacks where your router’s NAT/firewall is by­passed and de­vices are di­rectly at­tacked, you must as­sure that all your de­vices are up­dated. Unfortunately, not all prod­ucts reg­u­larly re­ceive up­dates, in par­tic­u­lar smart or in­ter­net-of-things devices, in which case it is dif­fi­cult (if not im­pos­si­ble) to prop­erly se­cure them.

More tech­ni­cally, the im­pact of at­tacks can also be re­duced by man­u­ally con­fig­ur­ing your DNS server so that it can­not be poi­soned. Specific to your Wi-Fi con­fig­u­ra­tion, you can mit­i­gate at­tacks (but not fully pre­vent them) by dis­abling frag­men­ta­tion, disabling pair­wise rekeys, and dis­abling dy­namic frag­men­ta­tion in Wi-Fi 6 (802.11ax) de­vices.

These days a lot of web­sites and apps use HTTPS to en­crypt data. When us­ing HTTPS, an ad­ver­sary can­not see the data you are trans­mit­ting even when you are con­nected to an open Wi-Fi net­work. This also means that you can safely use open Wi-Fi hotspots as long as you keep your de­vices up-to-date and as long as you as­sure that web­sites are us­ing HTTPS. Unfortunately, not all web­sites re­quire the us­age of HTTPS (i.e. they’re not us­ing HSTS), mean­ing they re­main vulnerable to pos­si­ble at­tacks.

At home, the se­cu­rity of your Wi-Fi net­work is also es­sen­tial. An in­se­cure net­work means that oth­ers might be able to con­nect to the in­ter­net through your home. Additionally, more and more de­vices are us­ing Wi-Fi to trans­fer per­sonal files in your lo­cal net­work with­out an ex­tra layer of pro­tec­tion (e.g. when print­ing files, smart dis­play screens, when sending files to a lo­cal backup stor­age, dig­i­tal photo stands, and so on). More prob­lem­atic, a lot of in­ter­net-of-things de­vices have tons of se­cu­rity vul­ner­a­bil­i­ties that can be ex­ploited if an ad­ver­sary can com­mu­ni­cate with them. The main thing that pre­vents an ad­ver­sary from ex­ploit­ing these in­se­cure in­ter­net-of-things de­vices is the se­cu­rity of your Wi-Fi net­work. It there­fore remains es­sen­tial to have strong en­cryp­tion and au­then­ti­ca­tion at the Wi-Fi layer.

At work, the se­cu­rity of Wi-Fi is also es­sen­tial for the same rea­sons as men­tioned above. Additionally, many companies will au­to­mat­i­cally al­low ac­cess to sen­si­tive ser­vices when a user (or ad­ver­sary) is able to connect to the Wi-Fi net­work. Therefore strong Wi-Fi se­cu­rity is also es­sen­tial in a work set­ting.

Using a VPN can pre­vent at­tacks where an ad­ver­sary is try­ing to ex­fil­trate data. It will not pre­vent an adversary from by­pass­ing your router’s NAT/firewall to di­rectly at­tack de­vices.

The seeds of this re­search were al­ready planted while I was in­ves­ti­gat­ing the KRACK at­tack. At that time, on 8 June 2017 to be precise, I wrote down some notes to fur­ther in­ves­ti­gate (de)fragmentation sup­port in Linux. In par­tic­u­lar, I thought there might be an implementation vul­ner­a­bil­ity in Linux. However, a sin­gle un­con­firmed im­ple­men­ta­tion flaw is­n’t too spec­tac­u­lar re­search-wise, so af­ter dis­clos­ing the KRACK at­tack I de­cided to work on other re­search in­stead. The idea of in­spect­ing (de)fragmentation in Wi-Fi, and de­ter­min­ing whether there re­ally was a vul­ner­a­bil­ity or not, was al­ways at the back of my mind though.

Fast-forward three years later, and af­ter gain­ing some ad­di­tional ideas to in­ves­ti­gate, closer in­spec­tion con­firmed some of my hunches and also re­vealed that these is­sues were more wide­spread than I ini­tially as­sumed. And with some ex­tra in­sights I also dis­cov­ered all the other vul­ner­a­bil­i­ties. Interestingly, this also shows the ad­van­tage of flesh­ing out ideas be­fore rush­ing to pub­lish (though ac­tu­ally finishing the pa­per be­fore sub­mis­sion was still a race against time..).

In ex­per­i­ments on more than 75 de­vices, all of them were vul­ner­a­ble to one or more of the dis­cov­ered at­tacks. I’m cu­ri­ous my­self whether all de­vices in the whole world are in­deed af­fected though! To find this out, if you find a de­vice that is­n’t af­fected by at least one of the dis­cov­ered vul­ner­a­bil­i­ties, let me know.

Also, if your com­pany pro­vides Wi-Fi de­vices and you think that your prod­uct was not af­fected by any of the dis­cov­ered vul­ner­a­bil­i­ties, you can send your prod­uct to me. Once I con­firmed that it in­deed was not af­fected by any vul­ner­a­bil­i­ties the name of your prod­uct and com­pany will be put here! Note that I do need a method to as­sure that I’m in­deed test­ing a ver­sion of the prod­uct that was avail­able be­fore the dis­clo­sure of the vul­ner­a­bil­i­ties (and that you did­n’t silently patch some vul­ner­a­bil­i­ties).

The de­sign is­sues are, on their own, te­dious to ex­ploit in prac­tice. Unfortunately, some of the im­ple­men­ta­tion vulnerabilities are com­mon and triv­ial to ex­ploit. Additionally, by com­bin­ing the de­sign is­sues with cer­tain im­ple­men­ta­tion issues, the re­sult­ing at­tacks be­come more se­ri­ous. This means the im­pact of our find­ings de­pends on the spe­cific target. Your ven­dor can in­form you what the pre­cise im­pact is for spe­cific de­vices. In other words, for some de­vices the im­pact is mi­nor, while for oth­ers it’s dis­as­trous.

By de­fault de­vices don’t send frag­mented frames. This means that the mixed key at­tack and the frag­ment cache at­tack, on their own, will be hard to ex­ploit in prac­tice, un­less Wi-Fi 6 is used. When us­ing Wi-Fi 6, which is based on the 802.11ax stan­dard, a de­vice may dy­nam­i­cally frag­ment frames to fill up avail­able air­time.

By de­fault ac­cess points don’t re­new the pair­wise ses­sion key, even though some may pe­ri­od­i­cally re­new the group key. This means that the de­fault mixed key at­tack as de­scribed in the pa­per is only pos­si­ble against net­works that de­vi­ate from this de­fault set­ting.

The test tool that we re­leased can only be used to test whether a de­vice is vul­ner­a­ble. It can­not be used to per­form at­tacks: an ad­ver­sary would have to write their own tools for that. This ap­proach en­ables net­work administrators to test if de­vices are af­fected while re­duc­ing the chance of some­one abus­ing the re­leased code.

The code that has cur­rently been re­leased fo­cusses on de­tect­ing vul­ner­a­ble im­ple­men­ta­tions. The proof-of-con­cepts scripts that per­form ac­tual at­tacks are not re­leased to pro­vide every­one with more time to im­ple­ment and de­ploy patches. Once a large enough frac­tion of de­vices has been patched, and if deemed nec­es­sary and/​or ben­e­fi­cial, the at­tack script will be pub­licly re­leased as well.

There are ex­am­ple net­work cap­tures of the test tool that il­lus­trate the root causes of sev­eral vul­ner­a­bil­i­ties.

The mod­i­fi­ca­tions to cer­tain dri­vers have been sub­mit­ted up­stream to Linux mean­ing they will be main­tained by the Linux de­vel­op­ers themselves. The patches to the Intel dri­ver have not been sub­mit­ted up­stream be­cause they’re a bit hacky. Concretely, this means that drivers such as ath9k_htc will be sup­ported out of the box, while for Intel de­vices you will have to use patched dri­vers and I’m not sure how much time I’ll have to main­tain those.

That’s a good ques­tion. I’m not sure why so many de­vel­op­ers missed this. This wide­spread im­ple­men­ta­tion vul­ner­a­bil­ity does high­light that leav­ing im­por­tant cryp­to­graphic op­er­a­tions up to de­vel­op­ers is not ideal. Put an­other way, it might have been bet­ter if the stan­dard re­quired an au­then­tic­ity check over the re­assem­bled frame in­stead. That would also bet­ter follow the prin­ci­ple of au­then­ti­cated en­cryp­tion.

The 802.11 stan­dard states in sec­tion 10.6: If se­cu­rity en­cap­su­la­tion has been ap­plied to the frag­ment, it shall be deencapsulated and de­crypted be­fore the frag­ment is used for de­frag­men­ta­tion of the MSDU or MMPDU. There is un­for­tu­nately no warn­ing that un­en­crypted frag­ments should be dropped. And there are no rec­om­mend checks that should be performed when re­assem­bling two (decrypted) frag­ments.

Yes, al­though this is un­likely to oc­cur in prac­tice. More tech­ni­cally, let’s as­sume that an im­ple­men­ta­tion tries to pre­vent mixed key attacks by: (1) as­sign­ing an unique key ID to every frag­ment; (2) in­cre­ment­ing this key ID when­ever the pair­wise tran­sient key (PTK) is up­dated; and (3) as­sur­ing all frag­ments were de­crypted un­der the same key ID. Unfortunately, in that case cache at­tacks may still be fea­si­ble. In par­tic­u­lar, if un­der this de­fense key IDs are reused after (re)connecting to a net­work, for ex­am­ple be­cause they are re­set to zero, frag­ments that are de­crypted using a dif­fer­ent key may still be as­signed the same key ID. As a re­sult, cache at­tacks re­main pos­si­ble, be­cause the fragments will still be re­assem­bled as they have the same key ID.

Strictly speak­ing not, be­cause the 802.11 stan­dard does not ex­plic­itly re­quire that a sender en­crypts all frag­ments of a spe­cific frame un­der the same key. Fortunately, all im­ple­men­ta­tions that we tested did en­crypt all frag­ments us­ing the same key, at least un­der the nor­mal cir­cum­stances that we tested, mean­ing in prac­tice the mixed key at­tack can be prevented with­out in­tro­duc­ing in­com­pat­i­bil­i­ties.

...

Read the original on www.fragattacks.com »

4 519 shares, 23 trendiness, words and minutes reading time

I Mailed an AirTag and Tracked Its Progress; Here's What Happened

Apple’s AirTags are de­signed to help you keep track of things. There are many things you can use AirTags to track, be­yond the most ob­vi­ous ideas such as your keys or bag.

But you may also be able to use an AirTag to track a pack­age. I sent one in the mail to a friend, and fol­lowed it across the coun­try. Here’s what hap­pened.

I live near Stratford-upon-Avon, in the United Kingdom, and I sent the AirTag to a friend south of London. I mailed this AirTag on Friday af­ter­noon, and, with first-class postage, I ex­pected the en­ve­lope to be de­liv­ered the next day.

The AirTag weighs a mere 11g, so I put one taped to a card, then in a small bub­ble en­ve­lope for pro­tec­tion. I dropped it in the mail­box in my vil­lage, just down the road from my home. I made sure to open the Find My app on my iPhone when I was next to the mail­box; it showed the cor­rect lo­ca­tion.

Mail is picked up around 5 pm, and a bit later than that, I checked the Find My app on my iPad. At 5:28, I found that my AirTag had reached the lo­cal sort­ing sta­tion.

This means that some­one, ei­ther the mail­man who picked up the mail and de­liv­ered it to the sort­ing sta­tion, or an­other em­ployee at the sort­ing sta­tion had an iPhone, which spot­ted the AirTag. Apple touts their net­work of nearly a bil­lion de­vices ca­pa­ble of spot­ting AirTags, and if there are that many, it should be easy to track this en­ve­lope across the coun­try.

Related: How Tough are AirTags? We Froze, Washed and Dried, Ran Over, and Put Them in the Hot Sun

It did­n’t take long for my AirTag to start its jour­ney. At 5:49, it had started mov­ing, go­ing into Stratford-upon-Avon, pre­sum­ably for it to be loaded on to a truck to go to the next lo­ca­tion. At around 6:40, it had left the town, head­ing north.

At 7:30, it reached the South Midlands Mail Centre, a highly au­to­mated mail pro­cess­ing cen­tre,” a mas­sive ware­house-like site where mail is sorted. The pres­ence of even one em­ployee with an iPhone, with Find My turned on, was enough to reg­is­ter this lo­ca­tion, but it’s likely that many of the em­ploy­ees have iPhones.

I had set up a script on my Mac to take screen­shots of the Find My app every two min­utes, and these show the jour­ney of the AirTag across the coun­try. At 10:08 pm, the AirTag was on the road, and here’s its progress through the night and the fol­low­ing morn­ing. The du­ra­tion of each im­age in the video does not rep­re­sent how much time has passed.

There were a cou­ple of stops along the way, where pre­sum­ably some mail was trans­ferred to other ve­hi­cles, and by 6:45 am, the AirTag had reached the fi­nal sort­ing of­fice near where my friend lives. He re­ceived de­liv­ery in late morn­ing.

After the AirTag was de­liv­ered, my friend left the en­ve­lope on a table in his house. He has an iPhone, so I ex­pected him to be no­ti­fied of the pres­ence of the AirTag af­ter a while. According to Apple, any­one who is in the pres­ence of an AirTag that has been sep­a­rated from its owner for three days will get an alert on their iPhone. They are sup­posed to get an AirTag Found Moving With You” mes­sage. It’s pos­si­ble that this alert only dis­plays when the per­son is ac­tu­ally mov­ing with the AirTag, but that seems some­what lim­it­ing; imag­ine that you leave an AirTag in some­one’s bag at their home, but they don’t take the bag with them right away. Should it take an­other three days for them to get an alert? Apple is­n’t clear enough about the way to pre­vent AirTags from be­ing used by stalk­ers.

I there­fore ex­pected my friend to get such a mes­sage on or af­ter Monday af­ter­noon, three days af­ter I mailed it. By Tuesday, he had still not re­ceived any alerts. As I write this ar­ti­cle, I just checked in the Find My app, and the AirTag was last seen 13 min­utes ago, at his lo­ca­tion, but he still has not re­ceived any alerts.

Apple also says that When moved, any AirTag sep­a­rated for a pe­riod of time from the per­son who reg­is­tered it will make a sound to alert those nearby.” Again, this is sup­posed to be three days, and the sound ap­par­ently only plays for 15 sec­onds, and is­n’t very loud, ac­cord­ing to this Washington Post ar­ti­cle. My friend thinks he might have heard a sound at some point, but he could­n’t be sure, be­cause he had the TV on at the time.

The point of these alerts is to let peo­ple know if they’re be­ing tracked sur­rep­ti­tiously by some­one who placed an AirTag in their bag, their pocket, or their car. Three days is al­ready much too long, but the fact that no au­di­ble sounds or alerts are oc­cur­ring af­ter four days is dis­turb­ing.

AirTags aren’t de­signed to track some­thing in move­ment; this is­n’t like a Tom Cruise movie, where spies track a car in a city, see­ing ex­actly where it is in real time. They are meant to be used to find lost keys, lug­gage, or other ob­jects. But my ex­per­i­ment shows that you can track these de­vices to a cer­tain ex­tent.

The rea­son for this is the sheer size of the net­work of iOS de­vices that can lo­cate AirTags. Apple says that there are nearly one bil­lion iOS de­vices around the world that par­tic­i­pate in this net­work, and that en­sures that you can lo­cate AirTags in most sit­u­a­tions.

I don’t know if any of the truck dri­vers car­ry­ing the mail did­n’t have iPhones. Even if they did­n’t, it’s pos­si­ble that if some­one in a car dri­ving next to the truck has an iPhone, then it would be spot­ted. Since AirTags use Bluetooth 5, the range is around 100m, but that de­pends on such things as in­ter­fer­ence, walls, and other ob­sta­cles, and test­ing would need to be done to find how ef­fi­cient they are in mo­tion.

It’s also not clear how of­ten AirTag lo­ca­tions up­date. I gave my part­ner an AirTag last week for her to take when she went on an er­rand, dri­ving about 20 miles from home. Since she has an iPhone, I ex­pected to see fre­quent up­dates in the Find My app, but that was­n’t the case. It seemed that when she was on the road, there weren’t many up­dates, but when she got to a shop­ping mall — where there are lots of peo­ple with iPhones — it up­dated much more of­ten. Curiously, it up­dated at one lo­ca­tion on the road in both di­rec­tions, which was when she drove around a large round­about. Perhaps when the de­vice is trav­el­ing fast, there are less fre­quent up­dates, and when it slows down, it up­dates more of­ten.

Obviously, if your de­vice is in an area with fewer iPhones around, you won’t be able to track it, or find it. In more re­mote or rural ar­eas, this will be more dif­fi­cult, but in most sit­u­a­tions, there’s a good chance that some­one with an iPhone will be near your AirTag if it gets lost. This ex­per­i­ment also shows that if, for ex­am­ple, you’ve taken a flight and the air­line has lost your lug­gage, you’ll have a good chance of keep­ing track of where it is.

Each week on the Intego Mac Podcast, Intego’s Mac se­cu­rity ex­perts dis­cuss the lat­est Apple news, se­cu­rity and pri­vacy sto­ries, and of­fer prac­ti­cal ad­vice on get­ting the most out of your Apple de­vices. Be sure to fol­low the pod­cast to make sure you don’t miss any episodes.

You can also sub­scribe to our e-mail newslet­ter and keep an eye here on Mac Security Blog for the lat­est Apple se­cu­rity and pri­vacy news. And don’t for­get to fol­low Intego on your fa­vorite so­cial me­dia chan­nels: Facebook, Instagram, Twitter, and YouTube.

writes about Apple prod­ucts and more on his blog Kirkville.

He is co-host of the Intego Mac Podcast, as well as sev­eral other pod­casts, and is a reg­u­lar con­trib­u­tor to The Mac Security Blog, TidBITS, and sev­eral other web­sites and pub­li­ca­tions.

Kirk has writ­ten more than two dozen books, in­clud­ing Take Control books about Apple’s me­dia apps, Scrivener, and LaunchBar.

Follow him on Twitter at @mcelhearn.

View all posts by Kirk McElhearn →

...

Read the original on www.intego.com »

5 434 shares, 17 trendiness, words and minutes reading time

● - SCP Foundation

Info Pages

Guides

How to Write an SCP

●●|●●●●●|●●|●” by LurkD, from the SCP Wiki. Source: https://​scp-wiki.wiki­dot.com/​scp-2521. Licensed un­der CC-BY-SA.

For more in­for­ma­tion, see Licensing Guide.

Licensing Disclosures

For more in­for­ma­tion about on-wiki con­tent, visit the Licensing Master List.

Unless oth­er­wise stated, the con­tent of this page is li­censed un­der Creative Commons Attribution-ShareAlike 3.0 License

Click here to edit con­tents of this page.

Click here to tog­gle edit­ing of in­di­vid­ual sec­tions of the page (if pos­si­ble). Watch head­ings for an edit” link when avail­able.

Append con­tent with­out edit­ing the whole page source.

Check out how this page has evolved in the past.

If you want to dis­cuss con­tents of this page - this is the eas­i­est way to do it.

View and man­age file at­tach­ments for this page.

Change the name (also URL ad­dress, pos­si­bly the cat­e­gory) of the page.

View wiki source for this page with­out edit­ing.

View/set par­ent page (used for cre­at­ing bread­crumbs and struc­tured lay­out).

Notify ad­min­is­tra­tors if there is ob­jec­tion­able con­tent in this page.

Something does not work as ex­pected? Find out what you can do.

Wikidot.com Terms of Service - what you can, what you should not etc.

...

Read the original on scp-wiki.wikidot.com »

6 390 shares, 15 trendiness, words and minutes reading time

Tech giants join call for funding U.S. chip production

(Reuters) - Some of the world’s biggest chip buy­ers, in­clud­ing Apple Inc, Microsoft Corp and Alphabet Inc’s Google, are join­ing top chip-mak­ers such as Intel Corp to cre­ate a new lob­by­ing group to press for gov­ern­ment chip man­u­fac­tur­ing sub­si­dies.

The newly formed Semiconductors in America Coalition, which also in­cludes Amazon.com’s Amazon Web Services, said Tuesday it has asked U. S. law­mak­ers to pro­vide fund­ing for the CHIPS for America Act, for which President Joe Biden has asked Congress to pro­vide $50 bil­lion.

Robust fund­ing of the CHIPS Act would help America build the ad­di­tional ca­pac­ity nec­es­sary to have more re­silient sup­ply chains to en­sure crit­i­cal tech­nolo­gies will be there when we need them,” the group said in a let­ter to Democratic and Republican lead­ers in both houses of the U. S. Congress.

A global chip short­age has hit au­tomak­ers hard, with Ford Motor Co say­ing it could halve sec­ond-quar­ter pro­duc­tion.

Automotive in­dus­try groups have pressed the Biden ad­min­is­tra­tion to se­cure chip sup­ply for car fac­to­ries. But Reuters last week re­ported ad­min­is­tra­tion of­fi­cials were re­luc­tant to use a na­tional se­cu­rity law to redi­rect com­puter chips to au­tomak­ers be­cause do­ing so could hurt other in­dus­tries.

The new coali­tion in­cludes some of those other chip-con­sum­ing in­dus­tries, with mem­bers such as AT&T, Cisco Systems, General Electric, Hewlett Packard Enterprise and Verizon Communications Inc. It cau­tioned against gov­ern­ment ac­tions to fa­vor a sin­gle in­dus­try such as au­tomak­ers.

Government should re­frain from in­ter­ven­ing as in­dus­try works to cor­rect the cur­rent sup­ply-de­mand im­bal­ance caus­ing the short­age,” the group said.

Tech com­pa­nies such as Apple are also be­ing hit by the chip short­age, but far less se­verely than au­tomak­ers.

The iPhone maker said last month it will lose $3 bil­lion to $4 bil­lion in sales in the cur­rent quar­ter end­ing in June be­cause of the chip short­age, but that equates to just a few per­cent of the $72.9 bil­lion in sales an­a­lyst ex­pect for Apple’s fis­cal third quar­ter, ac­cord­ing to Refinitiv rev­enue es­ti­mates.

...

Read the original on www.reuters.com »

7 365 shares, 41 trendiness, words and minutes reading time

Enhancing Photorealism Enhancement

1work done while an in­tern at Intel Labs

We pre­sent an ap­proach to en­hanc­ing the re­al­ism of syn­thetic im­ages. The im­ages are en­hanced by a con­vo­lu­tional net­work that lever­ages in­ter­me­di­ate rep­re­sen­ta­tions pro­duced by con­ven­tional ren­der­ing pipelines. The net­work is trained via a novel ad­ver­sar­ial ob­jec­tive, which pro­vides strong su­per­vi­sion at mul­ti­ple per­cep­tual lev­els. We an­a­lyze scene lay­out dis­tri­b­u­tions in com­monly used datasets and find that they dif­fer in im­por­tant ways. We hy­poth­e­size that this is one of the causes of strong ar­ti­facts that can be ob­served in the re­sults of many prior meth­ods. To ad­dress this we pro­pose a new strat­egy for sam­pling im­age patches dur­ing train­ing. We also in­tro­duce mul­ti­ple ar­chi­tec­tural im­prove­ments in the deep net­work mod­ules used for pho­to­re­al­ism en­hance­ment. We con­firm the ben­e­fits of our con­tri­bu­tions in con­trolled ex­per­i­ments and re­port sub­stan­tial gains in sta­bil­ity and re­al­ism in com­par­i­son to re­cent im­age-to-im­age trans­la­tion meth­ods and a va­ri­ety of other base­lines.

Please cite our work if you use code or data from this site.

@Article{Richter_2021,

ti­tle = {Enhancing Photorealism Enhancement},

au­thor = {Stephan R. Richter and Hassan Abu AlHaija and Vladlen Koltun},

jour­nal= {arXiv:2105.04619},

year = {2021},

The mod­i­fi­ca­tions by our method are geo­met­ri­cally and se­man­ti­cally con­sis­tent with the orig­i­nal im­ages.

They are also tem­po­rally sta­ble:

It greens the parched grass and hills in GTAs California:

It adds re­flec­tions to the win­dows and in­creases the fres­nel ef­fect (e.g., at the roof of cars):

It greens the parched grass and hills in GTAs California:

Images from this dataset are recorded around the world with wide va­ri­ety of cam­eras. The im­ages are more vi­brant and of high res­o­lu­tion.

It re­moves dis­tant haze and re­builds the road:

...

Read the original on intel-isl.github.io »

8 303 shares, 14 trendiness, words and minutes reading time

Cloudflare on the Edge

Matthew Prince, at the end of his pre­pared re­marks af­ter Cloudflare’s re­cent earn­ings re­port, re­lated a story from the com­pa­ny’s ear­li­est days:

Back in 2010, right be­fore Cloudflare’s first Board meet­ing and our launch, I got some ad­vice from one of our early in­vestors. He said run­ning a com­pany is a bit like fly­ing an air­plane. You want to make sure it’s well main­tained at all times. And that when you’re fly­ing, you keep the wheel steady and the nose 10 de­grees about the hori­zon. That’s stuck with me, and we’ve de­signed Cloudflare for con­sis­tent and dis­ci­plined ex­e­cu­tion. That shows in quar­ters like the one we just had.

What is most im­por­tant of all, though, is the des­ti­na­tion that air­plane is headed for.

The launch Prince re­ferred to hap­pened at TechCrunch Disrupt 2010; the en­tire video is worth a watch, but there are three high­lights in par­tic­u­lar. First, Prince — de­spite a three-minute tech­ni­cal de­lay — did an ex­cel­lent job of lay­ing out Cloudflare’s core value propo­si­tion:

Prince, a grad­u­ate of Harvard Business School, ex­plic­itly in­voked HBS Professor Clayton Christensen while an­swer­ing a ques­tion about com­pe­ti­tion:

The most mem­o­rable mo­ment of the pre­sen­ta­tion, though, was Prince’s re­sponse to a seem­ingly an­o­dyne ques­tion about when com­pa­nies might grow out of Cloudflare’s of­fer­ing:

Despite the au­dac­ity of Prince’s an­swer — Our vi­sion is that we’re go­ing to power the Internet — the com­pa­ny’s list of com­peti­tors in its 2019 S-1 seemed rather as­pi­ra­tional, in both breadth and scale:

Our cur­rent and po­ten­tial fu­ture com­peti­tors in­clude a num­ber of dif­fer­ent types of com­pa­nies, in­clud­ing:

On-premise hard­ware net­work ven­dors, such as Cisco Systems Inc., F5 Networks, Inc., Check Point Software Technologies Ltd., FireEye, Inc., Imperva, Inc., Palo Alto Networks, Inc., Juniper Networks, Inc., and Riverbed Technology, Inc.;

Point-cloud so­lu­tion ven­dors, in­clud­ing cloud se­cu­rity ven­dors such as Zscaler, Inc. and Cisco Systems Inc. through Umbrella (formerly known as OpenDNS), con­tent de­liv­ery net­work ven­dors such as Akamai Technologies, Inc., Limelight Networks, Inc., Fastly, Inc., and Verizon Communications Inc. through Edgecast, do­main name sys­tem ven­dors ser­vices such as Oracle Corporation through DYN, NeuStar, Inc., and UltraDNS Corporation, and cloud SD-WAN ven­dors; and

Traditional pub­lic cloud ven­dors, such as Amazon.com, Inc. through Amazon Web Services, Alphabet Inc. through Google Cloud Platform, Microsoft Corporation through Azure, and Alibaba Group Holding Limited through Alibaba Cloud.

The first two cat­e­gories make sense; af­ter all, Cloudflare’s value propo­si­tion from the be­gin­ning was speed and se­cu­rity, so of course they would grow up to com­pete with net­work and se­cu­rity ven­dors. It was that last bul­let point, though, that even now leads to raised eye­brows: Cloudflare’s big quar­ter en­tailed $138 mil­lion in rev­enue; AWS, over the same pe­riod, made $150 mil­lion a day.

To un­der­stand why Cloudflare sees pub­lic cloud ven­dors as com­peti­tors it helps to go back to what made Cloudflare dis­rup­tive; Christensen wrote in The Innovator’s Dilemma:

Occasionally, how­ever, dis­rup­tive tech­nolo­gies emerge: in­no­va­tions that re­sult in worse prod­uct per­for­mance, at least in the near-term. Ironically, in each of the in­stances stud­ied in this book, it was dis­rup­tive tech­nol­ogy that pre­cip­i­tated the lead­ing firms’ fail­ure. Disruptive tech­nolo­gies bring to a mar­ket a very dif­fer­ent value propo­si­tion than had been avail­able pre­vi­ously. Generally, dis­rup­tive tech­nolo­gies un­der­per­form es­tab­lished prod­ucts in main­stream mar­kets. But they have other fea­tures that a few fringe (and gen­er­ally new) cus­tomers value. Products based on dis­rup­tive tech­nolo­gies are typ­i­cally cheaper, sim­pler, smaller, and, fre­quently, more con­ve­nient to use.

That was ba­si­cally Prince’s value propo­si­tion: Cloudflare’s CDN would be cheaper (free), sim­pler (just change DNS servers), smaller (only 5 servers to start), and more con­ve­nient (ridiculously easy!). And Cloudflare’s cus­tomers were def­i­nitely fringe:

What Cloudflare had in its fa­vor, though, was the most po­tent ad­van­tage on the Internet: the ser­vice, much like Google a decade-ear­lier with its link-based rank­ing sys­tem, got bet­ter with use. This was be­cause Cloudflare paired its con­tent de­liv­ery net­work with DDoS pro­tec­tion; the lat­ter was ex­tremely at­trac­tive to web­sites, gave Cloudflare an in with ISPs who val­ued the pro­tec­tion to build point-of-pres­ence servers around the world, and, crit­i­cally, gave Cloudflare bet­ter-and-bet­ter data about how data flowed around the world (improving its ser­vice) even as it im­proved its CDN ca­pa­bil­i­ties.

Cloudflare’s fo­cus on se­cu­rity-for-free also meant its CDN was built on gen­eral-pur­pose hard­ware from the be­gin­ning; from the S-1:

To achieve the level of ef­fi­ciency needed to com­pete with hard­ware ap­pli­ances re­quired us to in­vent a new type of plat­form. That plat­form needed to be built on com­mod­ity hard­ware. It needed to be ar­chi­tected so any server in any city that made up Cloudflare’s net­work could run every one of our ser­vices. It also needed the flex­i­bil­ity to move traf­fic around to serve our high­est pay­ing cus­tomers from the most per­for­mant lo­ca­tions while serv­ing cus­tomers who paid us less, or even noth­ing at all, from wher­ever there was ex­cess ca­pac­ity.

As time went on those gen­eral pur­pose ma­chines were used for more-and-more of­fer­ings be­yond a CDN and DDoS pro­tec­tion; HHHypergrowth has a fan­tas­tic overview of every­thing Cloudflare is work­ing on, and the ar­ti­cle is daunt­ing in length be­cause Cloudflare’s port­fo­lio is so vast. It is Cloudflare Workers, though, that are re­spon­si­ble for the big cloud play­ers be­ing in Cloudflare’s com­pet­i­tive set.

Cloudflare launched Workers seven years af­ter the com­pa­ny’s launch at Disrupt; from the in­tro­duc­tory blog post:

Cloudflare is about to go through a sim­i­lar tran­si­tion [as pro­gram­ma­ble CPUs]. At its most ba­sic level, Cloudflare is an HTTP cache that runs in 117 lo­ca­tions world­wide (and grow­ing). The HTTP stan­dard de­fines a fixed fea­ture set for HTTP caches. Cloudflare, of course, does much more, such as pro­vid­ing DNS and SSL, shield­ing your site against at­tacks, load bal­anc­ing across your ori­gin servers, and so much else.

But, these are all fixed func­tions. What if you want to load bal­ance with a cus­tom affin­ity al­go­rithm? What if stan­dard HTTP caching rules aren’t quite right, and you need some cus­tom logic to boost your cache hit rate? What if you want to write cus­tom WAF rules tai­lored for your ap­pli­ca­tion?

You want to write code.

We can keep adding fea­tures for­ever, but we’ll never cover every pos­si­ble use case this way. Instead, we’re mak­ing Cloudflare’s edge net­work pro­gram­ma­ble. We pro­vide servers in 117+ lo­ca­tions around the world — you de­cide how to use them.

Workers were ex­tremely lim­ited in func­tion­al­ity to start; just a bit of state­less Javascript code run­ning in a V8 iso­late, but as close to users as pos­si­ble. In 2018 Cloudflare added a key-value store, giv­ing Workers ac­cess to highly dis­trib­uted even­tu­ally-con­sis­tent data stor­age; in 2020 the com­pany in­tro­duced Workers Unbound, dra­mat­i­cally ex­pand­ing Workers ca­pa­bil­i­ties, and Durable Objects, which not only store data but also state, which means a sin­gle source of truth. Once again Cloudflare’s net­work comes to the res­cue:

When us­ing Durable Objects, Cloudflare au­to­mat­i­cally de­ter­mines the Cloudflare dat­a­cen­ter that each ob­ject will live in, and can trans­par­ently mi­grate ob­jects be­tween lo­ca­tions as needed. Traditional data­bases and state­ful in­fra­struc­ture usu­ally re­quire you to think about ge­o­graph­i­cal regions”, so that you can be sure to store data close to where it is used.

Thinking about re­gions can of­ten be an un­nat­ural bur­den, es­pe­cially for ap­pli­ca­tions that are not in­her­ently ge­o­graph­i­cal. With Durable Objects, you in­stead de­sign your stor­age model to match your ap­pli­ca­tion’s log­i­cal data model. For ex­am­ple, a doc­u­ment ed­i­tor would have an ob­ject for each doc­u­ment, while a chat app would have an ob­ject for each chat. There is no prob­lem cre­at­ing mil­lions or bil­lions of ob­jects, as each ob­ject has min­i­mal over­head.

In Cloudflare’s ex­am­ple of a chat app, every in­di­vid­ual con­ver­sa­tion is an ob­ject, and that ob­ject is moved as close to the par­tic­i­pants as pos­si­ble; two peo­ple chat­ting in the U. S. would uti­lize a Durable Object in a U.S. data cen­ter, for ex­am­ple, while two in Europe would use one there. There is a bit of ad­di­tional la­tency, but less than there might be with a cen­tral­ized cloud provider. That’s ok, though, be­cause the real ad­van­tage of Workers is­n’t what Cloudflare thought it was.

The eco­nom­ics of pub­lic clouds are very straight­for­ward: it makes far more sense for Amazon or Microsoft or Google to build and main­tain data cen­ters all over the world and rent out ca­pac­ity than it does for com­pa­nies for whom data cen­ters are not their core com­pe­tency to du­pli­cate their ef­forts at a sub-scale level. It’s so com­pelling I la­beled the cur­rent state The End of the Beginning:

This last point gets at why the cloud and mo­bile, which are of­ten thought of as two dis­tinct par­a­digm shifts, are very much con­nected: the cloud meant ap­pli­ca­tions and data could be ac­cessed from any­where; mo­bile made the I/O layer avail­able any­where. The com­bi­na­tion of the two make com­put­ing con­tin­u­ous.

What is no­table is that the cur­rent en­vi­ron­ment ap­pears to be the log­i­cal end­point of all of these changes: from batch-pro­cess­ing to con­tin­u­ous com­put­ing, from a ter­mi­nal in a dif­fer­ent room to a phone in your pocket, from a tape drive to data cen­ters all over the globe. In this view the per­sonal com­puter/​on-premises server era was sim­ply a step­ping stone be­tween two ends of a clearly de­fined range.

While this view of the om­nipresent cloud is true for end users, the story is a bit more com­pli­cated for de­vel­op­ers; if you want to set up a new in­stance you need to first se­lect a re­gion. AWS, for ex­am­ple, has twenty-five re­gions around the world:

Once you choose a re­gion your ac­tual app is ge­o­graph­i­cally con­tained in that re­gion. In the­ory that lim­i­ta­tion gives an ad­van­tage to Cloudflare Workers; Prince wrote in a blog post:

Since we’re un­likely to make the speed of light any faster, the abil­ity for any de­vel­oper to write code and have it run across our en­tire net­work means we will al­ways have a per­for­mance ad­van­tage over legacy, cen­tral­ized com­put­ing so­lu­tions — even those that run in the cloud.” If you have to pick an availability zone” for where to run your ap­pli­ca­tion, you’re al­ways go­ing to be at a per­for­mance dis­ad­van­tage to an ap­pli­ca­tion built on a plat­form like Workers that runs every­where Cloudflare’s net­work ex­tends.

The truth, though, is that this per­for­mance does­n’t mat­ter very much for most ap­pli­ca­tions. Stratechery’s pod­cast ser­vice runs in the US East (Ohio) re­gion, for ex­am­ple, and it does­n’t re­ally make a dif­fer­ence for me, de­spite the fact I’m halfway around the world. Price ad­mit­ted as such:

But let’s be real a sec­ond. Only a lim­ited set of ap­pli­ca­tions are sen­si­tive to net­work la­tency of a few hun­dred mil­lisec­onds. That’s not to say un­der the model of a mod­ern ma­jor server­less plat­form net­work la­tency does­n’t mat­ter, it’s just that the ap­pli­ca­tions that re­quire that ex­tra per­for­mance are niche…Peo­ple who talk a lot about edge com­put­ing quickly start talk­ing about IoT and dri­ver­less cars. Embarrassingly, when we first launched the Workers plat­form, I caught my­self do­ing that all the time.

Indeed, for al­most all ap­pli­ca­tions the pub­lic clouds were good enough, and again, the eco­nom­ics made any other choice a bad idea.

Earlier this year, in the wake of January 6, I wrote Internet 3.0 and the Beginning of (Tech) History; af­ter rais­ing the ar­gu­ments from The End of the Beginning I noted:

In the case of the Internet, we are at the log­i­cal end­point of tech­no­log­i­cal de­vel­op­ment; here, though, the im­passe is not the na­ture of man, but the ques­tion of sov­er­eignty, and the po­ten­tial re-lib­er­a­tion of mega­lothymia is the likely re­fusal by peo­ple, com­pa­nies, and coun­tries around the world to be lorded over by a hand­ful of American gi­ants.

As long as eco­nom­ics were all that mat­tered, we would only ever have the cen­tral­ized cloud providers; the limited set of ap­pli­ca­tions” that needed min­i­mal la­tency could pay a bit more to run on those blue AWS edge providers in the maps above. The point of that ar­ti­cle, though, is that eco­nom­ics weren’t the only thing that mat­tered: go­ing for­ward pol­i­tics would be even more im­por­tant.

Prince had the same re­al­iza­tion; the blog post I have been quot­ing is en­ti­tled The Edge Computing Opportunity: It’s Not What You Think, and the chief ben­e­fits Prince cites are very much about pol­i­tics:

Most com­put­ing re­sources that run on cloud com­put­ing plat­forms, in­clud­ing server­less plat­forms, are cre­ated by de­vel­op­ers who work at com­pa­nies where com­pli­ance is a foun­da­tional re­quire­ment. And, up un­til to now, that’s meant en­sur­ing that plat­forms fol­low gov­ern­ment reg­u­la­tions like GDPR (European pri­vacy guide­lines) or have cer­ti­fi­ca­tions pro­vid­ing that they fol­low in­dus­try reg­u­la­tions such as PCI DSS (required if you ac­cept credit cards), FedRamp (US gov­ern­ment pro­cure­ment re­quire­ments), ISO27001 (security risk man­age­ment), SOC 1/2/3 (Security, Confidentiality, and Availability con­trols), and many more.

But there’s a loom­ing new risk of reg­u­la­tory re­quire­ments that legacy cloud com­put­ing so­lu­tions are ill-equipped to sat­isfy. Increasingly, coun­tries are pur­su­ing reg­u­la­tions that en­sure that their laws ap­ply to their cit­i­zens’ per­sonal data. One way to en­sure you’re in com­pli­ance with these laws is to store and process data of a coun­try’s cit­i­zens en­tirely within the coun­try’s bor­ders.

The EU, India, and Brazil are all ma­jor mar­kets that have or are cur­rently con­sid­er­ing reg­u­la­tions that as­sert le­gal sov­er­eignty over their cit­i­zens’ per­sonal data. China has al­ready im­posed data lo­cal­iza­tion reg­u­la­tions on many types of data. Whether you think that reg­u­la­tions that ap­pear to re­quire lo­cal data stor­age and pro­cess­ing are a good idea or not — and I per­son­ally think they are bad poli­cies that will sti­fle in­no­va­tion — my sense is the mo­men­tum be­hind them is sig­nif­i­cant enough that they are, at this point, likely in­evitable. And, once a few coun­tries be­gin re­quir­ing data sov­er­eignty, it will be hard to stop nearly every coun­try from fol­low­ing suit.

This po­ten­tial re­al­ity pre­sents a big prob­lem for Amazon, Microsoft, and Google: what scales on their side is the cloud as a whole, from man­age­ment to in­ter­face to pur­chas­ing; in­di­vid­ual de­vel­op­ers are meant to stay in their re­gions. Yes, all three com­pa­nies guar­an­tee that data in one re­gion won’t go else­where, but it’s a de­vel­op­ment night­mare: you have to main­tain dif­fer­ent apps with dif­fer­ent data stores in dif­fer­ent re­gions.

Cloudflare, mean­while, can use the same ca­pa­bil­i­ties that seam­lessly trans­fer Durable Objects to the near­est data cen­ter, to fol­low lo­cal com­pli­ance data sov­er­eignty laws at a gran­ual level; from an an­nounce­ment for Jurisdictional Restrictions for Durable Objects:

Durable Objects, cur­rently in lim­ited beta, al­ready make it easy for cus­tomers to man­age state on Cloudflare Workers with­out wor­ry­ing about pro­vi­sion­ing in­fra­struc­ture. Today, we’re an­nounc­ing Jurisdictional Restrictions for Durable Objects, which en­sure that a Durable Object only stores and processes data in a given ge­o­graph­i­cal re­gion. Jurisdictional Restrictions make it easy for de­vel­op­ers to build server­less, state­ful ap­pli­ca­tions that not only com­ply with to­day’s reg­u­la­tions, but can han­dle new and up­dated poli­cies as new reg­u­la­tions are added…

By set­ting re­stric­tions at a per-ob­ject level, it be­comes easy to en­sure com­pli­ance with­out sac­ri­fic­ing de­vel­oper pro­duc­tiv­ity. Applications run­ning on Durable Objects just need to iden­tify the ju­ris­dic­tional rules a given Object should fol­low and set the cor­re­spond­ing rule at cre­ation time. Gone is the need to run mul­ti­ple clus­ters of in­fra­struc­ture across cloud provider re­gions to stay com­pli­ant — Durable Objects are both glob­ally ac­ces­si­ble and ca­pa­ble of par­ti­tion­ing state with no in­fra­struc­ture over­head.

Durable Objects are not, in-and-of-them­selves, go­ing to kill the pub­lic clouds; what they rep­re­sent, though, is an en­tirely new way of build­ing in­fra­struc­ture — from the edge in, as op­posed to the data cen­ter out — that is per­fectly suited to a world where pol­i­tics mat­ters more than eco­nom­ics.

I ac­tu­ally al­ready cov­ered Cloudflare’s dif­fer­en­ti­ated ap­proach, al­beit in pass­ing, and by ac­ci­dent. Back in March, I in­ter­viewed Prince in the process of writ­ing Moderation in Infrastructure; one thing that stood out to me was how his re­sponse to Internet frag­men­ta­tion dif­fered from Microsoft President Brad Smith, and Google Cloud CEO Thomas Kurian:

I think, it’s a re­flec­tion of the fact that if you’re a global tech­nol­ogy busi­ness, most of the time, it is far more ef­fi­cient and legally com­pli­ant to op­er­ate a global model than to have dif­fer­ent prac­tices and stan­dards in dif­fer­ent coun­tries, es­pe­cially when you get to things that are so com­pli­cated. It’s very hard to have con­tent mod­er­a­tors make de­ci­sions about in­di­vid­ual pieces of con­tent un­der one stan­dard, but to try to do it and say, Well, okay, we’ve eval­u­ated this piece of con­tent and it can stay up in the US but go down in France.” Then you add these ad­di­tional lay­ers of com­plex­ity that add both cost and the risk of non-com­pli­ance which cre­ates rep­u­ta­tional risk.

So far, we have tried to get to what’s com­mon, and the re­al­ity is, Ben, it’s su­per hard on a global ba­sis to de­sign soft­ware that be­haves dif­fer­ently in dif­fer­ent coun­tries. It is su­per dif­fi­cult. And at the scale at which we’re op­er­at­ing and the need for pri­vacy, for ex­am­ple, it has to be soft­ware and sys­tems that do the mon­i­tor­ing. You can­not as­sume that the way you’re go­ing to en­force ToS and AUPs is by hav­ing hu­mans mon­i­tor every­thing, I mean we have so many cus­tomers at such a large scale. And so that’s prob­a­bly the most dif­fi­cult thing is say­ing vir­tual ma­chines be­have one way in Canada, and a dif­fer­ent way in the United States, and a third way…I mean that’s su­per com­pli­cated.

Everywhere in the world, gov­ern­ments have some po­lit­i­cal le­git­i­macy, and they cer­tainly have a lot more po­lit­i­cal le­git­i­macy than I do…It’s im­por­tant that we com­ply with the laws in each ju­ris­dic­tion in which we op­er­ate. We should help our cus­tomers com­ply with the laws in each ju­ris­dic­tion we op­er­ate…Ger­many can set what­ever rules they want for Germany, but it has to be the rules in­side of Germany.

And you can man­age that okay. You can man­age on a per coun­try ba­sis. You feel good about that?

Sure. I mean, for us, that’s easy. And then we can pro­vide that to our cus­tomers as a func­tion of what we’re do­ing. But I think that if you could say, German rules don’t ex­tend be­yond Germany and French rules don’t ex­tend be­yond France and Chinese rules don’t ex­tend be­yond China and that you have some hu­man rights floor that’s in there.

Right. But given the na­ture of the in­ter­net, is­n’t that the whole prob­lem? Because, any­one in Germany can go to any web­site out­side of Germany.

That’s the way it used to be, I’m not sure that’s go­ing to be the way it’s go­ing to be in the fu­ture. Because, there’s a lot of atoms un­der all these bits and there’s an ISP some­where, or there’s a net­work provider some­where that’s con­trol­ling how that flows and so I think that, that we have to fol­low the law in all the places that are around the world and then we have to hold gov­ern­ments re­spon­si­ble to the rule of law, which is trans­parency, con­sis­tency, ac­count­abil­ity. And so, it’s not okay to just say some­thing dis­ap­pears from the in­ter­net, but it is okay to say due to German law it dis­ap­peared from the in­ter­net. And if you don’t like it, here’s who you com­plain to, or here’s who you kick out of of­fice so you do what­ever you do. And if we can hold that, we can let every coun­try have their own rules in­side of that, I think that’s what keeps us from slip­ping to the low­est com­mon de­nom­i­na­tor.

The quotes aren’t per­fectly com­pa­ra­ble — you can read the full in­ter­views to get the con­text — but it makes sense that Microsoft and Google (and pre­sum­ably Amazon) would be very con­cerned about a world where in­di­vid­ual coun­tries make their own laws about what can be put on the Internet, or even seen. Theirs are ser­vices pred­i­cated on the su­pe­rior eco­nom­ics that come from cen­tral­iza­tion; Cloudflare, on the other hand, is al­ready do­ing all of its com­put­ing on the edge — data sov­er­eignty rules are sim­ply a vari­able. It’s easy”.

This is why the di­rec­tion of Cloudflare’s metaphor­i­cal plane is so fas­ci­nat­ing: Cloudflare’s cur­rent ad­dress­able mar­ket of en­ter­prise se­cu­rity and net­work­ing is sig­nif­i­cant, par­tic­u­larly as re­mote work has laid bare the prob­lems with tra­di­tional ap­proaches; the des­ti­na­tion with out­sized up­side, though, is Internet 3.0, and the re­sul­tant need for a ser­vice that routes around ob­sta­cles, not from nu­clear war, but sov­er­eign gov­ern­ments.

...

Read the original on stratechery.com »

9 291 shares, 15 trendiness, words and minutes reading time

Sequencer64

...

Read the original on sequencer64.com »

10 281 shares, 14 trendiness, words and minutes reading time

Announcing the Arduino IDE 2.0 (beta)

The Arduino IDE is the well-known soft­ware we all use to pro­gram our boards. Its de­vel­op­ment started in 2005 based on the graph­i­cal in­ter­face of the Processing pro­ject and has never stopped since. During these years, count­less hours of de­vel­op­ment by the Arduino team with the help of a vi­brant com­mu­nity made the Arduino IDE the de facto stan­dard for elec­tron­ics pro­to­typ­ing. Thanks to an ex­ten­si­ble frame­work based on mod­u­lar board sup­port pack­ages, the IDE sup­ports more than 1,000 of­fi­cial and non-of­fi­cial boards; it’s trans­lated in 66 lan­guages, men­tioned by more than 3,000 books, and is still grow­ing: dur­ing the last year, it was down­loaded more than 39 mil­lions of times. More than ever.

First off, a big thank you to the Arduino com­mu­nity that makes de­vel­op­ment pos­si­ble with do­na­tions and — even more im­por­tant — by buy­ing orig­i­nal Arduino boards: we use your money to pay the de­vel­op­ers that work daily on the Arduino open source soft­ware for the ben­e­fit of every­one. Keep sup­port­ing our work!

While the Arduino IDE pro­vides a sim­ple and clear in­ter­face that is ideal for the novice users, the more ad­vanced users of­ten re­port that the edit­ing ca­pa­bil­i­ties are a bit lim­ited com­pared to mod­ern ed­i­tors. This in­cludes fea­tures like code in­den­ta­tion, block fold­ing, auto-clos­ing brack­ets, reg­u­lar ex­pres­sion search and re­place, com­ment tog­gling. In ad­di­tion to this, many users have been ask­ing for live de­bug­ging, i.e. the abil­ity to run code on an at­tached board and stop it at a given line to check the con­tents of vari­ables, mem­ory and reg­is­ters.

The IDE 1.x is de­vel­oped in Java, and its mono­lithic code­base makes it dif­fi­cult to im­ple­ment such fea­tures. Java is also be­com­ing an ob­so­lete tech­nol­ogy for desk­top ap­pli­ca­tions and is be­ing phased out by newer op­er­at­ing sys­tems and app stores, which forces us to spend time on work­ing around com­pat­i­bil­ity is­sues.

In 2018, we started to refac­tor the tool­chain by an­nounc­ing a big game changer: ar­duino-cli, the Arduino com­mand line tool writ­ten in Golang that ex­poses all the core func­tion­al­i­ties of the IDE, pro­vid­ing ad­vanced users with a flex­i­ble tool they can in­te­grate into their pro­fes­sional IDE of choice. Since then, we main­tain and im­prove ar­duino-cli on a daily ba­sis (try it now if you haven’t!).

In 2019, we an­nounced the al­pha re­lease of a new IDE built on top of ar­duino-cli and based on a mod­ern soft­ware stack (Theia and Electron) un­der the code name of Arduino Pro IDE and we got a lot of pos­i­tive feed­back about it. 2020 has been a busy de­vel­op­ment year, and a ded­i­cated team of de­vel­op­ers has been work­ing be­hind the scenes to bring the new IDE from a proof-of-con­cept to a fully func­tional tool.

We’re pleased to an­nounce that as of to­day the Arduino IDE 2.0 beta is avail­able for down­load and its code repos­i­to­ries be­come open source. It car­ries a mod­ern ed­i­tor and pro­vides a bet­ter over­all user ex­pe­ri­ence thanks to a re­spon­sive in­ter­face and faster com­pi­la­tion time. Don’t be afraid of try­ing it to­day: the up­grade will be fric­tion­less as the in­ter­face will look very fa­mil­iar. But let’s see some of the good­ies you’ll find.

While typ­ing, the ed­i­tor sug­gests the au­to­com­ple­tion of vari­ables and func­tions ac­cord­ing to the li­braries you in­cluded:

When right-click­ing on a vari­able or a func­tion, a con­tex­tual menu will pro­vide nav­i­ga­tion short­cuts to jump to the line (and file) where they are de­clared:

See this page to learn more about the new edit­ing tools.

But there’s an­other big fea­ture in the new IDE: a live de­bug­ger that al­lows you to run your code in­ter­ac­tively on a board and in­spect its ex­e­cu­tion with­out writ­ing tens of Serial.println()” state­ments. Just fire the de­bug panel, set break­points where you want to pause the ex­e­cu­tion and in­spect the con­tent of vari­ables. Oh, you can even change the con­tent of vari­ables on the fly and re­sume ex­e­cu­tion!

As of to­day, the de­bug­ger sup­ports all the Arduino boards based on the SAMD and Mbed plat­forms (MKR fam­ily, Nano 33 IoT, Nano 33 BLE, Portenta, Zero). Maintainers of Arduino cores for third-party boards can add sup­port for de­bug­ging by adding the rel­e­vant con­fig­u­ra­tion pa­ra­me­ters; a tech­ni­cal guide for this is com­ing. You’ll need to con­nect a de­bug­ging probe such as the Segger J-link to the JTAG pins on the board and you’ll be ready to go.

The new IDE is based on the Eclipse Theia frame­work, which is an open source pro­ject based on the same ar­chi­tec­ture as VS Code (language server pro­to­col, ex­ten­sions, de­bug­ger). The front-end is writ­ten in TypeScript, while most of the back­end is writ­ten in Golang.

We need your help to test the new IDE. We want to make it per­fect and bug-free, so do not hes­i­tate to down­load it now and join the dis­cus­sion in the fo­rum! Ready to get started? Follow along with our tu­to­ri­als here.

...

Read the original on blog.arduino.cc »

To add this web app to your iOS home screen tap the share button and select "Add to the Home Screen".

10HN is also available as an iOS App

If you visit 10HN only rarely, check out the the best articles from the past week.

If you like 10HN please leave feedback and share

Visit pancik.com for more.