Arduino Shrinks Linux-Ready Yún to “Mini” Size

By LinuxGizmos

Arduino announced a smaller, cheaper “Mini” version of the Arduino Yún SBC that offers fewer real-world ports, but gives more control to Linux. Arduino, the Italian-based project that designs the official line of Arduino hacker boards, announced a $60 Arduino Yún Mini SBC today at the Maker Faire Bay Area.

From: Linux.com

Latest Atheros IoT SoCs include OpenWRT-friendly model

By LinuxGizmos

Qualcomm has launched two WiFi-enabled SoCs that support the AllJoyn IoT standard, including a 650MHz, MIPS-based “QCA4531″ SoC that runs OpenWRT Linux. Qualcomm’s Atheros business unit has enjoyed wide adoption of its WiFi-enabled, MIPS-based AR9331 system-on-chips running OpenWRT Linux. The chipmaker is now introducing two new Internet of Things processors:…

From: Linux.com

Hardening Hypervisors Against VENOM-Style Attacks (Xen Project Blog)

By jake The Xen Project looks at a mechanism to mitigate vulnerabilities like VENOM that attack emulation layers in QEMU. “The good news is it’s easy to mitigate all present and future QEMU bugs, which the recent Xen Security Advisory emphasized as well. Stubdomains can nip the whole class of vulnerabilities exposed by QEMU in the bud by moving QEMU into a de-privileged domain of its own. Instead of having QEMU run as root in dom0, a stubdomain has access only to the VM it is providing emulation for. Thus, an escape through QEMU will only land an attacker in a stubdomain, without access to critical resources. Furthermore, QEMU in a stubdomain runs on MiniOS, so an attacker would only have a very limited environment to run code in (as in return-to-libc/ROP-style), having exactly the same level of privilege as in the domain where the attack started. Nothing is to be gained for a lot of work, effectively making the system as secure as it would be if only PV drivers were used.” The Red Hat Security Blog also noted this kind of mitigation for VENOM-style attacks.

From: LWN