Heartbleed: Serious Security Vulnerability

Serious Wake-up Call

by Bruce Kleinman, FSVadvisors, foreword by Kevin Morris

Imagine if you woke up one morning, and found out that Walmart was now selling a device for $5 that could easily and instantly open almost any deadbolt lock. That’s right - the kind of lock that is supposed to give “extra protection” to just about every door on earth. That’s the magnitude of security problem posed by the Heartbleed Bug.

Contributing columnist Bruce Kleinman wrote the first half of this article and posted it to his “From Silicon Valley” blog on April 6, 2014. The timing of the post was a remarkable coincidence: just 36 hours before the Heartbleed Bug started making headlines.

As the creators of technology, we engineers need to re-think our commitment to security and safety. The systems we design don’t just earn us money – they are often trusted to protect people’s lives, privacy, and assets. This is a solemn responsibility that is all too often overlooked or given short shrift in our ongoing race to get timing closure, first silicon, working prototypes, and volume shipments.  Read More


Industry News

April 15, 2014

ASSET's SourcePoint debug and trace tool accelerates software debug of µC/OS - II code

ProTek Devices’ Intros New Power Bus Voltage Suppressor Component

LetiDays Grenoble to Present Multiple Perspectives on Development, Challenges and Markets for the IoT

LogMeIn Teams With Texas Instruments to Help Businesses Accelerate IoT Initiatives

Agilent Technologies Announces Single-Slot Eight-Channel 8-bit PCIe Gen2 Digitizer

High Performance COM Express® Mini Module Powered by Intel® Atom™ E3800 & Celeron® N2930/J1900 Processors

New Medium Power Broadband Amplifiers Debuted by Pasternack

Frontier Silicon previews world’s most integrated digital radio chip

Intelliconnect Connector Solutions for Medical Electronics Systems and Cochlear Ear Implants

Mentor Graphics Design and Verification Tools Certified for TSMC 16nm FinFET Production

Coverity Scan Report Finds Open Source Software Quality Outpaces Proprietary Code for the First Time

Flower Technology partners with EnSilica for the development of new ASIC mining solutions for scrypt-based cryptocurrencies

Zuken gives CADSTAR users a productivity boost with new high-speed routing features

Google’s ATAP Group Selects Lattice FPGAs for its Project Ara Modular Smartphone Prototype

Cadence Digital and Custom/Analog Tools Achieve TSMC V1.0 DRM Certification for 16nm FinFET Process

April 14, 2014

50Ω 20dB Gain Block Delivers 46dBm OIP3 & 2.6dB NF with Bandwidth from 20MHz to 2GHz

TSMC Certifies Synopsys Digital and Custom Solution for V1.0 N16 Process

Xilinx and its Ecosystem Demonstrate All Programmable Embedded Solutions for Machine Vision Applications at the AIA Vision Show 2014

Microchip Expands 8-bit PIC® Microcontroller Family With Intelligent Analog Integration

April 11, 2014

Lattice Breaks the Rules with ECP5 FPGA Family for High-Volume Small-Cell, Microserver, Broadband Access & Video Applications

New eBook explains faster parallel programming of memories via JTAG on manufacturing lines

Dual Multi-Topology DC/DC Converters with 50V, 2A Internal Switches

IAR Embedded Workbench is a featured IDE for Freescale Kinetis software development kit

Videantis wins Red Herring award for its vision and video processor IP technology

April 10, 2014

Coverity Named SIIA Software CODiE Award Finalist for Best Open Source Innovation

News Archive

Testing Out the Rules

Sage DA Automates Design Rule Test Creation

by Bryon Moyer

Hard Hats in Place

EELive! Part 2: Safety-Critical Systems

by Amelia Dalton

New Approaches to Old Problems

A Hot DATE in Dresden

by Dick Selwood

Attack of the Tiny Terrors

Microchip’s Small, Cheap PIC16 MCUs Prove There’s Life in 8-bitters

by Jim Turley

Articles Archive

 

editors' blog

Free Markets and IoT Conferences

posted by Bryon Moyer

"IoT" is a buzzword, no doubt. But you could spend a lot of time in IoT conferences. How would you choose? (Yesterday)

On the Scene: Element14 Tour of Boards

posted by Amelia Dalton

Three little letters that rule the world. They are but the sun and we are but the moon. Oh IoT, where would we be without you? 2012 perhaps? In this episode of “On The Scene” we examine a wide range of IoT small-form-factor boards with Cliff Ortmeyer of Element14. Join us while we tour Element14’s booth at this year’s EELive! expo, and get chatty with Cliff. (11-Apr)

Spintronics recognition

posted by Dick Selwood

(11-Apr)

IC Compiler Reinvented

posted by Bryon Moyer

Synopsys has redone its flagship IC implementation tools from the ground up. (10-Apr)

On the Scene: EELive 2014 Wrap Up

posted by Amelia Dalton

We stormed the gates. We took no prisoners. But, we did take home a lot of pens. Most importantly, we learned some stuff. Welcome to my new video blog called “On the Scene.” You can expect some jokes. You can expect some insight about this year’s Embedded Systems Conference (or whatever they’re calling it this week). And you can expect to see my smiling face. Think of it like a funny tech snack - if you will. (10-Apr)

Editors' Blog Archive

 

forum

Heartbleed: Serious Security Vulnerability

Posted on 04/15/14 at 4:42 PM by kleinman

kleinman
Your point is good one--and a good reminder--that you cannot have perfect security on the Internet. We can have dramatically BETTER security on the Internet and NOT at the expense of ease-of-use.

Improvement vector #1: use Physically Unclonable Functi…

Heartbleed: Serious Security Vulnerability

Posted on 04/15/14 at 3:35 PM by TotallyLost

TotallyLost
The alarms have been steadily going off for nearly two decades, yet each new breach is accepted as fixed when a patch/upgrade is released for a particular flaw. The design of SSL, and it's widespread dependence, has always bothered me ... I wrote aggressi…

Heartbleed: Serious Security Vulnerability

Posted on 04/15/14 at 11:52 AM by kevin

kevin
What do you think should be done to better secure our systems and protect our customers?

Testing Out the Rules

Posted on 04/14/14 at 11:13 AM by bmoyer

bmoyer
How does Sage DA's design rule testing methodology sound to you?

Hard Hats in Place

Posted on 04/11/14 at 10:35 AM by amelia

amelia
What do you think about my plans to revitalize EELive?

New Approaches to Old Problems

Posted on 04/10/14 at 11:38 AM by Dick Selwood

Dick Selwood
Are these new technologies going to transform our business? Or will we keep pushing silicon to even further limits?

EUV Blasts through 100 W

Posted on 04/08/14 at 12:06 PM by bmoyer

bmoyer
Ah, the legacy of the interwebs... nothing is evanescent; it all lasts forever. I hope the wound heals soon.

“Softly” Defined Networks

Posted on 04/08/14 at 10:32 AM by kevin

kevin
Does this move us closer to the ideal line card - soft-configurable to handle anything without new hardware, without rolling a truck, and without shutting down service?

Mapping the Great Indoors

Posted on 04/07/14 at 9:43 AM by bmoyer

bmoyer
Do you think indoor and outdoor maps will ever merge as a complete continuum? Or will they maintain some separation?

Forum Archive

subscribe to our weekly newsletters

twitter.png   rss.png    googleplus.png    linkedin.png    youtube.png    facebook.png



On Demand Archive

 Watch Chalk Talks
 On our New EE Journal YouTube Channel
 Hosted by Amelia Dalton

chalk talks

Integrated Design Environment for FPGA

Do you find that FPGA design flows can get a bit confusing and difficult to manage? What we really need is an integrated design environment that will help us keep our design activities organized. In this episode of Chalk TalkHD Amelia chats with Satyam Jani from Aldec about integrated design environments (IDEs) for FPGA design, why FPGA designers need a vendor-independent IDE, and how an FPGA-centric IDE can help us get through our design flow quite a bit more easily.

Scripted Flows in Vivado Design Suite

When you're using a new tool for the first time, a good GUI is great to have, but once you're up and running and automating a complex design process, scripted flows offer a much more powerful means of controlling your tools. In this episode of Chalk Talk, Amelia Dalton and Ron Plyler of Xilinx explore scripted flows in the Vivado design suite.

It's an Analog World After All

It's an analog world out there. And, while most microcontrollers offer terrific features in the digital and software domain, Microchip has a new family of MCUs with Intelligent Analog capabilities that can make a huge difference in connecting your design to the real world. In this episode of Chalk Talk, Amelia Dalton talks to Alexis Alcott of Microchip about harnessing the power of Intelligent Analog in MCU design.

Cadence Tempus Timing Signoff Solution

Achieving timing closure for signoff can be a daunting challenge in today's complex designs. Meeting timing under all conditions - with the certainty required for signoff - is a complex and demanding task. In this episode of Chalk Talk, Amelia Dalton talks to Ruben Molina of Cadence Design Systems about the special challenges of signoff timing closure, and Cadence's new Tempus timing analysis tool.

Timing Closure Made Easier with Stylus

In this episode of Chalk TalkHD Amelia chats Andy Caldwell (Tabula) about putting an end to the oppressive reign of timing closure terror. Tabula’s Spacetime architecture - it turns out - besides giving us crazy performance for our high-bandwidth designs - also makes timing closure drop-dead easy.

Chalk Talk Archive


Login Required

In order to view this resource, you must log in to our site. Please sign in now.

If you don't already have an acount with us, registering is free and quick. Register now.

Sign In    Register