back to article ARM wants you to jump into mbed with it – IoT open-source OS in beta

Chip blueprint scribbler ARM has released some of the source code for its first public beta of mbed, its operating system for the Internet of Things. The Internet of Things is today's fancy word for embedded engineering, and ARM is all over that latter space: the tiny and relatively simple processor cores it designs are used …

  1. Ragequit
    Joke

    You mean mBad?

    "ARM has told us it is trying to open source as much as it can – using the Apache 2.0 license – but commercial realities cannot be ignored."

    The commercial reality being that every IoT vendor wants to slurp up your personal data to their "private cloud" and sell it off to the highest bidder, etc.

    Joking aside, at least they have the client that is completely open source. So here's hoping you really can write your own backend. Of course that's after the inevitable cat and mouse game of vendors trying to lock down all their devices in the name of trust! and security! while people find a way around it so they can install truly trustworthy software stacks and actually apply security updates.

  2. Christian Berger Silver badge

    The beauty of embedded projects is...

    ... that when they are well designed they become small, and therefore easy to implement. Plus if you stay below certain thresholds, low memory requirements actually save you money.

    Therefore you can get operating systems like FreeRTOS/OpenRTOS which can run with very few kilobytes of RAM.

    1. Daniel Palmer

      Re: The beauty of embedded projects is...

      >Therefore you can get operating systems like FreeRTOS/OpenRTOS

      >which can run with very few kilobytes of RAM.

      All operating systems would only need a few K of ram if all they did out the box was scheduling, some multi-threading primitives and heap management.

      If you need TCP/IP, TLS etc you're basically limited to the more expensive end of the microcontroller spectrum.

  3. Henry Wertz 1 Gold badge

    Hmm...

    So, looks like the "cloud" part (where it sends everything to mbed.org...) would be optional. Without that, the rest of this "device stack" would involve whatever devices broadcasting whatever info they are outputting via UDP. It sounds like if this UDP traffic was bridged onto your LAN, you could view or control this via a phone app without anything leaving the LAN.

    Not that I can think of a good use for why I'd want this.... but this setup isn't an automatic information grab at least.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hmm...

      "It sounds like if this UDP traffic was bridged onto your LAN, you could view or control

      this via a phone app without anything leaving the LAN."

      Homekit basically does this with multicast DNS. It removes a lot of latency between the device and the app and means that you can control the device when your internets are broked.

      "but this setup isn't an automatic information grab at least."

      I'm not sure why the reg started putting out this FUD but IoT companies don't want your data to resell it. They want the data so that it can be used to make the IoT product worth while. What would be the point of a "smart" device that couldn't tell the backend about what is going on? I think you're more likely to have your browsing habits from news sites like this resold than a bunch of boolean values that represent the state of something like a smart light bulb in your house to be honest.

      1. Ragequit
        Devil

        Re: Hmm...

        @AC - I'd feel a whole lot more confident that was the case if you had the option of *not* sending it to their cloud or at least had consumer centric EULA's. In my mind if they are not charging you for a service they either have planned obsolescence in store or are somehow monetizing your data. Otherwise they have a fubar'd business model that will not sustain itself.

        Follow the money.

        1. Dave 126 Silver badge

          Re: Hmm...

          >Follow the money.

          ARM sell chip licences to ODMs. ARM think that if they put together an OS and whatnot to facilitate IoT projects, more people will buy these devices with ARM-licenced chips from ODMs. Seems pretty straightforward.

          The clue is in the cloud service that they provide - free to play around with, but to use it seriously ARM will require your money in exchange for this service- someone has to pay for the servers. Again, that seems fair and straightforward. If you want to sort out your own hosting and pay for it yourself, fine, ARM will supply you with the software tools gratis.

          1. Ragequit

            Re: Hmm...

            I didn't mean ARM specifically. As you say they are just providing a *paid* service to the would be IoT vendors of the world. Attempting to capitalize on a new market? Kudos to them in that regard. It's the market's business model and ultimately the vendors selling kit to consumers I don't agree with. Not only do we not own the software or the content, but if they could have their way they'd own all our content/data as well. Oh, right most EULA's for online services sign our rights to those away. In the end the only thing we own is some hardware that is completely bricked if we don't want to use their services.

  4. Camilla Smythe
    Trollface

    According to Tern/Cryptosoft,

    http://www.cryptosoft.com

    ... or rather their 'mug-punters', they have the market sown up so the likes of ARM, Intel, MicroChip, FreeScale, Texas Instruments, NXP, etc.. etc may as well just dry up and blow away.

  5. Synonymous Howard

    Client Certificate

    Hmm, I'm wondering how they are envisaging the client certificate is going to be updated before it expires and which CA will be issuing them etc.

    Certainly the crypto element is key (pardon the pun) to the effective end-to-end security of these IoT devices ... something which seems to be mostly overlooked currently based on the security holes seen with devices so far?

    1. Anonymous Coward
      Anonymous Coward

      Re: Client Certificate

      What client certificate? And why would you want a CA to be involved? You want to reduce the number of links in the chain, the number of parties that you have to trust, right?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019