back to article Microsoft has designed an Arm Linux IoT cloud chip. Repeat, an Arm Linux IoT cloud chip

Microsoft has designed a family of Arm-based system-on-chips for Internet-of-Things devices that runs its own flavor of Linux – and securely connects to an Azure-hosted backend. Dubbed Azure Sphere, the platform is Microsoft's foray into the trendy edge-computing space, while craftily locking gadget makers into cloud …

  1. Brian Miller

    ARM != IDIoT

    Microsoft also gets the benefit of an even wider net to catch various bad actors. Now, Redmond can tell its enterprise customers it monitors IoT devices and can catch those high profile botnets and big news threats. Getting potentially billions of new info sources under the umbrella will only help Microsoft sell its other big-money security products.

    Everybody has an enormous net to snag botnets, just leave a cheap device open on the net, and monitor it. Years ago I ran a honeypot at home, and attacks on an anonymous IP connection were 500-1500 per day. Mostly it was from my network neighbors.

    Just because something is running on an ARM processor, doesn't necessarily make it an insecure device. It's how the developers quickly slopped an implementation together, and threw it out the door. I do trust everybody saw the article about the casino hack through the fish tank thermometer?

    1. Flocke Kroes Silver badge

      Re: Initial development time not the only consideration

      The next biggest concern is what happens when then Intel Management Engine / Pluton firmware is found to be a giant vulnerability. Will you get a fixed and signed replacement firmware after only five years or will you get a defective off switch after three years and support cancelled two years later.

      No source code, no sale. If you cannot set the boot code verification key, put the box in the landfill with the Windows RT tablets.

    2. Anonymous Coward
      Anonymous Coward

      Re: ARM != IDIoT [Fish Tank Story Reference]

      Fish Tank 'Hackery' referenced here ==>

      https://www.darktrace.com/resources/wp-global-threat-report-2017.pdf

    3. oldcoder

      Re: ARM != IDIoT

      Of course, MS also gets to record whatever is being done...

  2. Tim99 Silver badge
    Windows

    So

    Another attempt to further entrench propriety lock down.

    1. JDX Gold badge

      Re: So

      If it means IoT devices are properly securitised this might be preferable. Better than hundreds of 2-bit no-name companies mass-producing chips we haven't the slightest clue about, perhaps?

      Of course your whole argument is predicated on the supposed axiom that proprietary = bad, this dogma is after all only opinion.

  3. Mad Hacker

    Why go with Lenix? Why not create an RTOS if you’re gonna create a new OS

    This sounds like it’s going to be as powerful as raspberry pie. Which I don’t consider an IOT devices And if you go much smaller and capability from a raspberry pie you’re probably better off in the real world with a real time operating system.

    1. david 12 Silver badge

      Re: Why go with Lenix? Why not create an RTOS if you’re gonna create a new OS

      AS OS /is/ an RTOS. One of the group of RTOS's based on RT forks of the Linux kernel.

    2. wallyhall

      Re: Why go with Lenix? Why not create an RTOS if you’re gonna create a new OS

      > Why not create an RTOS if you’re gonna create a new OS

      I think we need some more TLAs and buzz words in this discussion. The story headline didn't have enough!

  4. Steve Davies 3 Silver badge
    FAIL

    re: and securely connects to an Azure-hosted backend.

    All the better to spy on you then? {1}

    Does MS think we are blathering idiots...?

    Well with things like this any IoT (Idiots or Turnips) move is IMHO just plain stupid.

    {1} I wonder what would happen if my firewall stopped that connection in its tracks? My guess that it would stop functioning very shortly afterwards.

    Another IoT answer waiting for the question.

    1. wallaby

      Re: re: and securely connects to an Azure-hosted backend.

      "Does MS think we are blathering idiots...?"

      many do

      tinfoil hats 2 for one in aisle 2

    2. phuzz Silver badge
      Devil

      Re: re: and securely connects to an Azure-hosted backend.

      "Does MS think we are blathering idiots...?"

      Have you seen how much money they've made over the years?

      As PT Barnham (probably never) said “No one ever went broke underestimating the intelligence of the American public.”

    3. This post has been deleted by its author

    4. Anonymous Coward
      Anonymous Coward

      Re: re: and securely connects to an Azure-hosted backend.

      "All the better to spy on you then? {1}

      Does MS think we are blathering idiots...?"

      Given the number of people signed up to Facebook, it's a reasonable assumption to make.

      1. Anonymous Coward
        Big Brother

        Re: re: and securely connects to an Azure-hosted backend.

        Eventually Microsoft and their Military friends have to block most of their holes and secure their their attack vectors or others will use them against the US.

    5. Anonymous Coward
      Anonymous Coward

      Re: re: and securely connects to an Azure-hosted backend.

      "Does MS think we are blathering idiots...?"

      Count the number of people running Windows 10 on their own (sort of) computer.

      Count the percent of people who have read the Windows 10 EULA.

      Do you really think they are more wrong than right?

  5. hplasm
    Windows

    " Microsoft's custom security controller"

    Or 'length of wire' as it is more usually known.

  6. Milton

    Ah the sweet smell of corporate hypocrisy ...

    ... as Microsoft uses Linux as bait to try to catch mugs who can be ensared in its sticky Azure web, thereafter to be plucked and sucked at will.

    I predict that if one drops a small bacterium of Irony at Redmond, after a few days' infection the whole place will implode.

    1. Anonymous Coward
      Anonymous Coward

      Re: Ah the sweet smell of corporate hypocrisy ...

      "as Microsoft uses Linux"

      Im sure they could have used a version of Windows, but this way someone else pays for the development !

      1. Nimby
        Facepalm

        Re: Ah the sweet smell of corporate hypocrisy ...

        "Im sure they could have used a version of Windows, but this way someone else pays for the development !"

        And I'm sure they wanted to use a version of Windows, but they couldn't find one that worked!

        (But seriously, Microsoft and "lightweight" OSes has not gone well. Phone. Arm-based versions of Windows. Et cetera. Not surprising that they had to turn to Linux for this. What is surprising is why MS bothered with an IoT base, unless this is the first step in a new direction of MS phones and tablets.)

        1. Anonymous Coward
          Anonymous Coward

          Re: Ah the sweet smell of corporate hypocrisy ...

          "What is surprising is why MS bothered with an IoT base, unless this is the first step in a new direction of MS phones and tablets"

          This is about owning the data about your physical life, while Windows, Skype, Outlook, Office365, Azure, etc. gather the data about your informational / online life.

      2. Teiwaz

        Re: Ah the sweet smell of corporate hypocrisy ...

        There is an IOT strain of the windows (virus) isn't there? (or was that abandoned when I was not paying attention?)

        Was that not up to the task (manager)?

      3. Richard Plinston

        Re: Ah the sweet smell of corporate hypocrisy ...

        > Im sure they could have used a version of Windows,

        They tried that with Windows 8 IoT and Windows 10 IoT. It seems to be a complete failure. So, no, they couldn't use Windows.

    2. Hans 1
      Happy

      Re: Ah the sweet smell of corporate hypocrisy ...

      I predict that if one drops a small bacterium of Irony at Redmond, after a few days' infection the whole place will implode.

      I predict one BIG sueball from the EU, should they dare offer their stuff in EU-land, you know, GDPR and Azure or any US cloud for that matter are incompatible.

      Come one,MS, save our health system ... we would really appreciate that 4% of revenue of yours ;-)

  7. Anonymous Coward
    Anonymous Coward

    "Sphere does things like make sure gizmos only run official firmware, and automatically pushes out and installs bug fixes on remote devices, and so on."

    OK, but does it do the one thing IoT needs: ensure the official firmware is secure and not using default passwords?

    IoT manufacturers are lazy, after a quick buck and move on. This isn't going to address the real issue that they don't give a shit about security.

    1. Aitor 1

      It is kinda safe.

      The device cannot be used for a botnet as it will only attack the lazy developer that made it unsecure.

      The key in IOT is to not allow the variable part to be independent and connect to the world.

      In this case a walled garden system is way better.. I have designed similar gizmos.. but only wibu provides something similar and it is clunky at best.,

  8. Pascal Monett Silver badge
    Thumb Down

    I see nothing better in this news

    Telling me that IoT will now talk to Azure is not improving things in my view.

    It'll be another reason to not buy any of that shite (not that I'm lacking reasons now).

  9. Christian Berger

    Embrace Extend Extinguish

    It's a classical Microsoft strategy. They tried the same with the world wide web.

    Though this is probably just a side project. The real damage is done by the SystemD/Freedesktop/PulseAudio people

    1. Anonymous Coward
      Anonymous Coward

      Re: Embrace Extend Extinguish

      There's still Devuan and the BSDs.

      1. HieronymusBloggs

        Re: Embrace Extend Extinguish

        "There's still Devuan and the BSDs."

        There's still Debian with sysvinit-core installed.

      2. This post has been deleted by its author

        1. This post has been deleted by its author

    2. Teiwaz

      Re: Embrace Extend Extinguish

      Though this is probably just a side project. The real damage is done by the SystemD/Freedesktop/PulseAudio people

      At least Freedesktop was a point for standards on Desktop interaction and layout, without it, KDE and Gnome would be possibly entirely incompatible.

      At least .local is shrinking a bit, config files in the home dir are still like small scraps tucked into whatever crevice that could be found in hopes of divine intervention (kind of like the wailing wall in Jerusalem).

      Don't like SystemD and or Pulse, use something else - quit moaning cause someone developed something you don't like which you are not forced to use, 'Linux isn't a optionless bundle like Windows.

      'Linux is mostly free, and for once, you are not the product (at least yet).

      1. Christian Berger

        Re: Embrace Extend Extinguish

        Firefox now forces you to use PulseAudio.

      2. Anonymous Coward
        Anonymous Coward

        Re: Embrace Extend Extinguish

        "Not forced to use”?

        Did you miss the bit where they strong armed it into everything they could?

      3. BitDr

        Re: Embrace Extend Extinguish

        "Don't like SystemD and or Pulse, use something else "

        Yeah? Try it. Devuan is the only SystemD optional distro that I know of. With all upstream building their stuff dependent on SystemD requires a massive effort to avoid it.

        "- quit moaning cause someone developed something you don't like which you are not forced to use, "

        This needs to be re-written. "quit moaning because someone developed something you don't like and forced you to use it." There, fixed that for ya.

        'Linux isn't a optionless bundle like Windows."

        When it comes to things like Wayland, Pulse Audio, and SystemD it certainly is. I don't recall a hew and cry from the Linux userbase to get rid of X windows, or ALSA, and having one ring to rule them all (SystemD) is just a bad idea. There are a lot of things going on in Linux today that I don't like and think are pointless, and there are some that are good, but there's not enough space here for that.

        1. Richard Plinston

          Re: Embrace Extend Extinguish

          > I don't recall a hew and cry from the Linux userbase to get rid of X windows

          X-windows is a networking layer which is nowadays seldom used over a network. Wayland is a project that will remove that overhead to provide faster graphics and, especially, lower resource usage for smaller devices. The userbase _is_ asking for these benefits for gaming and mobile devices. Wayland won't get rid of X-windows at all, it will just be another option with compatibility.

          > having one ring to rule them all (SystemD) is just a bad idea.

          Init and some others have not gone away.

          https://sysdfree.wordpress.com/2018/04/02/135/

          > There are a lot of things going on in Linux today that I don't like and think are pointless

          That is OK, These are just more choices. The way Linux works is that additional choices don't remove previous mechanisms. There is no equivalent of 'Windows 7 UI being killed'. If you don't like Unity or Gnome 3 then you can still use whatever you prefer.

    3. Anonymous Coward
      Anonymous Coward

      Re: Embrace Extend Extinguish

      "Though this is probably just a side project. The real damage is done by the SystemD/Freedesktop/PulseAudio people"

      Exactly. "The new MSFT" is as bad as ever. The EEE strategy is in full swing in several fronts:

      It's certainly the case that several SystemD, Gnome/Freedesktop and PulseAudio developers work on paycheck of MSFT's sister-companies to set back and stall Linux desktop adoption!! MSFT also hindered the work on ReactOS for years, by implanting paid developers that required a investigation 10 years ago and those paid devs got banned and their code reverted. And the deals with RedHat, Ubuntu, Debian are more than disgusting. Why is Linux on desktop less usable than 10 years ago? Because Microsoft paid saboteurs to destroy Gnome 2 and KDE 3, and the rest is history, Gnome 3 is a total train wreck, KDE 4&5 are still buggy and far behind of KDE3. And Ubuntu Unity was actually great, until MSFT killed it with community puppets on HN and Reddit. How much gets Ubuntu (company) nowadays from MSFT to develop their Linux-framework for Windows, how much gets Ubuntu for adding a slurping to Ubuntu 18 LTS and sending the data over to Azure cloud??

      With their fucking around with JavaScript: lobbies (ES6) and slightly incompatible syntax (Typescript). And their spying Atom editor fork (VSCode). Their slightly incompatible R lang fork that actively destroys the R lang community. Their hands on Python 3 and PHP to EEE those languages. When will US congress split MSFT company in pieces? MSFT has still a monopoly on desktop/notebooks, Office, Outlook and Enterprise software.

  10. Wolfclaw

    Let just hope that when Microsoft pushes out their known high quality and thoroughly tested updates, nothing gets bricked. Supplier will say not my problem, manufacturer will say not my problem, Microsoft will say we have a fix, oh, that's right, you can't update, oh well, we recommend you upgrade, as you're tied to our ecosystem !

    1. This post has been deleted by its author

  11. adnim

    Linux in code, not in spirit.

    When ever I read about MS providing services that support or are Linux based, I don't see proper Linux. I see MS Linux (not to be confused with Xenix) a strange hybrid that MS controls. It is no longer FOSS, even if given away free. And its only purpose is to provide a route for users of Linux into the maws and the account books of MS.

    MS know that most embedded systems (IoT especially) are Linux based. They see a future where IoT is everywhere and not just those useful places like light bulbs, fridges and sofas ;-) They want to make sure that they are not left behind as most innovation in this field involves Linux.

    As far as I am aware using anything Linux created or provided by MS involves some kind of payment. (A Windows OS, a cloud account, another MS product/service) This is hardly in the spirit of FOSS.

    Linux worked wonderfully in my environment before MS started its embrace of the OS. It still works perfectly without MS anywhere near it.

    If one is trapped in an MS environment then I can see where the MS support of Linux is of use. However, I do not believe the MS embrace of Linux is an altruistic move made with concern for the customer.

    1. Teiwaz

      Re: Linux in code, not in spirit.

      To be honest, payment has never been a contention, Free as in speech, not as in beer.

      Ms has been open sourcing* things of late, which is to be welcomed.

      * Depends which license they use of course, and whether you consider the license used as truly free. Then of course little key bits are kept closed (key bits which often provide a large percent of the project usefulness, the rest being little more than like junk DNA).

      I think we can safely say, Microsoft is using Linux though.

  12. Christian Berger

    Apparently the real news is that Microsoft freely licenses the chip designs

    So the good that could come out of this is that manufacturers could use this as a single hardware platform. That's something that's desperately needed in the ARM world, as currently everybody needs to do their own Linux kernel if they want it to run on ARM.

  13. terrythetech
    Facepalm

    Mr General Public won't give a shit. People will flock to buy the new shiny. They are already happy having 'virtual assistants' - Amazon Echo, Google Home etc. listening and slurping. Why would they care if Microsoft join the party. Will they even know their new Internet of Tat device reports to MS.

    1. Anonymous Coward
      Anonymous Coward

      Terrythetech,

      Thank you !!!

      'Internet of Tat' is my new definition for IoT. :) :)

      ('Idiot or Turnip' ran a close 2nd. :) )

  14. Anonymous Coward
    Anonymous Coward

    Remember when..

    ...Microsoft was created to kill vendor lock in and break dominance of global megacorp's

    Google / Amazon / MS...

    The IBM's of the 21st century.

    1. Christian Berger

      Re: Remember when..

      Yes, though the stronger vendor locks exist with SoC Companies like Broadcom or Allwinner, at least in the mobile market.

      In a way it's like with home computers. We have lots of different vendors there, all with their own lock-in hardware, but most of them ran some version of Microsoft BASIC.

  15. Mike Shepherd
    Meh

    Reliable IoT

    My Linux server updates when I decide that's appropriate. Will Microsoft's custom Linux do the same?

    At present, Microsoft updates my Windows server, without warning*, when it feels like it. This can take up to 20 minutes and has twice disabled all its web sites until I discovered that, searched for and applied a solution, provided not by Microsoft but by other customers saying "Try this". Updates have also discarded my shortcut keys for standard programs (like Notepad) and caused other mischief with no warnings or options.

    If that's Microsoft's vision for IoT, which might control my heating, check for fires, allow me to open the garage door (and maybe the front door), I don't want it.

    *There may be a subtle notice, which Microsoft describes as "Heads up" (apparently an American insult which means something like "pay attention, idiots"). This notice indicates that the PC will be restarted, whether I like it or not.

    1. Anonymous Coward
      Anonymous Coward

      Re: Reliable IoT

      "At present, Microsoft updates my Windows server, without warning*"

      Really? We have several thousand I can safely say none of them do that.

      1. sabroni Silver badge

        Re: Reliable IoT

        But learning how to configure something is much trickier than going online and bitching about it.

        Plus you get up-votes on here for hating ms!!

        1. Anonymous Coward
          Anonymous Coward

          Re: Reliable IoT

          @Sabroni

          Oh please! Microsoft are not important enough to 'hate', besides life is far too short and too precious to waste on the likes of them.

          While the idea of securing IoT isn't necessarily a bad one, anything with a lifetime monthly fee wouldn't do so well on price. While there may be the odd customer with very specific needs, this is no mass market success.

          If there is one thing Microsoft can do right, it is give us all a good laugh with their utterly ridiculous ideas. If there is *anyone* that you did not want in charge of your computer/gadget/IoT security and software updates on any device, it would be Microsoft. Didn't they even had to farm out Windows Update to Akamai because they couldn't keep it safe or secure? Windows 10S was supposed to be more secure than ever but that was quickly hacked, their current planned OS update is delayed due to too many BSOD, and Microsoft's flagship Windows Defender security software was recently guilty of getting violated simply by opening an archive file after they modified some fully working open source software but messed it up!

          PS You just lost me a bet. Before reading any comments, I bet JJ Carter would appear by the end of this page but it was you instead. :p

      2. BitDr

        Re: Reliable IoT

        Are you Win 10 Enterprise and have that bit excluded from your EULA? AFICT, you may be in breach of contract.

  16. Robigus
    Thumb Down

    It's about the platform and the data.

    It's all about getting data fed into Azure.

    Data is king, and we will take these devices and feed our overlords with all the data porn they possibly handle.

    It's purely a gateway device to your personal information.

    Welcome to the New Age.

  17. ForthIsNotDead

    DROP

    It'll be dropped after a couple of years, just like a lot of M$ other products, leaving adopters high and dry.

    Avoid.

    1. Christian Berger

      Re: DROP

      Well either that, or it would be like with VBA or Active-X which everybody hoped they would drop it ASAP.

  18. paulc
    Big Brother

    so much nope here...

    n/t

  19. Alistair
    Windows

    IOT Vendor <-> MS

    IV: We wanna use chip! How Much?

    MS: Chip free! Cloud interface $120/yr/device!

    IV: #$%@# you! bye!

  20. Anonymous Coward
    Anonymous Coward

    They think we trust Azure

    lol

  21. Anonymous Coward
    Paris Hilton

    Oh really, oh what a suprise, I guess yawn.....

    What took them so long to tell you? Guess where you'll all end up......

  22. Anonymous Coward
    Anonymous Coward

    Microsoft uses Lobbies to get their spy-chip into all consumer devices!

    Other news sites mention that Microsoft uses Lobbies to get their spy-chip into all consumer devices! The lobbies try to get it into US, UK and EU laws, so that other device manufacturer have to include Microsoft's spy-chip for any IoT functionality. And that all consumer devices will need such an inbuilt IoT chip.

    So what's wrong? Everything. There is a book and a movie called "The Circle" (2017), watch it!! https://www.imdb.com/title/tt4287320/ In the story a monopoly company (a combination of Facebook and Microsoft) puts spying IoT chips everywhere and spy on all people around the world. In the movie there is at least a happy end, the employees finally changed their mind and put the spying on to the companies bosses, and as soon as they revealed several personal secrets they abruptly shut down the system. The very same story climax can also be watched in "EdTV" (1999) movie https://www.imdb.com/title/tt0131369/ that is about Big Brother is watching you and the TV station boss only shuts down when his own employees finally changed their mind and put the big brother spying to work against the TV station boss. --> Microsoft and Facebook are cancer to our global society.

  23. Rajesh Kanungo

    Isolating the communications is good

    In general, IoT attacks occur via normal communications mechanisms and less likely via hardware. In some areas the latter is fairly common; smart meters, set top boxes, etc. It is interesting to see MS isolate the basic communications outside of the main functionality. I wonder how far the isolation goes. Would a driver issue create main kernel issues or is it isolated to the baseband co-processors?

    Moreover, how do you isolate higher level communication stack vulnerabilities from the rest of the system?

    Maybe someone can educate me.

    Also, I think MS intends to open up the VHDL to inspection, right? If not it will be an uphill battle to expose issues.

    Rajesh

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like