[Fud] documents and minutes
Michael Richardson <mcr+ietf@sandelman.ca> Sun, 16 April 2017 17:07 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: fud@ietfa.amsl.com
Delivered-To: fud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55883127775 for <fud@ietfa.amsl.com>; Sun, 16 Apr 2017 10:07:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pofQzn6lDyTg for <fud@ietfa.amsl.com>; Sun, 16 Apr 2017 10:07:20 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84303126C22 for <fud@ietf.org>; Sun, 16 Apr 2017 10:07:20 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id A26702009E for <fud@ietf.org>; Sun, 16 Apr 2017 13:32:15 -0400 (EDT)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 3DCBF636BB for <fud@ietf.org>; Sun, 16 Apr 2017 13:07:18 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: fud@ietf.org
X-Attribution: mcr
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Sun, 16 Apr 2017 13:07:18 -0400
Message-ID: <18203.1492362438@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/fud/kSDUp9aoq8Njo5tQsQalBA1xxig>
Subject: [Fud] documents and minutes
X-BeenThere: fud@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: FUD - Firmware Updating Description <fud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/fud>, <mailto:fud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/fud/>
List-Post: <mailto:fud@ietf.org>
List-Help: <mailto:fud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/fud>, <mailto:fud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Apr 2017 17:07:22 -0000
1) I don't think this list got the initial welcome message with pointers to
the various drafts from Hannes that form some of the basis for his problem
statement.
Could the links be posted for the benefit of the archives?
I searched the ID repo using: 'fud' and also 'tschofenig', but didn't find
anything. I thought that were some documents.
2) Carsten wrote these minutes:
> — firmware updates for general purpose class computers (Linux etc.,
> “A-class”, OpenWRT routers, ...) are rather different from those for
> microcontrollers (“M-class”)
..
> — initial focus on complete firmware replacement (we did talk about
> bootloaders vs. primary/recovery loaders etc.)
I wanted to take issue with the way this distinction is being presented.
While there are plenty of Linux based systems that do updates via packages,
and systems like OpenWRT/LEDE and Android that can load some optional
components via packages (opkg and apk), many of these systems do their
primary upgrades via complete firmware replacements.
It's not about "M-class" vs "A-class" (some very ARM specific terminology), at all.
The only difference between an RPI-IoT device running Android and an ATmega
running Ardiuno or Freescale or OpenMote device running Contiki is the number
of megabytes the image is. The large image devices actually have more of a
challenge because they usually can not double-buffer the image, so they have
more in common with the very small devices, with the "M-class" device
actually being richer than then the smaller devices.
The saving grace is that usually have a generous amount of space for a
recover/bootloader image so that failure to apply an image does not result in
a bricked device.
{I will note that most of the baby-monitor/video cameras which were involved
in the DDoS, while they might use a Linux kernel, usually have only one or
two core processes that do all the work. They are upgraded by complete
firmware replacement, and usually do not support packages in any form.}
--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
- [Fud] documents and minutes Michael Richardson
- Re: [Fud] documents and minutes Erik Nordmark