Uncovering the hidden patterns of the consumer electronics industry - DeviceCode
APR 3, 202547 MIN
Uncovering the hidden patterns of the consumer electronics industry - DeviceCode
APR 3, 202547 MIN
Description
<p>“The consumer electronics industry works differently than people actually think”, says Armijn Hemel creator of DeviceCode. Behind the different brands and casings is often the same hardware, created by a single Original Design Manufacturer. But the disclosure of security vulnerabilities is mostly focused on single devices. So when a CVE is published for device A from vendor X it conceals that the security flaw may also exist in a similar device of a different vendor. DeviceCode collects structured technical information about consumer devices to reveal these hidden patterns of the industry in order to improve security.</p>
<p>Demystifying the electronics industry can also be a step toward increasing the local production of electronics. Reasons to opt for local manufacturing are the vulnerability of global supply chains, environmental impact, worker rights, software security and preventing backdoors. A better understanding of the industry could inspire a bottom up approach to a more diversified electronics industry.</p>
<p>Links<br />
DeviceCode repositories:<br />
<a href="https://github.com/armijnhemel/devicecode">Code</a><br />
<a href="https://github.com/armijnhemel/devicecode-data">Data</a></p>
<p>NGI Zero projects<br />
<a href="https://nlnet.nl/project/DeviceCode/">DeviceCode</a><br />
And also mentioned: <a href="https://nlnet.nl/project/VulnerableCode/">VulnerableCode</a></p>
<p>If you are interested in Armijn’s knowledge about Open Source Software supply chain management (briefly mentioned at the end of the podcast) watch the NGI Zero webinar with Armijn: <a href="https://nlnet.nl/events/20230406/WebinarSoftwareSupplyChain/">Open Source in (Consumer) Electronics Supply Chains</a> (Episode 1 of a 4-part series The Ins and Outs of Open Software Supply Chain)</p>
<p>Other projects and talks mentioned<br />
<a href="https://openwrt.org/toh/openwrt/one">The Open Wrt hardware device: OpenWrt One</a></p>
<p>Talks on the hardware supply chain by Andrew “bunnie” Huang<br />
<a href="https://www.youtube.com/watch?v=RqQhWitJ1As">Supply Chain Security: “If I were a Nation State…”</a> at BlueHat IL, 2019.<br />
<a href="https://www.youtube.com/watch?v=S39fhrGjr4U">An Alternative to the American way of Innovation</a> at TEDxPickeringStreet.<br />
<a href="https://nlnet.nl/events/20240502/index.html">NGI Zero webinar about IRIS: (Infra-Red, In-Situ) inspection of silicon</a>.</p>
<footer><p><a href="https://nlnet.nl/NGI0/">NGI Zero</a> is a coalition of non-profit organizations lead by <a href="https://nlnet.nl/">NLnet</a>. It provides <a href="https://nlnet.nl/funding.html">financial</a> and <a href="https://nlnet.nl/NGI0/services/">practical support</a> to people working on the free and open internet.
You can find us on <a href="https://mastodon.xyz/@NGIZero">@[email protected]</a> & <a href="https://social.nlnet.nl/@nlnet">@[email protected]</a>.
NGI Zero is made possible with financial support from the <a href="https://ec.europa.eu/">European Commission</a>’s <a href="https://ngi.eu/">Next Generation Internet</a> initiative.</p>
<p>The podcast is hosted by Ronny Lam and Tessel Renzenbrink, the jingle created by Yarmo Mackenbach, all from NLnet.</p>
<p>The NGI Zero podcast is shared under the <a href="https://creativecommons.org/licenses/by-nc-nd/4.0/">CC BY-NC-ND 4.0</a> license.</p>
</footer>
