This post is going to focus on some particular security issues in the embedded space (the IoT space, if you will). I regularly work with microcontrollers (MCUs) based on variants of the Cortex-M architecture. These are ARM processors that typically have a small amount of ROM (½–1 MiB) and an even smaller amount of RAM (16–128 KiB). Traditionally, security has not been much of a focus on these types of devices (think toasters, washing machines, and the likes).
Today, I migrated my primary Ubuntu 17.04 development machine to put the root volume onto a thinly provisioned volume. There was a bit of a comedy of errors, so I want to outline what I should have done, vs what actually happened. What I should have done As in anything like this, it is important to start with known good backups. In my backup post, I describe how I’m doing that, and even testing it.
For my first post, I’d like to discuss some of my strategy that I use for backups. Backups are one of those things that most people realize are important, yet most people don’t really do them consistently. Aside from that, I’ve found that very few people test their backups. There are two scenarios that backups are important for: Disaster recovery. After a hard disk crash or other failure, how can I recovery a machine to the state it was in before the crash.