how to disable trust zone in STM32L562ve? - stm32ldiscovery

I am trying to enable secure boot in STM32L562ve and I enabled the secure boot via cube
programmer(Option bytes - TZEN) with no application in flash memory. And now I can't connect the board....
how to disable trust zone in stm32L5 series?
How to recover MCU? I can't connect the board using stlink(SWD).

Related

Is there any database storage on Thingsboard Gateway?

I am using Raspberry Pi as Thingsboard gateway and pushing sensor readings to server successfully. The Server may not be always online. Where does the data goes in case of server goes offline for long duration? Is there any storage in the Thingsboard gateway?
The "Thingsboard gateway" doesn't have database like Thingsboard Server application but it stores the MQTT messages in case of disconnection from the remote server.
As mentioned the Thingsboard gateway is on Raspberry Pi so go to following directory and make the changes:-
sudo nano /etc/tb-gateway/conf/tb-gateway.yml
there you will find the "gateway.connection.maxInFlight" which represents maximum amount of pending publish messages. Pending messages are messages that are either not sent due to connection problem or not yet confirmed due to high load on Thingsboard Server. Its default value is 1000 (messages). In case of per minute publish cycle ~16 hours of disconnection will be handled by the system.
The persistence settings are configured in the /etc/tb-gateway/conf/tb-gateway.yml file. You can have either “file” or “memory” message persistence. In the latter case data is only memorized in dynamic memory of tb-gateway service, so the following considerations apply only for the "file" option.
The path where data will be stored in case of connection issues between the gateway and the server is also specified in tb-gateway.yml. Default location in Raspbain is: /usr/share/tb-gateway/bin/storage/

Objective C Secure Transport Core Bluetooth

After several days of research about how to use Secure Transport i found that all the example and projects are working with BSD sockets and Streams.
In Apple documentation there is no statement confirming or denying the possibility of applying TLS over Core Bluetooth.
I have tried in many ways to establish a TLS session between two iOS devices that exchange data via Core Bluetooth. However i always get error -9806 every time i call the SSLHandShake() method.
In almost every example, a BSD Socket should be configured and connected before starting TLS HandShake.
Once the Socket is connected, Secure Transport exchanges automatically the TLS settings between two peers after calling SSLHandShake() method.
I suppose that Secure Transport supports BSD Sockets when it comes to establish a TLS HandShake. I did not find any solution to make Secure Transport exchange TLS settings between two peers connected via Core Bluetooth (BLE).
Is it possible to establish a TLS session between two iOS devices that have been connected via Core Bluetooth ? Should i forget about Secure Transport and implement TLS protocol (over Core Bluetooth) by myself without using Secure Transport ?
Thanks :)

How will iOS enforce connections to use a secure connection exclusively?

Starting 2017, Apple will require HTTPS connections for iOS apps. Apps will be forced to use ATS, based on TLS, to establish a connection successfully.
I'm currently developing a network measurement tool for a client. Using the low-level socket interfaces, the purpose is to transmit packets over TCP or UDP to a server in the network, in order to measure the speed of the WiFi connection.
As it is not clear how Apple will enforce their new rules, we find it hard to estimate how our application will be influenced by them. Is there any more information available on this? On which types of connections do they apply? Based on what characteristics will iOS label a connection as insecure?
Your app should be fine. See this thread with a response from an Apple staff: https://forums.developer.apple.com/thread/48979
The relevant part:
First up, there have been no changes to the technical behaviour of ATS (other than the addition of NSAllowsArbitraryLoadsInWebContent and NSRequiresCertificateTransparency). From a technical perspective, ATS exceptions in the newly seeded OS releases work the same way as they do in the current OS release.
What has changed is that App Review will require “reasonable justification” for most ATS exceptions. The goal here is to flush out those folks who, when ATS was first released, simply turned it off globally and moved on. That will no longer be allowed.

Temporarily trusting self-signed certificates with NSURLConnection

I have an app that displays a warning to the user when they attempt to contact a server with a self-signed or otherwise untrusted SSL certificate. If they choose to proceed, we use connection:didReceiveAuthenticationChallenge to continue with the HTTPS request by creating a credential for the server trust. This is the common way that connections are made to untrusted servers on iOS.
What I'm wondering if there's a way to only create this server trust for a particular connection, or if it's possible to rescind the trust at a later time. What we've found is that the server trust lasts for as long as the app is running. We'd like to be able to prompt the user again at a later time to make sure they still want to proceed. Is this possible? Is there a way for the trust to only "last" for one connection, or to find the trust and somehow remove it so that we go through the process again for that same server?
Are you not releasing the connection after the data is received. If you are releasing it it should ask every time. Make sure the cache property for you connection is not enabled

Windows Filtering Platform detecting & authorising outbound connections without first blocking?

Before I even start researching WFP I need to know one thing:
Can I detect an outbound TCP connection attempt, pause it until the user clicks Allow/Block, and then accordingly allow it to succeed or block it?
Other WFP based software such as Windows 7 Firewall Control always blocks the first connection attempt. Clicking Allow only applies to subsequent connection attempts. The first attempt always fails and the blocked application assumes there is no internet and I have to restart the application.
Is it possible to pause until Allow/Block is clicked in WFP or is my only option to write a kernel-mode driver?

Resources