Mender blog

Wind River is one of the biggest enterprise grade Yocto-based Linux providers. In late 2019 they released their LTS19 version based on Yocto Zeus (3.0).

As Mender is also compatible with selected Yocto releases including Zeus, the integration with Wind River Linux just requires some small tweaks to make it work seamlessly. In this tutorial we will describe basic steps required to make both wor...

Two Factor Authentication (2FA) is an extra layer of protection for user authentication with OTP-compatible applications like Authly and Google Authenticator.

This feature is now available to all the Hosted Mender users independently from their subscription plan.

You can enable Two Factor Authentication on your profile’s page, selecting the “Enable Two Factor authentication” option and followi...

It is now possible to generate and use Personal Access Tokens on Hosted Mender when performing management API calls.

Before the introduction of this feature, the only way to obtain a JWT token to perform API calls was using the log-in end-point. However, the token returned lasts one week only. Therefore, storing and reusing it, for example, from a CI/CD pipeline or a scheduled job, is not practi...

Before shipping software for embedded devices, it is crucial to test it on real devices, in an environment as close to the actual operating environment as possible. But that does not mean that development and testing necessarily has to happen this way. Running on real devices can often be tedious, time consuming and in some cases may be impractical.

This article will be a step-b...

We recently discovered a vulnerability in the Mender Client versions 3.2.0, 3.2.1, and 3.2.2.

The client listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client on the same network can connect to...