Mender blog

Personal Access Tokens simplify the API-based integration with Hosted Mender

1st Aug 2022

It is now possible to generate and use Personal Access Tokens on Hosted Mender when performing management API calls.

Before the introduction of this feature, the only way to obtain a JWT token to perform API calls was using the log-in end-point. However, the token returned lasts one week only. Therefore, storing and reusing it, for example, from a CI/CD pipeline or a scheduled job, is not practi...

Read the article

Using QEMU Virtualized Environments to Develop and Deploy Embedded Software for x86 Linux

12th Jul 2022

Introduction

Before shipping software for embedded devices, it is crucial to test it on real devices, in an environment as close to the actual operating environment as possible. But that does not mean that development and testing necessarily has to happen this way. Running on real devices can often be tedious, time consuming and in some cases may be impractical.

This article will be a step-b...

Read the article

CVE-2022-32290 - Mender Client listening on all the interfaces

1st Jul 2022

We recently discovered a vulnerability in the Mender Client versions 3.2.0, 3.2.1, and 3.2.2.

The client listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client on the same network can connect to...

Read the article

How To Deploy OTA Updates for IoT Devices

30th Jun 2022

With a multitude of Internet of Things (IoT) devices scattered globally, managing software remotely becomes critical to the success of enterprises who want to transform in the digital economy. IoT devices can extend into the physical world and most often at large scale without being in close proximity and only reachable at relatively high cost. Therefore, it is not practical to replace an existi...

Read the article

How to enable remote software updates in segregated networks with bandwidth efficiency and centralized control

22nd Jun 2022

Many manufacturing and industrial environments have segregated network setups where assets (IoT/embedded devices) are co-located within a local area network and separated from the public internet by an internet gateway device. Segregation increases security, but limits access and control to do software updates to the co-located devices more efficiently.

Centralized remote software update capabil... Read the article