Arm's embedded TLS library fixes man-in-the-middle fiddle

IoT security helper is vulnerable to attacks by malicious peers

Richard Chirgwin , Aug. 31, 2017 –

Arm's "mbed TLS" software can be tricked into an authentication bypass and needs a patch.

Created by PolarSSL, which was acquired in February by Arm, mbed is a crypto library designed to make it easy for embedded system developers to add SSL/TLS capabilities to their products.

As well as client-server models (that is, an embedded IoT device talking to a server), mbed also lets peer devices set up TLS sessions between each other.

Click here to read more ...

More News

Arm puts Qualcomm on notice of cancellation of its licence (October 23, 2024)
Arm Accelerates Edge AI with Latest Generation Ethos-U NPU and New IoT Reference Design Platform (April 8, 2024)
Arm and ecosystem leaders empower developers for a future built on Arm (March 9, 2023)
Arm Announces Appointment of Paul E. Jacobs and Rosemary Schooler to its Board of Directors (November 29, 2022)
Arm public offer likely to be postponed beyond Q123 (November 21, 2022)