Category: Know How

SSDs with the so-called “Power Guard” function work with integrated tantalum capacitors that are permanently charged with 12 volts. In the event of a power failure, the SSD can therefore act as a kind of UPS. The power in the SSD is maintained until all storage processes are completed and the data is backed up. In this way, Power Guard can prevent data loss and ensure greater security.  This is interesting for critical applications in the industrial environment as well as network and server technology, but also for mobile and vehicle solutions.

Power Guard SSD now available from spo-comm

This UPS technology was developed by storage manufacturer Cervoz, which now offers Power Guard SSDs and mSATAs in various sizes. spo-comm is now offering an optional 128 GB Power Guard SSD for all Mini-PCs in its range. Other sizes are also available on request.

Discover mini PCs with Power Guard SSD

SSD trends at Computex: TLC and M.2

PCIe instead of SATA – this trend was clearly evident at this year’s Computex in Taipei. As manufacturers are not making any progress with SATA SSDs in terms of speed, the future lies with much faster PCIe SSDs such as M.2. It has also been shown that TLC memory with 3 bits per cell is now increasingly being used in cheaper SSDs.

More options for vehicle computing: New accessories for MOVE series

spo-comm is now offering even more accessories for the two current vehicle PCs spo-book MOVE QM87 and spo-book MOVE N3160. New additions to the range include a GPS module for navigation and localization as well as a CAN bus for special vehicle applications.

Turbo clock at 15 watts TDP: Intel i-8000

Another new product presented at Computex is a quad-core processor from the Intel Core i-8000 generation. The special thing about it: With a TDP (Thermal Design Power) of just 15 watts, turbo clock rates of up to 4 GHz are to be achieved. The i7 CPU is set to be released in fall 2017 and will deliver up to 30 percent more speed than the comparable Core i7-7500U processor of the current Kaby Lake generation.

Individual branding: customizing package for Windows 10 IoT Enterprise

To make the most of the advantages of Windows 10 IoT Enterprise, spo-comm will soon be offering a customizing package. This allows the operating system to be customized so that you can appear as the manufacturer of the Mini PC – with your own logo, OEM information such as company name, website and telephone number, customized login screen and much more. The customized image is then securely stored with us and can be installed for future orders.

Discover all our spo-comm Mini-PCs

The Trusted Platform Module (TPM) is a chip that is integrated in many systems and offers more security. It is mainly used in PCs, notebooks and cell phones, but also in consumer electronics. A device with TPM, a customized operating system and suitable software is referred to as a Trusted Computing Platform (abbreviated to TC platform).

What advantages does TPM offer?

The advantages of the TPM lie in the security and encryption as well as the identification of devices. Each chip contains a unique cryptographic key that can be used to identify the computer, provided the owner allows it to be read.

Cryptographic keys can also be stored in the TPM to store encrypted data outside the TPM. The keys are generated, used and securely stored within the TPM so that they are protected against software attacks. Other advantages include better license and data protection. The owner of the system can sign data to prove his authorship. The TPM can also be used to detect changes made to the system, e.g. by malware or users.

Which keys can be found in the TPM?

The endorsement key (EK) is an RSA key pair (the abbreviation RSA stands for the three mathematicians Rivest, Shamier and Adleman, who developed this cryptographic procedure) and is uniquely assigned to each TPM. The key length is 2048 bits. The RSA key pair consists of a private key for decrypting or signing data, which must never leave the TPM, and a public key for encryption and signature verification. The key can be generated outside the TPM and can also be deleted and regenerated.

The Storage Root Key (SRK) is created when an admin or user takes over the system, i.e. when the owner of the computer changes. The SRK is also an RSA key with a length of 2048 bits. As the name suggests, it is the root of the TPM key tree, as it encrypts other keys used.

The Attestation Identity Keys (AIKs) are also RSA keys with a length of 2048 bits. They are created using the endorsement key and protect the user’s privacy. The AIKs are effectively a pseudonym for the EC so that it can remain anonymous.

How can TPM be used?

The decisive factor for the use of TPM is, of course, a TPM chip integrated into the hardware. This is sometimes located on the mainboard by default, but the module can often be installed as an option if a TPM header is available. However, the right software is also required to use TPM. A secure operating system, such as Windows 10 IoT Enterprise , is recommended so that the software cannot be manipulated so easily.

More about Windows IoT

Which spo-comm Mini-PCs offer TPM?

A TPM chip is integrated in the spo-comm systems spo-book WINDBOX III Advanced, spo-book NOVA CUBE Q87 and spo-book BOX N2930 (TPM 1.2 in each case). The successor to the spo-book WINDBOX III Advanced will be released in the third quarter of 2017 and will include the new TPM 2.0 standard published in 2014. TPM can also be optionally installed in the spo-book TURO Q87, spo-book EXPANDED Q170 and spo-book NINETEEN Q170 systems.

More high-end is not possible: Intel Core i9 is expected

Intel is certain to present new Skylake and Kaby Lake CPUs for high-end PCs this summer. The exciting thing is that, according to leaked information, an Intel Core i9 processor is now also to be introduced. Although such a high-class model will be somewhat oversized for mini PCs, we are still excited to see what we can expect from the new super CPUs in terms of performance. More detailed information on this topic can be found at heise.de.

Intel AMT problem: spo-comm responds with new drivers

A security vulnerability in Intel’s Active Management Technology (AMT) became known at the beginning of May. Embarrassing for Intel: The error is relatively simple, but can cause major damage. This is because the authentication hash, which is used to encrypt and decrypt passwords, is not checked properly, which makes it very easy to hack into a PC with AMT(golem.de explains the problem in more detail). spo-comm has already reacted and made new drivers available online for all systems with Intel Management Engine.

Better network: 4G modules now available

As already announced, spo-comm has upgraded and now offers 4G modules for various systems instead of 3G. The new standard, also known as LTE (Long Term Evolution), ensures higher data rates and therefore offers even faster mobile Internet. The spo-book WINDBOX III Advanced and spo-book ELIX H81 models and the spo-book MOVE N3160 and spo-book MOVE QM87 vehicle PCs with 4G modules are now available.

Internet of Things 2017: Smart Cities and Smart Transportation

The Internet of Things is still one of the most discussed topics in the tech world. The trends for 2017? Smart transportation and smart cities – at least that was the focus of the influential Enterprise IoT Summit conference that took place in Texas in March. Among other things, this involves improving safety, reducing traffic and thus increasing the quality of life, as well as fleet management for various vehicle types and the associated simplification of maintenance and service.

More about Windows IoT

Everything from a single source: suitable cables for spo-comm systems

spo-comm now offers even more accessories. Suitable cables for spo-comm Mini-PCs will gradually become available over the next few weeks. The range starts with IEC plugs for Switzerland and the UK as well as monitor cables (2 meters and 5 meters) for various monitor outputs.

Even faster, even better: Bluetooth 5

Developers from the Bluetooth Special Interest Group (SIG) presented Bluetooth 5 a few weeks ago. The fifth version of the popular wireless standard promises faster data transmission, longer distances and also saves power in some cases. These changes mainly affect Bluetooth Low Energy (BLE) for small, low-power devices. The data rate can even double here. Manufacturers of radio chips have already announced that the new standard will soon be available.

More security for Mini PCs: Trusted Platform Module (TPM)

The Trusted Platform Module (TPM) is a chip that is integrated into many systems and ensures greater security. With the help of the TPM, a hard disk can be encrypted, a computer can be identified and changes, for example by malware, can be detected. More information about TPM and the spo-comm systems that use this chip will soon be available on our knowledge blog.

Rising SSD prices due to high demand: improvement in sight at last

Due to the increased demand for NAND memory (= a type of flash memory used for SSDs), prices for SSDs have risen sharply in recent months. One reason for this is that SSDs are becoming increasingly popular due to their advantages. This also results in an increased demand for the cheaper TLC memory. On the other hand, NAND modules are also required for smartphones. While a price increase of up to 16% was still expected for the first quarter, the situation should slowly ease in the second quarter.

Time for a change: spo-book WINDBOX II Plus is EOL

Everything comes to an end: our popular spo-book WINDBOX II Plus is now End of Life (EOL) and will be replaced by the spo-book WINDBOX II Quad. Thanks to the same dimensions and the same connections – only one USB has been upgraded from 2.0 to the current 3.0 standard – changing products should not be a problem. The WINDBOX II Quad also boasts a newer quad-core processor and also supports Windows 10. Drivers for the old system can now be found here:

Drivers

Windows 10 IoT Enterprise: All information now on our blog

It’s hard to believe that our Windows 10 IoT weeks are already over. Over the last five weeks, we have introduced you to a new topic every Tuesday: From a general introduction to the benefits, customizing and security features to Microsoft’s new licensing policy. And if you don’t have that much time to read, just take a look at our overview page. We have summarized the most important points briefly and concisely.

To put it a little more technically correct: The licenses are divided into three different SKUs (= stock keeping units). However, because this doesn’t sound so good from a marketing point of view, we simply translate “SKU” into “price category” for our purposes. Sounds better? Sounds better.

The advantage of these new price categories is that with “Entry” and “Value” in particular, customers receive a fully-fledged operating system at an unbeatable price. Find out here which of our Mini PCs fall into which of the three price categories “Entry“,“Value” and“High End“.

Entry: Intel Atom, Pentium (N- and J-Series) and Celeron (N-, G-, J- and 3000-Series), AMD V10-V12

• WINDBOX II Pro
• BRICK J3455E
• BOX J4125
• BOX N4100
• BOX E3940
• MOVE N3160
• MOUNT Silver

Value: Remaining Intel Celeron and Pentium, Core i3, Core i5, Core M and AMD V13-V19

• WINDBOX III Evo
• BRICK i3
• RUGGED Q170
• RUGGED Ryzen
• CORE
• KUMO V
• KUMO Ryzen
• RUGGED GTX 1050TI
• NOVA Q170 (with Pentium or i5)
• QUADRO P1000
• MOVE Q170
• NINETEEN Q370 (with Pentium, Core i3 or i5)

High end: Intel Core i7, Xeon and selected AMD FX models, Ryzen 7

• NINETEEN Q370 (with i7)
• NOVA Q170 (with i7)

All spo-comm Mini-PCs mentioned can now be ordered with Windows 10 IoT Enterprise.

Discover spo-comm Mini-PCs

Overview page Windows 10 IoT Enterprise

Lockdown means adapting a Windows operating system to your own needs with the help of specific restrictions. In the following, we will explain the lockdown features that are used to customize the operating system. We explain the features that ensure greater security here.

Unbranded Boot

With the Unbranded Boot function, Windows elements that appear when the operating system starts can be suppressed. These include the boot logo, the status ring and the status text – either individually or all at the same time.

It can also be set so that a black screen appears instead of a blue screen (= an error message under Windows) and the device restarts automatically so that users cannot see it if the system crashes. A dump file is created in the background to read out the error afterwards.

Embedded Logon

The embedded logon makes it possible to suppress elements of the Windows 10 user interface when starting and shutting down the operating system. For example, the login screen can be hidden and an automatic login configured instead. It is then possible to show an application directly after the boot screen. The Embedded Logon can also be used to personalize the login screen by hiding some elements.

Shell Launcher

With the Shell Launcher, a Windows 10 app or a classic Win32 program can be opened automatically on request with the aim of hiding the standard Windows user interface. This means that as soon as the PC is started, the application also starts and the operating system remains invisible. It is also possible to configure different shells for different users so that, for example, two accounts run on the PC: one with the application as a shell and another with the classic desktop shell for administrative tasks.

You can also set what should happen in the Shell Launcher if the program crashes or is closed. It could restart, shut down or do nothing at all.

Assigned Access

The Assigned Access has similar functions to the Shell Launcher. It is particularly interesting for so-called “single-function devices”, i.e. devices that are only intended to fulfill a single function. These include, for example, kiosk systems, cash registers at the POS or displays at trade fairs. Assigned Access means roughly “assigned access”. If an account is configured for this, a selected Windows app runs on top of the lock screen for the selected user account. Users of this account will then not be able to access any other function on the device. With some optional elements, the Assigned Access can be further personalized. For example, in terms of power button availability and welcome elements.

To block access to the system, certain touch and mouse gestures and key combinations can also be blocked. Exiting the application is done via a special breakout key that takes you to the login screen.

Customized OEM information

Another feature that allows you to customize your PC is the option to adjust the OEM information. This allows you to state your own manufacturer and model name and insert your own logo. You can also store the support times, telephone number and URL so that your customers can see directly who the system comes from and where they can go if they have a problem.

Overview page Windows 10 IoT Enterprise

What exactly is Windows 10 IoT Enterprise?

Windows 10 IoT Enterprise is an operating system for industrial applications and embedded PCs. It is suitable for all devices on which desktop apps and Win32 applications are to run. Windows 10 IoT Enterprise has all the functions of Windows 10 Professional and also has so-called embedded lockdown features. These are used to secure the device and protect it from unwanted attacks. They also offer various branding options and can, for example, make the Windows operating system completely invisible behind the application. We explain the individual functions in more detail in other articles.

What advantages does Windows 10 IoT Enterprise offer?

In addition to the lockdown features, Windows 10 IoT offers other advantages that are interesting for solutions in the industrial sector. On the one hand, this operating system is supported for at least 10 years and is available for a further 5 years (i.e. a total of 15 years), which is particularly relevant for applications that are expected to run for many years.

Another advantage is hidden in the abbreviation LTSB. This stands for Long Term Servicing Branch and means that new versions are only provided as updates every 2-3 years, which can then be installed, but do not have to be. These function updates have already been intensively tested with other Windows versions and should therefore not cause any problems. To avoid security gaps, security updates and hotfixes are installed on an ongoing basis. However, these do not cause any compatibility problems as the operating system is not changed.

Another advantage of Windows 10 IoT Enterprise compared to Windows 10 Professional is the Multilingual User Interface (MUI), which means “multilingual user interface”. MUI means that several language packages can be installed at the same time, between which you can switch back and forth depending on the location or user. Windows 10 IoT Enterprise has over 30 different language packs available for this purpose. If you add the individual variants, such as en-UK or en-US, you get over 100 languages.

Thanks to a new licensing model, Windows 10 IoT Enterprise is also cheaper than the conventional Windows 10 Professional for most systems. We will explain exactly what this means.

As a special service, a recovery stick is always included in the scope of delivery of a system with Windows 10 IoT. If a new installation of the operating system is required or desired, it can be easily restored (“recovered”) or reinstalled using the stick.

Who is Windows 10 IoT Enterprise suitable for?

In principle, Windows 10 IoT is suitable for all industrial applications: From kiosk systems, POS devices and ATMs to production systems and industrial control systems to digital signage players or medical devices – to name just a few examples.

If you are not sure whether Windows 10 IoT is right for you and your application, we can provide you with a free trial of the desired PC with a Windows 10 IoT test version at any time.

Overview page Windows 10 IoT Enterprise

But let’s start at the beginning and address the question of why this operating system is now called Windows 10 IoT. First, a brief digression on the term “IoT”:

What does the term “IoT” mean?

IoT is short for “Internet of Things “. The term describes the idea that PCs will gradually disappear and be supplemented and replaced by smart objects (“things”). For the private sector, this means that everyday objects are being equipped with processors, sensors and transmitters. For example, refrigerators that reorder food themselves or an intelligent brushthat analyzes hair structure. But the topic of IoT is also, or rather especially, interesting for many sectors in the industrial sector. This is because embedded microdevices can be used to network production systems and shipping processes, among other things, and therefore work much more efficiently.

What does this mean for Windows 10 IoT?

Why has Microsoft now chosen the name Windows 10 IoT for its new embedded operating system? Well, for one thing, the term IoT is slowly becoming the talk of the town, so the term is not a bad idea for marketing reasons alone. On the other hand, Windows 10 IoT is part of the One Windows strategy. This means that there is one Windows for all devices – from small devices to servers. This is because Windows 10 IoT comes in three versions, which are differentiated according to device type: Windows 10 IoT Core for small devices such as Raspberry Pi, Windows 10 IoT Mobile Enterprise for smartphones and small tablets and Windows 10 IoT Enterprise for systems with a desktop shell and Win32 apps.

All three variants are based on the same core, to which different features are added for each device family. Thanks to the common core, the so-called universal apps can run on all platforms and device types, which significantly reduces and simplifies the effort required for development and support.

Of the three Windows IoT variants, we are only really interested in Windows 10 IoT Enterprise, as this is the version that runs on (mini) PCs and enables desktop apps and Win32 applications. Possible applications include areas such as POS, kiosk, digital signage, industrial control, production systems and ATMs.

Overview page Windows 10 IoT Enterprise