Afleveringen
-
In todayâs Coredump Session, the team reunites to unpack the behind-the-scenes lessons from their time building firmware at Pebble. This episode dives into the risks, decisions, and sheer grit behind a near-disastrous OTA updateâand the ingenious hack that saved a million smartwatches. Itâs a candid look at the intersection of rapid development, firmware stability, and real-world consequences.
Key Takeaways:
Pebbleâs open approach to developer access often came at the cost of security best practices, reflecting early startup trade-offs.A critical OTA update bug almost bricked Pebble devicesâbut the team recovered using a clever BLE-based stack hack.Lack of formal security measures at the time (e.g., unsigned firmware) unintentionally enabled recovery from a serious update failure.Static analysis and test automation became top priorities following the OTA scare to prevent repeat incidents.The story reveals how firmware constraints (like code size and inline functions) can lead to high-stakes bugs.Investing in robust release processesâincluding version-to-version OTA testingâproved vital.Real security risks included impersonation on e-commerce platforms and potential ransom via malicious OTA compromise.The importance of "hiring your hackers" was humorously noted as a de facto security strategy.Chapters:
00:00 Episode Teasers & Welcome
01:22 Why Pebbleâs Firmware Was Open (and Unsigned)
05:01 The Security Tradeoffs That Enabled Speed
11:00 The OTA Bug That Could Have Bricked Everything
15:26 Hacking Our Way Out with BLE Stack Overflow
17:47 Lessons Learned: Test Automation & Static Analysis
26:30 How Pebble Built a Developer Ecosystem
29:56 CloudPebble, Watchface Generator & Developer Tools
42:55 Backporting Pebble 3.0 to Legacy Hardware
49:02 The Bootloader Rewrite & Other Wild Optimizations
53:31 Simulators, Robot Arms & Debugging in CI56:40 Firmware Signing, Anti-Rollback & Secure Update
1:06:10 Coding in Rust? What Weâd Do Differently Today
1:08:28 Where to Start with Open Source Pebble Development
â â Join the Interrupt Slack
Watch this episode on YouTubeâ â
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
-
In todayâs Coredump Session, we zoom in on the rapidly evolving world of cellular IoTâwhatâs working, whatâs changing, and what developers should know. With expert insight from Fabien Korheim of ONES, the conversation breaks down MVNOs vs MNOs, dives into certification hurdles, explores connectivity trade-offs like NB-IoT vs LTE-M, and unpacks why cellular is quietly powering more devices than you think. Whether you're building metering devices or baby monitors, this one hits the full stackâfrom tech to business models.
Key Takeaways:
MVNOs simplify global IoT deployments by abstracting regional carrier relationships and reducing SKU complexity.LTE-M is currently the safest bet for low-power cellular applications, with 5G RedCap positioned as a future alternative.Certification processes are lighter with MVNOs, especially when using pre-approved modules.Cellular IoT is ideal where Wi-Fi isnât guaranteed, like basements, forests, and mobile tracking.Consumer IoT has huge untapped potentialâcellular can dramatically improve usability and reduce returns.Battery life and data costs are major design considerations, especially when scaling fleets globally.Multiradio devices and smart fallback strategies (e.g. BLE/Wi-Fi + Cellular) are becoming more common.Debugging tools and observability platforms are essential for maintaining reliability across networks, devices, and regions.Chapters:
00:00 Episode Teasers & Intro02:34 MVNO vs MNO: Whatâs the Difference?06:28 Certifications, SIMs & Simplifying Deployment12:31 NB-IoT, LTE-M, LoRaWAN & SatelliteâExplained23:43 5G for IoT: Hype or Here?27:14 Top Use Cases: Meters, Trackers & Wildlife33:28 The Big Opportunity: Cellular in Consumer Devices36:33 Business Models: Who Pays for Cellular?37:49 Getting Started: Kits, SIMs & Copy-Paste Firmware41:59 Common Mistakes & What to Watch in the Field47:15 What to Measure: Observability That Scales49:13 Q&A: Prioritization, Firmware Updates, RedCap & More
â â Join the Interrupt Slack
Watch this episode on YouTube
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
-
Zijn er afleveringen die ontbreken?
-
In todayâs Coredump Session, we dive into the fast-evolving world of Edge AI and its real implications for device makers. From robots that detect humans to welding machines that hear errors, we explore the rise of intelligent features at the hardware level. The conversation spans practical tools, common developer traps, and why on-device AI might be the most underrated revolution in embedded systems today.
Key Takeaways:
Edge AI means real-time inference on embedded devices, not just âAI at the edge of the network.âPrivacy, latency, and power efficiency are core reasons to use Edge AI over cloud processing.Hardware accelerators like the Cortex-M55 + U55 combo have unlocked GPU-like performance in microcontrollers.Battery-powered AI devices are not only possibleâthey're already shipping.Data collection and labeling are major bottlenecks, especially in real-world form factors.Start projects with data acquisition firmware and plan ahead for memory, power, and future use cases.Edge AI applications are expanding in healthcare, wearables, and consumer robotics.Business models are shifting, with AI driving recurring revenue and service-based offerings for hardware products.Chapters:
00:00 Episode Teasers & Intro02:57 What Is Edge AI Anyway?06:42 Tiny Models, Tiny Devices, Big Impact10:15 The Hardware Leap: From M4 to M55 + U5515:21 Real-World Use Cases: From ECGs to Welding Bots17:47 Specâing Your Hardware for AI24:15 Firmware + Inference Frameworks: How It Actually Works26:07 Why Data Is the Hard Part34:21 Where Edge AI Willâand WonâtâTake Off First37:40 Hybrid Edge + Cloud Models40:38 Business Model Shifts: AI as a Service44:20 Live Q&A: Compatibility, Labeling, On-Device Training56:48 Final Advice: Think of AI as Part of the Product
Join the Interrupt Slack
â â â Watch this episode on YouTubeâ
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
-
REGISTER FOR PART 2 OF THE PEBBLE CONVERSATION ON APRIL 15TH
In this episode of Coredump, three former Pebble engineers reunite to dive deep into the technical quirks, philosophies, and brilliant hacks behind Pebble OS. From crashing on purpose to building a single codebase that powered every watch, they share war stories, bugs, and what made Pebbleâs firmware both rare and remarkable. If you love embedded systems, software-forward thinking, or startup gritâ this oneâs for you.
Key topics:
Pebble intentionally crashed devices to collect core dumps and improve reliability.All Pebble devices ran on a single codebase, which simplified development and updates.The open-sourcing of Pebble OS is a rare opportunity to study real, commercial firmware.A platform mindsetâsupporting all devices and apps consistentlyâshaped major engineering decisions.Pebbleâs app sandbox isolated bad code without crashing the OS, improving developer experience.The team built a custom NOR flash file system to overcome constraints in size and endurance.Core dumps and analytics were essential for tracking bugs, deadlocks, and field issues.Collaborations between hardware and firmware engineers led to better debugging tools and smoother development.Chapters:
00:00 Episode Teasers & Intro01:10 Meet the Team: Pebble Engineers Reunite01:13 Meet the Hosts + Why Pebble Still Matters03:47 Why Open-Sourcing Pebble OS Is a Big Deal06:20 The Startup Firmware Mentality08:44 One OS, All Devices: Pebbleâs Platform Bet12:30 App Compatibility and the KEMU Emulator14:51 Sandboxing, Syscalls, and Crashing with Grace20:25 Pebble File System: Built from Scratch (and Why)23:32 From Dumb to Smart: The Iterative Codebase Ethos26:09 Core Dumps: Crashing Is a Feature30:45 How Firmware Shaped Hardware Decisions33:56 Rust, Easter Eggs, and Favorite Bugs36:09 Wear-Level Failures, Security Exploits & Font Hacks39:42 Why We Chose WAF (and Regret Nothing?)42:41 What Weâd Do Differently Next Time47:00 Final Q&A: Open Hardware, Protocols, and Part Two?
Join the Interrupt Slack â â
â â Watch this episode on YouTubeâ â
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
-
In todayâs Coredump Session, the team dives deep into the world of over-the-air (OTA) updatesâwhy they matter, how they break, and what it takes to get them right. From horror stories involving IR updates in a snowstorm to best practices for deploying secure firmware across medical devices, this conversation covers the full stack of OTA: device, cloud, process, and people. It's equal parts cautionary tale and technical masterclass.
Key Takeaways:
OTA is essential for modern hardwareâwithout it, even small bugs can require massive field operations.Good OTA starts early, ideally at the product design and architecture phase.Bootloaders, memory maps, and security keys must be carefully planned to avoid long-term issues.Staged rollouts and cohorts help mitigate fleet-wide disasters.Signing keys and root certificates should be treated like firmwareâversioned, updatable, and secure.Real-world constraints (medical, smart home, etc.) make OTA more complexâbut not optional.Testing both the update and the update mechanism itself is critical before going live.When OTA fails, fallback plans (like dual banks or A/B slots) can be the difference between a patch and a catastrophe.Chapters:
00:00 Episode Teasers & Intro
03:29 Meet the Guests + OTA Gut Reactions
05:33 Why OTA Is Non-Negotiable
03:29 The OTA Wake-Up Call: Why You Need It
09:31 Building OTA into Hardware from Day One
16:49 Cloud-Side OTA: Cohorts, Load, and Timing
21:53 OTA in Regulated Industries
30:10 When OTA Breaks Itself
34:44 Minimizing OTA Risk: The Defensive Playbook
41:18 OTA and the Matter Standard
47:17 Networking Stacks, Constraints, and Reliability
51:11 Security, Scale, and the OTA Future
â â â â Join the Interrupt Slack
Watch this episode on YouTube
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
-
In todayâs Coredump Session, we unpack the full story of Bluetoothâfrom its PDA-era beginnings to its rising role in cloud-connected devices. With insights from Memfaultâs Chris Coleman and François Baldassari, along with Bleconâs Simon Ford, this wide-ranging conversation explores how Bluetooth Low Energy has evolved, where it thrives (and doesnât), and why itâs often the right tool, even if itâs not a perfect one. Expect history, hot takes, and practical guidance for building better Bluetooth-powered products.
Key Takeaways:
Bluetooth Low Energy (BLE) and Bluetooth Classic are fundamentally differentâand BLE was never just a âliteâ version.BLE's strength lies in its low power consumption and quick connection setup, making it ideal for peripheral devices that sleep most of the time.Use cases like audio, asset tracking, and cloud sync continue to shape BLEâs evolution, and new specs like LE Audio and PAwR are expanding its reach.Bluetooth wins not because itâs perfectâbut because itâs practical: globally adopted, low-cost, and well-supported.Debugging Bluetooth at scale requires collecting connection parameters, analyzing retries, and understanding phone ecosystem quirks.BLE Mesh adoption has been underwhelming, with real-world complexity often outweighing its theoretical benefits.Expect to see BLE turn up in more places, including MEMS sensors and energy-harvesting devices, not just consumer gadgets.Designers should understand trade-offs in connection intervals, latency, and power draw when choosing Bluetooth for cloud or local connectivity.Chapters:
00:00 Episode Teasers & Intro
01:10 Meet the Guests: Bluetooth Roots at Pebble, Fitbit, and Blecon
06:51 BLEâs Breakthrough: The iPhone 4S Moment
10:22 BLE vs Classic: Why It Took Off
14:39 Specs That Shifted Everything: Packet Length, Coded PHY & LE Audio
21:41 Is BLE Still Interoperable? And Does It Matter?
28:22 The BLE Cloud Puzzle: Gateways, Phones & Golden Gate
38:40 BLEâs Sweet Spot: Power, Latency & When It Just Works
47:12 Operating BLE Devices in the Wild: What to Track & Why
57:40 Mesh Ambitions vs Reality
â â Join the Interrupt Slack
Watch this episode on YouTube
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
-
In today's Coredump Session, Memfaultâs François Baldassari and Chris Coleman unpack the sweeping impact of new IoT security regulations like the CRA and the Cyber Trust Mark. From shocking real-world exploits to smart compliance strategies, they explore what these changes mean for hardware teams and the future of connected devices. If you ship firmware or build IoT products, this oneâs essential listening.
Key takeaways:
IoT security is no longer optionalânew regulations like the CRA and Cyber Trust Mark make it mandatory.Most connected devices today are still dangerously undersecured, with outdated stacks and poor OTA support.Open source platforms like Zephyr can make compliance easier by pooling security resources across companies.OTA (over-the-air) updates are now a requirement in both US and EU regulations.The CRA introduces SBOM (Software Bill of Materials) requirements to track vulnerabilities in dependencies.Observability, encryption, and secure boot need to be built in from the startânot as last-minute add-ons.Compliance will vary based on device criticality, but self-certification will be the norm for most companies.Ignoring security costs more in the long runâboth in reputation and risk.Chapters:
00:00 Episode Teasers & Intro
01:03 Meet the Hosts: François and Chris from Memfault
03:40 Why IoT Security Is Still So Behind
07:15 Vulnerabilities, Legacy Chips, and Whoâs to Blame
10:12 Wireless Protocols: Still a Huge Attack Surface
13:28 If You Ship Without OTA, You're Asking for Trouble
20:50 Introducing the CRA and Cyber Trust Mark
23:38 What the CRA Actually Requires
31:45 Reconciling Security Monitoring with GDPR
34:07 Cyber Trust Mark vs CRA: US vs EU Approaches
41:05 What You Can Do Today to Prepare
46:33 How Long Do You Have to Support a Device?
52:19 Attack Surfaces: Even a Projector Isn't Safe
56:06 Lifecycle Support and Product Lifespan Realities
58:51 Observability in Low-Resource Devices
1:00:34 Connected Architectures & Multichip Compliance
1:01:43 IoT Devices with Limited Bandwidth & OTA Constraints
Join the Interrupt Slack
â â â â Watch this episode on YouTube
Follow Memfault
â â LinkedInâ â â â Blueskyâ â â â Twitterâ âOther ways to listen:
â â Apple Podcasts
iHeartRadioâ â
â â Amazon Music
GoodPods
Castbox
â â
â â Visit our website
