Category: Uncategorized

Recently, a new “breed” of IP-based KVM devices has been released. In the past, IP-based KVM devices required dedicated “server-grade” hardware using IPMI. They often cost several $100 per server, and are only available for specific systems that support the respective add-on cards. These cards are usually used to provide “Lights Out” access to servers, allowing a complete reboot and interaction with the pre-boot environment via simple web-based tools. In some cases, these IPMI tools can also be used via various enterprise/data center management tools.

The first “non-datacenter grade” device that provided similar capabilities to arbitrary systems was the “PIKVM”[1]. This device was based on a Raspberry Pi and combined various add-on cards (HDMI capture and USB device ports) to turn the Raspberry Pi into a remote access device. But even the PIKVM wasn’t cheap. The hardware cost added up to around $100-$200. Fully assembled devices are available for around $300. While within reach for some hobbiists, it was still too expensive for many.

More recently, A chinese company, Sipeed, started offering a “NanoKVM” [2]. This device offers comparable capabilities for as low as $30 for a bare bones version ($60 for a more full-featured assembled version). The NanoKVM uses a very minimal RISC CPU and runs a stripped-down Linux variant providing just enough features to act as a servicable KVM. Consumer-oriented device manufacturers like GL-INET and others have released similar devices competing directly with the “NanoKVM”, often offering some additional capabilities.

But turning these devices into a ubiquitous commodity has not come without problems. 

Some have accused Sipeed of installing deliberate backdoors in their devices and delaying addressing security vulnerabilities. Ultimately, you should never deploy a device from a vendor you do not trust. I am not able to answer for you, but you need to figure out if this is a risk you are willing to take. A device like an IP KVM will always have direct access to your system, and it will be able to intercept keystrokes and video output. Many of the alleged vulnerabilities, like insecure firmware updates, are sadly very common in consumer devices. The NanoKVM will download firmware updates from Sipeed’s servers in China. It will report some system status with these requests, which again is not that unusual. Sipeed offers other products (for example, camera systems) built around the same RISC board, explaining things like microphones and such that are located on the board. For more details, see the reports released by Tom’s Hardware in December [3].

Here are some tips to consider when installing one of these devices:

1. Do not expose the device to the Internet

Just like any administrative interface, do not expose the KVM to the internet. In particular, for KVMs, there is often a need to access them remotely. After all, you could reboot the system without KVM if you are at the same location as the system. Luckily, these KVMs often support Tailscale out of the box, or can support it with simple additional installs. Tailscale provides a simple VPN and NAT bypass solution to access systems even if your IP is dynamic. Any other VPN solution will work as well, but this usually requires you to operate some kind of “bastion host” at a cloud provider if you do not want to rely on the VPN offered by your firewall/router.

2. Set up strong authentication

PiKVM at least offers MFA via one-time passwords. I have not seen much else, but this is a reasonably good solution for this purpose. Just don’t forget to enable it. NanoKVM considers MFA a “TODO Item”. I don’t think it has been implemented yet. 

3. Configure TLS

Even running over a VPN, you should still use TLS to connect to your KVM to avoid MitM issues. This requires a valid certificate, either issued by an internal or public CA. I was able to install “certbot” without too much trouble on a PiKVM. If you are unable to automatically renew certificates, use an internal CA, which can issue certificates with a longer lifetime. But avoid self-signed certificates that are not recognized as valid by your browser.

NanoKVM specifically points out in its manual that the system is not quite able to support the full bitrate over TLS, and you may see some dropped frames. This is annoying but usually not a deal breaker for simple remote access during emergencies. It may be an issue if you use the KVM for more routine work, for example, if you attempt to use a laptop located in the US from an office in North Korea to work your remote job.

4. Logging

I wrote in the past about securing out-of-band access. One thing I see often missing, even with devices like console servers, is a decent logging or alerting solution to track use of the OOB access. At least log to a central syslog server. In some cases, I implemented little scripts that alert me of each login via SMS and e-mail. 

5. Console Access Security

Once you are using a KVM to access your system, it is important to implement authentication on the system connected to the KVM. You should have the standard login and auto-logout/screen lock features enabled, just as you would on a system sitting in an office.

6. Test

OOB systems are usually used infrequently. It is important to verify that the system is working and configure alerts in case they are not. Sadly, it all too often happens that systems like this are “Dead” for a long time, something that is only noticed during the emergency when they are used. Some simple monitoring scripts should check that the system is operating correctly.

 

[1] https://pikvm.org

[2] https://sipeed.com

[3] https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in-sipeed-nanokvm

—

Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu

Twitter|

Moneywise and Yahoo Finance LLC may earn commission or revenue through links in the content below.

Rich Dad Poor Dad author Robert Kiyosaki is known for making bold predictions about the market.

He declared, “Best time to get rich is approaching,” in a post on X back in July 2024 (1).

But the renowned author has also warned that “real estate markets are crashing” and “bad times are coming.”

So far, markets have been volatile but resilient. Despite sharp swings earlier in the year, the stock market has largely rebounded. The benchmark S&P 500 index is up more than 17% year-to-date as of late December (2).

Still, Kiyosaki insists the danger hasn’t passed — because, in his view, market collapses don’t unfold all at once.

In a recent post on X, he warned, “Crashes don’t happen over night. Crashes take decades to occur (3).”

Regarding how to navigate the hard times, Kiyosaki shared some wisdom from Rich Dad, his mentor and inspiration for the book.

“As my Rich Dad taught me…. ‘If you don’t learn how to make money in your sleep… you’ll never be rich.’ The time to make money in your sleep is arriving now,” he wrote (1).

His suggestions are rather straightforward, including “keep studying”, “attend seminars” and “listen to successful people.”

Kiyosaki also provided more detailed insights on what lies ahead and how to capitalize on it.

The rationale behind Kiyosaki’s “bad times” warning appears to be technical.

In a X post on Dec. 10, Kiyosaki wrote, “This crash the world is going through now, possibly the worst crash in history, started back in 1913 , 112 years ago, when the Marxist US Federal Reserve Bank….took over America’s monetary system (3).”

A market crash of this magnitude could be devastating for most retail investors.

For instance, during the housing and credit crisis of the late 2000s, American households lost approximately $16 trillion in net worth (4).

A more recent example is the stock market selloff in 2022. Although it pales in comparison to Kiyosaki’s projections of the biggest crash in history, CBS News reported that 401(k) and IRA plan participants experienced an estimated loss of around $3 trillion (5).

However, Kiyosaki also highlighted that there will be winners.

“The good news for those who study monetary history, they will grow richer as the price of gold and silver, “Gods Money,” and Bitcoin and Ethereum, “people’s money,” go up in value as the Fake Fiat money system collapses,” he elaborated in the same post (3).

Read more: Warren Buffett used 8 solid, repeatable money rules to turn $9,800 into a $150B fortune. Start using them today to get rich (and stay rich)’

Kiyosaki’s positive outlook on these assets stems from his lack of confidence in the U.S. and flat currency.

He stated that gold, silver, and Bitcoin investors anticipate a long-term bull market cycle for these assets because the U.S. is “the biggest debtor nation in history” and because “faith and confidence in ‘FAKE’ money is dissolving.”

Kiyosaki predicts these assets will surge after the crash, making bold predictions about their potential prices.

“I believe silver will go through $100 in 2026 … possibly $200 an ounce,” he claimed in an X post on Dec. 28 (6).

Kiyosaki made even bolder predictions about the price of gold. In a separate post last month, he wrote, “My target price for Gold is $27k. I got this price from friend Jim Rickards….and I own two goldmines (7).”

This past year has been big for precious metals. Silver prices have surged over 160% in 2025, making it the best performing asset of the year (8). Gold came in second, with prices rising by more than 66% over the same period (9).

With Kiyosaki predicting that this rally will continue into 2026, those who want to capitalize on this market as a long-term investment can tie their potential growth to their retirement accounts.

One way to invest in precious metals that also provides significant tax advantages is with a gold IRA through Goldco.

This retirement account can help you stabilize your finances by allowing you to invest directly in physical precious metals rather than stocks and bonds.

Goldco is widely regarded as one of the leading companies in the space, with a 4.8/5 rating on Trustpilot and an A+ from the Better Business Bureau. They also offer a guaranteed buyback program, meaning they’ll repurchase your metals at the “highest price” according to market value if you ever decide to sell.

What’s more, With a minimum purchase of $10,000, Goldco offers will match up to 10% of qualified purchases in free silver.

If you’re curious whether this is the right investment, you can download your free gold and silver information guide today.

While many traditional investors have stayed away from Bitcoin due to a lack of understanding of the market, as Kiyosaki notes, now may be the time to get in before the rise.

If you’re interested in investing in Bitcoin, you might consider investing through platforms like Robinhood Crypto, which has the lowest trading cost on average in the U.S.

You could get up to 2.6% more crypto through Robinhood compared to other traditional brokerage platforms.

You can buy and sell with as little as $1, without having to pay an arm and a leg in trading fees or commissions.

But investing in cryptocurrencies comes with its own set of risks, especially if you’re planning on retiring soon or saving for a big purchase.

For instance, a flash crash in October caused Bitcoin prices to fall by nearly 10% within minutes, triggering panic across the cryptocurrency market. The sell-off spread fast, ultimately wiping around $500 billion from the crypto market’s total value within 24 hours (10).

Kiyosaki is known for his extreme market predictions, but you may want more advice before you plunge into new investments.

A financial advisor can help you figure out exactly how much you should invest in these assets, depending on financial goals and aptitude for risk.

That’s where platforms like Advisor.com come in.

Advisor.com connects you with vetted SEC/FINRA-registered financial advisors near you for free. All you have to do is answer a few simple questions about your finances, and Advisor.com matches you with a certified expert.

Since their roster comprises fiduciaries, they’re legally obligated to act in your best interests.

Hiring a financial advisor can be a lifelong commitment. That’s why Advisor lets you set an introductory meeting with no obligation to hire with your match to see whether they’re the right fit.

We rely only on vetted sources and credible third-party reporting. For details, see our editorial ethics and guidelines.

@theRealKiyosaki (1), (3), (6), (7); MarketWatch (2); Investopedia (4); CBS (5); Apmex (8), (9); Coindesk (10)

This article provides information only and should not be construed as advice. It is provided without warranty of any kind.

A man accused of raping another patient at a Boston hospital is set to appear in court on Monday afternoon.

According to the Suffolk County District Attorney’s office, Barry Howze, 55 is accused of raping another patient while admitted to the Boston Medical Center emergency room in the late evening of September 13 into September 14.

Howze was indicted by a Suffolk County jury on December 12 and will be charged with two counts of rape, one count of indecent assault and battery on a person over 14, one count of assault and battery on a person with a disability, and one count of witness intimidation.

Howze will be arraigned in Suffolk Superior Court at 2 p.m. on Monday.

This is a developing story. Check back for updates as more information becomes available.

Download the FREE Boston 25 News app for breaking news alerts.

Follow Boston 25 News on Facebook and Twitter. | Watch Boston 25 News NOW