crest 31 minutes ago

One the one hand adding radios (WiFi, LTe) to KVM over IP device sounds tempting on the other hand given the track record of KVM over IP devices it sound terrifying to give them the ability of bypass points of policy enforcement.

toast0 10 hours ago

Looks like the pcie slot is just used for power?

I'd love to see something like this where the board had a basic video card, so you could use it in a system without any video output. Bonus if it also had a usb controller and a serial port, so it didn't need to loop to plugs (although some of that could happen on the internal side as well)

  • wolrah 2 hours ago

    Likewise, I have never been able to get a satisfying answer as to why no one seems to be willing or able to put the same ASpeed AST2x00 chips that it seems half the OEM IPMI/iKVM/whatever solutions use on a standard PCIe card instead of embedding it in the motherboard or using some proprietary interface.

    I have never been able to identify a technical barrier to doing this, the important features most people actually care about are implemented over a 1x PCIe link and USB, plus a couple of GPIOs to twiddle the power/reset button connections. Most OEM implementations also connect to the LPC bus and others on the server board to allow more in depth diagnostics, voltage logging, etc. but those are bonus features and not requirements for a useful product. I do not see any technical reason a useful generic PCIe implementation couldn't be produced, and as a result I have a strong feeling that the lack of such products is an intentional choice by one or more of the vendors involved to increase margins by pushing users who want these features up to entry level server boards instead of sticking a card in a higher-end desktop board that might better fit their needs.

    • toast0 an hour ago

      M.2 A or E might be better for this actually. A lot of boarda have slots for wifi/bluetooth with PCIe and USB. Would need a cable to a panel mount network jack and to pull in the front panel switches.

  • wkat4242 10 hours ago

    Basically like Dell's old DRAC boards. They used to do exactly that.

smcleod 4 hours ago

I have the standalone unit and other than the painfully slow 100mbit Ethernet that's too slow to upload ISOs and which also doesn't work with many modern switches - it's really nice for the price.

The problem with a pcie one for me is that modern motherboards suffer from having hardly any PCIe ports - and when they do they're mashed in close to each other essentially making one useless if you have a decent GPU.

NetworkPerson 14 hours ago

From the article “It would be laughable to argue the low-end SG2002 AI SoC poses a threat to any country…”

I can see a great deal of trouble capable of coming from a networked device capable of watching the screens 24x7 and potentially intercepting passwords being entered. And those are the legitimate functions for this device. Wouldn’t take much to throw a reverse shell for external access if you wanted to be particularly nefarious.

Not saying there’s any evidence this kvm is malicious. But I probably wouldn’t put it in anything more than one of my toy home lab servers.

  • theamk 10 hours ago

    I was worrying about typical Chinese cloud you cannot turn off (seems to be present on all cheap IP cameras), but this device is actually pretty good.

    For remote access, there is no cloud. But you can BYO tailscale or FRP [0] (note: I really like the FRP idea, as it's trivial to self-host)

    For updating, there is a central server. But at least the process seems to be manually-initiated [1].

    I am not saying the firmware is backdoor-free, but at least it would be feasible to monitor/block all outgoing network connection attempts, and still have a functional device.

    [0] https://wiki.sipeed.com/hardware/en/kvm/NanoKVM/network/tail...

    [1] https://wiki.sipeed.com/hardware/en/kvm/NanoKVM/system/updat...

    • poisonborz 8 hours ago

      You can selfhost the control server, look at headscale, all the clients support this.

    • wkat4242 10 hours ago

      What's FRP? Your source link speaks only of tailscale.

      • dzidol 2 hours ago

        Just open the link about tailscale, in the page it's one tab below on the left.

metadat 12 hours ago

Are there feasible open alternatives to this closed-source blob? The fundamental capabilities seem nice, on paper.

Also, is there Windows / Mac compatibility?

  • wkat4242 10 hours ago

    They are open sourcing it apparently. At least they promised.

    And yes it works fine on windows. I've got one. Haven't tried it on Mac yet though.

mherkender 12 hours ago

This is a great device but I can't imagine giving so much power and control to a closed-source, self-updating device.

  • smcleod 4 hours ago

    They opened the standalone unit, assuming this will be also?

  • theamk 10 hours ago

    Hey, billions of people use Windows and Mac OS.

    • navigate8310 10 hours ago

      But billions of people don't use Sipeed NanoKVM that gets an OOBM access to critical infrastructure

      • wkat4242 10 hours ago

        Yeah mine is on a non-internet-routed VLAN for that purpose. I access it through my vpn only. It doesn't even have outgoing internet access.

      • znpy 6 hours ago

        many more use closed source kvm solutions built-in into servers, so...

        as an homelabber, i'm using HP's iLO on my gen8 microserver for example.

jauntywundrkind 11 hours ago

Worth mentioning Sophgo (CPU maker here) just got added to US Sanction list for helping China dodge semiconductor sanctions.

Apparently it's the Bitmain cryptominer folk? Nice context from Tom's.

https://www.tomshardware.com/tech-industry/artificial-intell...

  • Bluestein 39 minutes ago

    Worth mentioning also, it apparently has non-configurable (to off) root:root SSH on by default, according to the comments ...