Various crypto attacks have come to light. BetterCrypto talks of the LogJam Attack (a Diffie-Hellman weakness exploit) and how to mitigate its issues. The site also has a Applied Crypto Hardening document, which is over 100 pages long, for how to how to harden common crypto-utilizing systems.
The post lead to look at crypto devices for carrying around private keys and performing two factor authentication for Linux. One site I came across was performs his initial trials of Linux based smartcards.
Coming at the problem from a different direction, I came across someone using a Programming the FST-01 (gnuk) with a Bus Pirate + OpenOCD. This article is about getting gnuk devices to work with the Debian releases. The interesting twist here is that the author wanted to actually customize the devices. I didn't think this was possible. But the article talks about using a programmer which uses SWD support to get down and dirty with the hardware. OpenOCD, which is the short form for Open On Chip Debugging, forms a primary role in the article.
On Chip Debugging opens up a whole new avenue of exploration for Embedded Systems Desgn. The Bus Pirate, mentioned above, can be found at Dangerous Prototypes
As part of some embedded solutions I am looking at, I picked up a few NVIDIA Jetson TK1 devices. It is cool that Christian's Blog talks about Debugging the Linux kernel via JTAG on the NVIDIA Jetson TK1 / Jetson Pro DevKit where JTAG is a very common mechanism for On Chip Debugging and testing.
Going a little further afield, I came across sigrok which is a project aiming at "creating a portable, cross-platform, Free/Libre/Open-Source signal analysis software suite that supports various device types (e.g. logic analyzers, oscilloscopes, and many more)." Rigol seemed to be a manufacturer of respected, compatible devices.
Even further afield, not crypto related, but something interesting, I came across an interesting DSP based solution with the TMS320F28016 development board which is "known to be the world's lowest cost 32-bit Real Time Microcontroller (DSP) with a build in CAN".
While on the subject of crypto, here is something on how to Secure Secure Shell (SSH). SSH has the capability of using many different crypto combinations. The default may not necessarily be the best. This describes the more secure combinations and how to use them.
While on the subject of hardening, a site describing Hardening your HTTP response headers. Mostly, IIS, but some nginx and a tiny bit apache.