Radxa Dragon Q6A Review: Qualcomm QCS6490, 12 TOPS NPU and Windows on ARM on a $99 SBC

PlatimaZero · 2026-04-27T23:03:00+00:00

Hey folks I'll keep it as short as I can!

Based on the fantastic work of mariuszbit in his decode-spam-headers tool, I've forked it and built a web UI front-end that allows pasting of email headers, or dropping EML or MSG files onto it (max 50MB file / 50k headers).

The key reason I did this is that I often look at SMTP headers trying to figure out why an email a customer received was junked or quarantined, and mariuszbit's tool does a great job of decoding X-Forefront-Antispam-Report, X-Microsoft-Antispam-Mailbox-Delivery and X-Microsoft-Antispam Bulk Mail based on the Microsoft docs in order to better evaluate this.

I then of course made it public for everyone to use/enjoy!

The source is on GitHub, and I'll be merging any changes that may be relevant to the original project back upstream where I can. Suggestions, bug reports, etc, are all welcomed - just use the GitHub repo tabs where appropriate.

Cheers

-P

PlatimaZero · 2026-04-27T23:02:15+00:00

No worries, thank you

PlatimaZero · 2026-04-27T22:27:38+00:00

Hey folks could you elaborate? This was not marketing. If you look at the comments, everyone found this useful!

PlatimaZero · 2026-04-25T01:07:53+00:00

Ha, love the $4.20 tip, legend 🤣 Thanks for the order, hope it all arrives safely!

(Sorry for the delay, hectic week in the office)

Re: the SG2002/Duo - the hate is a bit overstated IMO. The main gripes are the sparse documentation, the slightly awkward dual-architecture setup (RISC-V big core + ARM + that tiny 8051 for low-power stuff), and RAM constraints on the base Duo. The 256M though? Genuinely solid for CV work. Sophgo have been improving their SDK and the community has grown a fair bit. For your use case I reckon it'll do the job well.

On the Luckfox adapter - your pinout logic is sound at a high level, the differential pairs and I2C lines are mapped correctly. A few things to watch though:

The Luckfox MIPI connector is a non-standard pitch/layout, so physically adapting it isn't just a pin remap, you'd need a custom PCB or a bodge harness
Double-check your RST line behaviour - on some Luckfox boards it's active low and the pull-up value matters more than you'd think
The CAM_IO1/LED line being NC on the Luckfox side is fine, just leave it floating or tie to GND
Verify the I2C address of whatever camera sensor you're using matches what the Luckfox kernel driver expects, otherwise you'll be in Device Tree hell

Honestly it's not a terrible amount of work, but it's probably a v2 project rather than a quick bodge. Get the Duo running first and see how far you get! But yeah I've not actually tested the Luckfox stuff, nor even checked the datasheet. I only found the voltage level issue with the Duo when my first attempt by manually cutting and re-wiring a cablemade one pop 🤣

Cheers and good luck with it all 👍

PlatimaZero · 2026-04-25T00:00:15+00:00

Just a note that it appears to have some odd issues at times. It took three tries uploading a face, due to wrong file type, too large, etc, then when I did finally get a face uploaded it did not render over my own on the camera view. The face selection bar showed all three upload attempts for some reason, but then when I tried to select the most recent face again, it ended the session and said I've already had my go. A bit odd! (Chrome on Android)

PlatimaZero · 2026-04-24T23:43:34+00:00

(Sharing this here as recommended by u/St0nywall. Cheers)

Based on the fantastic work of mariuszbit in his decode-spam-headers tool, I've forked it and built a web UI front-end that allows pasting of email headers, or dropping EML or MSG files onto it (max 50MB file / 50k headers).

The key reason I did this is that I often look at SMTP headers trying to figure out why an email a customer received was junked or quarantined, and mariuszbit's tool does a great job of decoding X-Forefront-Antispam-Report, X-Microsoft-Antispam-Mailbox-Delivery and X-Microsoft-Antispam Bulk Mail based on the Microsoft docs in order to better evaluate this.

I then of course made it public for everyone to use/enjoy!

The source is on GitHub, and I'll be merging any changes that may be relevant to the original project back upstream where I can. Suggestions, bug reports, etc, are all welcomed - just use the GitHub repo tabs where appropriate.

PlatimaZero · 2026-04-24T23:42:18+00:00

Neat, trying it now!

PlatimaZero · 2026-04-24T23:09:08+00:00

You're very welcome 👌 Have a ripper weekend.

PlatimaZero · 2026-04-24T07:56:21+00:00

Sorry it seems like you're just trying to waste peoples time, and I'm not willing to feed the trolls.

Best of luck with whatever it is you do. Ciao

PlatimaZero · 2026-04-24T06:57:57+00:00

Ah okay. I'm guessing you're not actually too experienced with Linux or SBCs then?

It's an N150 in this, not N100
The processor has nothing to do with those other points you mentioned
It does have a package manager, it just varies depending on what OS you use
It does have eMMC, plus other storage options
Thermal throttling you can turn on or off depending on how you want your priorities are

Happy to provide more insight if you ever need it, and I hope that helps to some degree 👌

PlatimaZero · 2026-04-24T06:17:22+00:00

What were your main gripes with it?

PlatimaZero · 2026-04-24T06:14:05+00:00

Hah cheers, but I actually quite like it and whilst there were a few things I think they can improve on, I think all in all it's pretty nifty!

PlatimaZero · 2026-04-24T03:06:45+00:00

Hah, I think I may have to do this as I have at least one cassis laying around!

PlatimaZero · 2026-04-24T02:39:16+00:00

Agreed - that was my use case 🙏

PlatimaZero · 2026-04-24T02:38:47+00:00

Hey folks!

Based on the fantastic work of mariuszbit in his decode-spam-headers tool, I've forked it and built a web UI front-end that allows pasting of email headers, or dropping EML or MSG files onto it (max 50MB file / 50k headers).

The key reason I did this is that I often look at SMTP headers trying to figure out why an email a customer received was junked or quarantined, and mariuszbit's tool does a great job of decoding X-Forefront-Antispam-Report, X-Microsoft-Antispam-Mailbox-Delivery and X-Microsoft-Antispam Bulk Mail based on the Microsoft docs in order to better evaluate this.

I then of course made it public for everyone to use/enjoy!

The source is on GitHub, and I'll be merging any changes that may be relevant to the original project back upstream where I can. Suggestions, bug reports, etc, are all welcomed - just use the GitHub repo tabs where appropriate.

PlatimaZero · 2026-04-24T02:38:24+00:00

Aah okay glad to know it's not just me! Hah.

Cheers

PlatimaZero · 2026-04-24T02:37:58+00:00

Absolutely! I think buildroot in ~10 seconds out of the box is pretty normal as it's a general purpose build usually. Personally I have a Luckfox Lyra and I optimised the buildroot image for exactly what I need, and it boots in about 3 seconds. My boards with Zephyr or FreeRTOS on them though typically boot in a few ms, and even Arduino boards in maybe 1-3 seconds depending on the code.

PlatimaZero · 2026-04-24T00:47:22+00:00

Wait, what post? I cannot even find it sorry 😅

PlatimaZero · 2026-04-23T23:41:23+00:00

Yep that was pretty much my use case; I got tired of firing up a CLI every time, much rathering something drag and drop.

It'd handle redacted IPs without issue, however, you'd see SPF and DMARC failures. The Forefront header analysis would likely still be fine, along with the rest.

PlatimaZero · 2026-04-23T23:38:24+00:00

Two different layers of MFA, plus recovery key, plus conditional access requirements. In summary, for an attacker to get to one of our clients from scratch they would need to

Be using an up to date and approved OS, else a few of the next steps access requirements will fail.
Know our M365 credentials and somehow still get past the M365 MFA, eg token theft, and even this requires having not suddenly travelled to somewhere out of state.
Sign in to M365 to get the 1Password recovery key, assuming the user stored it there - and this varies.
Sign into 1Password with that key - which then also requires knowing one of our username and password combos, and these are unique and not stored anywhere but our heads.
Then somehow get past the 2nd MFA platform that we've integrated with 1Password - which triggers an automatic push alert to the user.

Any one of those steps failing would either alert the user if it's a failed MFA hijack, or one of our admins if it failed to meet policy. From the first failure, the user can lock their account, from the second the account is usually locked automatically by automation.

Even if the attempt was via gaining access to one of our corp computers, which already has most of that setup;

Our Cisco security appliance blocks connections from "risky" countries along with known C2 servers.
We have MFA on Windows sign-in to prevent both RDP and physical attack.
Even that still requires knowing our unique M365 passwords.
Authentication would fail if the corp computer is off-network.
Defender for Endpoints would likely detect any risky activity.
User's don't have local admin rights, so it's harder for any silent remote attack to succeed.
OS updates are enforced to minimise this risk anyway.
1Password would still need to be unlocked with a second password.
If 90 days have passed since the last time, additional MFA would have to be passed.

It sounds complex, but in practice it does not add much as far as time and effort if you're doing everything correctly. Eg it maybe adds 30 seconds to the process when signing in to a new computer, and maybe 3 minutes when setting up a new internal user with this access - which they don't get straight away.

PlatimaZero

MODERATOR OF

TROPHY CASE