1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Securifi Introduces IoT Security Service

Discussion in 'General Network Security' started by thiggins, Jan 4, 2017.

  1. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    13,795
    [​IMG]
    Securifi announced an IoT subscription security service for its Almond 3 router at CES 2017

    Read on SmallNetBuilder
     
  2. mike2h

    mike2h Regular Contributor

    Joined:
    Mar 17, 2015
    Messages:
    56
    and how secure is IoT?:(
     
  3. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    13,795
    Not very in too many cases. Hence, the service.
     
  4. mike2h

    mike2h Regular Contributor

    Joined:
    Mar 17, 2015
    Messages:
    56
    hopefully the IoT gets significantly more secure sooner rather than later. paying a monthly fee to secure your devices -that should be secure in this day & age, is ridiculous. that being said, better safe than sorry
     
  5. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,248
    Location:
    Canada
    I have a feeling IoT will never be truly secure. One big reason is, a lot of IoT devices are low-cost, low investment products. Security requires extensive R&D, and a way to easily, and promptly upgrade devices when new security issues are found.

    So while the large manufacturers will get IoT done right in the end, those 20-50$ connected gadgets will never be trustworthy.

    Also, can you imagine the home of the future, where you have about 30-40 different devices connected to the Internet, and someone discovers a flaw in something as pervasive as, say, openssl or busybox? 30-40 devices in need of updating ASAP. The vast majority of users will say "screw that"... Heartbleed should have been the warning bells there. Yet, still plenty of unpatched devices and servers out there.

    Imagine spending a night or two downloading and flashing 40 separate devices... And no, automatic updates is not the solution IMHO. Even large corporations like Microsoft regularly screws with an update (I'd say 1-2 broken updates get pushed per year by them these days), so imagine a resource-limited outfit being responsible for pushing an emergency security update. I'd pass.

    So IMHO, there will be a serious need for advanced monitoring and analysis services in the future. Just like your home's security alarm, but for your Internet-connected devices. And with machine learning/AI getting really great these days (we are now able to teach a computer how to drive simply by having it watch a human doing so), this is the way of the future in terms of security.
     
  6. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,991
    Location:
    San Diego, CA
    testing/qa would take much of the burden - and trying to fix something that is already broken can be extremely difficult.

    Even the big names are at risk here - as many issue a set of design specs and an RFP to the collective ODM community...

    And there - the ODM's take the chipset's board support package, wrap some features into it, skin it with some nice UI chrome, and ship it - so nice little boxes on the Big Box shelf with big labels...

    So to that end - it's the chip vendors themselves that can help out in a big way by putting into practice the reasonable safeguards...

    Don't ask - this would be a huge task for an advanced user/device/network geek to try and track all those devices, watch for updates, and then apply them - I'll pass on that as well...

    Monitoring is a good step forward - the other would be to build/enable a sandboxed hub that all these things can associate into, and that hub can do some policy and management control for that sandbox...
     
  7. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,248
    Location:
    Canada
    Maybe it's time to consider VLANs as becoming the next business-class technology that needs to reach our homes. There's no reason why your IPCam should require access to your NAS, for instance...

    Home router manufacturers are on a roll lately with feature additions. Adding an easy-to-handle VLAN configuration to home routers should come next.
     
  8. mike2h

    mike2h Regular Contributor

    Joined:
    Mar 17, 2015
    Messages:
    56
    to tell the truth I don't think there is anything available rt now that is worth buying, let alone taking the risk associated.
    thx for info guys.
     
  9. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    13,795
    Has anyone looked at Bitdefender?
     
  10. CaptainSTX

    CaptainSTX Very Senior Member

    Joined:
    May 2, 2012
    Messages:
    1,807
    I run Astrill VPN on my router and most devices with the exception of most of my IoT devices are handled as VPN traffic. The downside is that anything connected using a VPN isn't protected by your home router's firewall since the traffic is encrypted and not visible to the firewall.

    Astrill has a NAT add on feature (extra cost ) that runs on the Astrill VPN server you are connected to before going out onto the WWW that provides the firewall protection that your home router provides for unencrypted traffic.

    Over kill perhaps, but with what is happening lately it doesn't look like any amount of protection is to much.
     
  11. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,248
    Location:
    Canada
    While a lot of IoT devices are just toys and gadgets (or proof-of-concept being sold as actual production devices), some of them do have their usefulness. For instance, think about a smart lock that a disabled person would be able to remotely lock/unlock through a smartphone, without the need of going to the door. Another of my customers have a secondary lodging up north, where he and his wife go for the weekend. They recently installed smart thermostats, so they can remotely raise the temperature as they are on their way there.

    It's always a matter of having the right technology for the right task. Quite often, we (technological junkies) like to have tech gadgets only for the tech, not for the actual need.
     
    mike2h likes this.
  12. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,991
    Location:
    San Diego, CA
    Something I've been sorting... and something I've been very concerned about.

    My concern is more the non-techies - most of us know how to wrangle devices/services...

    (Wife asked - should we get Alexa - I'm like - NOPE, not going there - and Siri is disabled on the i-devices - we have one android device, but no mic on that, and it's a hacker box at the end of the day, vlan'ed out to the same subnet as work/directv) - joe six pack can't/won't sort this...
     
  13. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,248
    Location:
    Canada
    That's where having a security watchdog on your network might make it easier to deal with for the non-tech people.