That moment when you look around your workplace and realize, YOU ARE THE SECURITY RISK!

Image result for trojan horseI talked yesterday about the two huge risks that are sitting between you, your devices and your workplace. In particular yesterday the discussion focused on the risk for business’ as they have employees connected from home.

There is an easy way to solve the problem, not allow workers to connect from home. It reduces the attack surface and decreases the overall organizational risk. It isn’t a great employee retention idea, but it is a great security idea.

The other option is to help home users improve their security. The beauty of improving home network security is that you can also begin to move a little on the other issue. That of declining home bandwidth. Today, you need much larger download than upload speeds. The only issue there is the reality of what IoT brings. More uploads that are constant and consistent. And a most likely a home router that doesn’t have a huge cache. The cache or buffer is used to manage the flow of information from your devices to the internet and from Internet devices to your home. The larger the cache the slower the connection you can have without lots of pauses.

What causes routers to need their cache? When there are lots of devices sending acknowledgements back to the Internet. IoT devices send information to the Internet constantly. It is the value and the curse of the device.

Here is where that router comes in, both bandwidth and security. First, every device that is connected in your home sends a signal to another device (well not every device, the smart ones do). So, from NEST smoke detectors to connected thermostats and other connected devices there is a constant stream of information going out. Remember, that home router of yours has a very small cache. ISP’s don’t go decking out maximum routers. They are looking for generic, generic is much easier for their helpdesk to support that the decked out, tricked out router is.

So, all those chattering devices are talking. I have a device called Pocket Ethernet. It is an old-fashioned device. Well it is a cool new device, with an iPhone app, but it is old fashioned in the sense that once upon a time we used applications called Network Sniffers. My network is configured differently on purpose having 4 distinct network segments. The intent of that is two-fold, but the story that is told by device traffic is why the story is two-fold. First off, I have a connected weather station. I love my weather information. That connected weather station however generates traffic on my network. As does the home automation system I have. In fact, so do all the devices you have connected in your home. They connect and communicate. Google or Android based devices connect back to google for application data, information and updates to software. The same for apple devices. Each one generating network traffic.

I ran the pocket Ethernet tool for about five days. I noticed on bad days (I was working from home) I was generating about 15 megs of data uploads. My peak upload period was 54 megs. My low was 9. On a Friday night, that was not my peak but with three different people watching Netflix my uploads were running about 17 megs.

trojan horse 1Why do you care? First off because that is more than most cable models support. Most people aren’t going to have this issue today. I am an outlier today. But in a year or two, I will be far beyond the numbers you see today. You, on the other hand will probably be close to these numbers. That means if you have a 10-meg capped upload speed, your modem is going to be using its cache to maintain the uploads. Your network will fall over. When networks fall over they are more vulnerable than when all things are working.

I wrote, many years ago an article asking if the Internet could support 100% of the world’s traffic. My gut was then, no. Now that network has improved, but frankly the number of connected devices has expanded much faster. So, my gut still says we need to improve the network.

Security is best served on networks that aren’t stretched. You see a critical part of security is the ability of the device to send and receive security information. If the network is clogged, then the device sends multiple security requests. All the hacker needs are a Saturated network, and spoofing the ack response to a security request is done. You now have a hacked device. You don’t know it but you do. So, you call your provider and say increase my package for Internet. You increase your bandwidth but the hacked devices are still hacked. So, your home is compromised. You are the Trojan Horse full of Greek soldiers every time you log into your work network.

.doc

IoT pundit…

Bandwidth and security, why IoT is a risk for companies…

I will post a 3rd geek holiday gift list in the next couple of weeks. Today I am wondering. That happens from time to time. I’ve spent a lot of time over the past two months researching the impact of IoT. First off, the Internet of Things (or the more broadly based Cyber Physical Systems) presents a series of potential changes in the market. It also presents a very interesting problem.

home networkWhat do we do about bandwidth?

Today, most people get a router from the company they buy their Internet service from. That company configures the router in the way that best benefits them. They don’t send you a list of additional things you should do to minimize the future impact of devices. They advertise on TV; we are the fastest in home wireless network. But then they cap your outbound to 10 megabytes. People don’t care, they are bound and wound around the download speeds.

Download is critical for watching Netflix.

The better your download speed, the better your chances to watch Netflix on multiple devices. Of course, you have to pay for the higher Netflix service to get more than two devices at the same time but that is a bargain today (less than 12 bucks a month).

Many cable providers cap your maximum upload speed to 10 megs. What does that really mean? IT means on a Friday night your upload speeds are actually going to be 4 or 5 megs not 10. Yes, your cap is ten, but that is a never to exceed cap. When everyone is home in your neighborhood they are, all sharing the same switch. That switch is configured for the maximum value to the cable company. It is not built for you.

So, you end up with a problem. I’ve talked about this many times. Your home ISP provided router has a very small cache. It is quickly overwhelmed by the reality of data. Now, today 2016 most people won’t have this problem. Some do, but they are the cutting-edge people, they are worried about future problems and fix problems in their homes quickly.

Eventually IoT devices will overwhelm your 10-meg upload space.

That doesn’t seem like a huge problem, right? But what that means is your router has less available cache which pushes downloads to real time. OK so on a Friday night you go from 3 devices streaming media, to one or two maximum. Of course, that means you actually have to sit together in the same room and watch the same show.

Guy Fawkes maskAdditionally, by the way, if you work at home that overloaded router has an additional load during the day, your VPN or remote connection to your workplace. Seems minor right, except that there are work thing you do that REQUIRE constant and consistent network quality. Video calls? Oh, boy, you are in trouble. Audio calls? Oh, no, not the dreaded call with someone cutting in and cutting out.

One house, connected to a central switch, will cause all the other houses in that neighborhood to have less bandwidth. That creates more and more strain on the switch. Remember the cable network is built to benefit and provide Internet, but designed to benefit the cable company.

This doesn’t even start to talk about the risk of IoT. Why attack a company when instead you can attack the homes of employees that work from home? Sun Tzu wrote understand and know your enemy. But when choosing to fight, pick the battlefield that YOU CONTROL. The security of a home network is much less than that of a corporate network. Why brute force attack a company when you can instead attack the millions of IoT devices their employees have contend at home. The easy path is always the fastest and first point of attack.

anonymous-protester-occupyHackers are not a 12-year-old hunched over a computer in a hoodie. They are not wearing a Guy Fawkes mask staring at you through your video camera. They are smart, social engineers who understand the fastest way to get to a corporate network, is the remote door open for employees. Hackers are smart, they are looking for a way past the front door. Why beat on the gate of a castle when you can climb the drain pipe and end up with the crown jewels!

.doc

IoT wanderer…

Earlier than expected, my 2nd geek Christmas list…

First off to those who served thank you. Because of you we can express our ideas freely. Now that said, there are ideas that still need to be expressed, but you cleared the way for us to be able to make those statements, to be able to strive for the ideals that make us all better. Thank you, for your service.

Image result for canaryYesterday I got an email about my geek Christmas list. The question was along the lines of what about gifts in the following areas. The reader then listed a number of areas where I had done reviews in the past but had not mentioned gifts in the space.

So, I am adding to my geek gift list of yesterday. Normally I try to deliver the recommendations for Geek Gifts before black Friday. But I had intended to post the last one a then wait a week or so for the second one. But here goes, 2nd iteration of Geek Gifts 2016.

The first area is that of home video security. There are any number of competitors in the space. I have tried several of them in various tests. Most of them are good but not great. The problem with video surveillance is both the reality of video (it tends to be big) the reality of light (1/2 the time the hosue is dark, so the camera has to be able to adjust to available light) and last but not least the system needs to learn. Why learn? You need to correct false positives. In particular dogs, they tend to be in motion and that plays havoc with a motion detection system. A learning system is critical for video surveillance. Otherwise you get a lot of notifications. You also need to be able to connect to the video camera remotely to see why it alarmed. Like I said I have looked at a lot of these systems. There are many but the one I rely on personally is the Canary. The devices that Canary has produced are sleek, their software is amazing and the company is constantly improving both the software and the overall quality of the video system. I highly recommend Canary for home video surveillance and remote log in and assurance.

Image result for meeper botsOne correction from yesterday. The Mederos system doesn’t exist. The product is called Meeper Bots but my auto correct caught me and I didn’t catch it. So, the company is Meeper. They have really cool Lego interactive motorized systems.

There are any number of printing solutions you can consider at home. I’ve had many different kinds of printers over the years. While I understand the value of a cheap low cost printer, I highly advice against that. One of the problems with cheap printers is expensive ink. But the world of specialty printers is intriguing. You can actually find printers that print in icing. But the one that I really enjoy is the Pankcakebot printer. It is now available on Amazon. The printer is really fun, allows you to convert photos into pancakes. A former Kickstarter project (I reviewed this when the campaign went live more than a year ago)!

The ever expanding 3d pen market presents many options. The system that I have personally and the one I use the most is the 3Doodler pen. Yes, a pen that doodles in all 3 dimensions. The new pro version of the pen prints in both wood (special type) and metal (also special type). As well as ABS and PLA (the two predominate forms of plastic in the 3d printing world). So why is this pen so cool? First off it is an amazingly Image result for 3 doodlersimple thing to use. Literally put a stick of whatever you want to print into the pen (you do have to have material that is pre-made for 3d printing). Then when the unit has gotten to the right temperature you can draw in plastic. They (3doolder) has a great book you can get with templates, stencils and other fun kits for kids and adults. I’ve seen some amazing 3d drawings that have been created by any number of artists.

Finally, but not the last of these posts I am sure, I wanted to loop back around to yesterday’s end post of the Microsoft Hololens. VR is amazing right now. Personally, the Hololens is a great tool, but if you are starting out in the world of VR, Oculus Rift is fantastic. I really love the way you can interact with an environment in the VR world. The immersive quality of the experience is amazing. Oculus, once you load the software starts you off in a virtual living room. I watched Hulu content the other day on my virtual reality big screen TV. Just an amazing experience.

There you go, v2 of the list with more geek gifts!

.doc

Geek Christmas Guy

All I want for Christmas–the geek list!

The impact of technology is always interesting. This time of year, those who love technology eagerly await the arrival of the various items revealed at the CES (Consumer Electronics Show). It is the time of year as well for gift giving. I always try to share my thinking and thoughts on items and technologies that are well, geek approved for this time of year as gifts.

Let me say first that this list is one I personally have used or use every day. You can’t make this list if you aren’t in my hands or bag each day. There are many devices I have and use from time to time that exceed expectations, but gifts this time of year should be things you reach for and use all the time rather than the nice to have things you only use from time to time.

Let’s start out with drones. There are multiple and growing types of ROV’s now. Depending on the interests of the person we are talking about, there are underwater drones, flying drones, driving drones and of course the many specialty drones. This is a what does the person in your life need. Drones are interesting because of two factors. First off, there are two types of people who are Drones. The first type like to roll their own. The second type is into exploration. The first type of people would prefer a Drone kit so they can control the components. I like to hit the ground running so I am a finished drone guy. Based on that my gift recommendations for people like that are below:

· OpenROV for underwater fans

· Phantom DJ, for those who like flying drones

· Brookstone Rover for those who like to explore on land

From a camera perspective, I am also a little off center. First part because I still argue and will continue to argue that no matter what you do to your cellular phone, it ultimately does not take great pictures. So, based on that, I don’t recommend cell phones as your primary camera. So, then you have to decide what type of camera user you are. Personally, I have one camera (Canon) that is my really good take pictures you will look at over and over, but from fairly static perspectives. The other cameras I use are rough and tumble camera’s. So, we have two Olympus TG cameras (Video and Still). I still have a JVC video camera (that takes super high speed video) but that is more because on rare occasions I like to take high-speed video. My recommendations for gifts below:

· Canon DSLR

· Olympus TG Series

Of course, there are many other categories that are significantly cheaper than the cameras and drones are. In fact, there are many devices you can get for under 200 dollars. The first are the wonderful Littlebits IoT kits. Simply amazing (and they have kits from 99 to 199) that introduce you, your child or someone who loves gadgets to the joy of creating their own Internet of things.

Other recommendations depend on the age we are talking about. For youngsters, still in the Lego phase of life, I highly recommend the Mederos. They really open doors and teach about control and motion. For kids and young adults that are a little more advanced, introduce them to the plug and play reality of Raspberry PI systems. There are so many things you can do with Raspberry PI components today. I am waiting for an add on myself right now, called Shake, it lets you create your own Seismograph via Raspberry PI and an add on board.

Heading back to the world of cameras there are cameras in the 369-degree video space now. Personally, I have used several. Bubl remains the King of both functionality and ease of use. Bubl Xplor is the software package and the camera is called Bubl.

There are many more things I could recommend. This is my first list of things every geek will want. I will post another one in the next few days.

.doc

Geek Christmas Guy

An open letter to President Elect Donald Trump

An open letter to President-Elect Donald Trump. First of all, Mr. Trump I did not vote for you. I do however welcome you to the most important job of your life, and I support you in that job. You won the election despite pundits and analysts saying you wouldn’t. I support you in this role.

I hope that you will be the president for all Americans. As a technologist, I am excited to have a president who has openly embraced the new reality of the technology age. I am however worried as someone who believes in the rights of all, that you may not hold that as dear.

It is my fervent hope that you will reach out to the rest of us, those who did not vote for you and find it in your heart to embrace all of us. To perhaps soften some of the campaign rhetoric and consider the long term needs of this country and its people.

As a parent, I would hope that you consider the reality of what some of us fear. I do not fear people Mr. Trump. I do not fear ideas. I do not fear difference. I do however fear assault weapons in the hands of people whose goal is not close to mine. I fear the thought of sending my children off to college only to have them killed by someone that probably shouldn’t have been allowed to purchase several guns and ammunition. Please sir, as my president consider the reality of gun control. Not removing the 2nd amendment right to bear arms. Hunting is as much a part of our nation as is religious freedom. Hunting deer, moose and squirrels that is. Weapons that are designed to hunt people should not be in the arsenals of private citizens. We would not allow a fully operational tank to be owned by a citizen, why a weapon that is capable of firing multiple bullets? Again, sir as my president I ask you to consider the impact of fear on your citizens. I fear for my children’s safety at the very school I send them to. Sir, there have been two bomb scares at our suburban high school in the past two years. There has been a gun scare as well. Please sir, consider this as you become president. I fear sending my children into the world because of the potential for gun violence.

If, in listening to this about weapons that shouldn’t be freely available, perhaps also you could listen to the rights of woman? That a woman’s right to choose what happens to her body should not be governed by the state? Lest we, like Romania or China, instead become overzealous in our pursuit of personal choices and personal rights.

I am excited that as a citizen you are a consumer of and a user of the many technological services that I consider part of our future. I have had the pleasure of visiting your golf resort in Florida, before you owned it and since your renovation and I am very impressed with the attention to detail and quality of the renovations at Doral. You took an historic golf course and you maintained the connection to history while bringing the entire facility up to modern standards. I applaud you for that. I am also excited to have a business person leading the government. You have shown great care and consideration for your employees.

Mr. Trump, I swore an oath many years ago as a first-year teacher in Indiana to defend and uphold the constitution of this country. Part of that is supporting the elective process. You are my president elect now. My call to you, my ask of my president is that you consider where I am as well as those who supported you. That you reach across the divide created by this election and consider the needs of all Americans.

I understand the reality of the world sir. I understand also that it is harder to listen then it is to speak. I hope that as my president you can listen. That you can hear not just those who loudly screamed for you but the majority of us. That you, with your ear to the ground and your eyes looking to our future, consider that no matter what sir, it is our future.

Welcome Mr. President. I hope you can become the president for all of us.

IoT and the impact of security…

I have friends all over the world. Every one of them that has reached out to me in the past 30 days is asking how I am doing with the election cycle.

So, it bothers me to make the global news cycle for political infighting. This election however scares people outside the US.

No more politics on my blog. Just pointing out that this election is scaring more than just those of us in the US.

I realized yesterday that since getting back into boating (after a 4-year hiatus) I have been sharing a lot of Kickstarter and Indiegogo projects for people on the water, near the water or who want to be in or on the water. My apologies for that. My passion is technology. My other passion is boating. So, getting to mix the two together, makes me well crazier than I normally am apparently.

Radar is so cool. Plotting a course on a GPS when there are no roads is even more cool. I love paper maps anyway, because of my father. He loved plat maps. I have the plat map of the area of Maryland around our house printed and posted in my office. I love mapping out walking trails to take. Dylan, my dog, loves that I plot fun trails as well. His job is to get me out and walking. He does a good job!

That got me thinking, about the concepts of technology and the impact on both where we are but also what we do. What is today, and what will be has changed. The Internet of things, or IoT has changed not only the reality of the landscape but of the path to the goal.

The reality of IoT is security. The impact of IoT is the reality of integration. The sad truth is, it will impact all of us. Adherence to simple security rules will help a bit. The reality of target nature will help some as well. Frankly most of us aren’t really targets for hackers. There is no value in attacking most people. There are people that are targets but for the most part they know who they are.

Integration and security will be the two things that slow IoT, not the deployments, but rather later when people sit back and realize what has been deployed. Some of us are just sitting back early and realizing we may have a problem.

.doc

short and sweet today

Cameras are watching–some additional digital security tips…

Image result for security camerasI was having coffee the other day with a friend. We were sitting outside because for the first time ever the Starbucks where I usually stop when I am out and about, was full. Literally I’ve never stopped there, ever when all the tables were full. This time they were, so it was a little brisk but we sat outside. Enjoyed our coffee and discussed the issue that brought us together for that day/meeting.

While we were sitting, I started noticing a number of new devices that were attached to the street light poles. They were pointing at the road, and from the distance I was sitting they appeared to be camera’s. They were not red-light cameras, they appeared to be traffic cameras.

I am all for traffic cameras and I understand the growing numbers in high congestion areas. The area where the Starbucks sits is a high congestion area. With freeway access (the I-270 parking lot has northbound and southbound parking entrances in the area). On the other side of the I-270 parking lot is the Lake Forrest Mall. It is right near the heart of downtown Gaithersburg Maryland. So, busy, cameras are a good idea.

Waze, and my person favorite INRIX have access to traffic cameras so I logged in to see if in fact they were cameras you could access. They are not.

There are cameras out there today that provide video security for locations, businesses and places that don’t exist. There are video feeds that are there for vehicle movement (is traffic flowing properly). Red light cameras wait for you to make a mistake. Although, if there is no “No Turn on Red” sign posted and you come to a complete stop, the Red-light camera shouldn’t tag you if there is no oncoming traffic as you turn. It is legal to turn right on red unless marked.

There are many kind of cameras around us now. The worst of course is the cell phone of the person you are meeting. If their phone is blujacked or hacked, you could be sharing your thoughts, ideas and solutions to problems with someone you don’t know, who isn’t at the table sucking down a pumpkin, vanilla Latte with you. They are sitting in their hosue, miles away listening and watching the conversation.

That got me thinking and looking more. After my friend headed back to their office, I drove back to my office. As I was driving I started looking at every stop light (when I was stopped) at the camera’s that were or were not on the poles. Some lights, don’t have poles. Some speed cameras are boxes by the side of the road, not really cameras on the lights. But there are many more, when you stop and look than there were before.

Image result for bluejackedMy new car has a camera in it, that shows you a 360-degree view around your car as you are parking, or reversing the car. You can, purchase cameras that see all around you and literally record as you drive. There are HUD (heads up displays) that will show you what your car is doing right now. By the way, they also record you’re driving as far as speed and type of driving. So, if you have an accident and the other person says you were speeding and that caused the accident your device plugged into your car’s management port, can actually be used as evidence against the other driver’s claim.

Connection is everywhere. Simple security is always the best starting point. The real reality of wearable technology risks is two-fold. The first is the reality of digital rudeness. I talked about that a couple of days ago. The other is the reality of wearables is to get the instant information that the wearable produces you have to walk around with your Bluetooth turned on. BT = risk. So, what can you do? First off know the devices you have connected to your devices. If you see something new that you didn’t connect select that device and select forget this device in Bluetooth options. Yes, you’ve lost however long that device was connected to you. But if it is gone at least going forward you don’t have the risk. In fact, check your BT devices once a week or more. Then you reduce your risk even further. Good security hygiene makes up for some risk. Not all risk, but some.

Now as for public hygiene that is harder. How do you behave in public? Your risk is greater now than ever before. If you do something you shouldn’t do, there might be a camera watching. Some people don’t care if they are caught, they figure finding any one person is far too difficult. Sadly, they are mistaken. Don’t make a mistake. Remember the old inside voices rule? Make sure you follow the outside behavior rule as well.

(don’t do anything in public that you wouldn’t do in front of your mother).