Why do I get the creepy feeling that this is reminiscent of a visit from the Mafia...?
F-Secure is looking to go that extra mile in consumer security with the launch of an anti-hacker appliance for the Internet of Things. The device, dubbed SENSE, works as a secure gateway, policing traffic to devices that might be insecure and generating alerts. For example, it will warn consumers if their router is running …
Wednesday 11th November 2015 13:42 GMT Fraggle850
Interesting but flawed
Insofar as the concept is flawed. If we are to have an Internet of Things then those 'things' need to be secure, rather than applying a layer of optional security over the top. I can't see the majority of users even thinking about this, let alone bothering to install, configure and monitor it, especially if they've to pay for it.
Quite why it would be assumed that a connected light bulb would never have its firmware updated is beyond me: it's a connected device, surely updates will be automated?
I'd personally like to see some mandatory level of security in any IoT devices offered to consumers, similar perhaps to CE in its operation?
Wednesday 11th November 2015 15:59 GMT noideas
Re: Interesting but flawed
I don't think that the underlying concept is flawed - it means that you do not need to rely on your vast array of internet thingies being indivuidually protected. The real questions in my mind are whether it would actually work and whether your average numpty could operate it successfully.
Wednesday 11th November 2015 16:03 GMT Doctor_Wibble
Re: Interesting but flawed
You are several steps ahead of me, I still can't get past the concept of lightbulbs having firmware.
So does an update to lightbulb firmware count as changing the lightbulb, and if so, how is that going to work with the jokes? We can't let this happen, it's going to be a complete disaster for student rag mags. Not to mention it's still just a fanciful impossibility anyway because lightbulbs don't have RS232 ports.
Wednesday 11th November 2015 20:46 GMT Danny 2
Best. Comment. Ever. So. Far.
"So does an update to lightbulb firmware count as changing the lightbulb, and if so, how is that going to work with the jokes?"
You are funnier than alcohol, and have relieved more pain in me than cannabis ever did. That is high praise, allegedly.
Today's newspapers are fawning over a lost Lord Shelley poem recently rediscovered, and hopefully centuries from now some historian will stumble across your meta-joke buried here to similar praise.
Wednesday 11th November 2015 15:42 GMT User McUser
“Patching light bulbs is not going to happen,” said F-Secure chief exec Christian Fredrikson. “With SENSE you don’t have to worry if you smart TV is secure or not.”
Better still, by using my own IoT protection scheme, which I call "COMMON SENSE", I don't connect my TV or lightbulbs to the Internet at all.
Wednesday 11th November 2015 15:57 GMT Fraggle850
You'll be okay then
As indeed will I but average Joe Schmoe may well lap this nonsense up if there is ever a compelling use case (which I've yet to see for lightbulbs?!?). Smart TV connectivity does appear to be growing, according to Ofcom:
> Over half (56%) of UK homes had a TV connected to the internet, either via a set-top box or a smart TV, by the end of 2014.
Although that does include boxes, not just TVs so that might just be a way of saying 56% of UK households have Sky or Virgin TV! Still, it's more potentially unsecured boxes connected to the interwebs. And what of that Amazon eye of Sauron listening device the Echo?
Wednesday 11th November 2015 16:23 GMT Anonymous Coward
Wednesday 11th November 2015 17:29 GMT Brian Miller
All your lightbulbs are belong to us!
The problem is that some user goes and puts an IOT thing in the house, and then deliberately exposes it to world+dog. For instance, there are many IOT IP cameras that people have exposed, and can be easily found. At my home, I don't expose IP cameras, because I just can't bring myself to trust the vendor's software build. If I actually did, then they would be isolated on their own VLAN, with appropriate rules. Yes, I have commercial equipment at home, because it's just not that expensive now.
The people that F-Secure is targeting for their product are the numpties. These are the people who never change admin passwords, etc. So very likely the people who most need something like this will never buy it, because it's too expensive. When a "home router" can be had for under $20, why should the numpty pay more?
Wednesday 11th November 2015 21:34 GMT Danny 2
Re: All your lightbulbs are belong to us!
That's my mum you are denigrating, and that's my job here. Last year she was protected by F-Secure until their software went tits-up on her. Just last week she said, "Look at this Danny, it says it let's me turn on the living room lights from my phone!"
So does the light switch mum, and you won't have to threaten to "get a man in" when all the neighbouring kiddies dim your lights just because they can. IoT = Internet of Threats.
Wednesday 11th November 2015 21:57 GMT Fraggle850
Thursday 12th November 2015 11:03 GMT Pascal Monett
"you don’t have to worry if you smart TV is secure or not"
But I'm not worried : I KNOW it isn't secure.
Which is why I'll be damned before I connect anything to the Internet that hasn't been demonstrated as secure before I buy it. And that's just a fancy way of saying never, because IoT will not be demonstrably secure in the foreseeable future.
Thursday 12th November 2015 11:55 GMT DropBear
If this follows the familiar mould of generic antivirus software, it will take a full day after a power cut before you can actually turn on any lights again, it will introduce a five second delay between hitting the switch and the light turning on, it will preventively quarantine and block access to your bathroom light simply because it exhibits suspicious activity during daytime, it will helpfully protect everything from your power sockets to the elevator in the building without being asked as soon as you install it, and it will nag you every few months to register it again - or else.