Tag Archives: Shaul Levi

Routers are set to become the digital battleground of the future

By now, most of us are familiar with the term the “Internet of Things”. It has come to describe the always on, always connected world where day to day objects are online. It ranges from smart-watches to smart fridges and is closer to reality than you may think.

Much has been written about the need to secure the devices that make up the Internet of Things, but I believe there is another battle to be won.

According to most reliable research, the number of Internet connected devices is growing rapidly and will continue to do so for the foreseeable future.

IoT Devices

 

Building security into each and every one of these devices is no mean feat. In fact, it will be very difficult indeed. That’s what I believe that it is of vital importance that we focus our attention on securing routers and Wi-Fi hotspots.

As the number of Internet enabled devices in our homes continues to increase, more and more members of the public are getting ready to adopt smart home appliances, energy meters and wearables.

Connected Devices

 

All of these newly connected devices entering the home should be rigorously secured as they will be handling data specific to your household. Securing them individually could be tough though, until you realise that they share something in common – they communicate via the Internet access point, a home router.

As you can see, the number of home routers in the market is continuing to grow rapidly, but is only a fraction of the number of total devices.

Private Hotspots

 

Robustly securing each home router or a public hotspot has the knock-on effect of securing the data transmission of dozens of devices and, for my money, is a much more realistic approach to securing the Internet of Things.

Sadly, security on most popular routers is still pretty basic and has a user experience to match. Clunky menus that aren’t immediately intuitive can leave users at a loss when it comes to making changes to their Internet settings.

Here are three simple things that you can do right now to help improve the security of your home Wi-Fi network.

 

Three steps to securing your home router:

Change the login details

Most routers will come with default login details. Many people never get round to changing them but you really should. “User name: admin Password: Password” is not a secure login and could potentially grant router level access to attackers if they know the manufacturer defaults of your device.

Set up an access list:

Most routers will allow you to set up a “permitted devices” list that limits access to your network. Setting this list up and including all your family’s devices is a good way to make sure that no unauthorized devices access your network.

Double check your Firewall

A Firewall is an important router feature that helps filter out bad traffic requests coming into your home. All traffic that is sent and received in your home goes through a Firewall and more specifically through “ports”. These are akin to doors, with each one dedicated to certain traffic types. It is always worth checking your Firewall settings in your router to make sure that you do not have any unnecessarily opened ports.

 

For tips on how to improve your home Wi-Fi Signal, check out the video below.

Windows 10 Wi-Fi Sense could be a privacy problem

Windows 10 is here and it has unleashed a wave of new features and tools for its users. One of which is Wi-Fi Sense, a multi-purpose feature designed to make connecting to the Internet a breeze from Windows Phones.

As explained on the Windows Phone feature page, it does this by:

  • Automatically connecting you to crowdsourced open Wi-Fi networks it knows about.
  • Accepting a Wi-Fi network’s terms of use on your behalf and providing additional info for you to networks that require it.
  • Letting you exchange password-protected Wi-Fi network access with your contacts to give and get Internet access without seeing each other’s Wi-Fi network passwords.

 

While these are potentially convenient features to use, I have security and privacy concerns regarding their implementation.

It goes without saying, that automatically connecting to open Wi-Fi networks is a bad idea. As we’ve explained several times before, not all free or open Wi-Fi networks are secure and others can be deliberately malicious.  Accessing the Internet on these hotspots can lead to your traffic being intercepted by an attacker, known as a ‘man in the middle’ attack.

Accepting a Wi-Fi network’s terms of use automatically on your behalf seems like an equally bad idea to me. Before we even consider what terms Wi-Fi sense may be agreeing to on your behalf, we don’t even know if the landing page is legitimate or encrypted.

As a human, being prompted for an email address or other personal details gives us a chance to assess the trustworthiness of a provider and make a judgement. Wi-Fi Sense takes this decision making away and will seemingly hand over your information to any network asking for it. This could be a privacy concern.

The last feature, sharing Wi-Fi passwords with your contacts is a little less concerning but it is dependent on complete trust within your contacts.

In combination with the other two features, receiving a network key from a contact could cause you to automatically connect to a malicious network and potentially put you at risk.

 

How to disable Wi-Fi Sense

Disabling Wi-Fi Sense is simple. On your Windows 10 device go to Settings > Wi-Fi > Wi-Fi Sense.

 

Tips for safe Wi-Fi Usage

When it comes to surfing the web from your phone, there are generally two things that should concern you:

Wi-Fi-Hacking: Wi-Fi hacking is the most common threat when it comes to public Wi-Fi. When you connect to an public Wi-Fi network (i.e. coffee shop, airport, or hotel), others maybe able to intercept your Internet traffic, collecting your passwords, private photos, emails, browser cookies and a lot more personal info.

Wi-Fi tracking is the second big issue.  Currently specialized software solutions allow virtually anybody to use your phone’s Wi-Fi signal, to track your location and in some instances identify you. Wi-Fi tracking is even more worrying as most smartphone users have their Wi-Fi on all the time. This is increasingly an issue as retailers can use your Wi-Fi signal to track how you move around stores or around the city and even identify who you are. And that’s not all, if you keep your Wi-Fi open all the time hackers can trick your phone into connecting to a fake Wi-Fi hotspot.

 

At the AVG Innovation Lab in Amsterdam, we developed AVG Wi-Fi Assistant to help combat both of these problems.

VPN Technology

AVG Wi-Fi Assistant can encrypt all the data coming and going from your device helping to ensure that even if someone is snooping on your traffic, that your data is still secured.

Wi-Fi Automation

To help prevent the Wi-Fi tracking issue detailed above, AVG Wi-Fi Assistant prevents your device from automatically joining public Wi-Fi networks by turning off your Wi-Fi when you’re not using it. This helps to keep you safe from trackers.

Here is Tony Anscombe with more tips on securing your Wi-Fi connection from an Android device.

Video

How to keep your mobile while using public Wi-Fi

 

Is the blockchain the next big thing in banking?

Late last year, it emerged  that that two major Dutch banks ABN Amro and ING were running trials of blockchain technology on their trading desks.  The move follows reports that international banking group Santander was testing the viability of moving their international payments infrastructure to the blockchain.

The move to the blockchain, which Santander estimated could save banks as much as $20 billion a year in infrastructural costs, would be a landmark endorsement of the technology behind cryptocurrencies such as Bitcoin.

While it seems that the move may now not go ahead, it is still a significant step for financial institutions that have gone largely unchanged in decades.  What we are witnessing is the first large scale reaction from a bank in the face of new technology that threatens their industry, Bitcoin has revealed how outdated the existing financial infrastructure is, and banks realize this.

What is the blockchain?

Many people confuse blockchain with Bitcoin. While Bitcoin is a cryptocurrency, blockchain is the ledger system that tracks and manages every transaction made. The blockchain is mostly known for being the ledger system used by Bitcoin.

The blockchain is essentially a record of all Bitcoin transactions in history. They are recorded live and stored chronologically in “blocks” so that if you followed the chain through to the end, it would return to the first ever Bitcoin transaction.

You can see the blockchain in action here, with a live scrolling list of all transactions made in Bitcoin shown in real time.

https://blockchain.info/new-transactions

 

Why move to the blockchain?

What’s interesting about the blockchain is that it is entirely transparent. The sender and recipient of every transaction is known. But the blockchain also grants pseudo anonymity, while the details of the transactions are shown, there is no way to trace the identity of the account holders.

As well as improved privacy, the blockchain allows end users to save money on international financial transactions, move money around instantly and securely.

Security is another important benefit of the blockchain. While a traditional bank has a small number of servers processing transactions, when using the blockchain, the legwork is split between thousands of computers around the world.

Naturally, having such a large bank of computers do the processing makes the blockchain incredibly secure. With each computer managing only a tiny fraction of the transactions, in order to successfully hack the ledger, hundreds, if not thousands, of computers would need to be successfully breached. On top of this, it means that banks no longer need to foot the bill for server maintenance and security.

 

What does this mean for Bitcoin?

With blockchain technology on the brink of mainstream adoption, where does that leave Bitcoin? Unfortunately for fans of the cryptocurrency, the traded volumes are still too small to really support its case as a viable alternative to traditional currency.

However, volumes are growing slowly over time and while early adopters such as Silkroad have brought negative press associations, they are also paving a way for legitimate business use – a proof of concept.

While we may have to wait some time to see either blockchain or Bitcoin adopted by mainstream industry and finance, the news that major corporations are investigating the applications of blockchain technology is a very positive sign.

I believe that in a few years’ time, blockchain will be the de-facto method for ledgering transactions and that businesses and banks will no longer ‘own’ how their clients move money but instead battle to be the platform of choice for blockchain transactions.

 

 

 

How technology will change the way we behave in 2015

As 2014 comes to an end, it is time to look ahead to 2015. This year though, rather than give my predictions about emerging technology, my mind is drawn to our behavior and the changing the way we actually interact with technology.

There are three areas in which I foresee the most change during 2015 thanks to increased public interest and acceptance:

 

We will start using privacy based solutions

The discussion about privacy; my right to be me and own my data has been gaining momentum in the last five years. We are rapidly losing control over our personal data and identities in today’s fast moving digital world. The advertising world collects ever more data to try and predict our needs based on who we are and our behavior. 2014 has shown us that our online identity isn’t safe from advertisers, hackers or even governments.

So the problem of who controls my identity becomes more and more interesting to the actual owners – each and every one of us. . Laws around how to keep and secure data, and restrictions about sharing it are on the way through movements like the Right to Be Forgotten.

In the passing year we have seen lots of solutions focusing on sharing using “Privacy by design” to be the key feature, apps like Snapchat , Whisper, Secret, Tinder, Tumblr, the Silent circle messaging and their Blackphone. These applications are chat, photo sharing and social media where the privacy and trust is built in.

So the market demand for privacy oriented solutions is there and the technology has existed for several years. The missing key ingredient that will drive it into the mass market is how business can make money from privacy. In the next year I expect to see more and more monetization concepts to make money from solutions that provide anonymity and privacy. The market demand is there and the technology is there…

 

 

We will fall in love with electronics (again)

Since the 90’s, the idea of a connected smart home has excited millions. The idea of an electric light that will turn on when you step in the room and you can close with a clap is not new. But it is only in the last year that the idea of Internet of Things has really started to be feasible.

The good news is that electronics are back and so is software. After all it is through software that we interact with devices and makes them seem exciting and new. Over the last 15 years we have tried to create value in software by adopting various business models. From the Freemium model, giving limited functionality and then charge when features are added through the models that monetize through Google Ads and search up to the SaaS models where it is not the software you pay for but a service that comes with it…

In 2014, we saw Fitbit emerge as a leading wearable device, and a big part of this is software that makes it seem very personal to every one of us. It was the same with the GoPRo camera – transferring a simple camera into high end extreme sports filming equipment. In 2015 I expect many devices will evolve to become connected and take on new roles in our digital world. Software will be an important factor in deciding which devices are successful, it’s through software that devices become personal and relatable.

 

 

We will search less and discover more

Since the beginning of the internet, search has taken a cardinal place in our interaction with data. First Yahoo and then Google made sure our homepage is a search page.

Microsoft went on and translated this behavior into the application on the PC, and now we have a search box almost in everything and everywhere…

With Adwords technology Google cracked the way to monetize search behavior. The search term that the user enters translated to ads that the user wants at that moment.

Smartphones arrived and quickly become a main vector for search, both of the Internet and of ever growing app stores. Importantly they also heralded the arrival voice recognition technologies and of voice search. But as technology advances there is a quest to predict the search. To analyze requests and behavior so that the information we seek is already there waiting for us. We can see it in action with programs like Google Now that collects information about you from a range of sources and tries to predict what you need, whether it’s directions to work, your flight times that day or what the weather will be like.

But in less obvious move, many successful mobile apps have removed the search field and actually providing people with suggestions or things to discover as a way increasing engagement as well as servicing and increasing the value of apps and services.

There are many examples of this discovery mechanic in online news where services like Outbrain and Tabula offer more content to people who read news, and monetize through pay-per-click

Other examples of discovery replacing search are popular apps like Instagram, Flipboard and Facebook where people are encouraged to roam and discover news, pictures or friends.

Perhaps the best example of this is Tinder where rather than searching for match, the app makes constant suggestions that the user accepts or rejects

 

I think in 2015 we will see this trend getting stronger and more apps and services will increase the promotion of content to their customers as a way to keep them interested in using the application or service.