Even before the formulation of the term "Internet of things", Steve Gibson proposed home networking topology changes designed to deal with this new looming security threat. Unfortunately, little or no thought is given to the security aspects of the devices in this rapidly growing market.
One of Steve's proposed network topology adjustments involved daisy-chaining two routers together. The WAN port of an IOT-purposed router would be attached to the LAN port of the Border/root router.
In this arrangement, only IOT/Smart devices are connected to the internal (or IOT-purposed) router. The idea was to isolate insecure or poorly implemented devices from the more valuable personal local data devices such as a NAS with important files and or backups. Unfortunately this clever arrangement leaves any device directly connected to the “border” router open to attack by infected devices running on the internal/IOT router. Said devices could perform a simple trace-route and identify that an intermediate network exists between it and the public Internet. Any device running under the border router with known (or worse - unknown!) vulnerabilities can be immediately exploited.
Gibson's alternative formula reversed the positioning of the IOT and border router. Unfortunately, this solution also came with a nasty side-effect. The border router (now used as the "secure" or internal router) became subject to all manner of man-in-the-middle attacks. Since the local Ethernet network basically trusts all traffic within its domain, an infected device on the IOT router (now between the internal router and the public Internet) can manipulate or eavesdrop on any traffic emerging from the internal router. The potential consequences of this flaw are obvious.
The third time really is the charm for Steve! On February 2nd of this year (Episode #545 of Security Now!) Gibson presented us with his third (and hopefully final) foray into the magical land of theory-crafting as it related to securing our home networks against the Internet of Things.
Subject: General Tech | May 5, 2016 - 12:19 PM | Jeremy Hellstrom
Tagged: openwrt, LEDE, networking
The Rebel scum known as the LEDE Project have broken away from the OpenWRT project in an unannounced move meant to increase transparency. Jokes aside, The Register named seven of the developers who are part of this forking, a not uncommon practice in open source projects. LEDE will try to bring in fresh enthusiasm to a Linux project which has been losing the interest of programmers, perhaps due to the lack of transparency that they cite or possibly just due to waning interest in a long running project. Pop on over to their page to see their mission statement, rules and processes if you are interested in how they compare to OpenWRT.
"The LEDE Project – Linux Embedded Development Environment – describes itself as a breakaway project that wants to overcome what it sees as faults in OpenWRT."
Here is some more Tech News from around the web:
- HTC sets up new company; may spin off VR business unit @ DigiTimes
- Cisco: Whoops, hackers can commandeer your TelePresence boxes with an evil HTTP poke @ The Register
- Apple patches Xcode dirty git implementation @ The Inquirer
- 'Apple Stole My Music. No, Seriously' @ Slashdot
- Acer to release more ultra-thin notebooks in September @ DigiTimes
- Medical Equipment Crashes During Heart Procedure Because Of Antivirus Scan @ Slashdot
Subject: General Tech | December 1, 2015 - 07:30 PM | Tim Verry
Tagged: networking, cable tv, cable isp
A bit before the week of Thanksgiving and Black Friday, I came across a pair of interesting articles (linked below) over at DSL Reports that had some interesting figures for the state of broadband and cable TV. While cable companies continue to rule the roost when it comes to the ISP subscriber side of things, they are also steadily bleeding cable TV subscribers. According to the numbers (which they got from Leichtman Research), the third quarter of 2015 has been simultaneously the worst quarter ever for telcos who lost both internet and cable TV subscribers, it was the best quarter (of least cable TV losses) since 2006.
On the broadband side of things, of the top seventeen providers Leichtman Research provided numbers for, cable companies brought in 787,629 new subscribers while the telephone companies lost 143,338 of their subscribers (likely customers on older forlorn CO-fed DSL tech). Cable companies are maintaining a healthy lead in total subscribers as well at approximately 54 million versus 25 million telco subscribers.
|Subscribers YTD||Net Subscribers +/- in Q3|
Not too bad considering all the bad press the cable companies have thrust upon themselves with, for example, Comcast rolling out 300GB caps across the US and their notorious (or should I say infamous) customer support departments. Somehow only CableOne and WOW lost subscribers in Q3.
At the end of Q3'15 there were 94 million cable television subscribers shared among the 12 top providers (eight cable, two satellite, and two cable). Collectively, the companies lost 190,693 TV subscribers versus last quarter which is an increased loss YoY as well (155,000 in Q3'14). It should be noted that if Dish's Sling TV subscriber numbers are not taken into account, it is a 345,000 decrease in pay TV subscribers.
|Subscribers||Net Subscribers +/- in Q3|
The cable companies lost 144,693 subscribers in Q3 making it an improvement in that it is the least amount of subscribers lost since 2006. For example, in the same quarter last year the cable companies lost 440,000. Comparatively, the telephone companies only lost 49,000 TV subscribers, but it was their worst quarter yet when it comes to losing TV subscribers. Charter, Direct TV, and Verizon were the only three of the listed companies to actually pick up subscibers this quarter while everyone else lost them.
What do you think about the numbers? Will the cable beheomouths continue being the dominant source of internet for the US? Will traditional cable/paid TV ever make a comeback, and if not just how many subscribers will these providers have to lose before they embrace new models that support à la carte and even cord cutting/streaming only?
Subject: General Tech, Networking | January 6, 2015 - 07:30 AM | Scott Michaud
Tagged: tp-link, powerline networking, networking, ces 2015, CES
Powerline networks are not the most popular, especially with advancements in wireless technology, but they are still being actively developed. TP-LINK specifically mentions a few use cases: going through cement or certain soundproof walls, going across metal beams and studs, and going further than is practical under FCC broadcast power limits.
Today at CES, TP-LINK has announced the TL-PA8030 AV1200 Gigabit Powerline networking adapter. This product differentiates itself from previous offerings with “HomePlug AV2 MIMO”, which is an acronym that is normally applied to wireless technology with multiple antennas. It is basically the same thing in this case, because the adapter uses all three prongs.
Basically, how electrical sockets work is that you have two main prongs, one of which has an alternating voltage applied to it that averages out to about ~115V RMS over a cycle (relative to the other prong). When that wire is connected to a second one, at whatever is considered “neutral” voltage, it creates an electrical current with that drop (or rise) in voltage. A third plug, which is held at the ground's voltage, takes away any excess buildup from friction, wires that are shorted to the case, and so forth.
For this product, this means that one connection will be on the same circuit as a high-voltage, 60Hz signal, and the other will be mixed with ground noise. Keep in mind, the alternative to powerline networking is broadcasting on unregulated, wireless spectrum, so humanity is not afraid to send a signal through some nasty noise. Still, it is good to stop and think about what these engineers have been able to accomplish: broadcasting two signals, down two really nasty (and in different ways) circuits, and combine them for increased performance with multiple devices.
This out of the way, the specifications themselves are brief: it is three Gigabit (1.2 Gbps total) network connections that communicate through A/C plugs. It is backwards compatible with older TP-LINK HomePlug AV adapters (AV1000, AV600, AV500, AV200, and of course other AV1200s).
No pricing information, but TP-LINK is targeting Q3 2015 for this AV1200.
Follow all of our coverage of the show at http://pcper.com/ces!
Subject: General Tech, Networking | October 11, 2014 - 01:42 AM | Tim Verry
Tagged: sdn, nfv, networking, Hierofalcon, arm, amd
AMD, in cooperation with Aricent and Mentor Graphics, recently demonstrated the first ARM-based Network Functions Virtualization (NFV) solution at ARM TechCon. The demonstration employed AMD's Embedded R-Series "Hierofalcon" SoC virtualizing a Mobile Packet Core running subscriber calls. The 64-bit ARM chip is now sampling to customers and will be generally available in the first half of next year (1H 2015). The AMD NFV Reference Solution is aimed at telecoms for use in communications network backbones where AMD believes an ARM solution will offer reduced costs (both initial and operational) and increased network bandwidth.
The NFV demonstration of the Mobile Packet Core entailed virtualizing a Packet Data Network Gateway, Serving Gateway, Mobility Management Entity, and virtualized Wireless Evolved Packet Core (vEPC) applications. AMD further demonstrated live traffic migration between ARM-based Embedded-R and x86-based second generation R-Series APU solutions. NFV is related to, but independent of, software defined networking (SDN). Network Functions Virtualization is essentially the virtualizing of network appliances with specific functions and performing those functions virtually using generic servers. For example, NFV can virtualize firewalls, gateways, load balancers, intrusion detection, DNS, NAT, and caching functions. NFV virtualizes the upper networking layers (layers 4-7) and can allow virtual tunnels through a network that can then be assigned functions (such as those listed above) on a per-VM or per flow basis. NFV eliminates the need for specialized hardware appliances by virtualizing these functions on generic servers which have traditionally been exclusively x86 based. AMD is hoping to push ARM (and it's own ARM-based SoCs) into this market by touting even further capital expenditure and operational costs versus x86 (and, in turn, versus specialized hardware that serves the entire network whereas NFV can be more exactly provisioned).
It is an interesting take on a lucrative networking market which is dealing with 1.4 Zetabytes of global IP traffic per year. I'm interested to see if the telecoms and other enterprise network customers will bite and give AMD a slice of this pie on the low end and low power fronts.
AMD "Hierofalcon" Embedded R Series SoC
Hierofalcon is the code name for AMD's 64-bit SoC with ARM CPU cores intended for the embedded market. The SoC is a 15W to 30W chip featuring up to eight ARM Cortex-A57 CPU cores capable of hitting 2GHz, two 64-bit ECC capable DDR3 or DDR4 memory channels, 10Gb Ethernet, PCI-E 3.0, ARM TrustZone, and a cryptographic security co-processor.The TechCon demonstration was also used to launch the AMD NFV Reference Solution which is compliant with OpenDataPlane platform. The reference platform includes a networking software stack from Aricent and an Embedded Linux OS and software tools (Sourcery CodeBench) from Mentor Graphics. The OpenDataPlane demonstration featured the above mentioned Evolved Packet Core application on the Hierofalcon 64-bit ARM SoC. Additionally, the x86-based R-Series APU, OpenStack, and Data Plane Development Kit all make up the company's NFV reference solution.
Subject: Networking | March 12, 2014 - 07:56 PM | Tim Verry
Tagged: router, trendnet, gigabit router, gigabit ethernet, ac1900, 802.11ac, 256 qam, networking
Trendnet has launched a new 802.11ac wireless router called the TEW-919DRU. The new dual band router supports speeds up to 1300 Mbps on the 802.11ac network and 600 Mbps on the 2.4GB 802.11n network.
The router is powered by an undisclosed ARM chip clocked at 1GHz and uses six internal 6 dBi antennas along with beamforming technology to increase stability and range. Trendnet includes five RJ-45 Gigabit Ethernet ports (four LAN, one WAN), one USB 3.0 port, and one USB 2.0 port. Users can simultaneously run an 802.11ac Wi-Fi network and an 802.11n Wi-Fi network. Further, users can add an additional guest Wi-Fi network on each 2.4GHz and 5GHz band as well as multiple SSIDs.
Trendnet also touts that the TEW-818DRU comes with a pre-encrypted Wi-Fi network that is setup out of the box with strong encryption; which is a great feature to see. Unfortunately, the benefits of the out-of-the-box Wi-Fi encryption is undermined by the default support of WPS (Wi-Fi Protected Setup) which has been shown to be insecure. Hopefully new firmware will make WPS opt-in rather than opt-out (if it is indeed possible to truly disable on this model) to get the security nod.
The new 'AC1900' TEW-818DRU wireless router will be available this month with an MSRP of $259.99 and 3 year manufacturer warranty.
Subject: General Tech | March 11, 2014 - 03:39 PM | Jeremy Hellstrom
Tagged: Bandwidthd, Speedometer, Nethogs, Darkstat, iperf, networking, linux
Over at Linux.com is a look at five network monitoring tools that will really help you determine not only what is utilizing your network but also its overall health. Bandwidthd is a tool for web hosts and LAN admins which tallies up incoming and outgoing bandwidth usage and can present it in a variety of time frames, from usage per day to usage per year. Nethogs tracks usage per process and Darkstat tracks total usage but comes with an embedded HTTP server which makes it fairly self contained. Speedometer is fairly self explanatory and to understand iperf you should read the write up here as it is a powerful tool for investigating the quality of your network.
"In this roundup of Linux network testing utilities we use Bandwidthd, Speedometer, Nethogs, Darkstat, and iperf to track bandwidth usage, speed, find network hogs, and test performance."
Here is some more Tech News from around the web:
- Graphene-copper interconnects are cool @ nanotechweb
- Intel and pals whip out 1.6Tbit/s cable: Come on baby, light my fibre @ The Register
- TSMC sole supplier of Apple's A8? NO WAY, says Samsung, US TOO @ The Register
- TSMC 20nm wafer production delayed temporarily, but will not affect shipments @ DigiTimes
- ARM to see pricing advantages against Intel in micro-server industry @ DigiTimes
Subject: General Tech | July 9, 2013 - 03:29 AM | Tim Verry
Tagged: networking, gigabit ethernet, Amped Wireless, 802.11ac
Amped Wireless has launched its new RTA15 wireless router. Featuring 802.11ac wireless technology, the RTA15 is packed with useful features and is coming later this month for $189.99.
The Amped Wireless RTA15 is a wireless router with 802.11n and 802.11ac radios which can operate simultaneously. It packs in five Gigabit Ethernet ports (one WAN, four LAN), a USB port for sharing storage to networked devices, high gain antennas, ten radio signal amplifiers, an unnamed 660MHz processor, and support for a number of management and parental controls.
On the wireless front, the RTA15 supports 300Mbps 802.11n on the 2.4GHz band and 867Mbps 802.11ac on the 5GHz band. In addition to your home wireless network, the router supports up to eight additional guest networks (which can have various restrictions placed upon them). Amped Wireless packed in two 700mW 2.4GHz amplifiers, four (two stage) 5GHz 700mW amplifiers, and four low noise amps to improve signal strength and wireless range. Further, the router includes one 5dBi antenna for the 2.4GHz radio, one 5dBi antenna for the 5GHz radio, and a single dual band antenna.
Other features of the 802.11ac router include website blocking, user and time schedules, a SPI firewall, adjustable radio power output. It also supports WPS and IPv6 for those networks that need either (or both) features.
The router is up for pre-order now on the Amped Wireless website. The RTA15 will begin shipping on July 16, 2013 for $189.99.
Linaro Forms Linux Networking Group to Collaborate on Open Source Software for ARM Networking Hardware
Subject: General Tech | February 22, 2013 - 02:16 AM | Tim Verry
Tagged: oss, open source, networking, linux networking group, linux, linaro, arm
Linaro, a non-profit engineering group, announced a new collaborative organization called the Linux Networking Group at the Embedded Linux Conference in San Francisco this week. The new group will work on developing open source software to be used with ARM-based hardware in cloud, mobile, and networking industry sectors. Of course, being open source, the software for ARM SoCs will be used with Linux operating systems. One of the Linux Networking Group’s purposes is to develop a new “enhanced core Linux platform” for networking equipment, for example.
The new Linux Networking Group is currently comprised of the following organizations:
- Nokia Siemens Networks
- Texas Instruments
The new cooperative has announced four main goals for 2013:
- "Virtualization support with considerations for real-time performance, I/O optimization, robustness and heterogeneous operating environments on multi-core SoCs.
- Real-time operations and the Linux kernel optimizations for the control and data plane.
- Packet processing optimizations that maximize performance and minimize latency in data flows through the network.
- Dealing with legacy software and mixed-endian issues prevalent in the networking space."
Reportedly, Linaro will have an initial software release within the first half of this year. Further, the organization will follow up with monthly software updates to improve performance and add new features. More collaboration and the furthering of ARM-compatible open source software is always a good thing. It remains to be seen how useful the Linux Networking Group will be in pushing its ARM software goals, but here’s hoping it works out for the best.
The full press release can be found below.
Subject: General Tech | February 11, 2013 - 03:57 PM | Josh Walrath
Tagged: streaming, Simple Audio, Roomplayer, networking, corsair, audio
Corsair sure does like to expand upon their product base. The company was founded in 1994 and produced only memory for quite a few years. The past five years have seen tremendous growth from the company in terms of SSDs, cases, power supplies, and high end cooling solutions. Corsair also dabbled in sound with a line of successful speakers (though these have not been updated in some time). Corsair is again making another move, but this time with an aime to deliver content around the entire house.
The front of the Roomplayer II is rather bland, but it should hide itself well in nearly any decor.
Simple Audio is a Scottish based company (if it isn't Scottish it's crap!) that designs and sells multimedia streaming solutions. The hardware is the Roomplayer 1 and Roomplayer II units which are high definition media players that are either amplified (forconnecting directly to speakers) or non-amplified to connect to current stereo and home theater systems. Audio is broadcast to these units from iOS enabled devices or PC and Mac computers via software provided by Simple Audio.
Corsair has acquired Simple Audio in a multi-million dollar transaction, but we do not have exact numbers due to Corsair being a privately owned company. From my understanding these products will still carry the Simple Audio name, but Corsair will be the parent company and will distribute the products throughout Asia and North America (two areas that Simple Audio currently does not support).
The back of the Roomplayer I is much more interesting as it has a 50 watt amplifier built-in so it can power speakers independently.
The Roomplayer solutions are apparently quite easy to hook up and their output is very clean (supports up to 24 bit sound natively). As the average consumer is becoming more and more comfortable with setting up a home network, this is an opportunity for both Corsair and Simple Audio to market these products in new regions where overall market penetration of networked home audio is still quite low.
Corsair is a very, very aggressive company when it comes to entering new markets. Their power supplies and cases are perfect examples of how they tend to do business. Corsair actually produces neither of those product lines, but instead relies on contract manufacturing to handle production. What Corsair certainly appears to do well is specify these components very well and handle end product quality control. There really are few overall complaints about Corsair and their products, and as a consumer I do hope that they have another good one on their hands.
The sales numbers will of course be key, and obviously Corsair feels comfortable enough with Simple Audio and their products to buy them up. We are not certain when we expect to see the Simple Audio products on store shelves, but Corsair typically does not screw around.
Now we only have to wonder, "Who is next on Corsair's radar?"