simonmackay Archive

How about the expansion docks with room for extra secondary storage

Sony VAIO Z Series and docking station

Like with this (Sony) VAIO Z Series ultraportable, an add-on module with integrated optical disk or other storage could add capabilities to today’s small-form-factor computers

A key trend affecting personal computing is for us to move away from the traditional three-piece desktop computer towards smaller form factors.

Here, the traditional desktop computer’s system unit was a large box that was about the size of a hi-fi component or a large tower. As well the smaller form factors we are heading towards are laptops / notebooks; ultra-small desktop computers of the Intel NUC ilk; or all-in-one

USB-C (also the physical connector for Thunderbolt 3)- the newer connection type that can make better use of add-on modules

which integrate the computing power with the display.

With these setups, it is assumed that we are moving away from on-board data storage in the form of hard disks or staying well clear of packaged media in the form of optical disks. This is driven by online software delivery and the use of streaming audio and video services.

Intel Skull Canyon NUC press picture courtesy of Intel

.. with this applying for small-factor desktops like the The Intel Skull Canyon NUCvideo services.

What was often valued about the traditional computer design was that there was extra space to house more storage devices like hard disks or optical drives or the ability to install high-performance graphics cards. This is why these form factors still exist in the form of high-performance “gaming-rig” computers where performance is more important and there is the likely of more data being held on these machines.

But for some of us, we will still want to maintain access to prior storage media types like optical disks or use high-performance graphics chipsets especially at home or our main workspace.  For example, the traditional optical discs are still valued when it comes to media in an always-accessible future-proof collectible form.

There is also the idea of maintaining a secondary hard disk as extra storage capacity specifically for data, whether as a backup or as an offload storage location. This is more so where you are dealing with laptop computers that are equipped with solid-state storage of up to 256Gb and there is a desire to keep most of your data that you aren’t working with somewhere else.

Laptop users often answered this need through the use of a “dock” or expansion module to connect a cluster of peripherals to a single box which has only one connection to the host laptop computer. But Thunderbolt 3 facilitated the rise of external graphics modules which add extra graphics horsepower to laptops and similar low-profile computers.

This concept can be taken further with USB-C or Thunderbolt 3 expansion docks that have integrated optical drives and/or mounting space for hard disks. These would present to the host as Mass Storage devices, using the operating-system class drivers for this kind of device. Of course there would be the expansion abilities for extra USB devices, as well as an Ethernet network interface and/or onboard USB audio chipset with own SP/DIF or analogue connections.

Video to the displays could be facilitated via DisplayPort alt or USB DisplayLink for devices not implementing an external graphics module functionality. In the latter situation, it is like “hotting up” a car for higher performance.

Of course they would have to be self-powered with a strong USB Power Delivery output for the host and USB peripherals. There could be research in to having USB ports head in to optimised charge-only mode when the host computer isn’t active for example.

Most of the onboard devices will be required to represent the devices according to standardised device classes. This will typically lead to a “plug-and-play” setup routine so you aren’t downloading extra software to run the devices if you use recent versions of the main operating systems.

Manufacturers could see these devices as something that complements their ultra-small desktop computer product lines. This is in an approach similar to how consumer hi-fi equipment, typically devices of a particular model range are designed and marketed. Here, the importance would be on having equipment that shares common styling or functional features but encouraging the ability to expand the ultra-small desktop computer at a later date.

The idea here is to allow users to adapt portable or small-form-factor computers to their needs as and when they see fit. It is as long as these computers implement USB 3.1 connections in Type-C form or, for faster throughput and support for external graphics modules, implement Thunderbolt 3 over USB-C connections.

Send to Kindle

Your local library now facilitates a video-on-demand service

Article

Kanopy independent cinema page

Kanopy works with your local library to offer independent video content to stream

The Totally Free Streaming Service You Didn’t Know You Have | Gizmodo

From the horse’s mouth

Kanopy

Home Page

My Comments

I am keeping an eye out for video-on-demand services that are offering niche content like foreign-language content. This is in response to recent market consolidation in the video-on-demand market and is able to easily survive that kind of activity in the mainstream sector.

A part of the home-video era was the fact that your local library stocked video movies and made them available for loan to its members. In most cases, this was from a government-funded or private film repository that primarily offered educational content along with some locally-produced classic and historic film content. Subsequently, these libraries offered some family-friendly and niche content from the main video distributors whom they had a lending agreement with.

This has fallen away thanks to the rise of video-on-demand services that work via the Internet. But an Australian startup began to partner with various film studios, especially those out of the current mainstream, to offer a video-on-demand service that works in tandem with the local libraries and universities. Examples of this include some classic films as well as a plethora of indie material released over the years, typically material that would have been offered by some of the video distributors during home video’s early years or syndicated by TV stations when they had the ability to choose what they could ran with.

The Gizmodo article called this service out due to the loss of the Filmstruck video-on-demand service which focused on classic cinema, typically material from the Criterion collection. They were lamenting the reduced availability of evergreen video content available to see on cable TV or stream via a video-on-demand service.

You have to be a student or faculty at one of the participant universities or be a member of one of the participating local libraries. As well, in the case of library memberships, you have to make sure your membership is current and correct before you create your account or add them to your account. That includes things like overdue fines and other obligations and you may have to check if that dusty library card has expired or not, including whether it needs to be “brought forward” to their current IT setup. It does support multiple library memberships such as students at a university using a local library card or people living on the border of two different municipalities.

Kanopy works on regular computers with your Web browser but has native clients for the iOS and Android platforms. As far as smart-TV and set-top applications are concerned, they also have native clients for the Android TV, Apple TV (tvOS) and Roku platforms including the Telstra TV repackaged Roku client.  This can be improved upon through the support for Netflix-style “download to view” to allow offline viewing of content during the loan period. Here, it would come in handy with long roadtrips or flights where you don’t have reliable access to the Internet for streaming.

At the moment, Kanopy works on the same principle as the “public lending rights” that libraries pay to authors and publishers for the right to lend out the content. Typically a participating library will pay Kanopy to allow its members to view a certain number of titles per month and this will be paid to the film studios to “lend out” the content.

Kanopy could go further by approaching the public-service broadcasters around the world like the ABC, BBC and SBS to offer their homegrown content catalogues to library members through this platform.  Typically these broadcasters have built up a large amount of content that they have commissioned through the years and most of this content would fit in with Kanopy’s remit. It is already happening with the ABC and some of their shows but can easily go further. Companies and other organisations who create their own educational and training content could offer this to the Kanopy platform for public viewership.

Similarly, Kanopy could approach other organisations to expose their service to their membership. One group would be the primary and secondary schools who would use some of this material as part of their curriculum. Similarly, they could “knock on the door” of more independent studios and quality film distributors to make your local library a viable alternative to what Hollywood puts out. As well, the travel industry could benefit from having access to the Kanopy platform for in-flight or in-room entertainment that is enriching and thought-provoking.

What at least is happening is that Kanopy is bringing the concept of the videos or DVDs made available for loan through the public library systems into the 21st century thanks to online streaming via your home network.

Send to Kindle

Orange to launch their own smart speaker platform in Europe

Article

Freebox Delta press photo courtesy of Iliad (Free.fr)

Freebox Delta as an example of a European voice-driven home assistant

Orange adds smart speaker to control TV | Advanced Television

My Comments

Some European companies are working on their own voice-driven assistant platforms. At the moment, Movistar and Free have platforms that are part of their triple-play set-top-box services while the BMW Group are working towards one for the automotive context.

But Orange who have a foothold in France and Spain as far as multiple-play telecoms services are concerned are intending to release a voice-driven smart speaker known as Djingo. It is an alliance between themselves and Deutsche Telekom but will integrate Amazon Alexa technology. The French will benefit from Djingo in the European Spring of 2019 while the Spanish will benefit later in the year.

On this site, I have called out for the European tech firms to work towards one or more highly-capable voice-driven assistant platform that can effectively compete with Alexa, Cortana, Google Assistant and Siri.

It is also about having the European voice-driven assistant platforms work towards European values such as a competitive market, end-user privacy and service transparency, including having the data kept on European soil.

But the problem with Orange’s and Free’s deployment is that they are implementing Amazon’s technology rather than creating their own technology. This may be to avoid the so-called “Video 2000” problem where Philips and Grundig developed a highly-capable videocassette platform. But this platform, only adopted by some European names, didn’t succeed due to the popularity of the affordable VHS platform. In this case, most of the videocassette recorders based on the Video 2000 platform were sold in to the European markets and most of that platform’s marketing was focused within Europe.

This is compared to a large number of commercial passenger airlines maintaining the European-built Airbus aircraft in their fleet alongside American-built Boeing aircraft.

If a European voice-driven assistant platform is to succeed, it has to be offered around the work as a viable competitor to what Silicon Valley offers but with the values Europeans cherish. This is because there are consumers, service providers and enterprises who also underscore these values and want to benefit from AI-driven voice assistant software.

As I have said before, the European Commission could encourage the development of European-based IT that honours the European values and market it around the world. This is rather than always engaging in court battles and antitrust investigations to deal with Silicon Valley’s market dominance.

Send to Kindle

The successor to the Freebox Révolution has arrived in France

Articles Freebox Delta press photo courtesy of Iliad (Free.fr)

Xavier Niel unveils new Freebox with Alexa, Devialet, Sigfox, Netflix | TechCrunch

French Language / Langue française

Free annonce ses nouvelles Freebox : la Freebox Delta et la Freebox One | FreeNews

Freebox One : pour les accros à Netflix (et c’est tout) | ZDNet.fr

Freebox Delta : voici la box qui doit sauver Free | ZDNet.fr

From the horse’s mouth

Free.fr (French Language / Langue française)

Freebox Delta (Press Release / Communiqué de presse – PDF)

Freebox One (Press Release / Communiqué de presse – PDF)

My Comments

While the “gilets jaunes” were protesting about the cost of living in France, Free.fr had just launched a long-awaited successor to the Freebox Révolution modem-router and media player setup.

The Freebox Révolution was a device symbolic of the highly-competitive telecommunications and Internet-service market that exists in France. It is a xDSL modem-router with an Ethernet connection and a NAS that is also a DLNA-compliant media server. It works with a set-top media player that has an integrated PVR and Blu-Ray player. But over the years, these units took on new functionality that was extraordinary for carrier-provided equipment such as VPN endpoint and Apple AirPlay functionality. Infact I saw it as a benchmark for devices supplied by telcos and ISPs for Internet access when it came to functionality.

Here, there are two systems – one called the Freebox Delta which is positioned at the premium end of the market, and the other called the Freebox One which is positioned as an entry-level offering.

The Freebox Delta has a server unit which combines a modem-router and a NAS that is equivalent to a baseline 4-bay standalone NAS. The WAN (Internet) side can work with a 10Gb fibre connection, an xDSL connection or a 4G mobile broadband connection. But it is the first modem-router that can aggregate the bandwidth of an xDSL connection and a 4G mobile broadband connection for increased throughput.

On the LAN side, there is a Wi-Fi 5 (802.11ac) connection working across three bands and implementing MU-MIMO wireless connectivity. It is in conjunction with an integral four-port Gigabit Ethernet switch. There is the ability to link to the Freebox Delta Player in another room using the FreePlugs which are Gigabit HomePlug AV2 adaptors that Free.fr provides but these are actually network adaptors that use the USB-C peripheral connection approach.

The VoIP functionality that any “box” service offered by the French carriers provides has an RJ11 endpoint for a telephone as well as a DECT base station. There is a USB-C connection along with NFC support.

But Free.fr are even having the Freebox Delta as part of a home-automation system by providing hardware and software support for home-automation hub functionality. It is thanks to Free’s partnership with the Sigfox smart-home software platform. This is based around Zigbee technology with Free.fr and others supplying “smart-home” devices complying with this technology.

The Freebox Delta Player is effectively a connected speaker made by Devialet, a French hi-fi name of respect when it comes to speaker.  But it is a soundbar that uses 6 drivers to yield effectively a 5.1 surround-sound experience.

It works with a French-based voice-driven home assistant (OK Freebox) that handles basic commands but can work with Amazon Alexa which gives it access to the Amazon Alexa Skills library. This is achieved through a four-microphone array and is another way for a European company to effectively answer Silicon Valley in the field of voice-driven assistant platforms.

It can yield pictures to the 4K HDR 10 standard using an HDMI 2.1 socket compliant with the HDCP 2.2 standard and supporting eARC audio transfer that allows for best use with 4K UHD TVs. There is also a DVB-T2 tuner for over-the-air digital TV. You can control the Freebox Delta Player using a wirelessly-charged touchscreen remote which charges on a Qi-compliant wireless charging plate integrated in this media player. Let’s not forget that this device is up-to-date by implementing USB-C peripheral connectivity for two peripherals.

The Freebox Delta will cost EUR€480 to buy, with payment options of  EUR€120 per month over 4 months, EUR€10 per month over 48 months or the full upfront price being paid. The service will cost at least EUR€49.99 per month.

Freebox One press picture courtesy of Iliad (Free.fr)

Freebox One – the entry-level solution

The Freebox One is an entry level single-piece multimedia player and modem-router unit. This will have a Gigabit Fibre and xDSL connectivity on the WAN (Internet) side and Wi-Fi 5 (802.11ac) and four Gigabit Ethernet ports on the LAN side. There will be the DECT VoIP base for the telephony function along with a DVB-T connection for digital TV. It can work with 4K HDR 10 via an HDMI 2.1 (HDCP 2.2 compliant) port for your 4K UHDTV.

It has a front-panel display that is similar to the previous generation of Freebox systems.  You can get this device for EUR€29.99 per month for first year, EUR€39.99 per month as a Freebox hardware-and-services package of the kind you get in France.

With both Freebox systems, I would expect that Free.fr will regularly release new firmware that will add extra functionality to these devices over the years. When you get these “boxes”, you will find that there is more of an incentive to visit the “mis à jour” part of the user interface and frequently update their software.

By offering the Freebox Delta for sale rather tied with a multiple-play service package, Free.fr wants to be able to sell this unit as a device you can use with other services. This means that they can put themselves on the same footing as AVM by being another Continental-European source of highly-capable always-updated consumer premises equipment for your home network.

But what needs to happen is for the European consumer IT firms to create hardware and software platforms that can effectively answer what Silicon Valley has to offer. Who knows which European companies will end up as the “Airbus” or “Arianespace” of consumer and small-business IT?

Send to Kindle

Are we to expect laptops to be mobile phones?

Article

Dell XPS 13 8th Generation Ultrabook at QT Melbourne rooftop bar

Ultraportables soon to serve the same role as smartphones

Cellular voice could be the next step in merging phones and PCs | Windows Central

My Comments

An increasing trend we are seeing with regular desktop and laptop computers is that they are being used for voice and video telephony. Thu is being driven by messaging apps of the Skype, Facebook Messenger, WhatsApp and Viber kind being ported to desktop operating systems; along with softphone applications that provide telephony functionality being made available for these operating systems. The softphone applications, along with Skype are even legitimising this usage case with laptops in the business environment turning them in to secondary or replacement phone extensions.

Headsets like the JBL E45BT Bluetooth headset are used with laptops to make voice calls with messaging apps and soon this will happen for mobile telephony

With these setups, you can talk with the caller using the computer’s integrated or attached microphone and speakers. Or, should you want the same level of privacy associated with holding a handset up to your ear, you can talk to the caller using a wired or Bluetooth headset, of which I have reviewed many on HomeNetworking01.info.

Microsoft and others in the “open-frame” computing world are pushing along with the Always Connected PC which runs ARM RISC microarchitecture rather than the traditional Intel-based CISC kind. These ultraportable computers will also be equipped with a wireless broadband modem that is authenticated using eSIM technology.

The idea is to eventually have these computers become like a smartphone with them linked to the cellular mobile network. It is also alongside the fact that today’s smartphones are effectively pocket computers running a mobile operating system.

It could be easy to say that the Always Connected PC concept is irrelevant because one can “tether” a computer to a smartphone to have access to the mobile broadband service, whether through a USB connection or a Wi-Fi-based “hotspot” function that mobile operating systems support. Or we can simply connect our computers and phones to Wi-Fi networks including publicly-accessible networks like hotspots. For that matter, computers can also be connected to other network types like Ethernet or HomePlug AV networks.

Android main interactive lock screen

Smartphones now are pocket computers

Let’s not forget that the GSM Association and the Wi-Fi Alliance are looking at Wi-Fi networks as a way of providing data-offload functionality. This is through mobile carriers like BT and Telstra offering FON-style community Wi-Fi networks and the Wi-Fi Alliance using Passpoint / Hotspot 2.0 as a way to provide hands-off login to public-access networks.

The Wi-Fi functionality is also being taken further in the context of smartphone-based voice telephony with the use of VoWLAN as another call-transport option for these devices. Some mobile telcos like Telstra even use this as a way to provide voice telephony continuity to their customers if they can’t reach the cellular network but can use Wi-Fi-based Internet.

The focus now is towards the concept of always-connected portable computing with a secure and consistent connectivity experience. This is being brought on through the use of 5G mobile-broadband technology and the interest in edge computing which provides support for localised data processing and storage in a cloud environment.

The eSIM is being pitched as a way to provision mobile service in an online manner, especially to vary the service to suit one’s needs or switch to a competing mobile telco. It also is placing pressure upon mobile telcos to adopt a “service-focused” approach with the idea of having multiple devices on the same mobile account and plan, ringing to the same mobile number and using the same data allowance. The goal with mobile telephony will then be to make or take a voice or video call or send and receive messages on the device that you currently are using rather than changing to a different device for that task.

Connected cars even to be another logical device for one’s mobile service account.

This concept has been driven by the Apple Watch and will be pushed on with smartwatches that have built-in mobile broadband modems. But it will be extended through other devices like smartphones, Always Connected PCs and connected vehicles. There is also the idea of implement the equivalent of a local area network across devices tied to the same service and this will be driven by the trend towards ubiquitous ambient computing.

A question that will come about is the ability to maintain multiple different services on the same physical device whether from the same telco or different telcos. This will be about maintaining separate services for business and private use. Or it could be about travellers who want to maintain a local service while at their destination along with their “home” service. This is a feature that is of relevance in countries where cross-border commuting is the norm thanks to land borders or short affordable ferry rides.

This could be addressed through support for multiple services including the ability to provision a cluster of multiple devices with the one service simultaneously. This same issue can also address the ability for us to use the conventional Internet service based around a hardwired broadband service with a Wi-Fi and / or Ethernet local network in the premises.

What I see out of this new trend is that if your computing device has mobile broadband or connection to the Internet via a local-area network, along with a speaker and microphone, it will become the one-stop computing and communications device. It doesn’t matter what shape or size it is in, being a smartphone, laptop or whatever. As well, the right-sized computing device will serve your computing and communications needs as you see fit.

Send to Kindle

Big Mouth Billy Bass to become the start of Alexa-driven novelties

Article

Amazon Echo on kitchen bench press photo courtesy of Amazon USA

Your Amazon Echo will soon be expected to work with a wide range of toys and novelties

The latest Big Mouth Billy Bass is made to be a rockstar with built-in Alexa support | Windows Central

From the horse’s mouth

Amazon

Big Mouth Billy Bass – Compatible With Alexa (Product Page)

Alexa Gadgets Toolkit page

My Comments

Amazon had just polished their Gadgets Toolkit which is an application programming interface for interlinking devices of various kinds with the Alexa voice-driven home assistant platform. This has opened up a path for doing things like interlinking novelties that can show off when you ask Alexa for them to do so.

The first of these is the latest take on the Big Mouth Billy Bass phenomenon of the late 90s and early 2000s.

This novelty is a toy fish that is mounted on a board and starts singing songs like “Don’t Worry Be Happy” or “Take Me To The River” at the touch of a button. This is with the fish’s face swinging around to face the audience and its mouth moving in sync to the lyrics. It brought about other singing-and-dancing novelties that performed to pre-recorded songs in a funny manner.

But this latest iteration of the Big Mouth Billy Bass fish interlinks with any Amazon Echo device via Bluetooth and acts as a speaker for that Echo device. It is programmed to move the mouth in response to speech that comes through the Echo device, be it Alexa, a singer or a podcast author. The fact that it is designed to work tightly with the Alexa ecosystem will mean that if Amazon issues updates, this peripheral will gain these updates.

It will become the first of many toys and novelties that work in conjunction with the Alexa ecosystem. This includes short-form electronics modules that will be pitched to artisans who make giftware such as cuckoo clocks or Christmas decorations for them to include in their projects. Let’s not forget that Google, Apple and others will look towards extending their “smart-home” or similar platforms to work with this class of device.

An issue that will be raised regarding this product class is the fact that connected novelties and toys are being designed with very little thought for household privacy and data security. Infact a lot of IT security experts even suggest that people don’t use or give these devices at all. But this device is designed to work as if it is a peripheral for an Amazon Echo device and only connects to it via Bluetooth.

There will still be issues regarding the design of connected novelties and toys including data security and ease of connectivity. This is more so if they are to be sold through the toy and giftware retail sector where most staff are not likely to have a clue regarding the technicalities associated with these devices.

One way is that if the gadgets are to work alongside a voice-driven home assistant platform or regular computer / mobile operating system, they have to work using a “gadget API” associated with that platform or operating system and developed by the platform’s or operating-system’s developer. This is without the need to write a hefty app to gain the most out of the device. The use of APIs rather than a custom app or skill can also limit the kind of data that is collected via the novelty or toy and provide the end-user with greater control over what the device does.

As well, the “gadget API” has to also support a simple but secure setup process including permissions for various activities like use of microphones, cameras or speakers. This may be a similar process to installing or using an app on your smartphone or mobile-platform tablet where the operating system will ask whether to use the camera, microphone or sensors.  Other issues that will also come about include a “secure by design” approach for the gadget’s firmware including regular update cycles to rectify software vulnerabilities.

Let’s not forget that the “gadget APIs” would also need to support the use of the connected device as a “master clock” if the gadget is to display or react to the current time or date. This is to avoid the need to reset the clock on these devices whenever Daylight Saving Time starts or ends or worry about that clock losing time.

What I see coming about is a relentless push to offer toys, novelties and giftware that are intended to work with the home network and the Internet. But there needs to be a secure simple approach to how these gadgets are designed.

Send to Kindle

Germany to set a minimum security standard for home-network routers

Article

Telstra Gateway Frontier modem router press picture courtesy of Telstra

Germany has defined a minimum standard for secure broadband router design

Germany proposes router security guidelines | ZDNet

From the horse’s mouth

BSI (German Federal Office for Information Security)

TR-03148 Secure Broadband Router 1.0 (PDF)

My Comments

It is being identified that network connectivity devices and devices that are part of the Internet-Of-Things are being considered the weakest point of the secure Internet ecosystem. This is due to issues like security not being factored in to the device’s design along with improper software quality assurance when it comes to the devices’ firmware.

The first major incident that brought this issue to the fore was the Mirai botnet attack on some Websites and dynamic-DNS servers through the use of compromised firmware installed in network videosurveillance cameras. Recently in 2016, a similar Mirai-style attack attempt was launched by the “BestBuy” hacker involving home-network routers built by Zyxel and Speedport.There was a large installed base of these routers because they were provided as standard customer-premises equipment by Deutsche Telekom in Germany. But the attempt failed due to buggy software and the routers crashed.

Now the BSI who are Germany’s federal information-security government department have taken steps towards a baseline set of guidelines concerning security-by-design for these home-network routers. It addresses both the Internet-based attacker sithation and the local-network-based attacker situation such as a computer running malware.

Key requirements

Wi-Fi segments

There are requirements concerning the LAN-side private and guest Wi-Fi segments created by these devices. They have to work using WPA2 or newer standards as the default security standard and the default ESSIDs (wireless network names) and Wi-Fi passphrases can’t relate to the router itself like its make or model or any interface’s MAC address.

As well, guest Wi-Fi and community / hotspot Wi-Fi have to be treated as distinct separate logical networks on the LAN side and they have to be “fenced off” from each other. They will still have access to the WAN interfaces which will be the Internet service. The standard doesn’t address whether these networks should implement client-device isolation because there may be setups involving a requirement to discover printers or multimedia devices on these networks using client software.

Router management

The passwords for the management account or the Wi-Fi segment passphrases have to be tested against a password-strength algorithm when a user defines a new password. This would be to indicate how strong they are, perhaps through a traffic-light indicator. The minimum requirement for a strong password would be to have at least eight characters with at least 2 each of uppercase, lowercase, number and special characters.

For the management account, there has to be a log of all login attempts along with lockout-type algorithms to deter brute-force password attacks. It would be similar to a code-protected car radio that imposes a time delay if the wrong passcode is entered in the radio. There will be an expectation to have session-specific security measures like a session timeout if you don’t interact with the management page for a certain amount of time.

Other requirements for device management will include that the device management Webpage be only accessible from the main home network represented by the primary private Wi-Fi segment or the Ethernet segment. As well, there can’t be any undocumented “backdoor” accounts on the router when it is delivered to the customer.

Firmware updating

But the BSI TR-03148 Secure Broadband Router guidelines also addresses that sore point associated with router firmware. They address the issue of updating your router with the latest firmware whether through an online update or a file you download to your regular computer and upload to the router.

But it is preferred that automatic online updates take place regarding security-related updates. This will most likely extend to other “point releases” which address software quality or device performance. Of course, the end-user will need to manually update major versions of the firmware, usually where new functionality or major user-interface changes take place.

The router manufacturer will be required to rectify newly-discovered high-severity security exploits without undue delay once they are notified. Here, the end users will be notified about these software updates through the manufacturer’s own public-facing Website or the router’s management page.

Like with most regular-computer and mobile operating systems, the use of software signatures will be required to authenticate new and updated firmware. Users could install unsigned firmware like the open-source highly-functional firmware of the OpenWRT kind but they will need to be warned about the deployment of unsigned firmware on their devices as part of the deployment process. The ability to use unsigned firmware was an issue raised by the “computer geek” community who liked to tinker with and “soup up” their network hardware.

Users will also need to be notified when a manufacturer ceases to provide firmware-update support for their router model. But this can hang the end-user high and dry especially if there are newly-discovered weaknesses in the firmware after the manufacturer ceases to provide that software support.

The standard also places support for an “anti-bricking” arrangement where redundant on-device storage of prior firmware can exist. This is to avoid the router from “bricking” or irreversibly failing if downloaded firmware comes with software or file errors.

Other issues that need to be addressed

There are still some issues regarding this standard and other secure-by-design mandates.

One of these is whether there is a minimum length of time for a device manufacturer to continue providing security and software-quality firmware updates for a router model or series after it is superseded. This is because of risks like us purchasing equipment that has just been superseded typically to take advantage of lower prices,  or us keeping a router in service for as long as possible. This may be of concern especially if a new generation of equipment is being released rather than a model that was given a software-compatible hardware refresh.

Solutions that could be used include open-sourcing the firmware like what was done with the Linksys WRT-54G or establishing a known-to-be-good baseline firmware source for these devices while continuing to rectify exploits that are discovered in that firmware.

Another is the existence of a logo-driven “secure-by-design” campaign directed at retailers and the general public in order to encourage us to buy or specify routers that are compliant to this standard.

An issue that needs to be raised is whether to require that the modem routers or Internet-gateways supplied as standard customer-premises-equipment by German ISPs and telcos have a “secure-by-design” requirement. This is more of an issue with Internet service provided to the average household where these customers are not likely to fuss about anything beyond getting Internet connectivity.

Conclusion

The BSI will definitely exert market clout through Europe, if not just the German-speaking countries when it comes to the issue of a home network that is “secure by design”. Although the European Union has taken some action about the Internet Of Things and a secure-by-design approach, they could have the power to make these guidelines a market requirement for equipment sold in to the European, Middle Eastern and African areas.

It could also be seen by other IT bodies as an expected minimum for proper router design for home, SOHO and SME routers. Even ISPs or telcos may see it as an obligation to their customers to use this standard when it comes to specifying customer-premises equipment that is supplied to the end user.

At least the issue of “secured by design” is being continually raised regarding home-network infrastructure and the Internet Of Things to harden these devices and prevent them from being roped in to the next Mirai-style botnet.

Send to Kindle

NetID and Verimi to become Europe’s single-sign-on answer to Silicon Valley

Articles

Map of Europe By User:mjchael by using preliminary work of maix¿? [CC-BY-SA-2.5 (http://creativecommons.org/licenses/by-sa/2.5)], via Wikimedia Commons

Europe takes steps towards its own single sign-on services

German online ID startups ready to take on US titans | Handelsblatt Global

European netID Foundation Launches; Turner Establishes Unified Ad Sales Unit T1 | ExchangeWire

netID provides a single portal where European consumers will be able to manage their data privacy | Videonet

RTL Group, ProSieben.Sat1 form European netID Foundation | TVB Europe

From the horse’s mouth

European NetID Foundation (German language / Deutsche Sprache)

Homepage (Startseite)

netid.de

My Comments

Social sign-on concept diagram

Social sign-on and single-sign-on concept diagram – relationship between the social network and online service

A situation that I am regularly watching is whether European companies are running consumer-facing online service that answer what the Silicon Valley establishment can provide yet maintain the European values of privacy and data-handling transparency. This is rather than the European Commission always tackling the Silicon Valley

Flag of Germany

It’s all kicking off within Germany thanks to RTL and ProSiebenSat1

titans with the big stick when they get out of control.

Here, the European values about democracy, user privacy and data-handling transparency have been moulded and established due to Continental Europe passing through some of the darkest periods in history. Through these eras, a significant number of European nations were run as police states with their national-security services were conduction mass surveillance at the behest of the nations’ dictators.

Infact the German-speaking countries of Europe have become strong defenders of this ideal by enacting strong data-privacy laws. It was also underscored with Germany showing strong concern regarding their Chancellor Angela Merkel being spied on by the NSA which led to European government having their information and communications technology business run by local businesses.

Initially, there have been some European companies operating in the online file-storage, Web-search and online-audio spaces like with CloudMe, Qwant, Spotify and SoundCloud. Also France is taking steps towards a YouTube competitor in the form of a peer-to-peer video-streaming service known as PeerTube. As well, there have been a few privacy-centric Webmail providers hosted within Europe like Protonmail. Lately the BMW Group worked on its own voice-driven personal assistant platform for its vehicles and I had valued this as a possible base for a European-base voice-driven assistant platform answering Alexa and co.

But the latest service class to have a European answer is single-sign-on for online services. This has been facilitated in a consumer-facing manner as a “social-sign-on” facilitated by social networks, mainly Facebook and Google. Such systems also implemented a simplified provisioning process with the data that you used to establish your Facebook or Google presence being used to create your account as you come onboard to a new online service.

The main European competitor has come in the form of NetID, created by the European NetID Foundation. This startup has been established by the RTL Group, ProSiebenSat1, and United Internet but is partnering with some other German brands like the Suddeutsche Zeitung and Spiegel newspapers along with the Scout24 online classifieds Websites.

Another is Verimi which is established by Allianz, Deutsche Bank and Lufthansa. This is based on the WebID video legitimisation service to facilitate verification of customers when they establish bank accounts or credit cards. This company is wanting to underscore the quality ethos behind the “Made In Germany” brand.

They offer a single-sign-on experience and a “hardened identity” service to facilitate online transactions. But the end-users have greater control over their own data and this is being driven by the GDPR and other European data-privacy regulations. Let’s not forget that the data is kept on servers that are within Europe.

The European NetID Foundation do expect to work beyond Germany with the desire to cut in to France, Belgium, Netherlands and Austria at the start. This could be facilitated very easily by the RTL Group who have private commercial TV or other media presence in multiple European countries or ProSiebenSat1 who effectively have private commercial TV presence across German-speaking Europe.

There is the one “data point” for each individual customer to make their data-privacy wishes clear. It is accessible from multiple Websites like those run by the different media providers. But each customer has the ability to have granular opt-in / opt-out control over their data with, for example, the ability to let a company they trust run targeted advertising for them but not allow another company they don’t trust to run that same service. The other key factor behind the European NetID Foundation is that it is an open-platform approach with an open-source codebase.

There is also the concept of customer data being managed by a third-party agent but effectively under the control of these end-users. It is also underscored by an open approach that supports the European transparency value and the data cannot be used by a company until the user grants them consent to that data.

At the moment, the European NetID Foundation is at is early days but it will be needing to approach other sign-on situations including support for devices with limited user interfaces. Here, this would be either be about setting up an account with or signing in to an online video service from a TV using its remote control for example.

Personally, I would like to see these companies offer their alternative single-sign-on services beyond Europe, especially to organisations who support and honour European business values.  But I see it as another step towards Europe creating their own online services that break away from Silicon Valley’s stranglehold on our online life.

Send to Kindle

SAT-IP technology to extend to terrestrial and cable TV setups

Article – From the horse’s mouth

Broadcast-LAN setup

This could become the way to distribute cable and terrestrial TV around the home in Europe

AVM

SAT>IP — what is it? (Blog Post relating to DVB-C broadcast-LAN abilities in some AVM FritzBox cable modem routers)

My Comments

In Europe, SAT-IP, properly spelt SAT>IP, has been established as a broadcast-LAN standard for satellite-TV setups. This implements a satellite broadcast-LAN tuner that connects between the satellite dish and your home network, whereupon a a compatible TV or set-top box or a computing device running compatible software “tunes in” and picks up the satellite broadcast.

Lenovo Yoga Tab Android tablet

A mobile-platform tablet running a SAT-IP client could end up serving as a portable TV for a cable or terrestrial TV setup

At the moment, Panasonic smart TVs pitched to the European market can work with a SAT-IP setup, with Loewe rolling this feature in to their models, but there is a wide range of software including VLC that can work with this setup along with a significant number of set-top boxes.

But this technology is being taken further by extending it to terrestrial and cable TV setups, especially in Germany which has a infrastructure-agnostic policy regarding the distribution of free-to-air and pay TV. That is you could watch Tatort on Das Erste in that country no matter whether you are using the traditional TV antenna, a cable-TV infrastructure or a satellite dish. Some online resources in that country even use the name TV-IP or TV>IP to describe this all-encompassing approach.

Dell Inspiron 13 7000 2-in-1 Intel 8th Generation CPU at QT Melbourne hotel - presentation mode

.. as could one of these Windows-based 2-in-1 convertibles

There is still the issue with rented properties and most multi-family developments where there is only one point of entry for the cable-TV service and it becomes more of a hassle to add extra cable-TV outlets around the premises for extra sets. There is also the fact that most of us are using laptops, tablets and smartphones in lieu of the portable TV for doing things like watching “guilty-pleasure” TV around the home.

AVM are releasing Fritz!OS 7 firmware for their Fritz!Box 6490 Cable and Fritz!Box 6590 Cable modem routers that provides a SAT-IP server functionality to extend these devices’ broadcast-LAN abilities, initially facilitated using DLNA. They also are rolling this function to the Fritz!WLAN Repeater DVB-C which is another broadcast-LAN device for cable TV in addition to a Wi-FI repeater.

Once updated, these Fritz!Box cable modem routers and the Fritz!WLAN Repeater DVB-C will present the DVB-C cable-TV and radio signals to any SAT-IP client device or software as if you are using a SAT-IP satellite broadcast-LAN device. I also see this working with those SMATV (shared satellite dish) setups for larger building that repackage satellite TV and terrestrial TV channels as DVB-C-compatible cable-TV channels.

I wouldn’t put it past other broadcast-LAN vendors courting the European market to have their non-satellite devices become SAT-IP servers. But also what needs to happen is that more TV manufacturers to implement SAT-IP-based technologies “out of the box” across their product ranges.

It could appeal to a hassle-free approach to TV-location approach where you have a single entry point for your TV aerial, cable-TV service or satellite dish but you use your home network, be it Wi-Fi 5/6 (802.11ac/ax), HomePlug AV2 or Ethernet, and a SAT-IP compatible broadcast-LAN box to permit you to relocate your TV or add more sets as you please. This is without having to call in a TV-aerial technician to install extra sockets or get the landlord to assent to their installation.

Another factor that would drive SAT-IP or TV-IP further would be to build support for it in to games consoles and similar devices that are expected to be single-box multimedia terminals. Think of devices like the XBox One, PS4, Apple TV and the like, or regular computers running their native operating systems.

But it may be seen as a big ask unless this technology is implemented beyond continental Europe. This is due to the common tech attitude that if a technology isn’t implemented beyond a particular geographic area or isn’t implemented in the USA, it will miss the boat for native operating-system support.

Send to Kindle

Amazon Alexa is a native app for Windows 10 PC

Article

Dell Inspiron 13 7000 2-in-1 Intel 8th Generation CPU at QT Melbourne hotel

You can use Amazon Alexa on any Windows 10 computer thanks to a generally-available Microsoft Store app

Control Alexa from your Windows 10 PC | CNet

My Comments

Amazon are releasing a Windows 10 native app that serves as a gateway to their Alexa voice-driven home-assistant ecosystem. Initially this was a very limited release that was preinstalled on certain computer ranges like Lenovo’s Yoga laptop range, but they are making it generally available through the Microsoft Store in the USA. This means you could install it on any Windows 10 desktop, laptop or 2-in-1 rather than having to buy one of the certain computers that come with this function if you want to speak to Alexa through that computer.

It will be targeted for any regular computer that is running Windows 10 as long as it has a microphone and the usual keyboard. There will be the ability to invoke Alexa through a keyboard shortcut or to click / tap the Alexa button within the app. The “Wake On Voice” functionality where you can speak the “Alexa” keyword to invoke Alexa will be available on some supported computers.

At the moment, the Amazon Alexa native app for Windows 10 doesn’t provide the kind of management that its iOS or Android mobile-platform brethren provide. This means that you will have to use the Alexa management Web page to manage the Skills available to your Echo devices or the smart-home ecosystem that they are part of.

Amazon Echo on kitchen bench press photo courtesy of Amazon USA

This will make your Windows laptop work a bit like the Amazon Echo

The other question that may be raised by Amazon as part of developing the Alexa app further is whether the Alexa app will provide a visual interface of the “Echo Show” kind for those skills that have visual abilities. It may be seen as a further direction for third-party Alexa-platform devices to answer the Google Assistant (Home) platform.

I would expect that these features will come through in newer versions of this app. Similarly I would expect that this app would be rolled out in to all of the markets that Amazon has established the Alexa / Echo ecosystem in to over time.

The Alexa app is part of a strong effort by the two Seattle-based IT giants to provide a strong partnership between their efforts i.e. the Windows desktop operating system for Microsoft and the Alexa voice-assistant / smart-home ecosystem for Amazon.

This effort was initially represented through the availability of “pathway” skills between Microsoft’s Cortana and Amazon’s Alexa assistants. It is with the ability also to provide the necessary abilities to users to interlink their user accounts on each of these services for transparent operation.

It could be seen to be about Microsoft dumping the Cortana assistant’s home-automation roles. Or it could be about Amazon and Microsoft to fuse together their voice-driven assistants in a manner to build a highly-strung Seattle-based voice-driven assistant platform to take on what is being offered by Silicon Valley.

Send to Kindle