Category: Internet Of Things

Designing for highly-compatible Internet Of Things

Article

D-Link DCH-3150 myDLink motion sensor

Smart Home and Internet Of Things devices need to be designed for compatibility and security before they become popular

How to bring true interoperability to the Internet of Things | Network World

My Comments

Increasingly, the concept of the “smart home” or Internet Of Things is becoming very real. Here, we are seeing a lot more consumer-electronics devices, home appliances and similar devices become connected to the home network and the Internet.

The “app-cessory” approach to network-controlled devices, where the only way to control these devices via your home network is through a manufacturer-supplied mobile-platform app, has now had its day. This typically asked that the device to be connected to your iOS or Android smartphone or tablet using one of three paths: a Bluetooth connection to the mobile device in the same vein as a Bluetooth headset; a Wi-Fi network created by the device that is controlled by the mobile-platform device; or the home network’s Wi-Fi segment.

The trend that is affecting these devices is to interlink them with a platform-based voice-driven “home assistant” of the Amazon Alexa or Google Home ilk. Here, the requirement is for the manufacturer to provide a “skill” or something similar to the “home-assistant” platform so that Alexa, for example, can interact with the device.

But the article is now highlighting the requirement for increased compatibility with the Internet Of Things. This is where the same device can operate across a range of different network setups and operating platforms.

Use of highly-capable hardware interfaces at the media-connection level

A direction that has assured “out-of-the-box” interoperability for regular-class and mobile-class computer devices along with an increasing number of consumer-electronics devices is to implement one or more multi-mode front-ends when handling the different interface types.

In the case of radio, it can mean being able to handle Wi-Fi, Bluetooth, Zigbee or similar technologies concurrently.With the wired networks, it would be about working with different media protocols over the same kind of wire, being Cat5 unshielded twisted pair, TV-antenna coaxial cable, AC wires used to power your appliances or traditional telephone wires.

Devolo Home Control Central Unit (Zentrale) press photo courtesy of Devolo

Devolo Home Control Central unit connected to router

In the case of a wireless connection, this is represented by the use of Bluetooth for peripheral-class device connection and Wi-Fi wireless networking to the latest standard for connecting to the home network and the Internet. Smartphones and some tablets will also implement a mobile-broadband modem that works across recent cellular mobile-telephony standards as well. As well, some consumer-electronics devices may implement a multifunction radio front-end that supports Zigbee or Z-Wave, typically to provide support for an RF-based remote control.

There are a significant number of “smart-home” or “Internet Of Things” devices that are designed to work solely with Bluetooth, Zigbee or Z-Wave. Examples of these range from temperature sensors, smart locks and movement sensors. These devices, typically battery-operated devices, use one of these technologies because of the fact that they are very thrifty on battery power thus allowing them to work on up to 3 AA Duracells or a 3V “pill-size” battery for months at an end or to work only on “harvested” power like kinetic energy.

But, if they want to liaise with your home network and the Internet, they have to deal with a gateway device that links between them and the home network. It is because, at the time of writing, no-one has effectively brought a Wi-Fi-capable single-mode or multimode radio front-end chipset that permits a battery-operated device to work in a power-efficient manner.

But another approach being called for is to have an Internet gateway device i.e. a home or small-business router being equipped with support for Bluetooth, Zigbee and / or Z-Wave along with Wi-Fi and Cat5 Ethernet for the home network. To the same extent, a Wi-Fi infrastructure device like an access point or range extender could simply be a bridge between other radio-network types like Zigbee or Bluetooth and the home network facilitated by the Wi-Fi or wired home-network connection.

Some manufacturers even have an “IoT hub” or gateway that links their Bluetooth, Zigbee or Z-Wave devices to your home network via an Ethernet connection. Here, this is offered as part of enabling their devices for online control via a Web dashboard or mobile-platform app. The current situation with most of these hubs is that they have the online-service hub that works with the manufacturer’s device.

There needs to be the ability to facilitate setups involving multiple gateways that link the home network with Zigbee or similar “IoT” radio segments. This is a reality with most of these devices being limited in their radio coverage in order to conserve battery power because they are expected to run on a commodity battery supply like two or three AA Duracells for months at a time or, in some cases, work on harvested electrical energy. You may find that having one of the gateways located near an IoT endpoint device like a smart lock may assure reliable connected operation from that device.

In these setups, there needs to be the ability to see a collection of these “IoT-specific” radio segments as one logical segment, along with the ability to discover and enumerate each device no matter which gateway or bridge device it is connected to and what kind of networks is used as the backbone.

Flexible software to the application level

Kwikset Kevo cylindrical deadbolt in use - Kwikset press image

To provide extended monitoring and control to the Kwikset Kevo deadbolt, you have to use a Bluetooth bridge supplied by Kwikset

Another issue raised regarding the Internet Of Things is compatibility across multiple software platforms and protocols.

A design practice that has been known to be successful was for recent network-connected home-AV equipment like Wi-Fi wireless speakers to support Apple AirPlay, Google Chromecast and DLNA “out of the box”. Here, you could stream content to these devices using most computer devices, whether it be your iPhone, Android tablet or Windows computer, or whether it is hosted on your NAS device.

Here, the goal is for a device to support many different software platforms, frameworks and protocols that are needed to do its job. To the same extent, it could be feasible for a device to work with different cloud services like Google Home, Amazon Alexa or IFTTT. What this can mean is that a device can work with different control and display surfaces from different manufacturers. It also means that the data that a piece of equipment shares is set in a known standard so that any software developer working on an IoT project can make use of this data in their code.

For example, the Open Connectivity Foundation’s standards which include the UPnP standards and are supported by the “open-frame” computing community, along with the Apple HomeKit framework will be required to be supported by network-connected devices.

Here, it will be about identifying every one of the standards supported by the physical medium that the IoT device uses to link with other devices and the network. Then implementing all of the current standards supported by that medium in a vendor-agnostic manner.

Secure by design

An issue that has been raised recently is the issue of data security practices implemented by the software that runs Internet-Of-Things and dedicated-purpose devices. Situations that have come to the fore include the Mirai botnet that scoped in network videosurveillance cameras and home-network routers to perform distributed denial-of-service attacks against online resources like the Krebs On Security Website and the DNS records held by Dyn, a dynamic-DNS provider, affecting a large number of Internet household names.

Here, the issue being called out is designing the software in this class of device for security along with a continual software-maintenance cycle. But it also includes the implementation of secure-software-execution practices not uncommon with the latest desktop and mobile operating systems. This includes secure-boot, trusted-execution and sandboxing to prevent unwanted code from running along with data-in-transit protection and authentication at the network level.

The concept of a continual software-maintenance approach where the firmware and other software associated with the Internet Of Things is always updated with these updates installed “in the field” as they are available, allows for the removal of software bugs and security exploits as they become known. It also allows the software to be “tuned” for best performance and manufacturers can even roll out newer functionality for their devices.

In some cases, it could even lead to a device being compatible with newer and revised standards and protocols rather than seeing one that ends up being limited because it doesn’t support the newer better protocol. But there can be the question about this kind of software update being used as a way to enforce unpopular device-design requirements upon an existing installed base of devices and changes how they operate. This could be brought about by a government mandate or an industry expectation, such as an eco-requirement for HVAC equipment required by a state energy-conservation department or a digital-rights-management expectation required at the behest of Hollywood.

To make the IoT hardware and software ecosystem work properly, there needs to be an underscored requirement for compatibility with prior and newer devices along with the ability to work securely and with properly-maintained software.

Send to Kindle

Frigidaire offers a window-mount room air-conditioner that connects to your home network

Article

Google Home welcomes 12 new partners in big smart home update | CNET

Frigidaire Cool Connect uses app-linked smarts to chill hot homes | CNet

Dreading summer already? Frigidaire’s smart window air conditioner lets you cool on demand | Digital Trends

From the horse’s mouth

Frigidaire USA

Frigidaire Smart Room Air Conditioner with Wifi Control

Product Page (8000 BTU model / 10000 BTU model / 12000 BTU model )

My Comments

Typically, the traditional single-piece room air-conditioner that was installed through a window or a wall cut-out was never seen as anything special by their manufacturers. These noisy boxes that kept your room cool (or warm in the case of reverse-cycle units) didn’t come with anything special as far as their features were concerned.

Recently-issued models started to come with remote control abilities but could be controlled using your home network thanks to a Tado or similar “virtual-remote-control” kit. But Frigidaire raised the ante for this class of air-conditioner by offering a model that can directly work with your home network.

The Frigidaire Cool Connect air-conditioner can be installed in a window like the rest of these beasts but this is where the similarity stops. Here, it looks very similar to one of the advanced network-capable multiroom speakers thanks to a mesh-like grille that covers the bottom half of the unit. The top edge of the unit has the output vents that blow the air upwards and may limit its installation to somewhere up to halfway up the wall.

As well, the essential controls such as to turn it off and on or adjust the comfort level are simply touch-buttons on the top edge towards the front while the temperature is shown through the front of the unit. There is also a card remote control that you use for managing the essential functions from afar.

But the difference with this room air-conditioner compared to the others out there is that can connects to your home network via Wi-Fi and be controlled using an iOS or Android app. Here, you can control the essential functions or set the 24-hour timer for pre-emptive scheduled cooling such as to have your place cool before you arrive. Here, these functions can be managed over the Internet, which can be good for starting the Frigidaire Cool Connect air-conditioner to get the home cool well before you arrive as a way of dodging that heat-wave.

A feature that impressed me about the Frigidaire Cool Connect air-conditioner is that you can have a cluster of these units controlled as a group. This can be of use with larger areas where a single unit isn’t enough to cool a room or premises down. Or you have individual units installed in particular rooms like a bedroom and the living room but want to manage them both at once for actions like dropping that heat-wave temperature down or turning them off when it’s cold enough.

Let’s not forget that you can use a device that supports the Google Home or Amazon Alexa voice-driven home assistants to control the Frigidaire Cool Connect air-conditioner. Here, you could issue commands for the essential functions like turning the system on or off or increasing or decreasing the comfort level.

What has been shown here is that Frigidaire, now a part of the Electrolux appliance behemoth, is raising the bar for an appliance class often overlooked by many other appliance manufacturers. Here, they have offered a single-piece window-mount room air-conditioner that can be part of the connected home.

Send to Kindle

Google demonstrates their Google Home concept during Super Bowl 2017

Part of the experience of watching American Football’s annual ultimate playoff that occurs every February is to see the ads that are run during the commercial breaks. This is because, a company has to stump up at least US$5 million per “spot” to get an ad in front of the USA’s many eyeballs who will be watching the Super Bowl. Here, it is also the time that advertisers pull out the stops to show the most impressive and memorable commercials that could end up being run when they want to extend the campaign further.

Google used this year’s Super Bowl to demonstrate the concept of their Google Home voice-activated home assistant platform competing with Amazon Alexa. But is shows what these voice-operated home assistants are all about. Most of the functionality you will see in this ad will require you to install smart-home devices that control your existing lighting or heating.

Have a look at this if you missed it during this year’s “ad parade”.

Send to Kindle

Passive Wi-Fi–a new trend for battery-operated Wi-Fi network devices

Articles

‘Passive Wi-Fi’ researchers promise to cut Wi-Fi power by 10,000x | PC World (IDG)

New “Passive Wi-Fi” Could Drastically Cut Power Needs For Connected Devices | Fortune

Passive WiFi – 10,000 times less power consumption than trad WiFi | Telecom TV

US engineers unveil Passive Wi-Fi, which consumes 10,000 times less power | Android Authority

Video (Click / Tap to play)

My Comments

A new direction that is being looked at for the Wi-Fi wireless-network ecosystem is the use of “passive Wi-Fi”. This is where Wi-Fi endpoints will not be needing the use of analogue RF amplification circuitry and can simply reflect these wireless signals back to access points or routers.

Traditional active Wi-Fi setups work analogously to a torch (flashlight) that is being used where it is actively putting out the light thanks to its batteries. But passive Wi-Fi works in a similar vein to a mirror that simply reflects the light without using any energy.

The advantage here with passive Wi-Fi is that devices implementing that technology don’t need to draw lots of current for them to operate on the network. This is so appealing towards mobile devices implementing it as a battery-saving measure.

But it also appeals towards how devices related to the smart home or Internet-Of-Things will be designed. This is because these devices can be designed to work for a long time on up to three AA or AAA Duracells or a coin battery, or could use energy-harvesting technologies like solar power or kinetic energy but work with a Wi-Fi network rather than the Bluetooth LE, Zigbee or Z-Wave networks that are optimised for low energy.

Here, it may be feasible to directly connect these devices to your home network and the Internet without the need to use bridge devices to achieve this goal. This is although it can be feasible to integrate Bluetooth LE, Zigbee and/or Z-Wave bridging functionality in to a Wi-Fi-capable router or access point, especially if there is a market expectation to have these devices also serve as “smart-home” or “IoT” hubs.

At the moment, passive Wi-Fi can work between 30-100 feet on a line-of-sight or through walls while passing a bandwidth of up to 11Mbps. The prototypes have been demonstrated with traditional Wi-Fi network equipment including a router and smartphone and this has proven that they can work in a standard Wi-Fi network. But there have been issues raised about requiring routers and access points to broadcast a “wake-up” call for these devices to report their presence and status.

A question that can be asked as this technology is designed is whether it could be feasible to design a Wi-FI front-end to switch between active and passive mode. Here, it could appeal to devices that enter passive mode simply to save energy but “go active” while in use with obvious use cases being mobile devices or Wi-Fi-based handheld controllers.

What it could lead to is that the goal to optimise all of the building-wide wireless-data technologies for low-power use has been nearly completed with the ability to have devices that exploit these technologies able to run for a long time on ordinary batteries.

Send to Kindle

Z-Wave to be the first standards group to mandate secure IoT

Article

Nest Learning Thermostat courtesy of Nest Labs

Z-Wave now requires a secure-by-design approach for Internet Of Things devices using its technology like these room thermostats

IoT gear will need better security to win a Z-Wave badge | PC World

Previous coverage on this topic

A Clear Reality Surfaces With The Internet Of Things

EU wants to establish a security baseline for Internet Of Things

August responds to its smart lock’s security weaknesses by patching its software

My Comments

The recent Mirai botnet denial-of-service cyber-attacks including an attack against a data-security journalist have raised serious questions regarding designing the software for dedicated-purpose devices like network-infrastructure devices and the “Internet Of Things”. Here, it raised concern regarding default or hard-coded passwords along with poorly-maintained software as being a few of the issues that lead to lax security proactices for the dedicated-purpose devices.

This led to the European Union wanting to call a baseline standard for device-software security, with a customer-facing indicator similar to energy-efficiency labels on appliances or nutrition-rating labels on foodstuffs. Here, the standard wanted to look at “default-for-security” setup routines along with the issue of software maintenance.

But Z-Wave who establish a short-range wireless-connectivity standard for home-automation devices have had to answer this issue by requiring that devices using this technology implement their Security 2 (S2) secure-operations framework before the device can wear the Z-Wave logo. It is similar to various standards logos like Dolby noise reduction, DLNA or HDMI where equipment has to be compliant to these standards before they can show these logos and customers can see that logo as an indicator of compatibility.

Here, the requirement includes the use of a human-readable PIN number and/or a machine-readable QR code for authenticating devices to a Z-Wave network. As well, Z-Wave setups must implement a strong secure key exchange along with implementation of a Transport Layer Security 1.1 data tunnel for IP setups. It is mandatory for the endpoint devices like light bulbs, light switches and thermostats along with “hub” and similar devices that connect Z-Wave devices to the home network and Internet.

A question that may be raised with certain device classes like smart locks or security systems is whether a PIN number that you set using the device’s control surface, especially an “administrator” or “master” PIN number, does constitute a PIN number for the Security 2 (S2) framework.

At the moment, what Z-Wave have done is to address the issue of “secure setup” for this class of device. They haven’t dealt with the issue of software maintenance which is still a thorn in the side for dedicated-function devices and this may be something that others in the industry may need to deal with.

Send to Kindle

Finnish building-management systems cop the brunt of cyberattacks

Article

There needs to be a level of cyber-security awareness regarding the design and maintenance of building-automation systems

There needs to be a level of cyber-security awareness regarding the design and maintenance of building-automation systems

Finns chilling as DDoS knocks out building control system | The Register

My Comments

Two apartment buildings in Finland became victims of distributed denial-of-service attacks which nobbled their building-management systems. This caused the buildings’ central heating and domestic hot water systems to enter a “safety shutdown” mode because the remote management systems were in an endless loop of rebooting and both these systems couldn’t communicate to each other. The residents ended up living in cold apartments and having cold showers because of this failure.

What is being realised is that, as part of the Internet Of Things, building-management equipment is being seen to be vulnerable, due to factors like the poor software maintenance and an attitude against hardening these systems against cyber-attacks. Then there is the issue of what level of degraded-but-safe functionality should exist for these systems if they don’t communicate to a remote management computer. This also includes the ability for the systems themselves to pass alarm information to whoever is in charge.

This situation has called out data-security issues with design and implementation of dedicated-purpose “backbone devices” connected to the Internet; along with the data-security and service-continuity risks associated with cloud-based computing. It is also an issue that is often raised with essential services like electricity, gas and water services or road-traffic management being managed by Internet-connected computers with these computers being vulnerable to cyberattack.

One of the issues raised included the use of firewalls that run up-to-date software and configurations to protect these systems from cyberattack.

I would also look at a level of fail-safe operation for building management systems that can be implemented if the Internet link to remote management computers dies; along with the ability to use cellular-telephony SMS or similar technology to send alarm messages to building management during a link-fail condition. The fail-safe mode could be set up for a goal of “safe, secure, comfortable” quasi-normal operation if the building-local system identifies itself as operating in a safe manner.

Send to Kindle

You could be using your phone to sign in to Facebook on the big screen

Article

Apple TV 4th Generation press picture courtesy of Apple

You could be able to log in to Facebook on this device using your smartphone’s Facebook client

Facebook Login Updated for tvOS, FireTV, Android | AdWeek SocialTimes

From the horse’s mouth

Facebook

Developer News Press Release

Improving Facebook Login For TV and Android

My Comments

A holy grail that is being achieved for online services is to allow users to authenticate with these services when using a device that has a limited user interface.

TV remote control

A typical smart-TV remote control that can only offer “pick-and-choose” or 12-key data entry

An example of this is a Smart TV or set-top device, where the remote control for these devices has a D-pad and a numeric keypad. Similarly, you have a printer where the only interface is a D-pad or touchscreen, with a numeric keypad only for those machines that have fax capabilities.

Here, it would take a long time to enter one’s credentials for these services due to the nature of the interface. This is down to a very small software keyboard on a touchscreen, using “SMS-style” text entry on the keypad or “pick-and-choose” text entry using the D-pad.

Facebook initially looked at this problem by displaying an authentication code on the device’s user interface or printing this code out when you want to use it from that device. Then you go to a Web-enabled computer or mobile device and log in to facebook.com/device and transcribe that code in to the page to authenticate the device with Facebook.

Here, they are realising that these devices have some role with the Social Web, whether to permit single sign-on, allow you to view photos on your account or use it as part of a comment trail. But they also know that most of us are working our Facebook accounts from our smartphones or tablets very frequently and are doing so with their native mobile client app.

But they are taking a leaf out of DIAL (DIscovery And Launch) which is being used as a way to permit us to throw YouTube or Netflix sessions that we start on our mobile devices to the big screen via our home networks. It avoids a long rigmarole of finding a “pairing screen” on both the large-screen and mobile apps, then transcribing a PIN or association code from the large screen to the mobile client to be able to have it on the TV screen,

This is where you will end up authenticating that big-screen app's Facebook login request

This is where you will end up authenticating that big-screen app’s Facebook login request

What Facebook are now doing for the 4th generation Apple TV (tvOS) and Android-based TV/video peripheral platforms (Android TV / Amazon FireTV) is to use the mobile client app to authenticate.

Here, you use a newer version of the Facebook mobile client, the Facebook Lite client or the Google Chrome Custom Tabs to authenticate with the big screen across the home network. The TV or set-top device, along with the mobile device running the Facebook mobile client both have to be on the same logical network which would represent most small networks. It is irrespective of how each device is physically connected to the network such as a mobile device using Wi-Fi wireless and the Apple TV connected via HomePlug AV500 powerline to the router for reliability.

What will happen is that the TV app that wants to use Facebook will show an authentication code on the screen. Then you go to the “hamburger” icon in your Facebook mobile client and select “Device Requests” under Apps. There will be a description of the app and the device that is wanting you to log in, along with the authentication code you saw an the TV screen. Once you are sure, you would tap “Confirm” to effectively log in from the big screen.

At the moment, this functionality is being rolled out to tvOS and Android-based devices with them being the first two to support the addition and improvement of application programming interfaces. But I would see this being rolled out for more of the Smart TV, set-top box and similar device platforms as Facebook works through them all.

Spotify login screen

This kind of single-sign-on could apply to your Smart TV

One issue that may have to crop up would be to cater for group scenarios, which is a reality with consumer electronics that end up being used by all of the household. Here, software developers may want to allow multiple people to log in on the same device, which may be considered important for games with a multiplayer element, or to allow multiple users to be logged in but with one user having priority over the device at a particular time like during an on-screen poll or with a photo app.

Another question that could be raised is where Facebook is used as the “hub” of a user’s single-sign-on experience. Here, an increasing number of online services including games are implementing Facebook as one of the “social sign-on” options and the improved sign-on experience for devices could be implemented as a way to permit this form of social sign-on across the apps and services offered on a Smart TV for example. It could subsequently be feasible to persist current login / logout / active-user status across one device with all the apps following that status.

Other social-media, messaging or similar platforms can use this technology as a way to simplify the login process for client-side devices that use very limited user interfaces. This is especially where the smartphone becomes the core device where the user base interacts with these platforms frequently.

Send to Kindle

EU wants to establish a security baseline for Internet Of Things

Article

Netgear DG834G ADSL2 wireless router

The security of network connectivity equipment is now in question thanks to the Krebs On Security DDoS attack

The EU’s latest idea to secure the Internet of Things? Sticky labels | Naked Security Blog

My Comments

The European Commission wants to push forward with a set of minimum standards for data security especially in context with “dedicated-function” devices including the “Internet Of Things” or “Internet Of Everything”. This also includes a simplified consumer-facing product-label system along with a customer-education program very similar to what has taken place in most countries concerning the energy efficiency of the appliances or the nutritional value of the foodstuffs we purchase.

This issue has been driven by a recent cyber attack on the Krebs On Security blog where the “Mirai” botnet was used to overload that security blog, the latest in a string of many attacks that were inflicted against data-security journalist Brian Krebs. But this botnet was hosted not on regular computers that were running malware downloaded from questionable Internet sites, nor was it hosted on Web hosts that were serving small-time Websites running a popular content management system. It was based on poorly-secured “dedicated-function” devices like network-infrastructure devices, video-surveillance devices, printers and “Internet Of Things” devices that had their firmware meddled with.

Nest Learning Thermostat courtesy of Nest Labs

… as could other Internet-Of-Things devices like these room thermostats

There will be issues that concern how we set network-enabled equipment up to operate securely along with the level of software maintenance that takes place for their firmware. A question always raised in this context is the setup or installation procedure that you perform when you first use these devices – whether this should be about a “default-for-security” procedure like requiring an administrator password of sufficient strength to be set before you can use the device.

But I also see another question concerning the “durables” class of equipment like refrigerators, televisions, building security and the like which is expected to be pushed on for a long time, typically past the time that a manufacturer would cease providing support for it. What needs to happen is an approach towards keeping the software maintained such as, perhaps, open-sourcing it or establishing a baseline software for that device.

Manufacturers could be researching ways to implement centralised simplified secure setup for consumer “Internet-Of-Things” devices along with maintaining the software that comes with these devices. This could be also about working on these issues with industry associations so that this kind of management can work industry-wide.

But the certification and distinct labelling requirement could be about enforcing secure-by-design approaches so that customers prefer hardware that has this quality. Similarly, a distinct label could be implemented to show that a device benefits from regular secure software maintenance so that it is protected against newer threats.

It usually just requires something to happen in a significant manner to be a wake-up call regarding computer and data security. But once a standard is worked out, it could answer the question of keeping “dedicated-purpose” computing devices secure.

Send to Kindle

August responds to its smart lock’s security weaknesses by patching its software

Article August Smart Lock press picture courtesy of August

IoT manufacturer caught fixing security holes | The Register

Here’s what happened when someone hacked the August Smart Lock | CNet

My Comments

The Internet Of Things, along with network hardware focused at consumers and small businesses, has been considered a thorn in the side of people who are involved with data security. This is because of a poor software-maintenance cycle associated with these devices along with customers not installing new software updates for these devices.

Recently, at the DEFCON “hack-a-thon” conference in Las Vegas, a few of the smart locks were found to have software weaknesses that made them vulnerable.

But August, who makes one of these smart locks which are retrofitted to existing “bore-through” single-cylinder tubular deadbolts, answered this issue in a manner that is considered out-of-place for the “Internet Of Things”. Here, they issued software patches to rectify these security issues and offered them as a user-downloadable firmware update.

What is a sad reality for a lot of these devices is that the manufacturer rarely maintains the firmware that runs these devices, if not at all. Some manufacturers think that this practice is about having to “add functionality” to these devices which they would rather do with subsequent models or product generations. But this kind of updating is about making sure that the software ecosystem associated with the product is secure and stable with all the “bugs” ironed out. Similarly, it is also about making sure that the product is complying with industry standards and specifications so as to work properly with other devices.

August uses the latest iterations of their smartphone apps to deploy the firmware updates to their products, typically requiring that you place your phone with the app running near the door that is equipped with these locks.

The computing security industry and computing press congratulated August on responding to the security weakness in its products through a firmware update with “The Register” describing it as being beyond the norm for the “Internet Of Everything”. But they wanted more in the form of them disclosing the nature of the threats in the lock’s firmware in a similar manner to how Microsoft, Google or Apple would disclose weaknesses in their operating-system software.

This issue also is something that is applying to home-network equipment like routers, along with toys and games that connect to the Internet. What is being called out for is a feedback loop where bugs and other software deficiencies in all these devices are called out and a simplified, if not automatic, in-field software-update process takes place whenever newer firmware that answers these problems is released. This also includes the manufacturers disclosing the security issues that have been found and explaining to customers how to mitigate the risks or update the affected software.

Send to Kindle

Qarnot uses computers to provide free room heat for buildings

Qarnot Q.Rad press image courtesy of Qarnot

Qarnot Q.rad heater is actually a computer

One of the common ways of using electricity to provide room heat in a building is to use a panel or column heater that has a material like oil heated by an electric element.A variant that existed in the UK and, to some extent, Australia was a “storage heater” or “heat bank” that used a heavier material like bricks that stored more heat and was heated during overnight when the power was cheaper. Then this material diffuses this heat in to the room. These kind of heaters are able to provide this diffused heat to take the chill off a room but were expensive to run.

But Qarnot, a French cloud-computing firm, have looked at the issue of using the waste heat from a computer integrated in this heater to heat a room or building. Here, they have designed the Q.Rad which connects to your home network and electrical power and works as a data-server for their distributed-computing effort while using the waste heat to heat a room.

It also implements an integrated power meter so that you can be reimbursed for the power that it uses as part of the cloud-computing network, effectively providing “free heat”. But a question that can be raised for implementation in markets like Australia, New Zealand or, increasingly, the USA is the requirement to calculate transferred data and establish a mechanism to refund users’ bandwidth charges for this data. This is because of the practice where ISPs are either charging for data transferred or throttling users’ bandwidth if they transfer more than an allotted amount of data.

Qarnot Q.Rad exploded view press image courtesy of Qarnot

Processing power inside this heater – the waste heat from that goes to keeping you warm

The data that Qarnot processes using these heaters is typically for the likes of research labs, banks and animation studios where they “offload” calculations in to this cloud-computing array. They also have the ability to seek out distributed-computing research projects of the SETI or Folding@Home kind to keep the network alive and generating heat where needed. For data security, these heaters don’t implement any storage for the distributed-computing client’s data while implementing end-to-end encryption for this data,

Qarnot will implement an “upgrade and replace” program so that higher-speed processors are used in the Q.Rad computing heaters and there is the ability to deal with failed equipment quickly and easily to assure high availability.

Householders are still able to adjust the heater to their preferred comfort level and make it reflect their lifestyle by using a smartphone app or the controls on the heater. This kind of thermostatic control is achieved by deflecting some of the workload away from the heater that is not needed when there isn’t the need for heat output.

They rate the output of a single unit to around 500 watts which would cover a 150-300 foot area in an insulated building. Qarnot are also pitching these heaters as part of the smart-building concept by having them able to be equipped with sensors and being programmable for any IoT / building-automation application. Similarly, Qarnot have added functionality like USB or Qi wireless charging to these heaters so users can charge mobile devices on them.

At the moment, these heaters are being issued to large buildings in Europe and the USA where 20 units or more need to be deployed. But in 2017, Qarnot wants to release these heaters to individuals who want to take advantage of this heating concept. For householders, this may be seen as being advantageous for “always-needed low-output” heating applications such as kitchens, downstairs areas in split-level houses and similar areas.

In some cases, Qarnot could make it feasible to have the Q.Rad heaters provide services to a network, whether as a router, NAS, home-automation hub or something similar. This could be achieved through the use of extra hardware or software to fulfil these tasks.

What Qarnot has done is to harvest waste heat from computing processes and use this for heating rooms in buildings with little cost to the building owner.

Send to Kindle