Author: simonmackay

Connected novelties and toys–security and useability issues that affect this product class

simonmackay 02/01/2019 Consumer Protection, Current and Future Trends, Data security, Home / building automation and security, Internet Of Things, Online integration of classic hobbies No Comments

Connected versions of classic novelties and giftware will be subject to severe scrutiny

An issue that is rearing its ugly head is the rise in availability of connected novelties and toys. They are toys, novelties, giftware, seasonal decorations and other items that are able to connect with your computer or network. This connectivity function is often sold as one of the key marketing features with it able to work with an online service of some sort.

When I talk of toys, I don’t just talk of what children play with with but also other toys that adults end up playing with. These can include the so-called “executive toys” that live on the office desk for one to keep the other hand busy while they are on the phone.

Who typically sells these products

Toys and novelties are typically sold through a large range of online and bricks-and-mortar retailers, whether they be toy stores, gift stores, souvenir outlets or multi-facet outlets including department and discount stores. In some cases such as rural areas, a store like a newsagent’s could even sell novelties or toys.

Another factor is that novelties are given away to people and businesses as a gift or premium. This can typically happen as part of a “loot bag” offered out at conferences or tradeshows or simply used as a giveaway during a presentation to encourage audience participation.

Seasonal decorations that connect to the Internet can also be a security or setup risk

The common factor here is that most of the outlets that sell this kind of product are staffed by people who don’t have much technological know-how. This can affect the procurement process affecting whether the item exhibited at the gift fair should be stocked, or providing customer advice during and after the sale including how to get the connected novelty fully operational.

Artisans who make these gifts and novelties

Amazon Echo on kitchen bench press photo courtesy of Amazon USA

Your Amazon Echo will soon be expected to work with a wide range of toys and novelties

There is also the fact that craftspeople like to make various toys, novelties, gifts and other items and sell them directly to customers or on a wholesale basis. But they do want to add some extra functionality like musicality or flashing lights to some of their product lines.

Typically, if they want this extra functionality in these gifts that they make, they have someone else make and supply the necessary components like clockwork movements or electronic-circuit kits to fulfil the extra functionality in a pre-assembled form. Then the artisan installs the pre-assembled mechanisms or circuits in the toy or gift as part of putting the whole thing together.

It allowed these artisans to focus on their craftwork and build the items they want to sell, while being able to offer a wide range of goods. The same comments that apply to finished goods also apply to the various components and kits that are being sold to these artisans for their projects.

In this case, the artisans have to be aware of what they procure when they are being sold a “connected functionality” kit for installation in their projects. For them, they have to be aware of customer-support issues including setup and data-security issues regarding this extra functionality.

Connected modules for construction sets and similar hobbies

The same concept also extends to construction-set platforms like Meccano, Lego and FischerTechnik where children and adults build items using the pieces that are part of the respective platforms. In this case, anyone to do with these platforms could offer connected modules or kits that have the ability to control one or more items in their platform-based project like a motor, light or solenoid using an “Internet Of Things” approach. Here, these modules have to be able to seen as equivalent to a connected toy or novelty, especially if the idea is to implement cameras, microphones or GPS sensors.

It also applies to model railways, track-based car-racing sets and the like where they can be extended with functionality modules sold by the set’s vendor or a third party catering to these hobbies. Again the modules also need to be designed for security if they are capable of being part of the Internet of Things.

Use of these items

There is the desire for people to buy these toys and novelties as gifts for others in their life. It also includes the fact that the recipient wants to get the item “up and running” as soon as possible.

This will involve having the device connected to a host device through Bluetooth or USB or to a home network for proper reliable use. It should be about a standard process that is implemented for onboarding including the installation of any extra software.

Key security issues

A key security issue concerning the connected toy, novelty or similar device is that it can be an espionage item presented in an innocuous form. It can concern us both at home and in the office because we can easily be talking about items that are confidential and sensitive in our personal and business lives.

This was highlighted in a crime-fiction form to the Germanic viewership in Europe through the Munich-based Tatort “Wir Kriegen Euch Alle” (We Get You All) episode shown there on Sunday 9 December 2018. This story was focused around a connected doll that was given by strangers to various childrens’ families in middle-class Munich and was used as a surveillance tool to facilitate crimes against the families.

It underscored that Germany has some very strict policies where the sale of surveillance devices that are disguised as innocuous items isn’t allowed in that country. But, in the story, these dolls were imported in to Munich from a location in Austria which is a short drive away and facilitated by the Schengen Agreement in the European Union.

Let’s not forget the recent cyberattacks such as the Mirai botnet that were facilitated by dedicated-purpose devices like network-infrastructure equipment and videosurveillance cameras which were running compromised software. Then there are factors regarding data-storage devices and “bag-stuffer” novelties given away during business conferences where there is the possibility of them being loaded with questionable software.

What would I like to see

Security

There has to be identification on the toy’s or novelty’s packaging about what kind of sensors like location sensors, microphones or cameras that the device has, as well as whether the device transmits data to online services. This includes whether the device does this directly or via intermediary software running on other computer devices such as mobile devices running companion mobile-platform apps. Even a hang tag attached ti the novelty could highlight what kind of sensors or online services it uses which would be important for those items sold without packaging.

Preferably, this can be achieved through standard graphical symbols indicating the presence of particular sensors or the use of online services and social networks. It can also identify whether the toy’s or novelty’s functionality are dependent on these sensors or online services.

App stores and other software platforms that host “connector” software have to implement stringent permissions for these kind of devices especially if they use a microphone, camera or location sensor. There could be standards on whether the software is allowed to record from these sensors over a long time or keep the recording persistent on the host device or online service.

A limitation I would also like to see for connected toys and novelties that if they work with another computing device including a smart speaker, the connection can only be effectively within the same premises. This can be tested through the use of a peripheral-grade connection like Bluetooth or USB to a computing device or limiting the range of discovery for network-based devices to that of the same logical private network or subnet. Here, it represents all the devices on the LAN side of a home-network’s router and excludes devices existing on other logical networks served by the same physical device like “guest” or “community” networks.

As far as Bluetooth is concerned, the toys should implement authentication processes during the setup phases. Then the device ceases to be able to be discovered once it is paired with a host device. It is like what we are seeing with Bluetooth headsets and similar devices that have been recently released. They may also have to work on a limited radio range to prevent successful connection from a distance.

There should also be a simple “factory-reset” process to allow the user to place the toy or novelty in to setup mode, effectively wiping data from the device. This allows a recipient to effectively “claim possession” of the device as if it is new, avoiding the situation where they may be given something that is compromised to do what someone else wants it to do. It also applies to situations where you are dealing with ex-demo stock or gift-fair samples.

This should also apply to online services associated with these toys or novelties where the user has proper account control for the device’s presence on that service and any data collected by that device.

There are devices that observe particular functions according to a particular device class supported by many platforms like a novelty nightlight or illuminated Nativity scene that works with a “smart-home” setup or a novelty Bluetooth speaker. These devices have to work according to the standards in force for that device class and its connection to the host device or network. It is more important where the device may perform further tricks while running alongside dedicated vendor-created software but is able to have basic functionality without this software.

A software-level security approach could be achieved through an open-source or peer-reviewed baseline software that ticks the necessary boxes. This would apply to the firmware installed in the device and any apps or other companion software that is required to be run on other computing devices for the novelty to operate. It also includes a requirement that this software be reviewed regularly for any bugs or weaknesses that could be exploited, along with compliance requirements.

This could be assessed according to a set of European norms because the continental-European countries are very concerned regarding privacy thanks to their prior history.

As far as modules for integration in to toys, novelties and giftware is concerned, the modules should meet the same requirements as finished products that would have the same functionality. Craftspeople should also be aware of data security and user privacy issues when it comes to choosing modules for their projects that are dependent on computer devices or networks.

Setup and Connectivity

Another area that is a sore point for connected toys and novelties is bringing these devices on board for you to use. In a lot of cases, this is exacerbated through awkwardly-written instructions that can test one’s patience and not much knowledge about what is needed for the device to work fully.

The device packaging could use Wi-Fi, Bluetooth or other standard logos to indicate what kind of connectivity it needs to operate fully. This is to be highlighted with the “app store” logos for various operating-system app stores if the device is dependent on companion apps for full functionality. Similarly, use of other official platform logos can be used to identify compatibility with platforms like smart-TVs or voice-driven home-assistants.

Simple-yet-secure setup and onboarding procedures are to be paramount in the design of these devices. For Bluetooth-based devices, they should use “simple-pairing” such as pressing a button on the device to make them discoverable. This is even made easier with a trend towards “out-of-the-box” discoverability if the device isn’t paired with any host. Then the user activates their host device in “Bluetooth Scan” mode to discover the device, subsequently with them selecting the device through its presentation name.

Windows, Android and iOS are even implementing simplified device-discovery routines for Bluetooth devices, with the ability to lead users to visit the app store to install complementary software. This will make things easier for users to get the toy or novelty up and running.

Wi-Fi-based devices would have to use WPS-PBC push-button setup, Wi-Fi Easy Connect, or other simplified setup processes for integration with the home network. It also applies to other network connection standards where you have to enrol the device on to that network.

Smart-home devices that implement Zigbee, Z-Wave and similar standards also have to implement simplified discovery protocols implemented in these standards to bring them on-board.

In relationship to security, I underscored the need for use of device-class standards as much as possible. But it also applies to connectivity and useability where a device that honours device-class standards is also easier to use because you are operating it the same for its peers.

Conclusion

This year will become a time where security and useability will be of critical importance when toys, novelties and other similar goods that connect to the home network and the Internet are designed and sold to consumers. Here, these issues may avoid these kind of toys ending up in disuse due to security or setup issues.

Amnesty International reports on recent email phishing attacks

simonmackay 30/12/2018 Current and Future Trends, Data security No Comments

Article

How Hackers Bypass Gmail 2FA at Scale | Motherboard

Hacker spoofing bypasses 2FA security in Gmail, targets secure email services | ZDNet

My Comments

Recently, it has been revealed that hackers were attacking users of secure email sites by compromising the two-factor authentication that these sites implement.

This has been found to be an attack perpetrated by nation-states against journalists, human-rights defenders, non-government organisations and their allies in the Middle East and North Africa over 2017 and 2018. Here, this user base were using GMail and Yahoo Mail Webmail services and Protonmail and Tutanota secure Webmail services that were compromised. This is because the Webmail setup typically allowed for a client-independent portable email front.

What was going on was that a phishing page was asking for the users’ email and password but this would trigger the software’s two-factor authentication routine. But the user interface was “steered” via a fake page asking for the one-time password that the user would transcribe from their mobile phone which would receive this value via text messaging. It then led to the creation of an app password, typically used for third-party apps to use the service, but was used by the hacker to sustain control of the user’s email account.

Oh yeah, there was the SSL authentication which would show a “green padlock” icon on the user’s Web browser, making the user think that they were safe. But the phishing that took place was facilitated using fake domain names that sounded and looked like the real domain names.

This loophole exploited the use of the “intact key” or “green padlock” symbol in a Web browser’s user-interface to indicate that the SSL certificate was intact and that the interaction with the Website is safe thanks to HTTPS. But users may not know they are with the wrong Website, which is the breeding ground for phishing attempts.

The other weakness that was called out was the requirement for end-users to transcribe the one-time password from an SMS message, software token app or hardware token in order to phish the account. This was aggravated through the use of an app password to allow third-party app access to the service. What is being preferred as a secure 2FA solution was a security key kept in the possession of the end-user that connects to the user’s host device via USB, Bluetooth or NFC.

Most of us can easily relate this process to using an ATM to take cash out of our account or a payment terminal to pay for goods or services using our plastic cards. Here, to facilitate the transaction, you have to present your card by inserting it in or touching it on an identified spot on the ATM or payment terminal then enter your PIN number in to the same machine.

Extended Validation SSL site as identified on Microsoft Edge – notice the organisation’s legal name appearing in green text

The Websites that high-risk end-users rely on can use Extended Validation SSL or Organisation-based SSL certificates and other authentication measures to verify the Website they are visiting is the correct one. Extended Validation SSL has a stronger certificate that verifies the organisation it is associated with and implements the strongest encryption available for HTTPS. The user experience here will have a green bar in the browser’s address bar along with the typical padlock icon while the organisation’s legal name is written in the address bar before the URL. The Organisation-based SSL certificate doesn’t have the green bar or text on the user interface but lists the organisation’s legal name in the address bar. But some browsers like recent Chrome versions don’t implement the green highlighting of the legal name for EV SSL certificates.

This also includes the organisations keeping tabs on their Internet “real estate” of domain names to identify typosquatting risks and, perhaps, make further “land grabs” of domain names if they can afford it. This is in conjunction with efforts like what Amnesty International were doing with Protonmail and Tutamota where they are made aware of fake sites and are given legal assistance to take them down.

Then browsers and similar user agents could highlight domain names in a more distinct manner so users can know where they are at. This would be more important with email clients or browsers implemented on “reduced-user-interface” platforms like mobile operating systems. As well, end-users in high-security-risk user groups could be trained to be aware of the domains associated with Websites they are visiting. Mobile browsers pitched to smartphones can also implement a way to show the organisation’s legal name on the user interface such as a caret-identified drop-down interface that comes alive with Organisational Validated or Extended Validated SSL certificates.

Webmail-based user interfaces and similar high-risk online services could move towards use of “transcription-free” two-factor authentication like FIDO-U2F-compliant security keys including software keys run on mobile platforms to provide a secure login user experience.

Similarly, token-based authentication could be the way to go for app-to-service authentication especially as we use native-client software to interact with online services. This avoids the creation of persistent “app passwords” to facilitate native client access to online services. Here I would see this as being important as something to be investigated as part working towards secure client-based email setups, especially as the client-based email provides a platform-native user interface for your email.

Each of these approaches has to be looked at in a manner to work with small and medium organisations who don’t have their own IT staff. This is more so as this class of organisation sees itself as “grown up” when it uses cloud-based line-of-business software. The issue here is to assure that authorised users have secure access to the proper service they are authorised to use.

This situation that Amnesty International raised could also bring forward the idea of non-profit entities that underscore data security for independent media and civil society. Here, it could be about extending and bolstering the Electronic Frontier Foundation’s efforts or building up legal-action funds and lawyer teams to provide legal remedies against cyber-attacks.

What is now being realised is data security has now become a human-rights issue rather than an economic necessity.

Staff panic buttons to drive networks to handle the Internet of Things

simonmackay 21/12/2018 Current and Future Trends, Home / building automation and security, Internet Of Things, Network Management, Wireless Networking No Comments

Article

Emergency-alert buttons like this Ekahau Wi-Fi name-tag panic-button setup will be influencing network architecture for the Internet Of Things

The Hotel Panic Button Could Redefine Hospitality Networking | IoT World Today

My Comments

In some workplaces where staff work alone at night or other times where they are in danger, portable emergency-call buttons are often used. Initially they were the same size as an older garage-door opener but they are becoming the size of a pendant, badge or fob. As well, rather than these devices lighting up a separate alert panel, they light up a message or “throw up” a map with an indicator on a regular computer running building-security software to show where the danger is.

Initially, they were being positioned for very-high-risk workplaces like psychiatric care or the justice and allied settings. But other workplaces where staff work alone are seeing these devices as an important safety measure, usually due to various occupational health-and-safety requirements.

For example, hotels in the USA are moving towards having Housekeeping staff use these devices in response to workplace agreements, industry safe-work safe-premises initiatives or city-based legal requirements. But these systems are being required to work in conjunction with the Wi-Fi networks used by staff and guests for business and personal data transfer.

A device of the kind that I had covered previously on HomeNetworking01.info was the Ekahau Real Time Location System. This was a pendant-style “panic-button” device, known as the T301BD Pager Tag which had an integrated display and call button. It also had a setup that if the tag was pulled at the nexkstrap, it would initiate an emergency response. I also wrote an article about these Ekahau devices being deployed in a psychiatric hospital as a staff emergency-alert setup in order to describe Wi-Fi serving a security/safety use case with the home network.

This application is being seen as a driver for other “Internet-of-Things” and smart-building technologies in this usage case, such as online access-control systems, energy management or custom experiences for guests. As I have said before when talking about what the smart lock will offer, the hotel may be seen as a place where most of us may deal with or experience one or more of the smart-building technologies. Also I see these places existing as a proving ground for these technologies in front of many householders or small-business owners who will be managing their own IT setups.

One of the issues being drummed up in this article is quality-of-service for the Internet Of Things whereupon the device must be able to send a signal from anywhere on the premises with receiving endpoints receiving this signal with no delay. It will become an issue as the packet-driven technologies like the Internet replace traditional circuit-based technologies like telephone or 2-way radio for signalling or machine-to-machine communication.

The hotel application is based around the use of multiple access points, typically to provide consistent Wi-Fi service for staff and guests. Such a setup is about making sure that staff and guests aren’t out of range of the property’s Wi-Fi network and the same quality of service for all network and Internet use cases is consistent throughout the building. Here, concepts like mesh-driven Wi-Fi, adaptive-antenna approaches, load-balancing and smart smooth roaming are effectively rolled in to the design of these networks.

Wi-Fi access points in the smart-building network will also be expected to serve as bridges between IP-based networks and non-IP “Internet-of-Things” networks like Bluetooth Low Energy (Bluetooth Smart), Zigbee, Z-Wave or DECT-ULE. These latter networks are pushed towards this application class due to the fact that they are designed to support very long battery runtimes on commodity batteries like AA Duracells or coin-style watch batteries. There will be an emphasis on localised bridging and the IP-network-as-backbone to provide better localisation and efficient operation.

These systems are being driven towards single-screen property-specific dashboards where you can see the information regarding the premises “at a glance”. I would reckon that operating-system-native applications and, perhaps, Progressive Web App versions will also be required to use operating-system-specific features like notification-panels to improve their utility factor in this context.

As far as the home network is concerned, I do see most of these technological concepts being rolled out to the smart home with an expectation to provide a similar service for householders and small businesses. This is more important as ISPs in competitive markets see the “Internet of Things” and improved Wi-Fi as a product differentiator.

The use of multiple Wi-Fi access points to cover an average home being made real for a home network thanks to HomePlug wireless access points, Wi-Fi range extenders and distributed-Wi-Fi systems that will bring this kind of localised Wi-Fi to the smart home. Typically this is to rectify Wi-Fi coverage shortcomings that crop up in particular architecture scenarios like multi-storey / split-level premises and use of building materials and furniture that limit RF throughput. It is also brought about thanks to the use of higher-frequency wavebands like 5GHz as Wi-Fi network wavebands.

There will be an industry expectation to require access points and similar devices to provide this kind of “open-bridging” for Internet-of-Things networks. This is more so where battery-operated sensor or controller devices like thermostatic radiator valves and smart locks will rely on “low-power” approaches including the use of Zigbee, Z-Wave or similar network technology.

It will also be driven typically by carrier-supplied routers that have home-automation controller functionality which would work with the carrier’s or ISP’s home-automation and security services.

To the same extent, it may require “smart-home / building-automation” networks to support the use of IP-based transports like Wi-Fi, HomePlug and Ethernet as an alternative backhaul in addition to their meshing or similar approaches these technologies offer to extend their coverage.

In some cases, it may be about Zigbee / Z-Wave setups with very few devices located at each end of the house or with devices that can’t always be “in the mesh” for these systems due to them entering a “sleep mode” due to inactivity, or there could be the usual RF difficulties that can plague Wi-Fi networks affecting these technologies.

DECT-ULE, based on the DECT cordless-phone technology and is being championed by some European technology names, doesn’t support meshing at all and IP-based bridging and backhauls could work as a way to extend its coverage.

Such situation may be rectified by access points that use a wired backbone like Ethernet or HomePlug powerline.

In the context of the staff panic button use-case, it will roll out to the home network as part of a variety of applications. The common application that will come about will be to allow the elderly, disabled people, convalescents and the like who need continual medical care to live at home independently or with support from people assuming a carer role.

This will be driven by the “ageing at home” principle and similar agendas that are being driven by the fact that people born during the post-war baby boom are becoming older as well as the rise of increased personal lifespans.

Similarly, this application may also be underscored as a security measure for those of us who are concerned about our loved ones being home alone in a high-risk environment. This is more so in neighbourhoods where the risk of a violent crime being committed is very strong.

But I would see this concept work beyond these use cases. For example, a UK / European central-heating system that is set up with each radiator equipped with a “smart” thermostatic radiator valve that is tied in with the smart-home system. Or the use of many different control surfaces to manage lighting, comfort and home-entertainment through the connected home. This is something that will rise up as most of us take on the concept of the smart home as the technology standardises and becomes more affordable.

What is being highlighted is the requirement for high quality-of-service when it comes to sending “Internet-of-Things” signalling or control data as our networks become more congested with more gadgets. Similarly, it is about being able to use IP-based network technology as a backhaul for non-IP network data that is part of the Internet-of-Things but providing the right kind of routing to assure proper coverage and quality-of-service.

5G mobile broadband and Wi-Fi can complement each other

simonmackay 21/12/2018 Current and Future Trends, Mobile Computing, Network Management, Wireless Networking No Comments

Article

Netgear Nighthawk 5G Mobile Hotspot press image courtesy of NETGEAR USA

Netgear Nighthawk 5G Mobile Hotspot – first retail 5G device

Why You’ll Still Need Wifi When 5G Is Everywhere, According To The Wi-Fi Alliance | Gizmodo

Wi-Fi Alliance: Wi-Fi, 5G will be complementary | FierceWireless

My Comments

There is some hype being driven by organisations defending the 5G mobile broadband and Wi-Fi wireless LAN technologies about their technology being the only one for our connected lives.

Some existing devices use 5G mobile-broadband technology but connect to endpoint devices like mobile phones using Wi-Fi. Initially they are routers being deployed by mobile carriers as a proof of concept or for network trials while AT&T were offering a “Mi-Fi” for retail sale in the USA that implements 5G technology. At the moment, 5G hasn’t been rolled out in the form of a smartphone or a mobile-broadband modem that is integrated in or connected by USB to a host computer.

Both Wi-Fi 5 (802.11ac and prior technologies) and 4G LTE mobile broadband have seen widespread deployment with each technology being seen by mobile users as offering a complementary role. Networks and equipment running the newer technologies (5G and Wi-Fi 6) will be backward compatible and offer a best-case approach to this compatibility. That is if both the network and end-user equipment run the same technology, the user gains the most benefit from what the new technology offers.

It has been identified that both technologies at their latest specification can complement each other. Here, 5G will earn its keep in the outdoors and in a mobile context while the Wi-Fi 6 (802.11ax) technology will earn its keep indoors. This is although public-access Wi-Fi networks will be seen by mobile carriers as a cost-effective data-offload tool.

Wi-Fi also has supporting technologies like WiGig and Wi-Fi HaLow. The former one will match 5G for speed but uses a short range equivalent to an ordinary room in the house, while the latter benefits from long range and power efficiency but doesn’t have the speed. Wi-Fi HaLow will then end up in the smart-home, smart-building, connected-car and smart-city application spaces where data throughput isn’t all that necessary. This is while WiGig will end up with virtual reality, augmented reality, 4G video and other bandwidth-intensive applications.

Then there is also the kind of spectrum available for each technology. Wi-Fi technologies primarily rely on unlicensed radio spectrum which makes them popular for households and businesses to deploy. It is in contrast to 5G which, like other cellular mobile telecommunications technologies, relies on licensed radio spectrum which the mobile carrier has to deal with the national radiocommunications authority organise and purchase a license to use.

There is also a trend regarding wireless-network equipment design where there is a software-defined approach towards the media-level components. This is facilitated with small-footprint high-capability computing power and can allow the same piece of equipment to honour newer standards.

Another factor that is never raised is the concept of the local network where data can be transferred between co-located devices at the same premises. 5G is really positioned as a wireless “last mile” setup for providing telecommunications and Internet service to the end-user. This is while Wi-Fi is intended primarily to work as a local network but is used to distribute a single broadband service to multiple endpoint devices.

What really is now seen is that the new 5G mobile broadband and Wi-Fi 6 (802.11ax) LAN technologies can complement each other in a horses-for-courses manner.

How about the expansion docks with room for extra secondary storage

simonmackay 19/12/2018 Commentary, Computer Hardware Design No Comments

Like with this (Sony) VAIO Z Series ultraportable, an add-on module with integrated optical disk or other storage could add capabilities to today’s small-form-factor computers

A key trend affecting personal computing is for us to move away from the traditional three-piece desktop computer towards smaller form factors.

Here, the traditional desktop computer’s system unit was a large box that was about the size of a hi-fi component or a large tower. As well the smaller form factors we are heading towards are laptops / notebooks; ultra-small desktop computers of the Intel NUC ilk; or all-in-one

USB-C (also the physical connector for Thunderbolt 3)- the newer connection type that can make better use of add-on modules

which integrate the computing power with the display.

With these setups, it is assumed that we are moving away from on-board data storage in the form of hard disks or staying well clear of packaged media in the form of optical disks. This is driven by online software delivery and the use of streaming audio and video services.

Intel Skull Canyon NUC press picture courtesy of Intel

.. with this applying for small-factor desktops like the The Intel Skull Canyon NUCvideo services.

What was often valued about the traditional computer design was that there was extra space to house more storage devices like hard disks or optical drives or the ability to install high-performance graphics cards. This is why these form factors still exist in the form of high-performance “gaming-rig” computers where performance is more important and there is the likely of more data being held on these machines.

But for some of us, we will still want to maintain access to prior storage media types like optical disks or use high-performance graphics chipsets especially at home or our main workspace. For example, the traditional optical discs are still valued when it comes to media in an always-accessible future-proof collectible form.

There is also the idea of maintaining a secondary hard disk as extra storage capacity specifically for data, whether as a backup or as an offload storage location. This is more so where you are dealing with laptop computers that are equipped with solid-state storage of up to 256Gb and there is a desire to keep most of your data that you aren’t working with somewhere else.

Laptop users often answered this need through the use of a “dock” or expansion module to connect a cluster of peripherals to a single box which has only one connection to the host laptop computer. But Thunderbolt 3 facilitated the rise of external graphics modules which add extra graphics horsepower to laptops and similar low-profile computers.

This concept can be taken further with USB-C or Thunderbolt 3 expansion docks that have integrated optical drives and/or mounting space for hard disks. These would present to the host as Mass Storage devices, using the operating-system class drivers for this kind of device. Of course there would be the expansion abilities for extra USB devices, as well as an Ethernet network interface and/or onboard USB audio chipset with own SP/DIF or analogue connections.

Video to the displays could be facilitated via DisplayPort alt or USB DisplayLink for devices not implementing an external graphics module functionality. In the latter situation, it is like “hotting up” a car for higher performance.

Of course they would have to be self-powered with a strong USB Power Delivery output for the host and USB peripherals. There could be research in to having USB ports head in to optimised charge-only mode when the host computer isn’t active for example.

Most of the onboard devices will be required to represent the devices according to standardised device classes. This will typically lead to a “plug-and-play” setup routine so you aren’t downloading extra software to run the devices if you use recent versions of the main operating systems.

Manufacturers could see these devices as something that complements their ultra-small desktop computer product lines. This is in an approach similar to how consumer hi-fi equipment, typically devices of a particular model range are designed and marketed. Here, the importance would be on having equipment that shares common styling or functional features but encouraging the ability to expand the ultra-small desktop computer at a later date.

The idea here is to allow users to adapt portable or small-form-factor computers to their needs as and when they see fit. It is as long as these computers implement USB 3.1 connections in Type-C form or, for faster throughput and support for external graphics modules, implement Thunderbolt 3 over USB-C connections.

Your local library now facilitates a video-on-demand service

simonmackay 14/12/2018 Current and Future Trends, Network Lifestyle And Activities No Comments

Article

Kanopy works with your local library to offer independent video content to stream

The Totally Free Streaming Service You Didn’t Know You Have | Gizmodo

From the horse’s mouth

Kanopy

Home Page

My Comments

I am keeping an eye out for video-on-demand services that are offering niche content like foreign-language content. This is in response to recent market consolidation in the video-on-demand market and is able to easily survive that kind of activity in the mainstream sector.

A part of the home-video era was the fact that your local library stocked video movies and made them available for loan to its members. In most cases, this was from a government-funded or private film repository that primarily offered educational content along with some locally-produced classic and historic film content. Subsequently, these libraries offered some family-friendly and niche content from the main video distributors whom they had a lending agreement with.

This has fallen away thanks to the rise of video-on-demand services that work via the Internet. But an Australian startup began to partner with various film studios, especially those out of the current mainstream, to offer a video-on-demand service that works in tandem with the local libraries and universities. Examples of this include some classic films as well as a plethora of indie material released over the years, typically material that would have been offered by some of the video distributors during home video’s early years or syndicated by TV stations when they had the ability to choose what they could ran with.

The Gizmodo article called this service out due to the loss of the Filmstruck video-on-demand service which focused on classic cinema, typically material from the Criterion collection. They were lamenting the reduced availability of evergreen video content available to see on cable TV or stream via a video-on-demand service.

You have to be a student or faculty at one of the participant universities or be a member of one of the participating local libraries. As well, in the case of library memberships, you have to make sure your membership is current and correct before you create your account or add them to your account. That includes things like overdue fines and other obligations and you may have to check if that dusty library card has expired or not, including whether it needs to be “brought forward” to their current IT setup. It does support multiple library memberships such as students at a university using a local library card or people living on the border of two different municipalities.

Kanopy works on regular computers with your Web browser but has native clients for the iOS and Android platforms. As far as smart-TV and set-top applications are concerned, they also have native clients for the Android TV, Apple TV (tvOS) and Roku platforms including the Telstra TV repackaged Roku client. This can be improved upon through the support for Netflix-style “download to view” to allow offline viewing of content during the loan period. Here, it would come in handy with long roadtrips or flights where you don’t have reliable access to the Internet for streaming.

At the moment, Kanopy works on the same principle as the “public lending rights” that libraries pay to authors and publishers for the right to lend out the content. Typically a participating library will pay Kanopy to allow its members to view a certain number of titles per month and this will be paid to the film studios to “lend out” the content.

Kanopy could go further by approaching the public-service broadcasters around the world like the ABC, BBC and SBS to offer their homegrown content catalogues to library members through this platform. Typically these broadcasters have built up a large amount of content that they have commissioned through the years and most of this content would fit in with Kanopy’s remit. It is already happening with the ABC and some of their shows but can easily go further. Companies and other organisations who create their own educational and training content could offer this to the Kanopy platform for public viewership.

Similarly, Kanopy could approach other organisations to expose their service to their membership. One group would be the primary and secondary schools who would use some of this material as part of their curriculum. Similarly, they could “knock on the door” of more independent studios and quality film distributors to make your local library a viable alternative to what Hollywood puts out. As well, the travel industry could benefit from having access to the Kanopy platform for in-flight or in-room entertainment that is enriching and thought-provoking.

What at least is happening is that Kanopy is bringing the concept of the videos or DVDs made available for loan through the public library systems into the 21st century thanks to online streaming via your home network.

Orange to launch their own smart speaker platform in Europe

simonmackay 13/12/2018 Current and Future Trends, Voice-driven home assistant platforms No Comments

Article

Freebox Delta press photo courtesy of Iliad (Free.fr)

Freebox Delta as an example of a European voice-driven home assistant

Orange adds smart speaker to control TV | Advanced Television

My Comments

Some European companies are working on their own voice-driven assistant platforms. At the moment, Movistar and Free have platforms that are part of their triple-play set-top-box services while the BMW Group are working towards one for the automotive context.

But Orange who have a foothold in France and Spain as far as multiple-play telecoms services are concerned are intending to release a voice-driven smart speaker known as Djingo. It is an alliance between themselves and Deutsche Telekom but will integrate Amazon Alexa technology. The French will benefit from Djingo in the European Spring of 2019 while the Spanish will benefit later in the year.

On this site, I have called out for the European tech firms to work towards one or more highly-capable voice-driven assistant platform that can effectively compete with Alexa, Cortana, Google Assistant and Siri.

It is also about having the European voice-driven assistant platforms work towards European values such as a competitive market, end-user privacy and service transparency, including having the data kept on European soil.

But the problem with Orange’s and Free’s deployment is that they are implementing Amazon’s technology rather than creating their own technology. This may be to avoid the so-called “Video 2000” problem where Philips and Grundig developed a highly-capable videocassette platform. But this platform, only adopted by some European names, didn’t succeed due to the popularity of the affordable VHS platform. In this case, most of the videocassette recorders based on the Video 2000 platform were sold in to the European markets and most of that platform’s marketing was focused within Europe.

This is compared to a large number of commercial passenger airlines maintaining the European-built Airbus aircraft in their fleet alongside American-built Boeing aircraft.

If a European voice-driven assistant platform is to succeed, it has to be offered around the work as a viable competitor to what Silicon Valley offers but with the values Europeans cherish. This is because there are consumers, service providers and enterprises who also underscore these values and want to benefit from AI-driven voice assistant software.

As I have said before, the European Commission could encourage the development of European-based IT that honours the European values and market it around the world. This is rather than always engaging in court battles and antitrust investigations to deal with Silicon Valley’s market dominance.

The successor to the Freebox Révolution has arrived in France

simonmackay 06/12/2018 Current and Future Trends, Internet Access And Service, Internet-service competition, Network Connectivity Devices, Network Media Devices No Comments

Articles

Xavier Niel unveils new Freebox with Alexa, Devialet, Sigfox, Netflix | TechCrunch

French Language / Langue française

Free annonce ses nouvelles Freebox : la Freebox Delta et la Freebox One | FreeNews

Freebox One : pour les accros à Netflix (et c’est tout) | ZDNet.fr

Freebox Delta : voici la box qui doit sauver Free | ZDNet.fr

From the horse’s mouth

Free.fr (French Language / Langue française)

Freebox Delta (Press Release / Communiqué de presse – PDF)

Freebox One (Press Release / Communiqué de presse – PDF)

My Comments

While the “gilets jaunes” were protesting about the cost of living in France, Free.fr had just launched a long-awaited successor to the Freebox Révolution modem-router and media player setup.

The Freebox Révolution was a device symbolic of the highly-competitive telecommunications and Internet-service market that exists in France. It is a xDSL modem-router with an Ethernet connection and a NAS that is also a DLNA-compliant media server. It works with a set-top media player that has an integrated PVR and Blu-Ray player. But over the years, these units took on new functionality that was extraordinary for carrier-provided equipment such as VPN endpoint and Apple AirPlay functionality. Infact I saw it as a benchmark for devices supplied by telcos and ISPs for Internet access when it came to functionality.

Here, there are two systems – one called the Freebox Delta which is positioned at the premium end of the market, and the other called the Freebox One which is positioned as an entry-level offering.

The Freebox Delta has a server unit which combines a modem-router and a NAS that is equivalent to a baseline 4-bay standalone NAS. The WAN (Internet) side can work with a 10Gb fibre connection, an xDSL connection or a 4G mobile broadband connection. But it is the first modem-router that can aggregate the bandwidth of an xDSL connection and a 4G mobile broadband connection for increased throughput.

On the LAN side, there is a Wi-Fi 5 (802.11ac) connection working across three bands and implementing MU-MIMO wireless connectivity. It is in conjunction with an integral four-port Gigabit Ethernet switch. There is the ability to link to the Freebox Delta Player in another room using the FreePlugs which are Gigabit HomePlug AV2 adaptors that Free.fr provides but these are actually network adaptors that use the USB-C peripheral connection approach.

The VoIP functionality that any “box” service offered by the French carriers provides has an RJ11 endpoint for a telephone as well as a DECT base station. There is a USB-C connection along with NFC support.

But Free.fr are even having the Freebox Delta as part of a home-automation system by providing hardware and software support for home-automation hub functionality. It is thanks to Free’s partnership with the Sigfox smart-home software platform. This is based around Zigbee technology with Free.fr and others supplying “smart-home” devices complying with this technology.

The Freebox Delta Player is effectively a connected speaker made by Devialet, a French hi-fi name of respect when it comes to speaker. But it is a soundbar that uses 6 drivers to yield effectively a 5.1 surround-sound experience.

It works with a French-based voice-driven home assistant (OK Freebox) that handles basic commands but can work with Amazon Alexa which gives it access to the Amazon Alexa Skills library. This is achieved through a four-microphone array and is another way for a European company to effectively answer Silicon Valley in the field of voice-driven assistant platforms.

It can yield pictures to the 4K HDR 10 standard using an HDMI 2.1 socket compliant with the HDCP 2.2 standard and supporting eARC audio transfer that allows for best use with 4K UHD TVs. There is also a DVB-T2 tuner for over-the-air digital TV. You can control the Freebox Delta Player using a wirelessly-charged touchscreen remote which charges on a Qi-compliant wireless charging plate integrated in this media player. Let’s not forget that this device is up-to-date by implementing USB-C peripheral connectivity for two peripherals.

The Freebox Delta will cost EUR€480 to buy, with payment options of EUR€120 per month over 4 months, EUR€10 per month over 48 months or the full upfront price being paid. The service will cost at least EUR€49.99 per month.

Freebox One press picture courtesy of Iliad (Free.fr)

Freebox One – the entry-level solution

The Freebox One is an entry level single-piece multimedia player and modem-router unit. This will have a Gigabit Fibre and xDSL connectivity on the WAN (Internet) side and Wi-Fi 5 (802.11ac) and four Gigabit Ethernet ports on the LAN side. There will be the DECT VoIP base for the telephony function along with a DVB-T connection for digital TV. It can work with 4K HDR 10 via an HDMI 2.1 (HDCP 2.2 compliant) port for your 4K UHDTV.

It has a front-panel display that is similar to the previous generation of Freebox systems. You can get this device for EUR€29.99 per month for first year, EUR€39.99 per month as a Freebox hardware-and-services package of the kind you get in France.

With both Freebox systems, I would expect that Free.fr will regularly release new firmware that will add extra functionality to these devices over the years. When you get these “boxes”, you will find that there is more of an incentive to visit the “mis à jour” part of the user interface and frequently update their software.

By offering the Freebox Delta for sale rather tied with a multiple-play service package, Free.fr wants to be able to sell this unit as a device you can use with other services. This means that they can put themselves on the same footing as AVM by being another Continental-European source of highly-capable always-updated consumer premises equipment for your home network.

But what needs to happen is for the European consumer IT firms to create hardware and software platforms that can effectively answer what Silicon Valley has to offer. Who knows which European companies will end up as the “Airbus” or “Arianespace” of consumer and small-business IT?

Are we to expect laptops to be mobile phones?

simonmackay 05/12/2018 Computer Systems, Connected vehicles, Current and Future Trends, Laptop, Notebook and Netbook Computers, Mobile Computing, Smartphones, Smartwatches and other wearables, Tablet Computers No Comments

Article

Dell XPS 13 8th Generation Ultrabook at QT Melbourne rooftop bar

Ultraportables soon to serve the same role as smartphones

Cellular voice could be the next step in merging phones and PCs | Windows Central

My Comments

An increasing trend we are seeing with regular desktop and laptop computers is that they are being used for voice and video telephony. Thu is being driven by messaging apps of the Skype, Facebook Messenger, WhatsApp and Viber kind being ported to desktop operating systems; along with softphone applications that provide telephony functionality being made available for these operating systems. The softphone applications, along with Skype are even legitimising this usage case with laptops in the business environment turning them in to secondary or replacement phone extensions.

Headsets like the JBL E45BT Bluetooth headset are used with laptops to make voice calls with messaging apps and soon this will happen for mobile telephony

With these setups, you can talk with the caller using the computer’s integrated or attached microphone and speakers. Or, should you want the same level of privacy associated with holding a handset up to your ear, you can talk to the caller using a wired or Bluetooth headset, of which I have reviewed many on HomeNetworking01.info.

Microsoft and others in the “open-frame” computing world are pushing along with the Always Connected PC which runs ARM RISC microarchitecture rather than the traditional Intel-based CISC kind. These ultraportable computers will also be equipped with a wireless broadband modem that is authenticated using eSIM technology.

The idea is to eventually have these computers become like a smartphone with them linked to the cellular mobile network. It is also alongside the fact that today’s smartphones are effectively pocket computers running a mobile operating system.

It could be easy to say that the Always Connected PC concept is irrelevant because one can “tether” a computer to a smartphone to have access to the mobile broadband service, whether through a USB connection or a Wi-Fi-based “hotspot” function that mobile operating systems support. Or we can simply connect our computers and phones to Wi-Fi networks including publicly-accessible networks like hotspots. For that matter, computers can also be connected to other network types like Ethernet or HomePlug AV networks.

Smartphones now are pocket computers

Let’s not forget that the GSM Association and the Wi-Fi Alliance are looking at Wi-Fi networks as a way of providing data-offload functionality. This is through mobile carriers like BT and Telstra offering FON-style community Wi-Fi networks and the Wi-Fi Alliance using Passpoint / Hotspot 2.0 as a way to provide hands-off login to public-access networks.

The Wi-Fi functionality is also being taken further in the context of smartphone-based voice telephony with the use of VoWLAN as another call-transport option for these devices. Some mobile telcos like Telstra even use this as a way to provide voice telephony continuity to their customers if they can’t reach the cellular network but can use Wi-Fi-based Internet.

The focus now is towards the concept of always-connected portable computing with a secure and consistent connectivity experience. This is being brought on through the use of 5G mobile-broadband technology and the interest in edge computing which provides support for localised data processing and storage in a cloud environment.

The eSIM is being pitched as a way to provision mobile service in an online manner, especially to vary the service to suit one’s needs or switch to a competing mobile telco. It also is placing pressure upon mobile telcos to adopt a “service-focused” approach with the idea of having multiple devices on the same mobile account and plan, ringing to the same mobile number and using the same data allowance. The goal with mobile telephony will then be to make or take a voice or video call or send and receive messages on the device that you currently are using rather than changing to a different device for that task.

Connected cars even to be another logical device for one’s mobile service account.

This concept has been driven by the Apple Watch and will be pushed on with smartwatches that have built-in mobile broadband modems. But it will be extended through other devices like smartphones, Always Connected PCs and connected vehicles. There is also the idea of implement the equivalent of a local area network across devices tied to the same service and this will be driven by the trend towards ubiquitous ambient computing.

A question that will come about is the ability to maintain multiple different services on the same physical device whether from the same telco or different telcos. This will be about maintaining separate services for business and private use. Or it could be about travellers who want to maintain a local service while at their destination along with their “home” service. This is a feature that is of relevance in countries where cross-border commuting is the norm thanks to land borders or short affordable ferry rides.

This could be addressed through support for multiple services including the ability to provision a cluster of multiple devices with the one service simultaneously. This same issue can also address the ability for us to use the conventional Internet service based around a hardwired broadband service with a Wi-Fi and / or Ethernet local network in the premises.

What I see out of this new trend is that if your computing device has mobile broadband or connection to the Internet via a local-area network, along with a speaker and microphone, it will become the one-stop computing and communications device. It doesn’t matter what shape or size it is in, being a smartphone, laptop or whatever. As well, the right-sized computing device will serve your computing and communications needs as you see fit.

Big Mouth Billy Bass to become the start of Alexa-driven novelties

simonmackay 29/11/2018 Current and Future Trends, Home / building automation and security, Voice-driven home assistant platforms No Comments

Article

Your Amazon Echo will soon be expected to work with a wide range of toys and novelties

The latest Big Mouth Billy Bass is made to be a rockstar with built-in Alexa support | Windows Central

From the horse’s mouth

Amazon

Big Mouth Billy Bass – Compatible With Alexa (Product Page)

Alexa Gadgets Toolkit page

My Comments

Amazon had just polished their Gadgets Toolkit which is an application programming interface for interlinking devices of various kinds with the Alexa voice-driven home assistant platform. This has opened up a path for doing things like interlinking novelties that can show off when you ask Alexa for them to do so.

The first of these is the latest take on the Big Mouth Billy Bass phenomenon of the late 90s and early 2000s.

This novelty is a toy fish that is mounted on a board and starts singing songs like “Don’t Worry Be Happy” or “Take Me To The River” at the touch of a button. This is with the fish’s face swinging around to face the audience and its mouth moving in sync to the lyrics. It brought about other singing-and-dancing novelties that performed to pre-recorded songs in a funny manner.

But this latest iteration of the Big Mouth Billy Bass fish interlinks with any Amazon Echo device via Bluetooth and acts as a speaker for that Echo device. It is programmed to move the mouth in response to speech that comes through the Echo device, be it Alexa, a singer or a podcast author. The fact that it is designed to work tightly with the Alexa ecosystem will mean that if Amazon issues updates, this peripheral will gain these updates.

It will become the first of many toys and novelties that work in conjunction with the Alexa ecosystem. This includes short-form electronics modules that will be pitched to artisans who make giftware such as cuckoo clocks or Christmas decorations for them to include in their projects. Let’s not forget that Google, Apple and others will look towards extending their “smart-home” or similar platforms to work with this class of device.

An issue that will be raised regarding this product class is the fact that connected novelties and toys are being designed with very little thought for household privacy and data security. Infact a lot of IT security experts even suggest that people don’t use or give these devices at all. But this device is designed to work as if it is a peripheral for an Amazon Echo device and only connects to it via Bluetooth.

There will still be issues regarding the design of connected novelties and toys including data security and ease of connectivity. This is more so if they are to be sold through the toy and giftware retail sector where most staff are not likely to have a clue regarding the technicalities associated with these devices.

One way is that if the gadgets are to work alongside a voice-driven home assistant platform or regular computer / mobile operating system, they have to work using a “gadget API” associated with that platform or operating system and developed by the platform’s or operating-system’s developer. This is without the need to write a hefty app to gain the most out of the device. The use of APIs rather than a custom app or skill can also limit the kind of data that is collected via the novelty or toy and provide the end-user with greater control over what the device does.

As well, the “gadget API” has to also support a simple but secure setup process including permissions for various activities like use of microphones, cameras or speakers. This may be a similar process to installing or using an app on your smartphone or mobile-platform tablet where the operating system will ask whether to use the camera, microphone or sensors. Other issues that will also come about include a “secure by design” approach for the gadget’s firmware including regular update cycles to rectify software vulnerabilities.

Let’s not forget that the “gadget APIs” would also need to support the use of the connected device as a “master clock” if the gadget is to display or react to the current time or date. This is to avoid the need to reset the clock on these devices whenever Daylight Saving Time starts or ends or worry about that clock losing time.

What I see coming about is a relentless push to offer toys, novelties and giftware that are intended to work with the home network and the Internet. But there needs to be a secure simple approach to how these gadgets are designed.