Tag: Germany

Article

German government to subsidise satellite Internet installations for Starlink and similar setups at the consumer end

Germany to subsidise Starlink subs | (advanced-television.com)

Germany readies subsidies for satellite internet providers such as Starlink | Reuters

My Comments

The rise of low-earth-orbit satellite technology to enable decent Internet service for regional, rural and remote parts of the world has gained a bit more traction.

This time, it is the German Federal Government (Bundesregierung) with its Transport ministry who are subsidising Starlink installations across rural Germany. The US’s FCC has engaged in some form of subsidisation for Starlink but this is at a corporate level as part of their US-government-based program for enabling decent rural Internet service there.

The German approach is to provide EUR€500 towards Starlink hardware purchase for installation in Germany’s rural areas. This doesn’t just apply to Starlink but to any satellite or other radio-link-based Internet service provided on a retail level. It is intended to be consumer-focused and provider-agnostic in the same manner as what is expected for the provision of broadcasting and telecommunications in modern Germany.

It doesn’t apply to ongoing service costs that customers pay to keep the service alive. In the case of Starlink, the monthly service costs are EUR€99 / month at the time of writing.

.. to improve access to real broadband in German rural areas

The question that will come up is  whether public subsidies for satellite or other radio-based Internet service is the way to go to bring decent broadband Internet to rural areas. This is compared to current efforts by local or regional governments in cohort with local chambers of commerce to bring fibre-optic Internet to rural and regional areas.

There will also be the issue of whether to extend this kind of subsidy to people living in boats along Germany’s inland waterways. Think of retirees who have riverboats on the Rhine, Elbe or Wupper rivers or cabin cruisers on the likes of Lake Constance (Bodensee).

Personally, I would see Starlink and similar technology come in to play for sparse rural areas while fibre or similar deployments are considered for more dense settlements. The long fibre-optic trunk link between towns or to serve a remote employment / industry area should never be forgotten as a way to encourage economic growth along its path.

At least Germany is taking another approach to dealing with the rural Internet deficiency issue by subsidising the installation of Starlink and similar technology in its rural households.

Article – German Language / Deutsche Sprache

Germany now yields its own videoconferencing platform

Alfaview: Sichere Videochat-Software aus Deutschland (Alfaview : Secure Videochat Software from Germany) | Computer Bild

From the horse’s mouth

Alfaview

Home Page (English / Deutsch)

My Comments

A German company has fielded a videoconferencing packaging which is Europe’s answer to what Zoom, Skype and Microsoft Teams is about. This is part of a variety of efforts by European governments and businesses to create credible mainstream IT service alternatives to what the USA and China are offering while respecting European values. One example is efforts by Germany to create a public data-processing cloud that is within that country’s borders as part of leading an effort towards a Europe-wide public cloud.

This is in the form of Alfaview which provides a Zoom-style experience

This company, Alfatraining Bildungszentrum GmbH which is based in Karlsruhe, Baden-Württenburg, Germany, has released the Alfaview video-conferencing platform. Here, this platform places privacy and European sovereignty first in the way it is engineered.

The Alfaview platform’s servers are based in Germany and the company heavily underscores the spirit of European values especially with the GDPR directive. Videoconferencing data is encrypted using TLS/AES256 protocols during conversations. But they can allow the use of non-German services as long as they are in the EU, again underscoring European values. There will also be the ability for people to join the platform from all over the world, thus avoiding a problem with European technologies and services where they have limited useability from areas beyond Europe.

As well, it answers the weaknesses that are associated with the videoconferencing establishment when it comes to offering this kind of service for consumers and small businesses. This encompasses Zoom not being all that secure, Microsoft not maintaining Skype and focusing the Teams videoconferencing package just for big business. As well, Facebook who has come on the bandwagon with Messenger Rooms is not all that respected when it comes to security and privacy.

Alfaview runs natively on Windows, MacOS, Linux (Debian package), iOS and will soon be ported for Android. But they could simply reuse the Linux package as a code base for reaching out to ChromeOS and Android platforms. As well, I am not sure if the iOS version is optimised for the iPads which is something I consider of importance for mobile platforms that have tablet devices because these devices have a strong appeal to multi-party video conferences.

There is a free package for individuals and families to use which provides for one room that has 50 participants. As well, Alfaview has a Free Plus package pitched towards the education and non-profit sector. Here, this one has most of the features that the corporate package has like 40 rooms per account with 50 participants. There is also the ability to run 10 concurrent breakout groups per room.

This is in conjunction to various paid plans for ordinary businesses to buy in to for their videoconferencing needs. Alfaview even provides the ability to offer the software in a “white-label” form for companies to brand themselves.

But what I see of the Alfaview approach is that the Europeans are offering a Zoom-style service respecting their values and competing with what the Silicon Valley establishment are offering.

Articles

This Gigaset smart speaker works as a DECT handset for fixed-line telephony services

Gigaset reinvents the landline phone – Gigaset smart speaker L800HX | Business Insider

German language / Deutsche Sprache

Gigaset L800HX: Smart Speaker mit DECT- und Amazon-Alexa-Anbindung | Caschy’s Blog | Stadt.Bremerhaven.de

Gigaset L800HX: Alexa-Lautsprecher mit Festnetztelefonie | Computerbild.de

Gigasets Smart Speaker ist auch ein Telefon | Netzwoche (Schweiz / Switzerland)

From the horse’s mouth

Gigaset Communications

L800HX Smart Speaker

German language / Deutsche Sprache

Product Page

Press Release

Blog Post

My Comments

Amazon effectively licensed the Alexa client software that is part of the Echo smart speakers that they sell for third parties to use. This opens up a path for these third-party companies to design smart speakers and similar products to work with the Alexa voice-driven assistant ecosystem.

This kind of licensing opens up paths towards innovation and one of the first fruits of this innovation was Sonos offering a smart speaker that worked with multiple voice-driven home assistant platforms that they licensed. But I will be talking about another approach that links the traditional fixed-line telephone to the smart speaker.

The Amazon Echo Connect box enables your Amazon Echo speakers to be your traditional household telephone

When faced with Google offering telephony functionality in their Home speaker, Amazon one-upped them with the Echo Connect box. This box connects to your home network and your fixed telephone line so you can make and take telephone calls through the traditional fixed telephone service or its VoIP equivalent using an Echo smart speaker or similar device. The device had to connect to the telephone socket you would connect the traditional telephone to as though it was an extension telephone and if you implemented a VoIP setup using a VoIP-enabled router, you would connect it to the telephone-handset port on this device.

Now Gigaset Communications, a German telecommunications company who is making innovative telephony devices for the European market, has approached this problem in a different way. Here, they have premiered the Gigaset L800HX smart speaker that works on the Alexa ecosystem. But this uses functionality similar to the Amazon Echo Connect box but by working as a DECT cordless handset.

The Gigaset L800HX can be paired up with any DECT base station or DECT-capable VoIP router to become a telephony-capable smart speaker. It is exploiting the fact that in competitive telecommunications markets in Continental Europe, the telcos and ISPs are offering multiple-play residential telecommunications packages involving voice telephony, broadband Internet and multiple-channel TV service on fixed and/or mobile connection.

Increasingly the fixed-line telephony component is provided in a VoIP manner with the carrier-supplied home-network router having VoIP functionality and an integrated DECT base station along with one or two FXS (telephone handset) connections for this service. This is due to use of dry-loop xDSL, cable-modem or fibre-optic technology  to provide this service to the customer and a drift away from the traditional circuit-based telephony service.

Onboarding this speaker requires you to interlink it to your Wi-Fi home network and your DECT-based cordless base station or VoIP router. Then you also set it up to work with the Amazon Alexa ecosystem using the Amazon app or Webpage associated with this ecosystem. A separate Gigaset mobile-platform app provides further functionality for managing this device like synchronising contacts from your mobile or DECT base-station contacts list to the Amazon Alexa Calling And Messaging service. It provides all the other expectations that this service offers like the Drop In intercom function. Let’s not forget that this device can do all the other tricks that the standard Echo can do like play music or manage your smart home under command equally as well.

The German-speaking tech press were raving about this device more as tying in with the current state of play for residential and small-business telecommunications in the German-speaking part of Europe. They also see it as a cutting-edge device combining the telephony functionality and the smart-speaker functionality in one box that fits in with the Continental-Europe ecosystem tightly.

Here, it is another example of what the licensing approach can do for an ecosystem like Amazon Alexa or Google Assistant. This is where there is an incitement for innovation to take place regarding how the products are designed.

Article

Germany has defined a minimum standard for secure broadband router design

Germany proposes router security guidelines | ZDNet

From the horse’s mouth

BSI (German Federal Office for Information Security)

TR-03148 Secure Broadband Router 1.0 (PDF)

My Comments

It is being identified that network connectivity devices and devices that are part of the Internet-Of-Things are being considered the weakest point of the secure Internet ecosystem. This is due to issues like security not being factored in to the device’s design along with improper software quality assurance when it comes to the devices’ firmware.

The first major incident that brought this issue to the fore was the Mirai botnet attack on some Websites and dynamic-DNS servers through the use of compromised firmware installed in network videosurveillance cameras. Recently in 2016, a similar Mirai-style attack attempt was launched by the “BestBuy” hacker involving home-network routers built by Zyxel and Speedport.There was a large installed base of these routers because they were provided as standard customer-premises equipment by Deutsche Telekom in Germany. But the attempt failed due to buggy software and the routers crashed.

Now the BSI who are Germany’s federal information-security government department have taken steps towards a baseline set of guidelines concerning security-by-design for these home-network routers. It addresses both the Internet-based attacker sithation and the local-network-based attacker situation such as a computer running malware.

Key requirements

Wi-Fi segments

There are requirements concerning the LAN-side private and guest Wi-Fi segments created by these devices. They have to work using WPA2 or newer standards as the default security standard and the default ESSIDs (wireless network names) and Wi-Fi passphrases can’t relate to the router itself like its make or model or any interface’s MAC address.

As well, guest Wi-Fi and community / hotspot Wi-Fi have to be treated as distinct separate logical networks on the LAN side and they have to be “fenced off” from each other. They will still have access to the WAN interfaces which will be the Internet service. The standard doesn’t address whether these networks should implement client-device isolation because there may be setups involving a requirement to discover printers or multimedia devices on these networks using client software.

Router management

The passwords for the management account or the Wi-Fi segment passphrases have to be tested against a password-strength algorithm when a user defines a new password. This would be to indicate how strong they are, perhaps through a traffic-light indicator. The minimum requirement for a strong password would be to have at least eight characters with at least 2 each of uppercase, lowercase, number and special characters.

For the management account, there has to be a log of all login attempts along with lockout-type algorithms to deter brute-force password attacks. It would be similar to a code-protected car radio that imposes a time delay if the wrong passcode is entered in the radio. There will be an expectation to have session-specific security measures like a session timeout if you don’t interact with the management page for a certain amount of time.

Other requirements for device management will include that the device management Webpage be only accessible from the main home network represented by the primary private Wi-Fi segment or the Ethernet segment. As well, there can’t be any undocumented “backdoor” accounts on the router when it is delivered to the customer.

Firmware updating

But the BSI TR-03148 Secure Broadband Router guidelines also addresses that sore point associated with router firmware. They address the issue of updating your router with the latest firmware whether through an online update or a file you download to your regular computer and upload to the router.

But it is preferred that automatic online updates take place regarding security-related updates. This will most likely extend to other “point releases” which address software quality or device performance. Of course, the end-user will need to manually update major versions of the firmware, usually where new functionality or major user-interface changes take place.

The router manufacturer will be required to rectify newly-discovered high-severity security exploits without undue delay once they are notified. Here, the end users will be notified about these software updates through the manufacturer’s own public-facing Website or the router’s management page.

Like with most regular-computer and mobile operating systems, the use of software signatures will be required to authenticate new and updated firmware. Users could install unsigned firmware like the open-source highly-functional firmware of the OpenWRT kind but they will need to be warned about the deployment of unsigned firmware on their devices as part of the deployment process. The ability to use unsigned firmware was an issue raised by the “computer geek” community who liked to tinker with and “soup up” their network hardware.

Users will also need to be notified when a manufacturer ceases to provide firmware-update support for their router model. But this can hang the end-user high and dry especially if there are newly-discovered weaknesses in the firmware after the manufacturer ceases to provide that software support.

The standard also places support for an “anti-bricking” arrangement where redundant on-device storage of prior firmware can exist. This is to avoid the router from “bricking” or irreversibly failing if downloaded firmware comes with software or file errors.

Other issues that need to be addressed

There are still some issues regarding this standard and other secure-by-design mandates.

One of these is whether there is a minimum length of time for a device manufacturer to continue providing security and software-quality firmware updates for a router model or series after it is superseded. This is because of risks like us purchasing equipment that has just been superseded typically to take advantage of lower prices,  or us keeping a router in service for as long as possible. This may be of concern especially if a new generation of equipment is being released rather than a model that was given a software-compatible hardware refresh.

Solutions that could be used include open-sourcing the firmware like what was done with the Linksys WRT-54G or establishing a known-to-be-good baseline firmware source for these devices while continuing to rectify exploits that are discovered in that firmware.

Another is the existence of a logo-driven “secure-by-design” campaign directed at retailers and the general public in order to encourage us to buy or specify routers that are compliant to this standard.

An issue that needs to be raised is whether to require that the modem routers or Internet-gateways supplied as standard customer-premises-equipment by German ISPs and telcos have a “secure-by-design” requirement. This is more of an issue with Internet service provided to the average household where these customers are not likely to fuss about anything beyond getting Internet connectivity.

Conclusion

The BSI will definitely exert market clout through Europe, if not just the German-speaking countries when it comes to the issue of a home network that is “secure by design”. Although the European Union has taken some action about the Internet Of Things and a secure-by-design approach, they could have the power to make these guidelines a market requirement for equipment sold in to the European, Middle Eastern and African areas.

It could also be seen by other IT bodies as an expected minimum for proper router design for home, SOHO and SME routers. Even ISPs or telcos may see it as an obligation to their customers to use this standard when it comes to specifying customer-premises equipment that is supplied to the end user.

At least the issue of “secured by design” is being continually raised regarding home-network infrastructure and the Internet Of Things to harden these devices and prevent them from being roped in to the next Mirai-style botnet.

Article 

50 MBit/s und mehr: Verbraucher wollen immer schnelleres Internet | Computer Bild.de (German language | Deutsche Sprache)

My Comments`

Recently, German households are gaining better value for money when it comes to purchasing broadband Internet service. This is affecting the higher-speed 50Mbps service packages that are being preferred by the younger people.

German Internet customers preferring better value for money for their “50Mbps Talk and Surf” service

These plans are being underscored by their availability as part of multiple-play communications-service deals which include fixed or mobile voice telephony, broadband Internet along with other services. In Germany, the service package that is commonly preferred is the “double-play” service, marketed as a “Talk & Surf” service that encompasses a fixed-line telephone service and a broadband Internet service.

The article highlighted an increase in the preferred connection speed for the broadband services over 5 years with households showing strong interest in the 50Mbps services rather than the “economy” 16Mbps services. As well, the average cost of a fixed-line telephone + broadband service in that country had been dropping slightly from EUR€35.73 per month now to EUR€28.82 per month.

It is being underscored with the increased availability of better-value 50Mbps services in Germany’s larger cities but the 16Mbps “economy” packages are being found to have reduced value for money and this price drop is being described as being a slow one. As is often noted, this kind of value for money when it comes to Internet service doesn’t extend to rural areas which tend to find themselves at a disadvantage in this field.

Personally, I would attribute the increased ubiquity of VDSL-based Internet service in Germany’s urban areas being a factor leading to the improved value for money when it comes to the higher-speed packages.

But the questions to raise regarding the German broadband market is whether there is significant infrastructure-level competition in that country? Similarly, the availability of retail-level competition for residential and small-business telecommunications services has to exist at a sustainable level to assure customers best value for money.

At least something is happening for German households where they are gaining better value for money with their Internet services.

Article

Microsoft will host data in Germany to hide it from US spies | The Verge

My Comments

Edward Snowden has raised a very significant issue concerning the confidentiality and sovereignty of your data when he leaked what went on with the NSA. This has affected how individuals and organisations do business with American-chartered IT organisations like all of Silicon Valley.

The data sovereignty question is even being extended towards data held within nations that implement a federation or similar geopolitical structure like the USA, Canada, Germany, Switzerland or Australia. This situation could even apply to the United Kingdom thanks to the devolved countries like Scotland and Wales acquiring independent powers similar to a state in a federation. Here the question that come in to play is which state’s rules govern the data that is being created. It has come in to play since the US Supreme Court overturned Roe vs Wade and placed women at risk of trouble if they seek abortions within the USA’s “Red” states, because of the increased computerisation of our business and personal lives.

But what has happened was that Microsoft took up a new model for setting up data storage which is in the form of a “data trustee”. This model is similar to how a trust fund operates where a third party who is known as a trustee, is tasked to control funds and assets that come in to that fund for the benefit of the recipients.

In this case, Microsoft is setting up data centers in Germany and delegating Deutsche Telekom, a telco entirely chartered in Germany, to control these data-storage facilities as a “data trustee” for them. But the data stored on these facilities will be Microsoft’s and their customers’ data.

Why Germany? Warum Deutschland? This is because Germany, a country which has been passed through some horrible periods of history where big government abused citizens’ privacy in the form of the Third Reich and East Germany, have enacted some of the world’s tightest privacy laws.

What I see of this is that a person who signs up to a Webmail service, online storage service, Webhost or similar online service could be given the option to have the data held on servers in a nominated country, most likely rated according to the country’s standard of privacy and data sovereignty. Similarly, companies chartered in countries with rigorous data privacy and confidentiality standards could end up doing valuable business in renting data center space or providing online services to local and foreign individuals and companies wanting stronger privacy.

On the other hand, these countries could end up with the same reputation that Switzerland had with its banks. This was where Switzerland’s financial-secrecy laws were abused by people and companies who were laundering or concealing ill-gotten gains in Swiss banks to avoid official scrutiny. In relationship to data, this could allow for data associated with criminal activity such as child-abuse imagery or pirated software to be concealed in countries with high data-privacy standards.

But the authorities in those countries can act as a legal filter to make sure that any official data requests are for legitimate crime-fighting and personal-safety reasons rather than to suppress internationally-recognised core freedoms and liberties.

Created 13 November 2015. Updated 8 July 2022 to encompass the reversal of Roe vs Wade and the ramifications associated with countries that implement a federation or similar geopolitical structure.

Article

German industry is poised to exploit rural broadband | PC World

My Comments

There are real applications for real broadband in Germany

Here. the goal was about using broadband as a tool to benefit the tradition-driven farming and forestry industries that exist in the country’s rural areas. This is although Germany is pushing the VDSL2 barrow for their next-generation broadband technology but could use “fibre to the remote node” with VDSL2 and ADSL2 to push real broadband to rural households or to serve 4G or newer mobile-broadband service to these areas.

The main benefit was to allow farmers and forestry workers to implement computer-driven analytics rather than tradition and “rough-gauging” to their tasks in order to gain better harvests. SAP were premiering a “field analytics” service which covers the lifecycle of a farmer’s crop, recommending when to start the various tasks associated with that crop. This allows dates for these tasks to be factored in by the farmer or seed merchant. As well, weather reports for that area can be used to vary when to start a particular task.

The SAP service also has the ability for the farmer to share out data with contractors on an “as-needed” basis thus honouring Germany’s strict data-protection laws. At the moment, it is a proof-of-concept service but it was realised that this kind of service can benefit from real broadband being available to rural areas.

Other beneficiaries included Claas who offered a sensor-equipped tractor along with Fovea who offered a surveying app for forestry workers.

Here it is not just about personal entertainment or general office communication that would benefit the rural community when real broadband arrives. It is also about using the “fat pipes” that this technology provides to exchange data with various analytics services to obtain the right crop yield.