Tag: standards

What could be done to simplify your router upgrade

Telstra Gateway Frontier modem router press picture courtesy of Telstra

There needs to be a standard filetype to simplify the process of upgrading your home network router without reconfiguring your home network

An issue that will crop up through the life of a home network is to upgrade the router. This will be brought on with replacement of carrier-supplied equipment with retail equipment, replacing that half-dead router that you are always powering off and on many times a week, or upgrading to higher-performance equipment.

But you will end up having to transcribe out configuration data from your old equipment so you can enter it in to your new equipment especially if you want to avoid having to reconfigure other network equipment on your same home network.

Most routers offer a way for users to back up the current configuration details. This is typically to allow a user to do things like perform a factory resent or to test a configuration without losing a prior known-to-work state.

The process typically requires the user to download a configuration file to the computer they are configuring the router from in a similar manner to downloading a resource from the Web. But there isn’t a consistent file schema for storing this data in a manner for transferring to devices supplied by different vendors. In some cases, you may not be able to transfer the configuration data to newer equipment from the same vendor such as to install a newer router model.

AVM have taken steps in the right direction by allowing users to save a configuration from an older Fritz!Box router and upload it to a newer Fritz!Box router running a newer version of the Fritz!OS firmware. It is also to factor in allowing the router to persist your configuration to a newer version of the firmware.

But what can be done to make this work better would be to use a standard file format, preferably an XML-based schema which could be used for storing a router configuration. This would have to be agreed upon by all of the vendors to provide true vendor interoperability.

There would also be issues about providing multiple methods of storing this data. It could be about maintaining the traditional HTTP download / upload approach with Web clients on the same local network. Or it could also be about transferring the data between a USB Mass Storage device and the router such as to facilitate an out-of-box install.

Such a setup could allow for a range of scenarios like simplifying the upgrade path or to make it easier for support staff to keep information about different configurations they are responsible for.

The configuration data would have to cater for WAN (Internet) and LAN details including details regarding Wi-Fi wireless network segments, advanced network setups like VLAN and VPN setups, VoIP endpoint setups as well as general and security-related data.

Of course an issue that will crop up would be assuring the user of proper network security and sovereignty, something that could be assured through not persisting the management password to a new router. Also you won’t be able to keep Wi-Fi channel data especially if you deal with self-optimising equipment, because you may have to face an evolving Wi-Fi spectrum landscape.

What will need to happen is to provide methods to allow seamless upgrading of devices that serve as your network-Internet “edge” so you can simplify this upgrade process and get the most out of the new equipment.

Z-Wave to be the first standards group to mandate secure IoT


Nest Learning Thermostat courtesy of Nest Labs

Z-Wave now requires a secure-by-design approach for Internet Of Things devices using its technology like these room thermostats

IoT gear will need better security to win a Z-Wave badge | PC World

Previous coverage on this topic

A Clear Reality Surfaces With The Internet Of Things

EU wants to establish a security baseline for Internet Of Things

August responds to its smart lock’s security weaknesses by patching its software

My Comments

The recent Mirai botnet denial-of-service cyber-attacks including an attack against a data-security journalist have raised serious questions regarding designing the software for dedicated-purpose devices like network-infrastructure devices and the “Internet Of Things”. Here, it raised concern regarding default or hard-coded passwords along with poorly-maintained software as being a few of the issues that lead to lax security proactices for the dedicated-purpose devices.

This led to the European Union wanting to call a baseline standard for device-software security, with a customer-facing indicator similar to energy-efficiency labels on appliances or nutrition-rating labels on foodstuffs. Here, the standard wanted to look at “default-for-security” setup routines along with the issue of software maintenance.

But Z-Wave who establish a short-range wireless-connectivity standard for home-automation devices have had to answer this issue by requiring that devices using this technology implement their Security 2 (S2) secure-operations framework before the device can wear the Z-Wave logo. It is similar to various standards logos like Dolby noise reduction, DLNA or HDMI where equipment has to be compliant to these standards before they can show these logos and customers can see that logo as an indicator of compatibility.

Here, the requirement includes the use of a human-readable PIN number and/or a machine-readable QR code for authenticating devices to a Z-Wave network. As well, Z-Wave setups must implement a strong secure key exchange along with implementation of a Transport Layer Security 1.1 data tunnel for IP setups. It is mandatory for the endpoint devices like light bulbs, light switches and thermostats along with “hub” and similar devices that connect Z-Wave devices to the home network and Internet.

A question that may be raised with certain device classes like smart locks or security systems is whether a PIN number that you set using the device’s control surface, especially an “administrator” or “master” PIN number, does constitute a PIN number for the Security 2 (S2) framework.

At the moment, what Z-Wave have done is to address the issue of “secure setup” for this class of device. They haven’t dealt with the issue of software maintenance which is still a thorn in the side for dedicated-function devices and this may be something that others in the industry may need to deal with.

EU wants to establish a security baseline for Internet Of Things


Netgear DG834G ADSL2 wireless router

The security of network connectivity equipment is now in question thanks to the Krebs On Security DDoS attack

The EU’s latest idea to secure the Internet of Things? Sticky labels | Naked Security Blog

My Comments

The European Commission wants to push forward with a set of minimum standards for data security especially in context with “dedicated-function” devices including the “Internet Of Things” or “Internet Of Everything”. This also includes a simplified consumer-facing product-label system along with a customer-education program very similar to what has taken place in most countries concerning the energy efficiency of the appliances or the nutritional value of the foodstuffs we purchase.

This issue has been driven by a recent cyber attack on the Krebs On Security blog where the “Mirai” botnet was used to overload that security blog, the latest in a string of many attacks that were inflicted against data-security journalist Brian Krebs. But this botnet was hosted not on regular computers that were running malware downloaded from questionable Internet sites, nor was it hosted on Web hosts that were serving small-time Websites running a popular content management system. It was based on poorly-secured “dedicated-function” devices like network-infrastructure devices, video-surveillance devices, printers and “Internet Of Things” devices that had their firmware meddled with.

Nest Learning Thermostat courtesy of Nest Labs

… as could other Internet-Of-Things devices like these room thermostats

There will be issues that concern how we set network-enabled equipment up to operate securely along with the level of software maintenance that takes place for their firmware. A question always raised in this context is the setup or installation procedure that you perform when you first use these devices – whether this should be about a “default-for-security” procedure like requiring an administrator password of sufficient strength to be set before you can use the device.

But I also see another question concerning the “durables” class of equipment like refrigerators, televisions, building security and the like which is expected to be pushed on for a long time, typically past the time that a manufacturer would cease providing support for it. What needs to happen is an approach towards keeping the software maintained such as, perhaps, open-sourcing it or establishing a baseline software for that device.

Manufacturers could be researching ways to implement centralised simplified secure setup for consumer “Internet-Of-Things” devices along with maintaining the software that comes with these devices. This could be also about working on these issues with industry associations so that this kind of management can work industry-wide.

But the certification and distinct labelling requirement could be about enforcing secure-by-design approaches so that customers prefer hardware that has this quality. Similarly, a distinct label could be implemented to show that a device benefits from regular secure software maintenance so that it is protected against newer threats.

It usually just requires something to happen in a significant manner to be a wake-up call regarding computer and data security. But once a standard is worked out, it could answer the question of keeping “dedicated-purpose” computing devices secure.

Alliance to provide a level playing field for Internet Of Things


A New Alliance Will Let "Internet Of Things" Devices Talk To Each Other  | Fast Company

Home Appliance Makers Connect Open Source Internet Of Things | PC World

From the horse’s mouth

AllSeen Alliance

Web site

My Comments

As the hype builds up about the “Internet Of Things” where devices can use a heterogenous network for exchanging data or receiving commands, there is oomething that can easily go wrong here. This is where particular vendors see the “Internet Of Things” as being the “Internet Of Things Around Our Products”, something that can stifle competition and, especially, innovation.

But steps have been taken towards creating a truly heterogenous Internet Of Things which is similar to what has happened with Bluetooth and Wi-Fi wireless technologies. Here, it involved the creation of industry-based multiple-vendor alliances who put forward what is required for all devices working to a technology to communicate with each other.

The Linux Foundation have set up the AllSeen Alliance in conjunction with Qualcomm with their AllJoyn protocol which was just lately made “open-source”. The goal is about implementing heterogenous transport layers that work without need for Internet connectivity and work in a vendor-independent manner.

At the moment, they are working on modular services that look at the following functions: discovery, pairing / set-up, message routing, and data security. THis will include proper user interface requirements including a rich user experience with the Internet of Things; along with an application-specific requirement  for streaming audio over many connected speakers.

There will still need to be an effort to assure secure interoperability on a function-based level so that a system based on units from different vendors can work as a system rather than having he need for software or hardware function bridges to allow devices of one manufacturer to work with those of another.

Once this happens, this can allow the Internet Of things to be affordable for most users and be a breeding ground of innovation.

Australian Tax Office heads to open commerce standards


ATO goes after open commerce standards – News – iTnews Mobile Edition

My Comments

Previously, when I covered the news that the Australian Tax Office will turn out a Macintosh port of their eTax electronic tax-return lodgement program, I raised the issue of them moving to an “open-frame” approach for taxation-information management.

Now they have implemented the “Standard Business Reporting” program which has a goal to move tax and superannuation information exchange to the eMMS 3.0 information-exchange standard commonly used by other Australian industries and overseas.

This opens the door for software developers to write SBR-compliant tax / superannuation-contribution preparation software that provides proper data to the Tax Office. One area I would see this facilitating would be the ability for accounting software to support tax preparation either “out of the box” or as an additional module.

The main goal for this has been the management of superannuation contributions where the ATO wants to have businesses with more than 20 staff to move to this standard platform for this purpose. This allows for data that isn’t riddled with errors.

Personally, I would see this also being able to make things easier for people who do business overseas, whether being expats who move to or from this country or those of us who sell goods or services overseas via the Internet. This is more so as the Great Financial Crisis has caused a call for proper management of taxation across borders.

Defining parameters for 4K and 8K ultra-high-resolution displays


ITU meets to define 4K and 8K UHDTV parameters – Engadget

My comments

We are starting to see the arrival of ultra-high-definition video displays being available for general-purpose computing requirements. This yields cinema-quality vision experience as if normally seen directly by the eye.

But the concept has existed in a general form where a well-bred current-generation digital still camera is able to take an image with that resolution. As well, some screens used in particular industries like medical imaging are implementing this kind of pixel-dense display. Similarly, some video setups like the recent practice of exhibiting performances of opera or classic plays in the cinema through the use of video links use the ultra-high-definition setups.

The technology is also being assisted through the availability of pixel-dense display technology in computer devices. Examples of this include Apple’s “Retina” technology used in the latest iPhone and iPad devices and starting to appear across some of Apple’s 13” MacBook computers. This could be implemented in larger display areas like flatscreen TVs and desktop monitors.

Here, a particular resolution and aspect ratio needs to be called for both the 4K and 8K displays. This may be a point to bring in the 21:9 display ratio used for cinema applications; and could help with providing an improved video experience for the films that were used to showcase Cinemascope or Panavision.

But after 1080p (1920×1080) was called as a standard for HDTV displays, which has allowed a point of reference to be used for this application; there needs to be a standard for this kind of ultra-high-definition display. This can allow the displays to be marketed properly such as with a standard logo that applies to equipment that meets one or more of the criteria.

This may also affect how visual layouts are worked on so we can think more of display physical sizes and application classes rather than particular resolutions. It will also mean the use of vector-based user-interface displays or graphics assets that suit particular display densitys as what is being put forward for Windows 8 software design.

Why I value the UPnP AV / DLNA Home Media Network standards

I have written this article as an updated version to the one I originally published. This is because of newer activity on the UPnP AV / DLNA front and newer situations that this technology has been exposed to.

If anyone is wanting to question me why my editorial slant in HomeNetworking01.info is geared towards UPnP-based network management standards, especially the UPnP AV / DLNA Home Media Network standards, I am writing this piece to state what I am about.

I am not a spokesman for UPnP or DLNA or any of the companies that are behind these standards. But, as an author and editor of this site, I do place a high value on networks, network hardware and network media software supporting any of the UPnP AV / DLNA Home Media Network Standards.


Ability to work across nearly all networks

One of the main reasons I value these standards is that they work across any IP-standard subnet (logical network) and allow the hardware manufacturers and software developers to integrate the home media network in to their creations without reinventing the wheel.

It doesn’t matter whether the network uses different segments such as the common Wi-Fi and Ethernet setup in a home network or a switched Ethernet setup in some larger networks.

A simplified setup and media-discovery experience for the user

For the user or system installer, due to the nature of UPnP, they doesn’t need to “run backwards and forwards” between devices to make sure devices are pointing to the correct network shares and that usernames and passwords are correct on both the client device and the server. This can become more of a headache when setting up devices that don’t have the full QWERTY keyboard on them and require the user to use “SMS-style” or “pick-n-choose” text entry which can increase room for user frustration and mistakes. They also make the establishment of these multimedia networks as idiot-proof as possible, which would benefit home and small-business users where there isn’t a dedicated IT team available.

There is even the ability with DLNA networks where new DLNA servers are exposed to the client devices the moment they become available. This feature makes it easier to “get going” with the material that is hosted on these servers.

Fostering innovation in a common-sense way

I also agree that a standards-based IT environment like UPnP AV / DLNA, supported by many different technology vendors, is a breeding ground for hardware and software innovation. This also encourages a “common-sense” approach to technology as outlined below. Here, it can also lead to these concepts being implemented in the most cost-effective manner, which makes the device affordable for most people, while there is the ability for manufacturers to provide the premium-grade equipment that works in the same ecosystem.

This has led to hardware that is compliant with this standard becoming increasingly ubiquitous; as well as top-shelf audio-equipment manufacturers of respect turning out the high-grade hi-fi equipment capable of playing music provisioned over a home network.

Device and system ubiquity

Sony BDP-S390 Network Blu-Ray Player

Sony BDP-S390 Network Blu-Ray Player – an example of a component that adds DLNA to existing equipment in an affordable manner

I know that Windows supports the standard through Windows Media Player 10 and has full “three-box” implementation in Windows Media Player 12 which is part of Windows 7. As well, I have noted that the open-source community have developed servers and similar software that can work with a Linux system. This feature is now considered “par for the course” for nearly all consumer and small-business network-attached storage units.

As well, the Microsoft XBox360 and the Sony PS3, which are considered “must-haves” as far as games consoles are concerned, have inherent support for this technology. Similarly, the big-name Japanese and South-Korean consumer-electronics companies like Samsung, Sony and Panasonic are implementing DLNA in most of their consumer video equipment, save for the low-end models. Most of the big-time electronics manufacturers who have a line-up of home-theatre receivers have this feature in at least the high-end models, with some manufacturers pushing the feature in to the mid-range models. As well, nearly all Internet radios can play audio material held on DLNA-based media servers.

Similarly, most consumer-electronics equipment manufacturers are starting to sell speaker docks and similar equipment that are not just designed to work with the Apple iPhone. This has been brought on by the popularity of the tablet computer and the highly-capable Android smartphones. Cheaper variants would have a Bluetooth A2DP setup as well as the iPhone dock while more expensive variants that connect to home networks would have support for both the Apple AirPlay and DLNA MediaRenderer operating modes. A handful of these units even support WiFi Direct so as to create their own wireless-network segment for that tablet or smartphone/

Marantz CR603 CD receiver

Marantz CR603 CD receiver – One of the many DLNA-capable hi-fi components shown at the Australian Audio & AV Show

The Australian Audio and AV Show 2011 which was held at the Melbourne Marriott Hotel was an event that underscored what DLNA was all about for high-grade network audio distribution. Some of the hotel rooms which were purposed as showrooms for the hi-fi equipment distributors had live DLNA Home Media Networks based around a common Wi-Fi router that was the hub of the network, a small NAS holding the music and one or two network-enabled hi-fi components playing out the music. Here, these networks were used to demonstrate the concept of network-distributed file-based audio being a real concept for the premium hi-fi environment.

DLNA can work beyond the home

Some of us may think that the UPnP AV / DLNA technology can only work within the home but there is the potential to allow it to work beyond content in the home. This arrangement can allow the ability to create and maintain a network-based distributed AV system in the business, hospitality or other environment using cost-effective easily-available equipment that is suited for the job at hand.

The hotel room

Rydges On Swanston hotel - an example of a hotel where DLNA technology can be relevant

An example of a hotel where DLNA network media technology can be relevant in the guestrooms

The network setups at the previously-mentioned home entertainment show which was hosted at the previously-mentioned business hotel, had even led me to write up this article about the feasibility of implementing DLNA technology in the hotel room because of the fact that most of us would be bringing in phones, tablets and laptops which have this function in a server or other role. I was coming at this issue on a “network-only” angle so as to move away from the use of highly-expensive specialist set-top boxes or TV sets targeted at this industry but towards a large range of cost-effective equipment with increased flexibility. This doesn’t just mean televisions and video peripherals like Blu-Ray players but also encompasses music systems or home-theatre systems which could earn their keep in those “top-shelf” suites or apartments.

This concept encompasses not just media held on a guest’s devices but multimedia applications that this industry values like in-room pay-per-view movies, line-level feeds for conferences and cabarets or even implementing DLNA as an IP-driven alternative to distributing satellite TV via coaxial cable run through the property.

The small business, school or community organisation

A cafe who can benefit from DLNA network AV technology

A cafe who can benefit from DLNA network AV technology

It also runs alongside the idea of using this technology to provide multimedia in the business using the data network that exists there but using cost-effective and highly-available equipment. This is something you can do with a Windows-based computer running Windows Media Player or you could use low-cost DLNA software that can work as a server or control point.

One key application is to purpose a DLNA-compliant “smart TV” or a TV set / projector that is connected to something like the Sony BDP-S390 as cost-effective “digital signage”. This is where you create the signs and visual material using Photoshop, PowerPoint or other graphics and presentation software then “push” the material using Windows “Play To” or TwonkyManager to the cost-effective equipment for display.

Provisioning multi-channel pay-TV

Similarly, the DLNA technology is being considered as an alternative to the classic set-top-box model for multichannel pay-TV setups. For example, it is being considered as an idea for a “gateway” device to be installed in the home which works as a PVR or “broadcast-LAN” tuner. This box could be a “headless” box which isn’t connected to any screen or could be a traditional set-top box serving the main household TV with content.

Here, multiple DLNA-enabled TVs, video peripherals or viewer applications can tune in to pay-TV channels or content held on the PVR without the need to install a set-top box on each TV. It also allows for the customer to have equipment of different capabilities such as a DLNA-capable Blu-Ray player attached to a small entry-level TV in the master bedroom having access to the same content as what would be available on the big TV in the main lounge area. It is infact something that is being pushed by consumer-electronics vendors in the USA as a standards-compliant way of delivering cable TV.

This application and the above-mentioned hotel-room application can now benefit from a super-standard called RVU. This integrates DLNA and a “remote-desktop” standard like VNC or Microsoft’s “Terminal Services / RDP” in order to provide a consistent branded user interface for advanced pay-TV services like movies-on-demand or account management.


So the main reason I place a lot of value in the UPnP AV / DLNA Home Media Network is because of the ease that there is in establishing a heterogeneous multimedia network with innovative easy-to-set-up products that suit what you want to do.