Episode 377: Why there were 56 OT vulnerabilities this week

This week we cover the Ericsson mobility report that offers some stats on cellular IoT connections, including the surprising nugget that we won’t see 4G/5G connections surpass 2G/3G connections until some time next year. Then we hit another report. This one is from NPR and covers the state of audio and smart speakers. It proves that growth is slowing for smart speakers and that we may not do as many things with voice as we think. In dystopian news we cover China using COVID tracking apps to lock down protesters, and Microsoft stopping sales of some facial recognition tools. In new product news we talk about the latest Philips Hue gear, a new material that could generate electricity for wearables, and new MCUs from NXP. We also address the closure of SmartDry and explain how Google’s update on the Nest Max Hub may break your Nest x Yale lock. We end by answering a listener question about more accurate motion sensors.

Our guest this week is Daniel dos Santos, head of security research at Vedere, a business unit of Forescout. He’s on the show to discuss why Forescout released 56 new OT vulnerabilities dubbed ICEFALL. He shares the design flaws that led to these vulnerabilities and more importantly, explains what needs to happen if compromised controllers or devices can’t be fixed. He also shares a startling stat about how many industrial customers are actually updating their devices after a vulnerability has been disclosed, and how to encourage more of them to address security flaws. If you want to learn more abut securing critical infrastructure, this is a good place to start.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Daniel dos Santos, head of security research at Forescout
Sponsors: Nordic Semiconductor and Wirepas

  • There are still more 2G and 3G IoT connections than 4G/5G ones
  • With smart speakers it’s the same as it ever was
  • Are the new Hue track lights for you?
  • The ICEFALL vulnerabilities are a sign of progress actually.
  • This vendor says only one in ten patch their OT gear

Episode 376: Senator calls out video doorbells … again

This week’s show kicks off with another look at Ring’s potential to become a surveillance tool, this time prompted by a letter from Senator Ed Markey who wants Amazon to answer some questions. We then talk about a new capability for InfluxData’s time series database and explain why it matters before encouraging everyone who listens to the show or visits the site to get comfortable with doing things yourself. We then give a brief update on Insteon’s buyer and what it might mean before covering two industrial stories. First up is Siemens’ acquisition of Senseye, a company that provides predictive maintenance software, and then we discuss a remote factory experiment between Finland and South Korea. In smaller news we discuss the number of smart locks in U.S. households, Orro signing a deal with RTI for smarter light switches, and a new HomeKit enabled smart plug from TP-Link. We close by answering a listener question about the best smart lighting options to use in a new home.

Image courtesy of Parks Associates.

Our guest this week is Evan Kaplan, CEO of InfluxData, who is talking about the demand for time series data for the internet of things. InfluxData makes a time series database for storing trading and sensor data. We discuss how companies are using time series data as part of closed loop systems, and what the future tech stack for the IoT will be. He also shares his strategies to get developers interested in a platform and why he thinks appealing to developers will be essential for success in the industrial IoT. It’s a fun show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guests: Evan Kaplan, CEO of InfluxData
Sponsors: Nordic Semiconductor and Wirepas

  • Senator Markey wants more information about Ring’s capabilities
  • Be bold, and try to DIY your next project
  • Remote factory project has incredibly low latency
  • Why the IoT loves time series data
  • What we need to build better architectures for a real-time IoT

Episode 375: Arduino gets $32 million for enterprise IoT

This week’s show is an exercise in controlled chaos, as I am once again quarantined in a hotel room (this time with my teen). Kevin and I discuss Apple’s Worldwide Developers Conference and Apple’s claim that HomeKit is the foundation of the upcoming Matter smart home protocol. Insteon users got a shock this week when their formerly dead hubs mysteriously turned on and their cloud-based integrations began working. We explain what we know. SmartThings is getting a new app, and Microsoft signed a multi-year deal to help Procter & Gamble with its digital transformation. In security news, we discuss new ransomware that starts on the IT side but can move over to the OT side to wreak havoc, as well as a new program from Dragos to help small businesses secure their OT networks. Finally, in chip news radar chip company Vayyar raised $108 million and Arm launched a new low-power image sensor for embedded vision. During the IoT Podcast Hotline, we answer a listener question about how to prepare his smart home for a move.

Arduino launched the Portenta line of boards for the enterprise a year and half ago. Image courtesy of Arduino.

Our guest this week is Fabio Violante, the CEO of Arduino. Arduino raised €30 million ($32 million) this week as it seeks to add software and hardware to meet the needs of enterprise and industrial product designers. We discuss why Arduino is branching out from the DIY market, and how it differentiates itself from other computing platforms such as the Raspberry Pi or Nvidia’s Jetson Nano. Violante also shares his observations about the state of the market and the popularity of certain connectivity options, protocols and cloud platforms. It’s a good show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Fabio Violante, the CEO of Arduino
Sponsors: Nordic Semiconductor and Wirepas

  • Apple contributed a lot to HomeKit and we all will benefit
  • Who is the new Insteon owner?
  • Microsoft is helping Procter & Gamble make better paper towels
  • Good and bad news for OT security
  • Why Arduino is stepping up to the enterprise

Episode 374: Peekaboo offers privacy for the smart home

This week’s show kicks off with our favorite topic: bringing context into the smart home. This time it’s iRobot and its new operating system that aims to bring the smart home together. From there we discuss a merger between satellite IoT companies and a new idea for building a privacy-centric smart home from the folks at Carnegie Mellon. In more enterprise news, BT wants to stop being a telco and become a “tech-co” with a focus on digital transformation, while a group of chipmakers want to create a consortium to buy Arm. In smaller news bits we’ve got some more unsettling news around John Deere tractors, a smart blinds retrofit from Somfy and the end of Amazon’s Cloud Cam. We’re not mad. Kevin also reviewed Ecobee’s newest and fanciest thermostat and came to a surprising conclusion. In our IoT Podcast Hotline we answer a question from someone who is switching to HomeKit.

Image courtesy of iRobot.

Our guest this week is Ron Rock, CEO and co-founder of Microshare.io, who discusses why his company started building pre-packaged IoT solutions and selling the data, as opposed to trying for some horizontal IoT platform. He also talks about the next big use cases for enterprise IoT after COVID. First up is figuring out how to best use corporate real estate in a hybrid work environment and how to rightsize corporate real estate holdings post-pandemic. His third use case is my favorite. He talks about why ESG (Environmental, Social and Governance) demands are driving companies to adopt IoT solutions across a wide variety of use cases and industries. We end with a bit of conversation about new building standards and how he expects those standards to develop in the next three to five years. It’s a fun show.

Host: Stacey Higginbotham and Kevin Tofel
Guest: Ron Rock, CEO and co-founder of Microshare.io
Sponsors: LoRaWAN World Expo and InfluxData

  • Why iRobot could turn the smart home into a robot
  • The IoT satellite consolidation is here
  • Who should buy Arm? Everyone.
  • COVID drove enterprise IoT spending, but what’s next?
  • All your pre-2020 occupancy data is worthless now

Episode 373: Matter’s security details explained

Our focus is on the Matter smart home interoperability protocol this week, specifically some of the security requirements that will be associated with the standard. I moderated a panel on Tuesday where we learned a lot about plans for security, controllers, provisioning, and how companies such as Amazon and Google plan to keep Matter devices working within their respective ecosystems. We also talk about IKEA’s upcoming smart home hub and what that might mean for existing Tradfri hubs. In the enterprise world, we cover Nokia’s plan to release 5G-capable devices to help drive adoption of private 5G and 5G networks in commercial settings, Verizon’s new Data Breach Investigation Report and edge-computing capabilities coming to the world of industrial robotics. We also answer a listener question about the future of motion sensors in the home.

Verizon now tracks eight types of attack patterns in its survey. Image courtesy of Verizon.

Our guest this week is Jonathan Beri, CEO and founder of Golioth, a hardware platform for IoT. We discuss his history at Google/Nest and Particle to discover why he thought the IoT world needs a platform like Golioth. From there we talk about choosing a real-time operating system, how companies can adapt to the continued chip shortage, and ideal networking platforms for the IoT. Surprisingly, he’s seeing a lot of interest in Thread for industrial clients. He shares a lot of practical advice for companies trying to optimize their IoT hardware, so if you’re building products, this is a good interview.  Enjoy the show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Jonathan Beri, CEO and founder of Golioth
SponsorsLoRaWAN World Expo and InfluxData

  • How Matter will handle security for devices
  • IKEA’s new hub should be Matter-compliant
  • Verizon finds that 82% of cyber attacks have a human element
  • How to decide the best RTOS for your IoT device
  • How to think about redesigning your hardware during the chip shortage

Episode 372: Ecobee embraces radar sensors!

Did y’all know that almost a quarter of people who buy a smart home device, hire a professional to install it? That’s just one of the facts I learned at the Parks Associates event happening this week in Dallas. We talk about that before focusing on Google’s plans for Matter and SmartThings new Matter testing program. After that we talk about Ecobee’s new thermostats and a HomeKit sensor that uses millimeter wave sensing. In enterprise news, we mention a new real-time asset tracking network service from MachineQ, sub-$2 battery-powered Bluetooth tags from Wiliot, and LoRaWAN getting IPv6 functionality. We close with a review of Eve’s new outdoor camera, and a reminder to stay safe if you’re going to handle smart home installs yourself. In our hotline segment, we answer a listener’s question about moving from Alexa to HomeKit, and finding a garage door opener that works.

Image courtesy of Samsung.

Our guest this week is Stuart Lombard, the CEO of Ecobee and president of Generac connected devices. In our interview we dig into the new thermostats’ industrial design and why Ecobee replaced its PIR sensor with radar. Lombard also explains why services are essential for smart home providers and what Matter may do for the creation of new home services. We end with a discussion of Generac’s acquisition and why the combination of Ecobee and an energy storage and resiliency company makes sense. He didn’t share any specific products but he also gave us a hint about what to expect from the two companies going forward. Enjoy the show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Stuart Lombard, the CEO of Ecobee and president of Generac connected devices
Sponsors: LoRaWAN World Expo and InfluxData

  • Google’s preparations for Matter includes two new SDKs
  • Cheap Bluetooth tags are about to be everywhere
  • Eve’s outdoor camera for HomeKit a good choice
  • Why radar is better for people sensing
  • How smart homes will lead to energy resiliency

Episode 371: Smart screws and massive IoT

This week’s show was recorded a few hours before the annual Google I/O event so we didn’t discuss the new Pixel Watch, but we do discuss Google’s thoughts on the Matter smart home standard from an article in The Verge, which Kevin also tied to a discussion about Sonos launching its own voice assistant. Then we discussed a new gesture-recognition and fall-detection system that combines my love of Tiny ML with RF sensing. In privacy news, we focused on the use of private data by U.S. Immigration and Customs Enforcement and why we need stronger laws to govern how state agencies use private data. In smaller news, Qualcomm launched a 5G-capable robotics platform, Inmarsat launches a program to sell its Elera satellite IoT network, and Augury acquires Seebo in an industrial IoT deal. We then turn to my favorite story of the week, the creation of smart screws and a bit on the concepts of Massive IoT. We then discuss a question from a listener about the potential to create ad-hoc mesh networks using LoRaWAN or Amazon’s Sidewalk network.

Vivint’s new doorbell camera will detect package thefts and sound an alarm when it happens. Image courtesy of Vivint.

Our guest this week is Mike Child, VP of Product Management at Vivint. This week, Vivint launched an array of new security cameras and accessories as well as a new feature called smart deter. Child is on the show to talk about the design decisions that went into building the new gear as well as what Vivint had to consider when trying to design its smart deter feature. We discuss why it’s important to own your own hardware when building novel AI-based services and what companies need to consider when evaluating partners for future integrations. He also explains why Vivint wasn’t ready to give consumers the ability to record just any message for intruders on their property. Enjoy the show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Mike Child, VP of Product Management at Vivint
Sponsors: LoRaWAN World Expo and InfluxData

  • Google and others trying to reset expectations for Matter
  • Why this industrial IoT mashup makes sense
  • Smart screws are why we need tech for massive IoT
  • Why Vivint invested in an AI feature to deter criminals
  • Why building your own hardware is essential for advanced AI features

Episode 370: How to build the infrastructure for public tech

This week’s show kicks off with research suggesting Amazon uses data from Alexa devices to advertise its own products, and that Amazon is selling some of the insights derived from Alexa requests to third parties. This is disturbing, but so is John Deere’s ability to decommission tractors stolen by Russians from a Ukraine dealership. We talk about why this sort of power makes me nervous. And in a final story about digital rights, we discuss the U.S. Center for Disease Control and Prevention buying location data from private companies so it can see how effective some of its COVID policies were. From there we go into basic product news, starting with new wellness features coming to your Google Nest Hub screen ahead of Google I/O next week, a new room sensor from Wyze, new light switches from Leviton that don’t require a neutral wire, and new Wi-Fi 7 chips from Qualcomm. Kevin then shares a new smart home purchase and his thoughts on the Schlage Encode Plus with Home Key door lock. We finish by answering a listener’s question about if we’ll get a custom sound detection from Amazon’s Alexa.

The Wyze room sensor has a screen, and tracks temperature, humidity and motion. Image courtesy of Wyze.

Our guest this week is Bianca Wylie, who is a partner with Digital Public, a public interest firm focused on technology. She wrote an article calling for the end of Canada’s COVID contact tracing application and explains why she thinks it’s time to sunset the app. I think her ideas are important to discuss as our governments invest in digital infrastructure without necessarily having a plan for maintaining or auditing it. The COVID-tracking apps are a great case study that we can learn from. For example, when governments implement new technology they need to figure out how they plan to maintain it and ensure that it is doing the job it was intended to do. As citizens, we need to participate in the process of buying technology, working with government officials to set the requirements and limitations of the tech our government is buying. This is a really good interview for all of us to listen to.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Bianca Wylie
Sponsors: Impinj and InfluxData

  • Amazon is selling Alexa voice data to advertisers
  • We need to classify more data as Personally Identifiable Information (PII)
  • Wi-Fi 7 chips are here but don’t upgrade your network
  • What’s wrong with Canada’s COVID contact-tracing app
  • Smart cities incur technical debt too

Episode 369: Amazon’s $1B industrial IoT fund

We kick off the show this week with Insteon’s comments about its abrupt closure and asset sale before trying to salvage some good news from Arm’s latest chip news. We’re getting a new M-class processor that’s going to be super capable for machine learning at the edge and other jobs. We also give you a preview of next year’s hottest tech, wireless charging for smart home devices. Then we pivot to industrial news with Amazon’s newly announced $1 billion fund for industrial innovation. So far Amazon is investing in computer vision and robotics startups, but warehouse automation, supply chain technology and logistics are all of interest for the fund. Amazon also released a new Alexa talent for the smart home, Sense raised $105 million for smarter home energy monitoring and Wyze introduced a garage door controller. We close out the news with a found Pixel watch, an update on the Sigfox sale, and Kevin reviewing an Airthings View Pollution air quality monitor. On the hotline this week we answer a question about a HomeKit hub that’s stuck in standby mode.

Wireless charging is coming to Belkin devices. Image courtesy of Wi-Charge.

Our guest this week is Willem Sundblad, CEO of Oden Technologies. Oden Technologies is an industrial IoT startup that tries to bridge the gap between operational technology data and IT data. We discuss how its clients are using the software to help track the quality of their batch processes, and how software is helping its customers with supply chain challenges and sustainability goals. Paper manufacturing and plastics companies are facing issues getting enough raw materials with supply chains mucked up, and so are trying to use more recycled materials. But changing inputs means adjusting the process, which can be difficult and lead to poor yields while the manufacturer adjusts the recipe. Oden’s customers are able to tweak their processes for new inputs faster and without as much waste, which is something to be excited about. It’s one of the things I had hoped the IoT was going to enable, and I’m glad to see it happening.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Willem Sundblad, CEO of Oden Technologies
Sponsors: Impinj and InfluxData

  • Insteon’s final goodbye is pretty frustrating
  • Alexa has a new talent and is going to share it with Google Nest devices
  • This $200 air quality monitor does too little for so much
  • Industrial IoT software can help with sustainability goals
  • More data can lead to more confident plant operators

Episode 365: Helium gets a new name and $200 million

This week’s show was recorded on the road, but we still cover all of the big news starting with LoRaWAN network Helium changing its name to Nova Labs and raising $200 million. We then discuss research from MIT that offers privacy for people captured on video and several options for connecting beehives. I then get depressed about a UK startup offering incentives for being healthy, Kevin gets excited about Eufy’s latest combo video doorbell and door lock, and we both try to figure out who the new Arduino Pro Portenta X8 is for. We also discuss a security flaw in Wyze cams, remind people about best practices for securing connected devices and share news that Google is also trying to build the ability to discover Bluetooth trackers into Android. Finally, we answer a listener question about deleting phantom devices from HomeAssistant and Amazon Alexa.

The Beewise robotic beehive is ready for occupation. Image courtesy of Beewise.

Our guest this week is Doug Stovall, the CEO of Ossia, an over-the-air wireless power company. Ossia’s technology, called Cota, uses the 5.8 GHz spectrum to send 5 watts of power to devices that have a Cota chip and are able to accept it. There’s no charging pad or wire involved.nWe discuss the company’s recent FCC approval, which brings the technology to the U.S., as well as a deal with Archos, a French smart home device maker. Stovall says we’ll see Cota-enabled products in 2023 and maybe a smart home camera in time for the holidays. We dig in on how to think about efficiency when it comes to power delivery and what kind of impact over-the-air wireless could have before we play a game where I say a device and Stovall tells me how it should be powered. Enjoy the show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Doug Stovall, the CEO of Ossia
Sponsors: Save our Standards and RAKwireless

  • Helium has a new name, $200 million and a mysterious revenue model.
  • What is it about IoT beehives?
  • Well, this is an innovation in smart locks.
  • Charge a smartwatch over-the-air? Sure.
  • Let’s play Name That Power Source.