Episode 286: Apple, ARM and more IoT security challenges

This week’s show kicks off with Kevin and I discussing Nvidia’s $40 billion plan to buy ARM. After that, we talk about Google’s upcoming event, a gesture interface for Nest thermostats, and the news from the Apple event. From there we talk about alternatives to IFTTT in case you don’t want to pay for a Pro plan, and then dive into news on IoT security from down under, an updated Arlo doorbell, and Wink’s outage. Next up, I share some news about Stack Lighting, a birthday for the group that standardized Wi-Fi, and Kevin’s review of the Firewalla Gold. We conclude the first segment by answering a question about using IoT to improve in-home air quality.

The latest Arlo doorbell can run off a battery or wires. Image courtesy of Arlo.

Our guest this week is May Wang, a senior distinguished engineer at Palo Alto Networks. She’s on the show to talk about challenges associated with securing IoT devices and how to use machine learning to improve IT security. We also talk about various degrees of network segmentation, zero-trust security, and how to bring the OT and the IT worlds together to ensure that devices stay secure. For fun, we also talk about the strangest devices seen on corporate networks. See if you have something wackier to add.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: May Wang, Palo Alto Networks
Sponsors: Perceive and Ayla Networks

  • ARM’s sale is about the data center, not IoT
  • Three alternatives to IFTTT in case you don’t want to pay
  • Firewalla Gold is pricey but good for IoT aficionados
  • There are some wacky things on corporate networks
  • How to get OT people to care about IT security

Episode 284: Amazon Halo, the FBI and smart cars

This week’s show starts off with the FBI’s concerns about the Ring doorbell, then news about Apple and Google making their COVID-19 exposure notification framework easier for states to use. We discuss consolidation in the smart apartment market, vulnerabilities in Microsoft’s Azure Sphere and then dive into a heap of newly launched devices. First up is the Amazon Halo wearable launched last week, and then new Amazon Blink cameras. (In other Amazon news we talked about paying for gas with Alexa and Amazon getting FAA approval for drone deliveries.) Wyze is planning to build headphones, as is Sonos, and Lenovo has a new smart speaker alarm clock for $50. We end with a listener question about wireless sensor tags.

Blink Outdoor and Indoor Cameras will sell for $99.99 and $79 .99 respectively. Image courtesy of Amazon.

Our guest this week is Matan Tessler, VP of product for Otonomo, an Israeli automotive data company. He came on the show to discuss what we can do with car data. Cars can produce gigabytes of data and Otonomo can pull data in from more than 20 million vehicles, either in aggregate or individually, to provide different services. In smart cities, car data might provide detailed parking information or flag dangerous intersections. For companies, Otonomo can provide fleet management, but it also foresees a future where third-party businesses can build services such as a tire-pressure management service that ensures all the cars in a fleet have enough air in their tires. Broadly, Matan convinced me that connectivity and sensors in cars could become a platform as powerful as the mobile phone. See what you think.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Matan Tessler, VP of product for Otonomo
Sponsors: Very and Silicon Labs

  • Surveillance tech can go two ways
  • Get ready for consolidation in the connected MDU world
  • Amazon is launching several cool new products and functions
  • If you think of a car like a smartphone what could you do?
  • How cars can help cities flag dangerous intersections

Episode 282: Philips Hue has high hopes for Project CHIP

This week’s show kicks off with the Bluetooth SIG’s effort to bring Bluetooth-based contact tracing to individuals who might not have phones, and then segues into what’s behind the Z-Wave Alliance’s organizational shakeup.  After that, we pause to remember the passing of Verizon’s IoT platform dreams and cover the end (or maybe just a momentary pause) of Alphabet’s smart city dreams. Kevin and I debate the utility of research that can use your phone’s accelerometer to tell if you’ve had too much to drink, and we cover news from IBM’s security team, Zoom, Google Nest, and Microsoft. Kevin and I also talk about bringing a new interaction modality to the smart home. We end with a tip from a listener on the IoT Podcast Hotline that covers new ideas for smart plugs.

Expect to buy one or more hubs over the life of your Philips Hue bulbs, as the system gets smarter or addresses new opportunities over time.

Our guest this week is George Yianni, head of technology at Philips Hue, who came on to discuss what Hue is trying to do with smart lighting and where it wants to go next. We also get his thoughts on Project Connected Home over IP, the unifying standard that Apple, Google, Amazon, and Samsung are trying to create. For users who want to understand the decision to kill the version 1 Hue hub, Yianni explains that move and covers a good lesson for other device manufacturers on how to handle the tough calls to stop supporting a device. It’s a good show that has me eager to spend money on color-changing light bulbs.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: George Yianni, head of technology at Philips Hue
Sponsors: Very and Silicon Labs

  • Why the Z-Wave Alliance shook up its organizational structure
  • Remember the days of the IoT platform play?
  • Your smartphone may know when you’ve had one too many drinks
  • Has Philips Hue achieved what its inventors hoped?
  • How Project CHIP could help, or hinder Philips Hue

Episode 281: Manufacturing trends during the pandemic

This week on the IoT podcast we begin by talking about what the widespread adoption of ultrawideband chips in phones could mean for the IoT. From there, it’s on to Google’s always-listening software update, humans coming back into the QA loop, and earthquake detection on Android phones (there’s another earthquake project too!). Kevin also asks how much control you have over your smart home. We covered security news from DEFCON starting with traffic light hacks and ending with some scary security holes in the satellite network infrastructure. We also touched on news from SmartThings, Wyze, the UK, a new fitness device, and Apple. Finally, we answer a question about the security associated with having multiple device accounts.

The new Carbon Mirror is yet another fitness service disguised as a device. Image courtesy of Carbon.

Our guest this week is Bill Bither, CEO of MachineMetrics, which grabs data from factory machines. He discusses the impact that COVID-19 has had on manufacturing based on aggregated client data, and best practices for dealing with the pandemic. He also dug deep on the concept of a digital thread. The digital thread is the idea that manufacturers can gather enough data to follow the life of a product from material to finished good in the field, and use data from the manufacturing process to understand how to improve quality. We also talked about sharing data across supply chains, and why that isn’t yet happening. It’s a good show.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Bill Bither, CEO of MachineMetrics
Sponsors: Very and Silicon Labs

  • NXP is all in on ultrawideband for the IoT
  • Gosh, darn it, Google!
  • DEFCON hacks the IoT yet again
  • What is a digital thread and why does it matter?
  • How COVID-19 is affecting manufacturing

 

 

Episode 280: Meet the new security standard for the smart home

This week’s show kicks off with us talking about Johnson Controls buying the remaining stake it didn’t hold in security company Qolsys and parallels with Google’s big partnership and investment with ADT. From there Kevin and I share a bit about our own smart home experiences, starting with my Alexa-related temper tantrum. Kevin then shares how his outdoor Wyze Cam fared during Hurricane Isaias and a hack to alert him to people sneaking up behind him while at his desk. We also share news of a funding round for an AI chip company, a new talent for Google Assistant, Samsara’s partnership with Nationwide Insurance, and a startup that can use a camera image to detect your heart rate, preparation, and other health insights. We also answer a listener question about transitioning away from Hue bulbs and the hub model.

Brainworks has launched the Medio Smart Health web app that uses a camera image to track certain health metrics. Image courtesy of Brainworks.

Our guest this week is Brad Ree, the CTO of the ioXt Alliance. The Alliance is pushing a new security standard for connected devices and is backed by Amazon, Google, Facebook, Resideo, Le Grand, and more. Ree explains how the group got started, what the group is trying to do, and why it’s not endorsing “nutritional labels” for device security or different levels. Ree answers my questions about the two different methods one can use to get certified, which devices the certification works for today, and whether or not retailers or large partners might require the certification in order to sell or integrate with a device. It’s the same group of companies that are bringing you Project Connected Home over IP, so listen up and see what you think.

Host: Stacey Higginbotham and Kevin Tofel
Guest: Brad Ree, the CTO of the ioXt Alliance
Sponsor: Very and Very

  • What’s behind Google’s deal with ADT?
  • Alexa, screw you!
  • Why on earth do we need another security standard for connected devices?
  • Why nutritional labels and levels of security are too much
  • Ree explains the concept of self-certification

 

Episode 279: GE Appliances goes for the Gold in security

This week Kevin and I start the show with our thoughts on CES going digital, and then turn to subscriptions for smart products, specifically tied to the news that the Mellow sous vide is now charging for functionality that had been free. We then move on to pandemic-era fundings for Density, Withings, and connected fitness company Tempo. Rite-Aid face recognition, a new Alexa app (yay!) challenges for Google/Nest, and HomeKit support for Arlo’s cameras round out our newsy segments. We then showcase a new product for securing the smart home called Hedgehog, and Kevin shares his review of the Wyze Outdoor Cam. We close by answering a listener question about Gosund products.

The Mellow sous vide has new owners and a new subscription plan. Image courtesy of Mellow.

This week’s guest is  John Ouseph, executive director of embedded software in the smart home solutions group at GE Appliances. He came on the show to discuss UL’s new IoT security framework and why GE Appliances chose to use it. We also talk about security challenges facing connected appliances, how to manage long-lived connected assets in the home, and why it will get more and more difficult to buy non-connected devices. I walked away more confident that major brands are really taking security seriously. Hopefully, you will too.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: John Ouseph, executive director of embedded software in the smart home solutions group at GE Appliances
Sponsor: Very

  • Struggling hardware companies have three options to manage surprise IoT costs
  • These startups are raking in the cash during the pandemic
  • Kevin likes the new Wyze Outdoor Cam but had one tiny glitch
  • GE Appliances was serious about security but needed a way to tell consumers
  • How GE thinks about security by design and risk models for your fridge

 

Episode 277: Does your house need a mouse?

This week on the show Kevin and I start with a speculative Google project dubbed the “house mouse” by researchers at Google’s ATAP group. Then we cover a bit on Google’s proposed acquisition of Fitbit, Amazon’s new smart cart, Amazon’s developer event next week, and how Amazon can compete in the digital assistant game without a phone. We also talk about SiteWise, the AWS service for industrial IoT equipment monitoring, and Microsoft and Samsung partnering on real estate in the smart home and apartment world. From there, we discuss a proposed cybersecurity law for connected devices in the UK, Zoom’s fancy new hardware, Arm’s proposed sale or IPO,  and another device to prevent your smart speakers from eavesdropping. We also answer a listener question about smart outlets.

 

The Zoom hardware costs $599 and has three cameras, eight mics, and a 27-inch screen.

This week’s guest is Jonathan Cobb, the CEO of Ayla Networks, who explains how companies need to think about the connected tech they are adding to their offices to keep employees safe after the pandemic. We talk about what he’s doing at Ayla, what he recommends other leaders think about when trying to bring employees back, and why companies probably shouldn’t buy this stuff in haste. We also discuss security, privacy, and what you don’t want to know about your employees. It’s a helpful interview.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Jonathan Cobb, the CEO of Ayla Networks
Sponsors: Very and Very

  • Google’s house mouse may give point and click new meaning
  • Amazon’s SiteWise for IIoT is designed to lock you in
  • Who would buy Arm and would it be a good investment?
  • Define your business problem and then buy IoT
  • What should a business consider before surveilling workers

Episode 274: Apple embraces IoT and SmartThings shakes things up

This week’s show is a whopper, starting with the news from Apple’s WorldWide Developers Conference. We talk about how Apple is playing the long game by integrating sensors and machine learning across devices to give contextual experiences, Apple’s updates to HomeKit, and some details about Apple opening up its FindMy network. From there we talk about SmartThings’ evolution and eventual shut down of some beloved services and the new Wyze Cam Outdoor camera. On the enterprise side, Microsoft acquires CyberX, and Deutsche Telekom spins out its IoT business. We also cover news from Google related to Hue devices, Misty Robotics, Tuya, and Segway. Kevin gives a preview of Amazon’s Echo Frames and we answer a quick question about viewing your Ring doorbell on an Apple TV.

The new Wyze Cam Outdoor is battery-powered and cheap. Image courtesy of Wyze.

This week’s guest is Mark Benson, head of engineering at Samsung SmartThings, who joins us to discuss the changes coming to the platform later this year. He lays out why SmartThings is going to end support for some features as it tries to move toward delivering a more intuitive smart home. For example, on the hardware side, your hub will still exist but SmartThings will also put its software on hubs made by other vendors and we’ll see other manufacturers make SmartThings’ branded devices. On the software side, it’s moving from the current Groovy programming environment to an API, which is going to upset some developers and DIY folks. Benson explains why this change is needed and what developers will gain and lose. You’re going to want to listen.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Mark Benson, head of engineering at SmartThings
Sponsors: Very and Very

  • Apple’s using its chips and closed ecosystem to deliver context to devices
  • Why Microsoft purchased CyberX
  • How long will the Zigbee Alliance keep its name?
  • 2020 is the turning point for the smart home
  • Why SmartThings wants to trade Groovy for an API

Episode 273: Ripple20 and Helium goes global

This week’s show features a guest co-host, Chris Albrecht, editor at The Spoon. We kick off the show discussing the latest IoT security vulnerability Ripple20 and why you need a software Bill of Materials for your connected products. We then focus on COVID-19 contract tracing, using wireless signals to monitor patients remotely, Intel’s updated robotic vision platform, and my personal robotic nightmare that’s now for sale. Then, we talk about the new Philips Hue gear that’s out and why Chris doesn’t want smart light bulbs. Are you ready for Apple’s WWDC or the launch of a new Wyze product? Plus, Google countersues Sonos, consumers like their storebought routers better, and National Instruments changes its name and a bit of its business strategy. Finally, we answer a user question about making cameras a bit more private.

Spot will cost as much as a luxury car at $74,500, but anyone can buy one. Image courtesy of Boston Dynamics.

This week’s guest is Amir Haleem, the CEO and co-founder of Helium, which operates a network for the IoT.  Haleem explains why he’s chosen to build a network using a mixture of cryptocurrency, decentralized hotspots and LoRa devices. On the show, he announces Helium’s new tracker hardware and the launch of the Helium network in Europe. We talk about business models, Europe’s IoT efforts, and whether or not I will get any LoRa sensors that can deliver low-power connectivity at a greater distance from my house. It’s a good show.

Hosts: Stacey Higginbotham and Chris Albrecht
Guest: Amir Haleem, CEO and co-founder of Helium
SponsorsCalix and Very

  • The Ripple20 vulnerabilities are bad. Here’s how to make it easier to patch
  • Let’s talk about delivery robots
  • Philips Hue’s new gear is worth a look
  • Why low power IoT networks have a business model challenge
  • Helium didn’t want to get into hardware, but it ultimately caved

Episode 271: Surveillance scares and a nutrition label for IoT security

This week’s show kicks off with a discussion of what’s happening in the U.S. with protests, police brutality, and the role connected tech can play in smart cities, including the role image recognition can and does play. We then tackle the IoT news starting with Nest’s addition of Google’s advanced protection program and a GPS tracker that seems like a good buy. Then we discuss funding for a smart oven, a pool sensor, another HomeKit enabled security camera, a subscription service for monitoring the health of your HVAC system, cheap sensors, and a new doorbell from Wyze. We then move onto Amazon killing the Echo Look camera and its new intercom feature before breaking out the deep science for windows that can adjust to different light levels automatically. In our IoT Podcast Hotline segment, we answer a question about using a connected sprinkler to ward off animals.

The nutrition-style label that helps users figure out how secure a connected device is.

This week’s guest is Lorrie Cranor, director of the CyLab Security and Privacy Institute at Carnegie Mellon University, who is on the show discussing the newly created nutrition-style label researchers created for IoT devices. Researchers tried to convey about 47 relevant pieces of information that relate to a device’s security and privacy qualifications and crammed as many as they could onto an easy-to-read-label that’s designed to fit on a product’s packaging. The label doesn’t convey all 47 elements, but it does capture several key pieces of information about how long a device will get security updates, the types of sensors it has, and how the company treats its data. Other elements are relegated to a deeper privacy fact sheet that a consumer can access via a web site or QR code. Cranor explains the label, the methodology, and asks for help turning the research into something useful for the industry at large. Let’s make it happen.

Hosts: Stacey Higginbotham and Kevin Tofel
Guest:  Lorrie Cranor, director of the CyLab Security and Privacy Institute at Carnegie Mellon University
Sponsors: Calix and Edge Impulse

  • We need to talk about how to enforce laws when IoT can see everything
  • This is a really nice GPS tracker for the masses
  • $10 Zigbee sensors? Yes, please!
  • What should a security label measure?
  • How can we get this label on our devices?