The Internet of Things (IoT) is out in full force at CES 2017. Seemingly everything, from toothbrushes to refrigerators, is being connected to the internet. Bitdefender revealed an updated Box to make sure those IoT products, mobile devices, and other connected gizmos are kept secure.
This new Box uses machine learning algorithms to identify threats, inspects data traffic to find malicious activity, and lets people control what's happening on their home networks. It's compatible with all WiFi devices and includes a one-year subscription to Bitdefender Total Security for Android, Windows, and MacOS. All of these features are supposed to complement each other to make sure the IoT's rise doesn't put consumers at risk.
Describing that goal as Herculean would be an understatement. Manufacturers haven't worked hard to secure their IoT products. That lackadaisical approach could allow hackers to bring down popular websites and give intelligence agencies new ways to attack their enemies. An internet-connected home seems harmless--and perhaps unnecessary--but insecure devices could be used against the people who own them and the internet as a whole.
“The number of internet connected devices we own has increased dramatically, so has our exposure to hacker attacks. Now is the time to rethink the way we do cybersecurity before we learn it the hard way” said Ciprian Istrate, Vice President Consumer Solutions at Bitdefender. “When making a purchase decision users should have in mind that Bitdefender was the first company to develop consumer IoT security technologies, a strong performance in third party malware detection tests and more than 15 years’ experience.”
The problem lies with trusting Box to handle all these problems. Devices like this can make people more secure; they can also lull them into a false sense of complacency. Security products can also have unintended consequences--just look at the recently revealed problem with Kaspersky's anti-malware software, which prevented some people from accessing HTTPS websites and could have let attackers gain access to sensitive information.
There's also the problem of giving all this info away. Bitdefender tried to ease those concerns in an email to Tom's Hardware:
Because Bitdefender is based in Romania, an EU country, it has to adhere to the same strict privacy laws that govern EU member states. Furthermore, for Box to be available on the US market is has to also been vetted by all appropriate regulators. User privacy is of utmost importance to Bitdefender, which is why threat intelligence telemetry is balanced by strict user privacy compliance.
The ideal scenario would be for IoT companies to care more about security. Google has tried to push that mindset with Android Things, a new platform that would allow manufacturers to focus on building their products while Google handles security updates, but we've yet to see how that works in practice. (Android doesn't have the best track record when it comes to making sure old devices have the latest available software and patches.)
So consumers are left with a few options: purchase IoT devices and hope they're secure, abstain from the connected device revolution, or give products like Bitdefender's Box a try. Anyone interested in the last option will be able to pre-order the device in mid-2017. It's expected to arrive in September for North American consumers and "late 2017" for European customers. Bitdefender has not revealed a price; the original Box cost $199 at launch.