Does this: https://www.kickstarter.com/projects/akita/akita-instant-privacy-for-smart-h... do anything special that is not already available in linux software? Apart from a neat packaging exercise of course? The description includes: "Connected to a LAN port on your router, Akita scans your network for any unusual activity and immediately shuts it down. All-the-while letting you know an attempt was made to invade your privacy. Akita uses military-grade security protection that’s been retrofitted for the home. Then, if you run into any issues, we can remotely preserve and restore your privacy with the help of our always on-call privacy experts at Axi.us. Akita uses threat intelligence, behavioral analysis, machine learning and doesn't slow your connection at all. Importantly, it doesn't use deep packet inspection."
Quoting Robert Brown (rebrown@exemail.com.au):
Does this:
https://www.kickstarter.com/projects/akita/akita-instant-privacy-for-smart-h...
do anything special that is not already available in linux software?
Like permitting you to DoS yourself? ;-> Linux software does famously include DoSing-yourself functionality. -- "If I have seen farther than others, it is because I was standing on the shoulders of giants." (Isaac Newton) "If I have not seen as far as others, it is because giants were standing on my shoulders." (Hal Abelson, quoting Jeff Goll) "In computer science, we stand on each other's feet." (Brian K. Reed)
So maybe I will re-frame my original question. Not being a developer or other IT professional, what software package could be put together on say, a Raspberry Pi or other device, that could be a watchdog against invasion/intrusion of our home networks? Can it do as good or better than what an Akita claims? From a quick search I have found these links but maybe some expertise here could provide us with a good direction. Are commercial software developments in this sort of low-end price range likely to provide any more protection than what OS can provide? https://www.digitalocean.com/community/tutorials/how-to-use-psad-to-detect-n... http://opensourceforu.com/2017/04/best-open-source-network-intrusion-detecti... Thanks. On 11/01/18 09:17, Rick Moen via luv-main wrote:
Quoting Robert Brown (rebrown@exemail.com.au):
Does this:
https://www.kickstarter.com/projects/akita/akita-instant-privacy-for-smart-h...
do anything special that is not already available in linux software? Like permitting you to DoS yourself? ;->
Linux software does famously include DoSing-yourself functionality.
Quoting Robert Brown (rebrown@exemail.com.au):
So maybe I will re-frame my original question.
Not being a developer or other IT professional, what software package could be put together on say, a Raspberry Pi or other device, that could be a watchdog against invasion/intrusion of our home networks? Can it do as good or better than what an Akita claims?
My upthread answer concerning Akita's offering might have been just a little cynical and flippant. My experience is that 'active defence' technologies are likely to backfire in various ways, thus my jibe about DoSing yourself (meaning doing a Denial of Service against yourself). That's not even counting the various potential downsides of outsourcing that entire task (along with a huge amount of sensitive information about your computing) to some distant group of people you don't even know at all (who in this case are a firm named Axius). What Linux and the constellation of open source (and proprietary) software codebases for it give you -- that I'm acquainted with -- is an enormous variety of security monitoring and network management kits. Those include, as you noticed, network intrusion detection system (NIDS) codebases such as Snort, OpenWIPS, etc., and host-based intrusion detection systems such as OSSEC. In general, it would be up to you to configure and deploy that software for your particular purpose and situation. In general, that software would not come preconfigured to actively network-isolate using ARP table entries or othrwise devices of yours whose network activity it decides it doesn't approve of (the 'active defence' part that I deem likely to shoot at your feet). What my upthread comment was intended to suggest, albeit flippantly, is that there's an entire huge discussion you're skipping about what it is, and is not, wise to attempt to do, and why. Perhaps your best move would be to start learning network security at a fundamental level, though I most certainly understand the urge to want to buy a packaged product instead of climbing that mountain. Bruce Schneier the security writer has a famous saying: 'Security is a process, not a product.' Of course, people selling security products do not concur. ;-> Axius are, I will readily admit, not at all wrong that the emerging Internet of Things is a security calamity waiting to happen. I'm sure they are not the first or the last people who'll argue 'Well, just outsource the entire issue to us, then.'
On Thu, January 11, 2018 7:34 pm, Robert Brown via luv-main wrote:
Not being a developer or other IT professional, what software package could be put together on say, a Raspberry Pi or other device, that could be a watchdog against invasion/intrusion of our home networks? Can it do as good or better than what an Akita claims?
A Raspberry Pi with OpenWRT plus SNORT? https://computers.tutsplus.com/articles/installing-openwrt-on-a-raspberry-pi... https://wiki.openwrt.org/doc/howto/snort -- Lev Lafayette, BA (Hons), GradCertTerAdEd (Murdoch), GradCertPM, MBA (Tech Mngmnt) (Chifley) mobile: 0432 255 208 RFC 1855 Netiquette Guidelines http://www.ietf.org/rfc/rfc1855.txt
Looks good! Also perhaps Onion OS on a Pi - comes with Snort I believe. On 12/01/18 10:48, Lev Lafayette via luv-main wrote:
On Thu, January 11, 2018 7:34 pm, Robert Brown via luv-main wrote:
Not being a developer or other IT professional, what software package could be put together on say, a Raspberry Pi or other device, that could be a watchdog against invasion/intrusion of our home networks? Can it do as good or better than what an Akita claims?
A Raspberry Pi with OpenWRT plus SNORT?
https://computers.tutsplus.com/articles/installing-openwrt-on-a-raspberry-pi...
On 11 January 2018 at 08:47, Robert Brown via luv-main <luv-main@luv.asn.au> wrote:
Does this:
https://www.kickstarter.com/projects/akita/akita-instant-privacy-for-smart-h...
do anything special that is not already available in linux software? Apart from a neat packaging exercise of course?
Quoting [1]: How does this device work, exactly? It uses a custom form of WiFi sniffing to detect questionable packets and send them to our servers to be analyzed (this is why the hardware can run on low memory/CPU, because it's mainly a cloud-based system). Once the packets are determined to be malicious, a command is sent from our servers back to the Akita device; this includes custom protocol commands to disconnect the device from the network router. Keep in mind, this packet monitoring is high-level and does NOT include any personal information, nor does it require any credentials for specific IoT devices. [1] https://www.kickstarter.com/projects/akita/akita-instant-privacy-for-smart-h...
On 11.01.18 10:11, David via luv-main wrote:
Quoting [1]:
How does this device work, exactly?
It uses a custom form of WiFi sniffing to detect questionable packets and send them to our servers to be analyzed
Errr, how is that distinguishable from spyware? And does it not make this "Importantly, it doesn't use deep packet inspection." a lie? (Quoted in Robert's OP.) It sounds remarkably like either an NSA tendril or just commercial data gathering at the buyer's expense. Heck, that's worse than installing a microphone in your house, to snoop on your conversations and feed them back to data harvesting servers. (Siri duffer if you do.) Next, one could buy into IoT, so they can lock you out of your house, or turn off your appliances, depending on how deeply you fall into the hijackable gadget trap. No cloud, no microphones, no snoopware, no IoT. Use primitive embedded microcontrollers, either not externally networked, or without a bootloader, so they can only be reflashed with a physically connected programmer. Then it has a chance of serving you. Erik
participants (5)
-
David -
Erik Christiansen -
Lev Lafayette -
Rick Moen -
Robert Brown