This Small Box Will Stop Hackers from Turning Your Smart Home Against You
Numa is new device promising to keep bad traffic from getting in—or out—of your home network.
When Numa detects a threat, it can block it, and your network stays secure. Photo: Norlando Porbe/Flickr
Most people are bad enough at setting up their home routers. It's probably too much to ask that they know what sort of data is passing through them, too.
And while not everyone should have to be their own CTO, that doesn't mean there shouldn't be an easier way to keep track of what the devices on our networks are doing. Or, at the very least, to know whether the traffic they're sending or receiving is good or bad.
That's the intent behind Numa. It's a personal networking device, still under development, that's intended to act as a go-between for your router and modem, or whatever you use to connect to the internet. What Numa does is watch the data travelling in and out of your home network for threats. Some of those threats might come from outside, but they might also come from inside your network, too.
Either way, when Numa detects a threat, it can block it, and your network stays secure.
While there's lots of arcane software that can do this sort of thing already, the goal is to make Numa extremely simple for anyone to use—a self-contained product that's plug-and-play. When it comes to networking hardware, that's certainly no small feat. But if Numa's team can pull it off, it would set them apart from pretty much every other consumer networking product ever made (granted, the bar isn't very high).
Numa has a few tricks—it's got a whole database of possible threats it can cross check when it detects something nefarious. Numa knows what servers are used by botnets, prevents malware from connecting to your computer, and can block traffic from IP addresses known to launch denial of service attacks. While you browse the web, Numa knows to look more closely at domains ending in, say, .co.nz—popular among spammers and phishing attackers—but not at traffic to and from Netflix.com.
And Numa is thinking of your smart home devices, too. If an attacker tries to access cameras in your home, perhaps, or deliver an exploit to your internet-connected fridge, Numa will keep them out. Gone are the days when threats were limited to payloads of malicious code, waiting to be opened or clicked.
"There are all these new applications for network technology that involve hooking up things to the internet that were never connected before," Isaac Wilder, Numa's creator, told Motherboard. It'll protect everything from thermostats to fridges, vacuums and lightbulbs. "And that comes with a lot of new opportunities. But it also comes with a lot of new risks."
Wilder is co-founder and executive director of the Free Network Foundation (FNF), an advocacy group for cooperatively owned and operated computer networks. When Motherboard first spoke with Wilder in 2012, he was helping Occupy Wall Street operate a free, open and community-controlled wireless mesh network in New York City's Zuccotti Park. Now he's living in Kansas City. Numa, he says, is his next big thing.
More accurately, the device is actually a partnership between Wilder and Marcus Eagan. Together, they co-founded Nodal Industries. Wilder handles the back-end systems engineering work, while Eagan handles the front-end user interface. A former Alcatel-Lucent executive is advising the pair, along with a former cyber security engineer and software architect from IBM.
Thus far, the pair has funded their own work, with the help from friends and family. The rest, they hope to raise through pre-orders on their website. Starting today, those interested in Numa can pay $269 for a device. Wilder and Eagan will need at least 300 orders to manufacture the first batch. After the pre-sale, Numa will retail for $349.
They plan to have 20 units available for pickup at SXSW in March, another 350 fulfilled in May, and the remaining pre-sale units fulfilled by June. There are even plans for a mobile app, Numa M, that would route smartphone traffic via virtual private network, or VPN, through Numa too. (Think of a VPN as an encrypted connection or tunnel between the smartphone and Numa that no one can eavesdrop on or penetrate.)
Numa sounds great, but—like many hardware startups, especially in the security space—there are questions. We've been burned by crowdfunded networking products before—and Wilder admits the team doesn't yet have any screenshots or mockups of the user interface to show. The pair are also facing competition from larger, more established players such as anti-virus firm Bitdefender, which will soon ship a similar network security appliance called BOX, and from smaller startups, too, such as the iGuardian Kickstarter we covered last year. In other words, we've heard these promises before.
There are also myriad companies with enterprise intrusion prevention and detection systems already on the market that might turn their attentions to the consumer space, too, just as they did with home routers.
But there is reason to be optimistic. Aside from Wilder and Eagan's eventual interface tweaks, all of the software is freely available and open-source. In other words, power users will be able to verify that Numa's software does what it claims—and modify it as they wish. Its operating system is a heavily modified version of the popular router firmware OpenWRT, meaning Wilder isn't coding Numa's underlying functionality from scratch, either. It uses familiar hardware, too. The device has a 64-bit, dual-core x86 processor made by AMD, and the whole package will be manufactured by Zurich-based company called PC Engines.
Rather, the real challenge for Numa is the same as it is for any networking appliance: balancing security with ease of use.
Wilder and Eagan foresee Numa's interface as consisting of, essentially, a slider, where users can choose how sensitive they want the device to be—not unlike configuring Microsoft's Windows Firewall, for example. According to Wilder, Numa has over 50,000 threat signatures that are currently installed, and the level of sensitivity a user chooses will dictate how many of those threats Numa will watch for at once.
At the lowest level, Numa might only display an alert when a threat is detected, but not block that traffic from passing through the network. At the highest level, on the other hand, Numa might be very strict about the types of traffic it lets in and out.
"We haven't made a determination as to what is the best way to communicate the incident of threats or rates of an attack," said Eagan, who is still working on the user interface. "We don't want to overwhelm people with information that doesn't make them feel good."
"You're going to see a real-time graph of performance and throughput. You'll see a visualization of security events. And you see a slider that is labelled device sensitivity. And that's basically all the control we want most user to have or need," Wilder explained. "So they slide the slider, and we take care of, on the back end, what that means in terms of reconfiguring the detection engine, re-configuring the firewall, all that stuff."
"For almost everybody, it's a zero-config deal. You just plug it in, you turn it on, you get the threat signatures, and you're protected."
Here's hoping security will actually be so simple.