These Devices Are Trying To Secure The Internet of (Hackable) Things

As more devices get connected to the internet, some companies see an opportunity to sell security products.

Jan 8 2016, 11:06pm

The inside of an eBlocker device. (Image: Lorenzo Franceschi-Bicchierai/Motherboard)

Our future homes will inevitably be full of connected devices. But most of these still don't work very well, siphon off your personal data, and have gaping security vulnerabilities.

That's why at the Las Vegas Consumer Electronic Show, among the dozens of companies offering all things internet-connected, some are thinking about how to secure your smart home, and give you more privacy online.

There are already a bunch of apps (mostly for desktops) that allow users to take some control back, such as Tor, as well as browser plugins like Privacy Badger, Ghostery, and endless ad blockers. But what if you could just plug in a box to your home router and get all that?

That's the idea behind eBlocker, which is essentially a gateway that sits between all your home internet-connected devices (and there will be more and more in the future) and the internet. On Thursday, at the Las Vegas Consumer Tech Show, I had a chance to test it.

"You simply plug it in and it simply works."

"You simply plug it in and it simply works," Christian Bennefeld, co-creator of eBlocker, told me.

Bennenfeld let me connect to a WiFi network created by the device. As soon as I did that, when I opened the browser on my phone, an eBlocker icon appeared on the right corner, and the ads on the page were blocked by default.

When I clicked on it, a menu showed up, giving me the ability to anonymize my connection through Tor, cloak my device's real identity (meaning I could make myself look like a Windows PC even though I was surfing the net with an iPhone) and whitelist the websites where I don't mind seeing ads.

eBlocker is not the first device that's tried to do all this. Just in the last year, a series of similar tools appeared on crowdfunding websites, such as the controversial Anonabox, Invizbox, or VeilTower, a device that ridiculously promised a "hacker-proof wifi network."

But attempts to give internet users an all-in-one privacy device go back even further. In 2011, the well-known internet freedom advocate Eben Moglen launched an open source project called FreedomBox, which was supposed to do many of the same things eBlocker promises to do, but the project pretty much died a couple of years later. More recently, the security researcher The Grugq launched a project to make a secure Tor plug-and-play portal.

The eBlocker device is still in it's infancy. The creators raised $100,000 through Indiegogo last year, and will launch a Kickstarter campaign in less than two weeks. When and if it hits retail stores, it will cost $199, and $99 for Kickstarter early adopters.

For Bennefeld, the goal of this device is not to thwart sophisticated or government-sponsored hackers, but more humbly "to prevent online user profiling." That's why it could be successful. Previous similar projects that made lofty promises were (rightfully) slammed for it by technologists and security experts.

Richard Tynan, a technologist at the UK advocacy group Privacy International said that users should "treat such devices with caution unless their claims are independently verified in a transparent way."

"With this kind of tech it's vital that vendors are honest about what the device does but also what it does *not* do. Especially if people are supposed to trust it," he told Motherboard in an encrypted chat. "It's ultimately a choice for the user."

It remains to be seen how well eBlocker actually works on a day-to-day basis, as opposed to a quick five-minute test, but the project seems promising, and at least it's not claiming to stop the NSA.

In a booth right across from eBlocker, there was a similar-looking device called Cujo. One of its creators, Einaras Gravrock, told me that it's like an "immunity system" for a home network. In practice, it's a cloud-based firewall that analyzes internet traffic from all devices in a network and blocks malicious traffic. Unlike eBlocker, Cujo doesn't provide privacy features, and you have to trust it since it tunnels all your traffic. Another similar device, called Keezel, is also on display at CES.

All these devices indicate a clear, inevitable trend. As more things get connected to the internet, we'll need to take care of our own network's security, given that these devices will have little to no security baked in.

"In 1994 there were a million nodes on the internet, now we're adding 1 million [Internet of Things] devices a day," Chris Rouland, the founder of IoT security firm Bastille, told me in a phone interview. "It's impossible to do it securely."

Someone, however, will have to do it.