Decrypt This - By Chris Stobing
 
Home > Computing > How a simple box might end our need for antivirus…

How a simple box might end our need for antivirus software forever

One Box to rule them all

I still remember the day my dad installed the first antivirus program I’d ever seen on my old Pentium II. Adorned in its signature colors of black and gold, I quickly came to learn all the ins and outs of my Norton Antivirus suite, from queuing up its scanning schedule to understanding what settings I needed to fix to ensure my favorite games of the time (Diablo and Starcraft), wouldn’t be flagged when I played with friends.

Over the years I would form a special kind of love-hate relationship with the many security products that would grace my machines, from McAfee to Kaspersky, AVG and Avast. Their incessant notifications would rarely fail to stress that my subscription was about to run out, and served as a constant reminder of how I was paying good money for the privilege of staying safe.

Now, a new clutch of companies have come out of the woodwork with plans to change everything we thought we knew about internet security. Promising always-on, cloud-connected boxes capable of analyzing traffic and hunting down threats in realtime, offerings from BitDefender, Nodal, and Itus Networks have the potential to forever alter the way we think about safeguarding ourselves in the modern age…but will they be enough?

Regaining the initiative

After years of using a traditional anti-virus with (hopefully) good results, you may wonder: why change anything now?

The reason is that for most of their history, the bulk of our security solutions have been reactive, rather than a proactive form of protection that stops the threat at its source.

For most of their history, the bulk of our security solutions have been reactive, rather than a proactive.

Let’s say an attacker tries to access your machine using malware that he or she created themselves. The program is custom coded to sneak past the known detection methods of McAfee, Kaspersky, and Norton, and is specially developed to avoid being ousted whenever those suites run a scan on your hard drives or network. The suites are helpless because they don’t know what to look for.

A security program might still notice a change in the way your operating system handles an important feature, like remote desktop requests, and report the issue back to the antivirus vendor, but protection is not guaranteed. This type of system is inherently flawed because it requires at least one machine to be infected before the threat detection network can pick up on it, and it’s only from there a white-hat security specialist can step in to analyze the code.

That makes it easier for the viruses to thrive, as just a few infected machines is all it takes for them to jump to new systems. Viruses like Stuxnet and Flame were able to cause a mess for over two years before anyone noticed, and those are just a couple of the hundreds that flood onto the net each day.

The current system always gives the hackers the initiative, so it’s usually just a matter of time before holes appear in the target’s armor.

The death of traditional anti-virus

And appear they have.

Over the past five years there’s been a dramatic rise in the number of malware programs actively trolling the net for new targets, thousands of which can slip by even the best antivirus solutions. As the infection rate continues to spiral out of control, record numbers of customers are waking up to the fact that while antivirus programs once reigned supreme, that era is coming to an end.

If rough figures from Statista are to be believed, a vast chunk of customers have already opted out of the pay-by-month model, and have shifted their attention instead to free alternatives like Microsoft Security Essentials.

If you were to look into a crystal ball to see what Internet security should look like in ten years, Intel’s acquisition (and subsequent rebranding) of McAfee would likely shine as the match that lit the fire under an industry in dire need of a spark. The nearly $8 billion buyout showcased the industry’s need to adapt technologies in tandem on the road forward. Instead of fiercely competing with each other for the last sliver of pie, antivirus vendors will have to team up to create partnerships that cover hardware and software solutions together.

The innovative stagnation experienced by many anti-virus companies is taking its toll.

As it stands today though, the innovative stagnation experienced by many anti-virus companies is taking its toll. Symantec’s been hit with a near constant string of layoffs year over year, John McAfee was caught gallivanting off in Belize somewhere, and it’s growing increasingly difficult to find anyone that bears a high opinion of regular paid software bundles.

Even BitDefender itself has noted the shift in attitude toward its own software, and while not ruling out the need for antivirus solutions completely, have begun nudging users into thinking about its cloud-connected network protection device Box as a welcome addition to a total package that adds up to a fully protected home environment.

More average consumers are starting to realize what experts in the industry have known for years: as long as fallible antivirus software is installed on top of imperfect operating systems, it will never be able to offer the foolproof security users need to feel like they’re completely safe.

A new way of thinking about personal Internet security

By this point you might be wondering how this is relevant to you. You don’t download dodgy programs, visit seedy websites, or open up ports to unrecognized connections. Your computer is safe the way it is, right?

To put it in simple terms; until recently every computer you’ve owned, whether it was a laptop, desktop, tablet or phone, could have programs installed on it that could act as a form of protection from outside threats. Each had independent operating systems that could serve as a support structure for antivirus or firewall software, most of which was already incompetent enough as it is.

The issue we’re facing now, is what do you do when you start to throw everyday appliances like smart fridges, IP security cameras, and Internet connected thermostats into the mix?

The Internet of Things is a term you might have heard in passing lately, as fervor over its potential to become the “next big thing” was fueled in part by Cisco’s chief executive, who last year famously claimed the market could be worth a whopping $19 trillion by 2025.

And so far, his predictions look to be right on cue.

The idea behind the Internet of Things is fairly basic from a distance. Link up every device and appliance in your home to the internet, and any of the hassles that come with the comforts of life can be taken care of by your very own silent, digitized assistants. The Nest Thermostat is a great example of this, as the device “learns” the comfort profiles of everyone in the household, and adjusts accordingly depending on who’s in which room at any given moment.

An issue arises however when the data isn’t properly defended. Imagine a situation where instead of a couple of guys in ski masks having to case a location before breaking in, they simply download data straight off a Nest and learn intricate details about when their prospective targets are home, at work, sleeping or on vacation. Or, if they’re bored, jack into your baby’s sleeping monitor and freak out the nanny for the fun of it.

Everything from your toaster to your dishwasher could be hooked up to the internet in the future, and all these new devices bring brand new concerns for the best possible methods of keeping them safe.

So, whether we like it or not, the Internet of Things is coming, and it’s coming fast. Our only job now will be to find the most effective ways to protect ourselves once that technology inevitably lands on our doorstep, and BitDefender, Numa, and iGuardian each claim to provide just the solution we’re looking for.

Doing things differently

Instead of waiting for a threat to attack and rooting it out afterwards, these boxes scan incoming connections thousands of times per second for suspicious packets and stop anything odd from slipping through. Because they use cloud technology to create a sort of “second brain” for your network, they’re able to utilize offsite servers to boost their capability.

It’s only a matter of time before a hacker figures out how to get inside your network.

To make sense of what this change means I sat down with the Senior E-Threat Analyst at BitDefender, Bogdan Botezatu, to learn more about his perspective on why the BitDefender Box (and competing products like it) could be the next evolution in personal home security.

“As it stands today, there isn’t a reliable solution in software or hardware that will be able to protect the Internet of Things,” said Botezatu. “Classical routers don’t have the option to customize your personalized threat profile as you’re attacked, and without that information and data being utilized for the next one, it’s only a matter of time before a hacker figures out how to get inside your network.”

The issue he’s presenting breaks down like this; if a hacker figures out how to get past a normal firewall in your router or on your computer, whether it’s by ghosting traffic behind legitimate looking packets, faking certificates, or even just brute forcing through while the network is inactive in the middle of the night, a single breach can leave everything else vulnerable.

“[Box’s] main advantage over antivirus software suites is that we don’t make use of signatures, or install firmware on the device which could be easily altered to allow threats through your router,” he continued.

Of course, the keen reader will be raising a finger to note that similar heuristic detection techniques have been available for years, and that this tech doesn’t offer anything new.

Here’s the difference; software-based heuristic solutions still need to detect a suspicious program first and analyze it before knowing whether or not it’s deemed a threat. That eats computing resources on the local machine, something that Internet of Things devices don’t have to spare.

What the BitDefender Box does differently is outsource the entire process – traffic scanning, program analysis, and heuristics detection – to outside servers, leaving you and your devices to run at peak efficiency without any software weighing them down.

But what about my iPhone?

If you’ve been following the news lately, you should know it hasn’t been such a great year for iOS and Android security. Attacks like Wirelurker to Masque have dissolved the idea that iPhones and iPads are hacker-proof, and the sheer amount of comparable malware threats on Android could take half an encyclopedia to list in full.

To combat these threats, each OS has its own version of various security apps that promise features such as increased firewall protection, photo backups, and the ability to locate your phone or tablet if it ever drops out of your pocket on the train. Beyond those select situations though, their scope is fairly limited. The act of sandboxing often prevents anti-virus apps from working as they do on a PC.

The Bitdefender Box can keep you as safe on the road as you are at home.

BitDefender and Numa thought of this hang-up too, and in turn have invented an altogether unheard of way to make sure that no matter where you are in the world, you’ll be just as safe as you are at home.

With the PrivateLine and Numa M apps, your phone or mobile device can be linked directly to your box at home using external Wi-Fi or cell networks. From there all traffic coming in and going out can be actively analyzed for potential threats, albeit at the cost of a slight dip in speeds when jumping from one page to the next. Neither have made their way onto the App store yet, though the Numa M is projected for June of this year, while the Box app should be able to beat that target by about a month.

Conclusion

When all is said and done, for all the promises the manufacturers of these boxes might make towards creating a new dynasty of internet security, none have yet to actually prove themselves on the field of battle. It’s only in the coming months and years we’ll know for certain what they can do when let out of the lab, and until then we’ll remain skeptically cautious of advising AV makers to throw in the towel so soon.

That in mind, it’s still exciting to see independently funded outfits doing things differently, and taking on one of the oldest plagues of the internet on in a way that no one else has attempted before. Time will tell the history of the victors in the coming competition, but no matter who eventually earns the dollars and dedication of future security conscious consumers, the rest of us win.

If you’re interested in becoming a part of the revolution, you can pre-order your very own Box for $199.99 today. The first year’s subscription comes free of charge, and re-ups for $99 annually after that. The Numa and iGuardian are still a bit further behind, but you should expect to see hard details on their debut and costs sometime in early Q2 of 2015.