A few weeks back, I was a bit excited about a new product that would be hitting the security scene in the next couple of months. Small, white, and unassuming, the BitDefender Box was on my top five list of most anticipated releases this year, and represented (in my eyes at least) a possible revolution in the world of personal Internet security.
In that gush-fest, I listed several ways in which traditional antivirus solutions had failed to keep pace with the constantly evolving landscape of Internet security, and with great exuberance began to usher in the era of hardware-assisted protection as the next great hope for personal privacy on the internet.
With 70 percent of all Internet of Things devices vulnerable to attack according to a recent report from HP, the numbers don’t lie: the race to find a universal way to protect the devices of the future is on, and now it’s just a matter of who can do it right the first time around.
The first into that fray is the Box, a “network attached peripheral” from the people at BitDefender which is being touted as the next step in the continuing evolution of what the company refers to as the “Security of Things.”
Said to scan all your data and traffic in real time, the Box will supposedly create an impenetrable wall between you, your appliances, and the rest of the Internet that keeps your family and their devices safe. Does the inaugural entry in this new class of router hold up to the pressure, or fumble under the weight of the expectations preceding it?
Hands on review
The Box itself
Powered by only a single-core 400MHz MIPS microprocessor, 16MB Flash memory, and 64MB DDR2 RAM, the Box itself is a beautiful piece of hardware for your home. It looks like something straight off Apple’s conveyor belts, a design decision we’re sure is anything but unintentional.
Measuring just 1.1 by 3.5 by 3.5 inches and clocking in on the scale at only 3.25 ounces, the box is so unassuming you’d barely even know it’s there unless someone explicitly pointed it out. It also supports 802.11n Wi-Fi, so it doesn’t need to be connected to a mass of Ethernet cables.
What it does
“This doesn’t sound any different from a router’s onboard firewall,” you might be grumbling to your screen right now. “I’ve already heard of this technology, don’t enterprise solutions already take care of this on their own?”
Yes, the Box is, at least on the surface, a router with a built-in firewall. It checks traffic as it comes in, and if it spots anything fishy, redirects either the malware or you to a secure environment where diagnostic changes can be made.
The race to find a universal way to protect the devices of the future is on.
The issue with this classical approach — as I’ve covered in our previous piece — is that it fails to account for scanning traffic against a database that’s being updated by the cloud in real time. Instead of having to click the “update” button on your antivirus’ definitions library every 15 minutes, the Box automatically monitors threat archives to cross reference against your traffic as you actively surf.
If this still sounds familiar (like anti-phishing features in Chrome, Mozilla, Safari, and others), you’re still a bit off base. What BitDefender is really targeting is devices that can’t protect themselves, but still contain valuable data about our lives. I’m talking about the wonderful world of the “Internet of Things.”
Setup, or “How to lose a customer in 10 hours”
In several interviews on the topic of the Box, BitDefender said that its device is a “100% plug and play experience.” You unplug your modem from your current router, plug the Box in, and run one more wire back to the router to get the connection live. Then, at least in theory, you should be ready to go.
In practice, the installation of the Box was anything but easy. First, the app (available for iOS and Android) I installed on both my iPhone 5 and Nexus 7 were useless, as neither were able to find the Box on my Wi-Fi network. I tried restarting my modem, router, the Box, and the Box app a number of times separately and once all together to try and get a connection setup, and it was only after several calls to their support team (one representative named Alex who was answered from a Google Voice number) that I was able to get the Box and the app talking to each other on my home network.
The reason for my troubles, I was told, is that the Box “wasn’t configured to support my setup,” and that I would need to remove my Netgear R8000 Nighthawk to achieve full protection. This is a popular high-end router, so Bitdefender’s suggestion it should simply be removed from the network wasn’t ideal.
Getting a pre-packaged Comcast router running is hard enough for most people, so easy setup is absolutely critical. Unfortunately, this looks to be an area that Bitdefender hasn’t perfected just yet.
Not much of a router
Of course, I may not have had a problem with getting the Nighthawk out of the picture if the Box was any kind of a decent router on its own . Once the Netgear was taken out of the loop, I couldn’t snag a signal any further than about ten feet around the device, and even then it would only appear if I was pointed in one of three very specific directions.
The Box looks like something straight off Apple’s conveyor belts, a decision I’m sure is anything but unintentional.
I live in a big house, so my router needs to get signal to two separate floors and a basement, a feat which isn’t easily achieved by any simple hub. The main reason I bought the expensive Nighthawk router is because its tri-band spectrum was powerful enough to push a connection to every corner of my home.
The Box on the other hand heavily favors form over function, with its sleek, Apple-esque minimalism that features no antennas or extenders on the side. With the Box alone I was able to get a signal in my living room, but as soon as I went upstairs or to the basement, Wi-Fi dropped out like clockwork. Clearly, trying to use the Box as a network’s only router is unlikely to work.
During regular browsing and speed tests with the Box acting as an intermediary between the Nighthawk and our modem, I clocked a loss of around 30 percent compared to the Nighthawkl. While this result was somewhat negligible on my data plan (60 megabits per second as opposed to 90) this effect might be a bit more noticeable for users who are still on DSL or can’t afford the higher tier of cable options.
Our testing methods
To find out what the Box was capable of I worked with a number of security professionals and members of the product team to carefully control the testing environment. One can only be so cautious when setting up a death arena of viruses, malware, and general mayhem and havoc.
I tested the Box using a closed loop system that incorporated several different machines spanning every common operating system, as well as an IP camera. Our test rigs included an Acer Aspire Switch 10 running Windows 8.1, a Macbook Pro (2010) running OSX Yosemite 10.10.2, a Toshiba Chromebook running Chrome OS 41.0.22, and finally a PC with Ubuntu 14.10.
On the mobile front, I had an iPhone 5 running iOS 8.0.2, and an Asus Nexus 7 Tablet with Lollipop 5.0.1.
For our testing schedule, I loaded up a series of malicious links, emails, and files that were provided by an independent security testing outfit which opted not to be named in this review. I threw these threats at the Box on each platform individually, and recorded the results after the infection was either stopped or got through.
To judge the Box’s overall effectiveness, I pit it against three main criteria based on what I’ve been told it’s made to shield against:
- Infected Links
So, how did the Box fare?
Tripping on .Zip
Phishing? Easily handled. Infected links? Piece of cake. Redirects? No problem, get em outta here!
After a few updates and tweaked configuration settings on behalf of the team at Bitdefender, the Box handled anything I sent its way. Whenever I started to drift into the wrong lane of the information superhighway, the Box was there with a prompt warning message that told us whatever nonsense I was about to get into had been blocked, followed by a notification on the mobile app a few moments later.
I had a lot of hopes for this technology, and it’s disconcerting to see it fall flat on its face before even making it off the starting line.
I’d like to say that was the end of the story, but as soon as we incorporated infected payloads hidden in .zip folders into the mix, things started to get a bit more tricky. Though drive-by downloads, phishing attempts, and infected links from emails were all kept safe under the sphere of protection, once I stepped outside the boundary of browser-based baddies, the Box lost any shred of effectiveness it had to spare.
The prime example of this slip can be found in what happened when I tested general malware against the IP camera, which appears on a home network just as any other device would. When using one of the mobile devices as an unpacking service, we were able to get an infection through the Box and onto the Android, which then launched a program to take control of the IP camera.
The Box didn’t beep or blip at us once during the entire process, blissfully unaware that hackers had just found a way to peer into our homes without a problem. Because the content being transported was password protected and sometimes encrypted, the system was only able to scan the data as a single packet, which seemed to confuse the Box.
This is exactly the kind of “Internet of Things” device Bitdefender promises to protect. However, it also happens to be the one device that can’t support its own local antivirus, so when an infected file was both transmitted to and launched on the camera without the Box noticing it slipped through, I was disappointed it had missed in such a crucial area of its intended purpose.
A cryptic response
Another big problem we ran into while testing the Box during daily use is periodically we would receive a notification that “malware had been detected,” without enough additional information. We would enter the app, and be greeted by the screen you see below.
Aside from a few scant details about the website the infection was coming from (which itself is obfuscated by random letters that are useless to anyone at the consumer level), information about what I was actually dealing with while the virus was live was slim to none.
Worse yet, when linked up to the network as an intermediary between the modem and the router, the Box lost all of its individual nuances to the big, heavy presence of the Netgear, with every infection being automatically classified under a single label. Instead of seeing “this device was being infected with this malware from this program/webpage” you only know that “something” had come through your router from “somewhere”. Not exactly enough information to help us avoid the problem next time.
No information about which individual device was compromised came in, and all I could glean from each intrusion was the name of an obscure website that never led anywhere in Google or otherwise. This meant that I had to take the Box at its word; it was supposedly keeping us safe, but any details about how or from what were left to our imagination.
Private Line is another interesting feature of the Box’s mini-ecosystem, meant to protect your mobile devices even when you’re away from the house and hooked up to some cell tower halfway across the globe.
I’ll give it to the Box on one front that Private Line functions much as the local protection does at home, and if you try to visit a phishing link from your internal email or any separate apps, the Box notification will pop up and redirect you back to dry, safe land.
But, I also have to bring up the point that iOS’ Safari, and Android’s Chrome both have this feature installed by default, and when testing against those two metrics the Box never caught anything extra that our browsers didn’t already detect themselves. Both on desktops and mobiles, Box never proved itself any more (or less) capable than the free options I already had pre-installed, yet the Box itself is still $199.
At $199 upfront and $99 annually, BitDefender is demanding a rather large bounty for the job of standing guard at your gates. Protecting a home network has never been pricier, and even though the Box was eventually able to deliver on its promise of stopping the majority of attacks in their tracks, it only worked after many hours of trial-and-error.
At $199 upfront and $99 annually, BitDefender is asking a large bounty for the job of standing guard at your gates.
It’s also not clear why the Box is really needed. Not once during all of our tests did the Box prove itself to be any more capable than the dozens of free options already available, and when it came to protecting an Internet of Things device (the prime reason Bitdefender charges extra), there was a number of executables available that could slip past the most current firmware update without a hitch.
In response to this problem, BitDefender has emphasized that I should think of the Box as an add-on to our existing security suite. That seems to be true in the same way Pop-Tart commercials advertise their pastries as a part of a balanced breakfast. Technically it’s true, but you’d do just as well without.
I was hopeful for this technology, (as made evident by my praise several weeks ago), and it’s disconcerting to see it fall flat on its face before even making it off the starting line.
For now, the Box looks to be more of a proof of concept than a device that’s ready for mass consumption. There are still far too many holes in its setup process, implementation, and overall effectiveness to say it’s ready for market. Considering the company plans to start shipping next month, I would say it still has a long way to go before anyone is going to be enthusiastic about making this little white networking device a part of their home network.
The Box and products like it need to be all or nothing right from the start, because even just a few slips in the beginning might be all it takes to prevent a potential revolution from taking off in the first place.
While the idea seems sound, the execution still needs a bit of work. Hopefully follow-up efforts from the likes of Itus Networks (Shield) or Nodal’s Numa will be able to learn from the mistakes of the Box, and put out a product that lives up to the grandiose promises that BitDefender made with this device.
Until then, it seems users will have to wait a bit longer to protect smart fridges, IP cameras, and Internet-connected toasters from the dastardly denizens of the web. While grandiose in purpose and mission, the Box misfires on too many critical points to be considered as a serious contender to the status quo anytime soon.
- Gorgeous design, looks at home anywhere
- Provides moderate security for IoT devices
- Protects against phishing and email attacks
- Didn’t protect against packaged malware
- Setup was far from “plug and play”
- Costly for what it does