Information Technology

Image:Vocus
On Anzac Day, former cybermoat conjurer and secretary of the Department of Home Affairs Mike Pezzullo issued a provocative missive on the beating of the drums of war. A nanosecond of thought is all that is needed to reveal the target of the missive — China — and as if to hammer the point home, this week saw Beijing cut off China-Australia Strategic Economic Dialogue talks. Then the Australian prime minister, in a revealing feat of geopolitical misspeaking, used the words “one country, two systems” when talking about Taiwan. One country, two systems is the way Beijing handles its special administrative regions of Hong Kong and Macau. This is the backdrop upon which two Vocus executives spoke this week at CommsDay Summit, with both reinforcing the company’s pitch as being able to provide sovereignty to its customers. “Sovereignty is a factor which Vocus increasingly sees as a competitive advantage in a market where security is critical to success,” Vocus general manager for government and strategic projects Michael Ackland said. “We’ve seen an accelerating trend, particularly from government customers, where the use of sovereign assets is not just a nice-to-have but a must-have.” The company is currently on a path that will see it be acquired by Macquarie Infrastructure and Aware Super, at a valuation of AU$3.5 billion, to remain in local hands. It was something Ackland said would help with the sovereignty play.

“It’s about having a sovereign network, which is supported by two of Australia’s leading institutions and operated by secure staff, based in secure network operations centres,” Vocus COO Ellie Sweeney said a day earlier. Sweeney outlined that Vocus runs a separate secure network, called VAS, alongside its regular commercial network using segregated systems and equipment, while adding that the company will double its capital expenditure on network security during the next fiscal year. In March, two years after it first ran the idea up the proverbial flagpole, the federal Digital Transformation Agency released its Hosting Certification Framework for data centre providers, which Sweeney said could be extended to network providers. “It’s not much of a stretch to consider that if government is so concerned about how, when and where data is stored and processed, the next logical step is to take an active interest in how, when and where data is carried across networks,” the COO said. Sweeney added the company saw opportunities in building submarine cables as “new sovereign infrastructure”. This should hardly be surprising, given in 2018 Canberra decided to use around AU$200 million of its foreign aid budget to lock Huawei out of building a subsea cable to the Solomon Islands and Papua New Guinea. Instead of Huawei, Vocus eventually picked up a AU$137 million contract to build the cable. “As we have seen over the past year or two in the submarine market, governments around the globe are willing to intervene to ensure cables are built by trusted vendors and are routed through trusted territories to avoid geopolitical issues,” Sweeney said. The Vocus chief operating officer said the consortium model used to fund subsea cables might be dead, at least in the eyes of government customers. “We’ve certainly seen a growing appetite from our wholesale customers seeking capacity from Asia to the US via Australia to avoid politically contentious areas to our north,” she said. “Vocus’ complete ownership of the ASC [Australia-Singapore Cable] cable and the domestic network it’s connected to gives us a unique advantage for customers seeking certainty of about where their data is travelling. Route diversity is also increasingly seen as a critical factor, both for terrestrial networks and international networks.” During her speech, Sweeney announced Vocus would build a cable to close the loop on its national network between Geraldton and Port Hedland, under the banner of Project Horizon. “In total, Project Horizon will establish a 2,000-kilometre network of both new and existing fibre between Port Hedland and Perth via Newman, Meekatharra, and Geraldton,” Sweeney said. “The Horizon system will be designed with transmission capacity starting at 38Tbps per fibre pair, giving us a clear upgrade path … as demand requires it. It will provide another layer of redundancy and give Vocus a ‘figure 8’ of network rings across Australia’s eastern and western states. It will allow Vocus to provide geographically diverse backhaul out of Darwin.” The company is also planning to connect ASC with its North-West Cable System between Darwin and Port Hedland, as well as branch the North-West cable to Kupang on the island of Timor. Project Horizon is due to be completed by the end of 2022. Sovereignty in space Vocus not only sees sovereignty over terrestrial infrastructure as an advantage; it also wants to push it on the arena of low-Earth orbit (LEO) satellites. With its national fibre footprint, Vocus believes it is well placed to capitalise on LEO players wanting ground stations to keep latency low. “These low latencies are dependent on the deployment of extensive ground infrastructure with high-capacity fibre backhaul, so processing and storage can occur as close to the edge of the network as possible. This means having ground stations in regional areas close to where the end-users are located, to minimise round-trip time,” Ackland said. “By now you should be starting to see why a fibre company is taking such a strong interest in LEO satellites.” Ackland said the company’s controlled environment vaults (CEVs) could be upgraded to function as ground stations “all over the country”. The other card Vocus has up its sleeve, according to Ackland, is the millimetre wave spectrum it gained in December alongside the likes of SpaceX Starlink, Field Solutions Group, WorldVu (One Web), Inmarsat, Viasat, O3B/SES, New Skies Satellites/SES as well Telstra, Optus, and NBN. “Our fibre network provides the foundation to install many more CEVs and ground stations in the future as LEO satellite operators require them. And while we have the fibre, and we have the CEVs to establish ground stations, we now have another key asset to make our LEO satellite business a reality — the spectrum required to turn these CEVs into ground stations,” he said. Ackland said there was a strong argument that LEO satellites could replace voice services in the bush, which he believes would remove the need for Telstra to hook up premises with copper lines under the Universal Service Obligation. The Vocus executive went further and questioned whether NBN should be investing in its loss-making regional networks. “Wouldn’t it be more economically efficient to subsidise non-NBN services to ensure they’re set at a similar price to metropolitan equivalents, and for NBN to write off the losses? These are no longer questions that can be left for another day,” he said. “These are questions which need to be considered here and now, since LEO operators like Starlink now offering commercial services.” Even though Ackland said the LEO service is better than fixed wireless, and sometimes fibre to the node and HFC connectivity, he doesn’t believe the world will switch completely. “They will provide a viable alternative in many instances where latency meant satellite could never have been considered,” Ackland said. “I should also make it clear that LEO satellites are not going to make NBN’s two Sky Muster satellites redundant overnight either.” Vocus is using NBN business satellite services to complement its terrestrial footprint when providing connectivity to the likes of the Australian Bureau of Meteorology (BoM). In March, the Bureau called on the federal government to have its own satellite capability. “All satellite data used by the Bureau is received from international partners … this arrangement has worked well but access to this data is not guaranteed into the future,” BoM said. “In recent years there has been an exponential growth in commercial satellite data providers offering new business models, resulting in potential threats and opportunities in the space industry. In the future, this may pose a risk to the volume of data the Bureau can access if current arrangements for the free and open exchange of international satellite data are reduced.” The Bureau recently added to its wishlist, floating the idea of running a subsea cable to Antarctica and improving satellite connectivity to its weather stations. Earlier this week, Vocus was part of the launch of space communications startup Quasar, which is looking to provide ground stations as-a-service via electronically-steered phased array technology.”This technology emulates the behaviour of a traditional parabolic antenna, but no longer requires the antenna to mechanically track satellites across the sky,” Ackland explained. “As a result, Quasar’s technology is able to connect to hundreds of satellites at once, managing connections through time slots for uplink and downlink activity.”One thing which excites me about our work with Quasar is that it’s an Australian company, backed by Australian funding, developing a sovereign Australian capability in the modern-day space race.” Related Coverage More

Suicide Prevention Australia has asked the federal government to do more to regulate the gambling industry, particularly when it comes to the behind-the-scenes data-sharing arrangements betting platforms have with one another.The Senate Standing Committees on Environment and Communications is currently looking into the online gambling space. The focus of the inquiry are the amendments to the Interactive Gambling Act 2001 that would prevent interactive gambling service providers from accepting payments by credit card, creating a criminal offence and civil penalty provision for those that do so, to be overseen and enforced by the Australian Communications and Media Authority (ACMA).But in its submission [PDF] to the inquiry, Suicide Prevention Australia has highlighted simply blocking credit card use is not enough to curtail the domino effects a gambling problem can have.”While we welcome the reforms in this amendment, we believe the Commonwealth government should go further in reducing potential harms to the lives of Australians who engage in interactive gambling,” it wrote.The organisation shared with the committee the findings of a roundtable it hosted in October. “Our roundtable identified the need for greater regulation of the gambling industry across jurisdictions in Australia. In particular, the need for restrictions on gambling companies use of personal information to target gamblers by offering incentives to gamble,” it said.

Suicide Prevention Australia said that betting companies share client data among each other.”For example, when a client ceases gambling with one company, the company trades client lists with another company who then offers targeted incentives or enticements to the person so they begin gambling again with a new company,” the submission explained.This alarming practice was detailed by the ABC in an article it published last year, which shared the experience of an Australian man who had closed a betting account only to be wooed back in by special treatment and VIP status. He also received unsolicited calls from a competing betting platform when his account with the first was frozen. “The issue of data sharing and incentives has a significant impact on Australians who gamble, as problem gamblers are being actively incentivised to resume their problematic behaviours, which can extend to resuming other forms of gambling eg electronic gaming machines,” Suicide Prevention Australia said. “Gambling companies are further not required to conduct financial risk assessments on clients prior to opening an account with the company.”To that end, it has asked the committee to consider its recommendation to strengthen privacy regulations for people who gamble to prohibit companies from sharing or selling client contact data among the industry.The organisation also called for more to be done around advertising regulation, pointing to a study commissioned by the Victorian Responsible Gambling Foundation on young men and their gambling behaviours that found, on average, participants had four separate accounts with online betting companies. It said the report also found gambling uptake was driven by promotions from betting companies.In its submission [PDF], the ACMA said the potential benefits of banning the use of credit cards for online gambling domestically needed to be balanced against the risk of consumers moving their gambling activities to offshore providers.It noted that illegal offshore gambling services often allow consumers to use Australian credit cards to deposit money into their accounts. “We have observed that these illegal gambling providers are increasingly using third party payment processors to mask their gambling services and the MCC [merchant category code] can reflect services other than gambling,” it wrote. “This can make it difficult for credit card providers, or indeed those potentially charged with regulatory oversight, to identify the illegal activity and take disruptive action.”The providers of these illegal offshore services are typically located in jurisdictions with limited regulatory oversight and minimal or no consumer protections, it added.IF YOU OR ANYONE YOU KNOW IN AUSTRALIA NEEDS HELP CONTACT ONE OF THESE SERVICES:Suicide Call Back Service on 1300 659 467Lifeline on 13 11 14Kids Helpline on 1800 551 800MensLine Australia on 1300 789 978Beyond Blue on 1300 22 46 36Headspace on 1800 650 890QLife on 1800 184 527RELATED COVERAGE More

Millions of phones across the globe were affected by a vulnerability found within a ubiquitous Qualcomm chipset, according to researchers with Israeli cybersecurity firm Checkpoint. 

ZDNet Recommends

Check Point’s Slava Makkaveev published a blog post on Thursday highlighting a security flaw in Qualcomm’s Mobile Station Modem Interface “that can be used to control the modem and dynamically patch it from the application processor.” “An attacker can use such a vulnerability to inject malicious code into the modem from Android. This gives the attacker access to the user’s call history and SMS, as well as the ability to listen to the user’s conversations,” Makkaveev wrote. “A hacker can exploit the vulnerability to unlock the SIM, thereby overcoming the limitations of the service providers imposed on the mobile device,” he added, explaining that the Qualcomm Mobile Station Modem Interface enables the chip to communicate with the operating system found within the smartphone.The Check Point report noted that the Qualcomm Mobile Station Modem Interface can be found in an estimated 30% of all smartphones out in the world today. Thankfully, the company notified Qualcomm of the vulnerability in October, which then tracked it as CVE-2020-11292 and labeled it a “high rated vulnerability.” Patches were sent to smartphone makers in the fall of 2020, according to a Qualcomm statement sent to multiple outlets including The Record and Bleeping Computer. The chip has been in cellphones and smartphones since the 1990s and has been continuously updated over the years to support the transitions from 2G to 3G, 4G, and now 5G. Samsung, Xiaomi, Google, and One Plus are just a few of the smartphone brands leveraging the chip. 

Setu Kulkarni, vice president of strategy at WhiteHat Security, said this was one of many examples of the “supply chain” nature of the problem plaguing mobile phone vendors, Qualcomm, the Android OS, and the apps on the Play Store. “Making it all work together requires careful synchronization in terms of versions and supported capabilities between the mobile phones, the chipset, the OS, and the apps — and that’s where the cracks are for vulnerabilities to slip through,” Kulkarni said. “Especially since there is no one throat to choke in these kinds of issues.” Even though Qualcomm has patched the issue, Kulkarni questioned who is holding the other parties in the ecosystem to account for the issue. The proliferation of Android-based devices presents a scalability challenge to deploy the fix and at the same time the end-users are completely unable to understand the issue, Kulkarni added. “Which customer will understand the issue in the chipset? One may wonder, is that why Apple is increasingly becoming a closed ecosystem? With control over the device, the chipset, the OS, and the highly regulated App Store — does Apple stand a better chance to protect its customers in such events? Time will tell,” Kulkarni explained.  More

(Image: Shutterstock)
Cisco released software updates this week addressing multiple vulnerabilities the company says “could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application.”

A variety of security lapses were found in Cisco’s SD-WAN vManage Software and in the web-based management interface of HyperFlex HX, all of which required software updates Cisco said in a statement that there were no workarounds that address these vulnerabilities.The company published detailed breakdowns of each vulnerability, highlighting specific issues revolving around SD-WAN vManage Cluster Mode Unauthorized Message Processing, Privilege Escalation, Unauthorized Access, vManage Denial of Service, and Unauthorized Services Access. The vulnerabilities allow authorized and unauthorized users to send unauthorized messages to the vulnerable application, gain elevated privileges, make application modifications or cause a DoS condition on affected systems. Software updates were also released to address security gaps with Cisco’s HyperFlex HX Installer Virtual Machine Command Injection and the Data Platform Command Injection.Cisco’s Product Security Incident Response Team said it was not aware of any “malicious use of the vulnerabilities” yet for either product. Many of the vulnerabilities listed only affect Cisco SD-WAN vManage Software that is operating in a cluster, and users can figure out whether their software is operating in cluster mode by checking the Cisco SD-WAN vManage web-based management interface Administration > Cluster Management view.The company has sent out multiple updates to address new vulnerabilities over the past few months. Oliver Tavakoli, CTO at cybersecurity firm Vectra, said the drumbeat of vulnerability disclosures against Cisco’s SD-WAN product line actually has a silver lining: Most of the reported vulnerabilities are being discovered by Cisco engineers during what appears to be a period of concentrated security testing. 

“While we all want perfect software, vendors who find and fix security vulnerabilities before in-the-wild exploits against them are reported should be encouraged to continue on this journey. The key measure of success will ultimately be when high and critical vulnerabilities for this product line gradually slow to a trickle,” Tavakoli said. JupiterOne CMO Tyler Shields noted that there has been a recent spike in exploit disclosure for SD-WAN, VPN, and other network-based technologies. He said this is due, in part, to the impact of the pandemic and an increase in network requirements for remote offices and work from home scenarios. Shields added that discovery of exploits tends to cluster over time and said he expects additional network technology-based exploits to be disclosed as hackers continue to target those types of devices.Dirk Schrader, global vice president of security research at New Net Technologies, echoed those remarks, telling ZDNet that because of their importance to the infrastructure, networking devices are, by nature, prime targets for cyber-criminals.”Given the criticality of those vulnerabilities now patched by Cisco, it will be just a matter of time until the patch cycle race once again will distinct between those ahead of the curve and those behind,” Schrader said. “Running a full-scale vulnerability scan on the organization’s infrastructure, both from an external point as well as from an internal one, is necessary to be ahead.” More

The New South Wales government is preparing a new Bill that will require public sector and state-owned entities to report a data breach to the Privacy Commissioner as well as any affected individuals.The Privacy and Personal Information Protection Amendment Bill 2021 aims to strengthen privacy protection in NSW and extends the federal breach reporting requirements mandated by the Notifiable Data Breaches (NDB) Scheme, which came into effect in February 2018.The NDB scheme requires agencies and organisations in Australia that are covered by the Commonwealth Privacy Act 1988 to notify individuals, whose personal information is involved in a data breach that is likely to result in “serious harm”, as soon as practicable after becoming aware of a breach.  The proposed NSW mandatory notification of data breach (MNDB) scheme shares the same notification threshold as the NDB scheme, but differs in application and enforcement. Although the NDB scheme has coverage Australia-wide, the NSW scheme aims to fill the gap it leaves regarding state entities.”Any mandatory data breach notification scheme introduced in NSW would be designed to complement the existing Commonwealth Notifiable Data Breach (NDB) Scheme under the Privacy Act, particularly in areas of jurisdictional overlap,” the Information and Privacy Commission New South Wales said previously.The draft exposure Bill [PDF] proposes to establish an MNDB scheme to require public sector agencies bound by the NSW Privacy and Personal Information Protection Act 1998 (PPIP Act) to notify the Privacy Commissioner and affected individuals of data breaches of personal or health information, which are likely to result in serious harm.It also applies the PPIP Act to all state-owned corporations that are not regulated by the Privacy Act.

“The MNDB scheme will require public sector agencies to notify the Privacy Commissioner and affected individuals if a data breach affecting personal or health information that is likely to result in serious harm occurs,” the fact sheet [PDF] details.”The MNDB scheme will require agencies to satisfy other data management requirements, including to maintain an internal data breach incident register, and have a publicly accessible data breach policy.”The state government said a mandatory scheme is being proposed to improve agency data management, reduce underreporting, and reduce the occurrence of data breaches that cause serious harm. “Mandatory schemes enable individuals to take action to protect themselves in the event of breaches, and can increase public trust in government,” it adds.As detailed in January, in 2019-20, the commission received 41 voluntary breach notifications.State government was accountable for 28, local government for 10, and public universities for three.The proposed MNDB scheme requires an agency to contain and assess a suspected data breach to determine whether it is an eligible breach under the scheme, and, if so, to notify the Privacy Commissioner and any affected individuals. It specifies the timeframes in which an agency must assess a data breach, notify the Privacy Commissioner, and notify affected individual/s of the breach. Agencies will also have other information handling requirements, including maintenance of an internal data breach incident register and creation of a publicly accessible data breach policy.The scheme will permit limited information sharing — such as contact details and dates of birth and death of the affected individual — between agencies for the purpose of notifying affected individual/s of an eligible data breach. In the notification, it is anticipated the entity will be required to provide a description of the breach, including when and how it occurred, what data was affected, how long the data was affected, and what type of breach it was, such as loss, disclosure, or unauthorised access. It will also contain detail of what the agency is doing to control or reduce the harm.Additionally, the entity will be required to provide recommendations to affected individuals about the steps they should take to minimise the impact of the breach, as well as their right to seek an internal review.The agency will not be allowed to make reports anonymously to the commissioner and it must list any other affected agencies.Peripheral information the commissioner would like to receive includes whether it was a cyber incident, the estimated cost of the breach to the agency, the total number, or estimated total number, of individuals affected or likely to be affected by the breach, and whether they have been notified.There are exemptions to the proposed scheme, such as where notification would prejudice law enforcement activities, that the exception would prevent or reduce a serious risk to an individual’s health or safety, the notification is likely to result in more breaches or deteriorate the agency’s cybersecurity, and the agency has remedied the harm of the breach successfully, for example, if an email was sent to the incorrect recipient, but was recalled successfully and deleted prior to the recipient opening the email.A further exception applies where notification to the commissioner would contravene a secrecy provision contained in other legislation.The proposed MNDB scheme would grant the commissioner new powers regarding the MNDB scheme, including to enter premises and inspect anything that may relate to compliance with the MNDB scheme. They will also be given powers to conduct audits in relation to the MNDB scheme and produce a report to the head of agency and responsible minister.Following public consultation, which closes 18 May 2021, it is anticipated that a Bill will be introduced in the NSW Parliament before the end of the year. If passed, the MNDB scheme will commence 12 months following the passage of legislation.RELATED COVERAGE More

Image: Google
Google will follow in the footsteps of Apple and is set to introduce privacy information requirements for developers that publish apps in its Play Store. The company said in a blog post that developers will need to state what data is collected and stored, such as location, contacts, name, email address, and types of files stored; how the data is used, such as whether it changes app functionality or personalisation; which security practices, such as encryption, the app uses; and if the app follows Google’s families policy. App makers will also need to state whether apps need the data to function and whether users have a choice in sharing it, and whether users can request data deletion upon uninstalling an app. Google said it will additionally require developers to declare if the stated privacy information is verified by an independent third party. The company added that the onus will be on developers to be truthful, and if they are found to be telling fibs, they could be “subject to policy enforcement”. “All apps on Google Play — including Google’s own apps — will be required to share this information and provide a privacy policy,” the company said. Laying out the timeline for these requirements, the new policy is set to appear in the next quarter and developers will be able to voluntarily disclose the privacy information in the final quarter of 2021. Meanwhile, users will be able to view the information in the first quarter of 2022 before the hard requirement lands in the second quarter of 2022.

At the end of last year, Apple began to publish privacy summaries in all of its app stores across iOS, iPadOS, macOS, watchOS, and tvOS. Google notoriously took a long time to begin publishing iOS privacy summaries. Related CoverageGoogle is going to start automatically enrolling users in two-step verificationIf you use Google services, get ready for two-step verification to become the norm.Google introduces Woolaroo AI translation app to preserve endangered languagesSnap a photo of an object and Woolaroo will use machine learning to translate it into one of 10 endangered languages supported on the app.Google expects 20% of employees to work from homeEmployees will be offered opportunities to permanently work remotely, or to transfer to other offices, based on their role and team needs, Google said Wednesday.Chromebook units surge 275% in Q1, says CanalysChromebook first quarter shipments are being compared to the beginning of the COVID-19 pandemic a year ago. More

Show More (3 items)

You don’t need to spend a fortune on making your home office secure, and thanks to mobile technology, our options are now far beyond a locked door and window fastenings.  Smart video doorbells that record both video and audio feeds in real-time when you have a visitor; motion and sound sensors that can be used in and outside, digital door locks, cameras with excellent night vision — the range of products that leverage mobile connectivity, apps, and Internet of Things (IoT) sensors are endless.  That is not to say that all smart home security products are created equal, and not every home needs to have bells and whistles on when it comes to security — sometimes, a few select pieces can create a home ecosystem that is enough to protect your home (and office) against intruders, as well as alert you when suspicious activity is detected.  It is also worth noting that any device with connectivity may contain vulnerabilities themselves that could be exploited — and may endanger their users’ privacy as a result — and so when you pick an IoT device vendor, it should be one that maintains a frequent security program and patch cycle. ZDNet has created a list of recommendations suiting a variety of budgets and setups to help homeowners and remote workers decide how best to protect their properties, ranging from full kits to useful window sensors and cameras suitable for use both in and outdoors. 

Smart video doorbell

A smart video doorbell is one of those products that you didn’t realize could be a great addition to daily life until you invest in one. It may seem like overkill to go for a doorbell with Internet connectivity, video and audio feeds, and the ability to check-in remotely, but once you get used to the convenience of being able to chat to visitors and delivery staff no matter where you are, you can see their value. Convenience, however, is just one benefit, as these types of products can be a useful security addition, too, as you can clearly see visitors before opening the door, as well as deter potentially unwanted ‘visitors’ checking out your home. Currently on sale at $169.99, the Ring Video Doorbell Pro is one product for consideration. The hardwired doorbell is able to record 1080p HD footage with two-way talk, and also comes with infrared night vision, sensors, and customizable ‘zones’ for motion detection alerts. Compatible With iOS, Android, Mac, and Windows 10, users can check in on their doorbell at any time. Live view is free but continual recording requires a subscription.Pros:Useful for security and convenience when it comes to visitors, deliveriesReliable and a modern designCons:You need to buy a separate, traditional ‘Chime’ accessory for a traditional sound alertNeeds either frequent battery charging or a hardwired power source

Full, customizable smart home security system

If the Ring ecosystem appeals to you, Ring also offers a full smart home security system that can be customized depending on the property and the user’s wishes when it comes to security. You can create your own security system by combining elements including home alarms, motion sensors, window and door contact sensors, keypads, a smart doorbell, panic buttons, and both indoor and outdoor cameras. Ranging in price from single $19.99 window sensors to a robust security package costing hundreds of dollars, the Ring range considers every point of entry into a home, whether you live in a small condo or a large house with extensive grounds. Pros:You can tailor your home security and tackle any areas of real concern by choosing each product separately and bringing them into one networkEasy installationYou can hand over monitoring to a professional as an optional add-onCons:A full package can prove to be expensive Some users do not find the siren to be as loud as they would like 

Standalone security camera that plugs into an outlet

For do-it-yourself types who want a few security gadgets but not an entire setup, Google’s Nest Cams are worth considering. Nest Cam Indoor products are standalone security cameras that plug into an outlet. Once connected to the Nest mobile app, users are sent alerts when motion is detected and it is also possible to tap into the camera at any time to see what is going on at home. Built-in speakers and a microphone are included. Event-based or continual recording is on offer, and for free, snapshots taken over a three-hour time period are saved and viewable. A subscription option for 24/7 recording and storage is also available. Outdoor alternatives are on sale for $199.Pros:Stylish and discreetNight vision is a useful addition if you are away from homeCons:Pets may trigger the camera by accident in the homeA subscription is required for premium features

$299 at Walmart

$299 at Adorama

Includes Nest Guard, an alarm, keypad, and motion sensor

If your smart home is making use of the Nest ecosystem and already includes products such as Google Home or Nest fire or C02 alarms, the Secure package could be of interest to bolster home security. The $399 Nest Secure (currently on sale at Lowes) includes Nest Guard, an alarm, keypad, and motion sensor; two Nest Detect sensors suitable for use in monitoring doors, windows, or entire rooms, two open/close magnets for doors or windows, two Nest tags that are used to enable or disable alarms quickly, and mounting brackets.The Nest Detect sensors are able to detect motion and sound, and can also be set to chime when a door or window is opened — a useful feature if you have young children at home.A limited free option is available, alongside a feed monitoring and storage subscription. As Secure products are compatible with Google’s overall IoT ecosystem, users can ask their assistant to arm or disarm the Nest alarm remotely, and if the system thinks you have left home without arming, a reminder can be sent to your smartphone. Pros:Versatile accessories in one kit that are enough to guard your average home’s entry pointsCons:Only compatible with Google Home and not Amazon Alexa or Apple’s HomeKit

Includes motion sensor, entry sensor, panic button, and a key fob

For hunters of a full security system without a long-term subscription, SimpliSafe’s home security system should be considered. SimpliSafe offers a $160 entry-level kit containing a motion sensor, entry sensor, panic button, and a key fob, which can be customized to include additional products such as a siren, video doorbell, glass break sensor, or smoke, water, and CO2 sensors. The Wi-Fi-connected system has a backup battery in case of a power outage, and the vendor maintains six monitoring centers to keep an eye on homes within the network — with operators alerting the police even if the devices are damaged by intruders. SimpliSafe offers a variety of subscriptions and accounts for over three million users in the United States. Pros:No contract or long-term subscription requiredCan be extended with sirens, water damage sensors, fire alarmsCons:Expensive to set up beyond the entry kit

$239 at Amazon

$244 at SimpliSafe

Includes motion sensors, key fobs, and a camera

Another popular option on the market is Honeywell’s home security kit. The bundle contains a selection of motion sensors, key fobs, and a camera able to record visual and audio footage in 1080p HD video. Night vision is also included. Honeywell’s security system can be set to automatically arm itself when you leave home, and if you forget to shut a window or door where a sensor is installed, for example, you can be sent alerts to this oversight. A key selling point about this option is versatility, as the security system can be set up to operate in existing IoT setups offered by various vendors. Amazon’s Alexa voice assistant is inbuilt to accept commands.Pros:1080p night vision cameraCompatibility with Alexa assistant built-inExtendable with multiple sensorsCons:The design won’t appeal to everyone

Includes hub, a motion sensor, door sensor, and a keyfob

Abode’s offering is a budget-friendly package that comes with an Abode hub, a motion sensor suitable for entryways or specific rooms, a small window or door sensor, and a keyfob for quickly arming or disarming the system. Users can install the system themselves and connect the hub to their mobile device, as well as control their kit through Amazon Alexa, Google Assistant, or Apple HomeKit. If you want to extend your security system further, additional Abode sensors and cameras can be added to the network. A basic, free plan or more extensive subscription is available. Pros:Smart assistant supportAffordableCellular backup options available in the case of internet failure (subscription)Cons:Additional accessories, such as door and window sensors, are expensive

$229 at Abode

Monitor the lock status of a door

An additional component you might want to consider for your home security setup is a smart lock. An alternative to a traditional deadbolt, a lock such as the August Wi-Fi Smart lock, available in black and silver, connects to a user’s mobile device or Alexa assistant to monitor the lock status of a door.You do not need to replace your existing lock-and-key setup; instead, you attach the smart lock to a deadbolt. It is possible to set up the product to automatically detect when you come home and unlock the door, and in the same way, auto lock when the door closes. If you want to grant others access to your home, “secure keys” can be sent to their mobile devices via the August app. However, it is worth noting this smart lock requires a 2.4GHz Wi-Fi network. The August Wi-Fi Smart lock is currently on sale for $202. Pros:Useful for visitors that you want to grant access to remotelyHeightened security for your doorCons:The setup process can be arduousSome users have reported issues with smart assistant integration

Why are sensors important in a home security product?

Sensors are the key ingredient in effective, discreet home security. There are many different kinds of sensors that are utilized in Internet of Things (IoT) products, including infrared, magnetic, audio, and motion, and each use depends on the type of security product involved.For example, motion sensors are used for video doorbells and both indoor and outdoor cameras — and heat sensors may also be thrown into the mix — whereas door and window products may use a combination of motion and magnetic sensors to detect unauthorized entry.

Do you need an internet connection?

When it comes to today’s smart, connected, IoT home security systems, the answer is usually yes. In comparison to business security offerings that are often monitored remotely, the central focus of home systems is to give the user power and visibility — and this generally requires internet connectivity and a mobile device.

Do you need a subscription?

Subscriptions aren’t compulsory when you buy a home security solution. In many cases, ‘basic’ setups will ping alerts to your handset when a sensor detects activity, allowing you to check your home in real-time — but will not necessarily keep any feeds or recordings for a long duration.It is worth signing up for a subscription if you want to make sure you have access to past event feeds. In addition, subscription services will usually sweeten the pot with additional layers of security such as automatic emergency calls and multiple device monitoring.

Which security system is right for you?

Unlike a business premise, homeowners do not need to spend a fortune in order to adequately protect their assets. Instead, a few products that have been carefully selected and placed in weak spots or entry points — including a front porch, garden, or close to ground floor windows — can be all that is needed.A camera or two — preferably with night vision — sensors monitoring windows, and, perhaps, a video doorbell or smart lock to protect your front door. Larger properties can benefit from additional security components linked to the same network, but in either case, today’s smart home security products can give you peace of mind both in or outside of the house.Many of us have been working from home during the pandemic, but as things begin to unlock and we do spend more time away from our residences, now may be the time to consider a security option that is right for you.

Our selection process

We wanted to consider as many security angles to protecting a home and home office as possible. Entry points including windows and doors can be protected through smart door locks, sensors, and cameras, and should an intruder manage to get into a property, monitoring systems that send alerts to homeowners can make all the difference between perpetrators being caught or getting away with their actions. More

Network security and content delivery network provider Cloudflare this afternoon reported Q1 revenue that topped expectations, and profit in line with Wall Street’s forecast,  and an outlook for this quarter’s, and the full year’s revenue that was higher as well. The report sent Cloudflare shares up by 6% in late trading. CEO and co-founder Matthew Prince noted the company had a “record-setting start to the year, citing revenue growth but also the company’s retention rate among its customers of 123%. “We crossed 4 million total customers, and our large customer count was up 70% year-over-year, accounting for more than half of our total revenue,” said Prince. Added Prince, “We delivered terrific financial results while also investing in innovation, the fuel our engine runs on. “Firing on all cylinders, we’ve already announced or delivered more than 100 products and capabilities this year. There’s no slowing down as we continue to deliver business-critical offerings and displace point solutions with Cloudflare’s robust global network.”Revenue in the three months ended in March rose 51%, year over year, to $138.1 million, yielding a net loss of 3 cents a share, excluding some costs.

Analysts had been modeling $131 million and negative 3 cents per share.For the current quarter, the company sees revenue of $145.5 million to $146.5 million, and net loss per share in a range of 3 cents to 4 cents. That compares to consensus for $139 million and a 3-cent loss per share.For the full year, the company sees revenue in a range of $612 million to $616 million, and EPS of $TK to $TK. That compares to consensus of $593 million and a 9-cent loss per share.

Tech Earnings More