vacancies advertise contact news tip The Vault
facebook rss twitter

CUJO primed to protect your home network from threats

by HEXUS Staff on 15 September 2015, 11:00

Quick Link: HEXUS.net/qacunp

Add to My Vault: x

Please log in to view Printer Friendly Layout

 

There are boundless statistics that tell us billions upon billions of devices will be connected to the internet in the years to come. Grouped together under the overarching internet of things (IoT) theme, having billions of connected devices will be a boon to a multitude of industries. Think of digital health, fitness, smart cities and you begin to get the idea.

But the flow of traffic between devices needs careful management. Nowhere is this presently more applicable than the home environment, where multiple devices - smartphone, tablet, computer, security cameras, baby monitors, et al - are connected to the router and share information across the cloud. Such a prevalence of connected devices brings security very much to the fore so it's no surprise that tech companies have jumped on this security/threat management bandwagon with gusto.

One such firm is CUJO, who promises to weed out malicious threats and malware by having a small device connected to your home router. Eponymous in name, the CUJO device is going up on crowdfunding site Indiegogo today. We had a chance to quiz the company's CEO, Einaras Gravrock, to find out more about this intriguing box of tricks.


Einaras Gravrock, CUJO CEO

Q: In a nutshell, can you explain what CUJO is?

A: CUJO is a smart device that guards all of your connected home devices from hacks. It’s simple to start with no installation necessary. CUJO blocks malware, viruses, phishing attempts, and hacks. You get an app that alerts you anytime your devices are in danger. Best of all, you can get it for only $49 when you back their Indiegogo campaign.

Q: How does CUJO protect me from being hacked, and which antivirus/threat management/anti-malware engines are being used?

A: CUJO acts as a gateway between your devices and for your connection to the Internet. We inspect packets of data coming and leaving your network and block threats before they can reach the target or do damage. We analyze behavior and secure all devices connected to your network. This is critical because newly connected devices don't have pre-installed security.

Unlike traditional solutions, CUJO adapts and reacts when your home is attacked and does not rely just on libraries of known malware issues. We analyze a humongous amount of behavioral data in our cloud and push learnings from one home to all CUJO-protected homes.

We use proprietary behavioral analysis engine, SNORT packet inspection, and a 3rd party malware scanning solution (confidential).

Q: How does CUJO differentiate between normal, regular traffic and potential threats?

A: Through behavioural analysis. CUJO looks at the story of the device in question to distinguish between normal and abnormal patterns.

Q: A number of premium routers now come with UTM anti-hacking software by default. Why is CUJO better, in your opinion?

A: UTMs don't have an accompanying cloud to continuously learn from. So essentially they are signature-based solutions. Signatures-based protection by itself is not enough to fight off most attacks.

Q: Following on from this, we've seen these kinds of products before- the Yoggie Gatekeeper Pro, for example. Is CUJO fundamentally different?

A: CUJO is fundamentally different from Yoggie Gatekeeper Pro in the sense that the YGP protects a single device, specifically computers (laptops, PCs). CUJO protects ALL network devices including mobile devices, IoT, tablets, as well as computers.

Q: Does it feature some form of machine learning to adapt to new threats?

A: Behavioral analysis using machine learning is our core offering. We constantly monitor your device behavior in the context of your home and as device types in general. This allows us to see anomalies in a way that signature based solutions cannot.

Q: Our readers enjoy the technical aspects of hardware. Can you let us know the hardware powering CUJO?

A: Cavium-based platform with dual-core 1GHz processor. Modified Linux OS. 1GB DDR SRAM. 4GB Flash memory. Two 1GB Ethernet ports.

Q: A common refrain of modern technology is that it can be difficult to install and configure. How does CUJO fare in this regard?

A: That’s the best part about CUJO. It is completely plug-n-play, as shown here: https://youtu.be/JlSngo6afKQ

Q: Does CUJO protect all of my internet-connected devices, and is it compatible with all common routers?

A: CUJO is compatible with all common routers. And yes, we protect all devices that are connecting to your wireless router.

Q: Is CUJO merely a gateway to the internet, or does it send any information back to your servers? Do users have to worry about their sensitive data passing through another layer?

A: We send encrypted meta data to the cloud to apply behavioral analysis. Communication between CUJO and the cloud happens over an encrypted channel, and only limited metadata is sent.

Q: Online gaming is hugely popular, as you know, so adding another device between the internet and router must cause additional delay? Can you define this extra latency?

A: In general, there will be a reduction in the total bandwidth available for streaming, due to CUJO using part of the upload capacity to send flows and other data to the cloud. On ADSL connections that will not affect download speed, but on cable modems it will. We have seen latency of around 7-10ms but are working to improve upon that. Our team has gamers, so this is a personal issue.

Q: How much will CUJO cost, and will there be a subscription-style model moving forwards?

A: As a thank you for backing us on Indiegogo, we are offering a CUJO device at a price well below what it will retail for later. All our devices are bundled with many months of service so you will be saving a lot by getting a CUJO here on Indiegogo. After your initial subscription is over you will be able to switch to a monthly ($8.99) or annual ($89) subscription. So unlike others who require you to pay to protect each individual device, for a small monthly fee we will protect all of your devices.

*Why charge a subscription for service? Your CUJO will be connected to our security network, which requires expensive upkeep. Also, Internet security is a 24/7 battle. We have a team of people that will enforce the latest security practices to keep your home safe against new hacks. Enterprises pay thousands for such a service, we make it available for homes for much less. And don't forget, as our backer you will get many months of absolutely FREE service!

Q: Why did you choose the crowdfunding site Indiegogo as the launch platform?

A: Indiegogo recognized the importance of a product like CUJO and recruited us to join their platform. We could not be happier having a partner like Indiegogo.

Q: How soon can the public expect to see the first units for sale?

A: CUJO is launching on Indiegogo on 09/15/2015.

Q: What was the process behind the design and look of CUJO?

A: We hired renowned industrial designers at Matter Global (Nike Fuel band). We wanted to create a design that blended in well in most homes. We also wanted to add emotion to our CUJO so therefore the LED eyes.

Q: In terms of customer service, what can users expect post-purchase from CUJO?

A: 24/7 email support, as well as 8-5 phone support. All times PST.

Q: With more household appliances/devices now offering the ability to connect to the Internet, how is CUJO equipped to protect these new devices?

A: Inevitable every appliance and device will come with an IP address. Most of these devices are powerful to give us amazing features. But they are also easy access points for modern criminals. Only the most outstanding device makers will have the resources to make their devices secure. The problem is that one rogue device in your network may provide access to your entire network. That is why it is important to have a 3rd party solution like CUJO.

So there you have insight into what CUJO is and how it works. Is it something you would consider for your home network? Let us know in the comments facility below.



HEXUS Forums :: 4 Comments

Login with Forum Account

Don't have an account? Register today!
this sounds great why lie?? with the hacker spring of ANDROID infections it will be nice to monitor your traffic quite well.
lumireleon
this sounds great why lie?? with the hacker spring of ANDROID infections it will be nice to monitor your traffic quite well.

a. Android problems are trojans. No device is going to stop idiocy.

b. As soon as you walk out of your front door, your not protected any more.

c. CUJO is like any other virus checker, only as good as it's algorithm and definitions. This is never going to catch as many infections on (for example) Windows, compared to a proper fully-fledge Windows-based virus checker.

d. Statistics and other information sent “to the cloud”. I am sure Saracen and a few others will add this to their SLs due to that.

e. $89 / year or $9 / month? and that's on top of the undisclosed hardware fee up-front. I'd rather use the free or more platform-specific virus checkers.


Seems like another company looking to make money from fear.
shaithis


d. Statistics and other information sent “to the cloud”. I am sure Saracen and a few others will add this to their SLs due to that.

If you mean what I think you mean by “SL”, and I'd probably use “blacklist”, then I have an opinion but perhaps not quite what you might expect. It depends on
Article
Q: Is CUJO merely a gateway to the internet, or does it send any information back to your servers? Do users have to worry about their sensitive data passing through another layer?

A: We send encrypted meta data to the cloud to apply behavioral analysis. Communication between CUJO and the cloud happens over an encrypted channel, and only limited metadata is sent.
My cloud aversion is for MY data. I am adamant about there being NO CHANCE of, say, a Word file, or a PDF, or a spreadsheet, ending up cloud-stored with it being explicitly MY decision to store that file in that way. That is, before there's any chance of such an upload happening, I want it to be my specific, conscious informed decision. And it won't happen very often, if at all.

This, if you like, is part-privacy, but largely security. I sometimes have 3rd party data, and some of it is VERY commercially sensitive. If it gets out, and that's tracked to my version of said files, at the very least I'd lose that 3rd-party's trust, almost certainly their business, and quite possibly end up getting sued.

Then rather than data I hold, there's data about me, such as shopping habits, etc. That's purely about personal privacy, and is an entirely separate issue.

If the above quote from the article holds true, then it sort-of falls between those two issues. If it's truly ONLY behavioural metadata, then the first issue is moot, because it's not MY data ending up in the cloud, but metadata about my network activity.

I do still have concerns. Exactly what metadata? Who is it used by, and for what? And what security is in place both for raw metadata, and crucially, for processed and analysed conclusions.

It comes down to balancing any risk of loss of privacy, to any security gains made.

Generally, corporate privacy intrusion amounts to them taking, or seeking to buy, data about me and my family, so they can sell me something. I don't want that, by anyone, ever. No sales phone calls, no emails, knocks or my door, addressed personalised letters, nothing. No exceptions. Which is why I'm vehemently opposed to such corpieate intrusions …. I have ZERO interest in what they seek to ‘offer’ in return for my data. They can, in fact, take any and all such offers, douse them in lighter fuel, fold them ‘til they’re all sharp corners, and shove their ‘offers’ somewhere anatomically uncomfortable. Then set light to them.

However … this offer is a bit different. It's offering a security service, not an attempt to sell me something (from my personal data), and the trade-off is the encrypted metadata, versus improved security. It's possible I could be convinced such a trade-off was worthwhile.

My concerns, on this, would be more prosaic. Does it work? How much extra security? Is it worthwhile to me? What does it cost? Do I know the company? What's their reputation? Do I trust them, or that their claims are realistic and their statements honest and reliable?

I could perhaps be convinced. But I'm not, yet.
Hmm, no good for encrypted services such as HTTPS then?