Even Google can get hacked… maybe

For those security staff who feel insecure or embarrassed about getting hacked, news that Google may have been disrupted by an external irritant will come as some comfort.

On November 12 for approximately 30 minutes as some services became unavailable after traffic was being rerouted through other networks. The company has not disclosed the specific nature of the disturbance, though it also hasn’t ruled out nefarious individuals.

“The issue with Google Cloud IP addresses being erroneously advertised by internet service providers other than Google has been resolved for all affected users as of 14:35 US/Pacific,” the company stated.

“Throughout the duration of this issue Google services were operating as expected and we believe the root cause of the issue was external to Google. We will conduct an internal investigation of this issue and make appropriate improvements to our systems to help prevent or minimize future recurrence.”

Network intelligence company ThousandEyes reported problems with its own G-Suite services, noting internet traffic from its own San Francisco office was traversing through China and Russia on its way back to Google, sparking some concerns. Unfortunately for ThousandEyes, this wasn’t a problem limited to the San Francisco office and was affecting all locations around the world.

No company is immune to the shady corners of the internet, though some would assume an organization as savvy and powerful as Google would be safer than most. Although the disturbance only lasted for a short period of time, for 30 minutes traffic was traversing through some countries which have a history of monitoring communications lines.

While this would be a perfect opportunity to jump on the ‘China is evil’ bandwagon, what is worth noting is traffic would drop upon hitting the Great Firewall of China, according to ThousandEyes’ investigation. Therefore it is logical to assume the attack was either an internal glitch from Google, or an external attack from someone aside from China.

For those who are constantly battling against the dark forces of the internet to keep customers and employees safe from prying eyes, take some comfort that even Google can get rocked by hackers, potentially…

DCMS and NCSC warn UK telco review might impact 5G supply chain

Reports of a letter circulating through the offices of UK telcos have emerged, though DCMS has played down the anti-China rhetoric which has been pinned to the communication.

“The Future Telecoms Infrastructure Review set out our long term plans to provide world class digital connectivity through full fibre connectivity and 5G mobile coverage,” DCSC stated. “As part of this, we are conducting a review of the supply chain underpinning those ambitions to ensure a healthy, diverse and secure supply base, now and into the future.”

The letter itself, which will not be officially released to the industry, has been signed by Matthew Gould, Head of Digital Policy at the Department of Digital, Culture, Media and Sport, and Ciaran Martin, Chief Executive of the National Cyber Security Centre, and reportedly suggests telcos should evaluate the resilience and security of their supply chains ahead of the much hyped 5G euphoria.

Although reports have emerged in the FT this morning, with the anti-China rhetoric featuring heavily throughout, DCMS has distanced itself from a targeted and calculated review. The review, and letter, is not targeted at a specific country, or firms which call that country home, but ensuring the UK has the right overall framework in place to ensure secure and resilience telecoms networks. The review will consider the economics of 5G, as well as aiming to create the desired resilience and security standards.

What is worth noting is that this letter is not new. The review and communications with telcos has been discussed in the House of Commons, while the letter itself was sent to executives weeks ago and originally unearthed by Politico. The anti-China rhetoric, which is outwardly present in other nations, seems to be more interpretation from the industry in this case.

That said, it is not completely misguided to assume the review does have a couple of nations in mind. NCSC has previously warned operators against using ZTE equipment in their networks as this might impact the long-term security of the UK, and with the rest of the world pointing a suspecting finger at Huawei, it would not be out of the question for the UK to jump on the band wagon.

While President Trump has been aggressively leading the anti-China sentiment across the US, Australia followed suit by banning the firm from participating in the Aussie 5G bonanza and South Korean telcos coincidentally left Huawei out from their preferred suppliers.

The conundrum the UK faces is focused around future trade and relationships with the rest of the world. With Brexit on the horizon, and looking increasingly unfavourable for the UK, bonds will need to be strengthened with other nations. Unfortunately this leaves the UK in a difficult position, with historic partner US on one side of the argument and the Chinese, a country various UK governments have attempted to get closer to, on the other.

While DCMS and the UK on the whole seemingly wants to justifiably maintain a neutral position in such reviews, we don’t doubt there will be a few cogs in the machine who are harbouring suspicions of the Chinese, which are starting to become commonplace.

This might not be a Chinese witch hunt, though it is certainly reasonable to assume that a level of biased suspicion will be present in some minds. What impact this has on the UK’s relationship with China and its kit vendors remains to be seen.

T-Mobile/Sprint merger finds a new enemy in mysterious lobby group

A new non-profit organization called ‘Protect America’s Wireless’ has emerged, seemingly with the sole objective of hurling spanners at the T-Mobile US and Sprint merger.

Details on the group are relatively thin at the moment, it was only founded last month, though a press call introducing the group and its mission statement on the website both seem to give the same message; the T-Mobile US and Sprint merger will be bad for the national security of the US.

“We must protect our networks from foreign spying,” the team announces on the websites homepage. “Our greatest concern is the pending Sprint T-Mobile merger, which could give countries like Saudi Arabia, China, Germany, and Japan direct access to our networks through the use of foreign-made networking equipment and billions of foreign money. We call on President Trump, Congress, and the FCC to protect American national security by denying these foreign interests access to America’s wireless communications.”

On the press call, David Wade, Founder of Greenlight Strategies, suggested a merger of the two telcos would open up the US to a Chinese ecosystem, while also suggesting any business working closely with Chinese vendors would effectively handover data to the Chinese government. While it is true Sprint owner Softbank has collaborated closely with Huawei and ZTE in the 5G R&D journey, this seems to be taking the conspiracy theory up another level. Deutsche Telekom, parent company of T-Mobile US, also has ties to Chinese vendors, but there aren’t many telcos who don’t.

The theory here is a merger between the two telcos would be bad for national security, effectively handing China a key to the backdoor. There have certainly been objections from a competition perspective, but this is the first we’ve seen with this angle. It’s difficult not to be suspicious about who the puppet master actually is.

Interestingly enough, the group has declined to discuss where funding is emerging from. As a 501c4 non-profit, the team do not have to disclose funding or ownership details, though they are permitted to attempt to influence politics as long as it isn’t their main area of focus. While the groups attempt to tackle US security is a thinly veiled attempt to demonstrate ‘social welfare’, as long as the group isn’t spending more than half of its funds on political-related activities, it can continue to operate half-hidden by shadows.

Finding out who is funding this organization is key to figure out what the angle is and whether this is yet another example of propaganda, though it is not necessarily a simple task. 501c4 non-profits have to complete a Form 990 for the IRS, on which any donations above $5,000 have to be disclosed. Unfortunately, due to the efficiency of the IRS, there is usually a 12-18 month lag on this information being made publicly available.

Until the influencers and donors of this group have been identified, this could be a very dangerous source of misinformation. Statements being made might very well be true, but without transparency it would be safe to be suspicious.

AI plays critical role in network security, according to BT boffin

Artificial intelligence (AI) is going to play a critical role in network security in the coming years and is already helping BT defend its infrastructure.

Ben Azvine, the Global Head of Security Research & Innovation at BT, has been at the heart of cutting-edge network security developments at BT for several years and has helped develop a cybersecurity strategy that combines AI-enabled visualization of cybersecurity threats with highly-trained network security personnel. He shared some of his thoughts on the matter with attendees at this week’s Broadband World Forum event.

“We are taking AI and making it help humans to be better… We are more about the Iron Man version of AI than the Terminator version,” he said, sparking ludicrous cinematic pitch ideas in the minds of some of his audience (I mean, Alien vs Predator sort of worked, right?).

Azvine pointed out that with the number of connected devices growing rapidly, old ways of securing assets were no longer relevant: Now, companies (including network operators) need to think about having a cybersecurity strategy comprising three steps – prevention, detection/prediction and response. The response needs to be much quicker than in the past (hours, not days) while the detection/prediction is tough to do without sophisticated analytics and AI algorithms.

What BT is doing is a great example of analytics and AI in action in the communications networking sector, rather than AI as a marketing hype machine — see ‘Why BT’s Security Chief Is Attacking His Own Network’ for more details.

But security is just one of seven key telecom AI use cases, as identified in a recent report, Artificial Intelligence for Telecommunications Applications, from research house Tractica (a sister company to Telecoms.com).

That report identified the seven main use cases as:

1) Network operations monitoring and management

2) Predictive maintenance

3) Fraud mitigation

4) Cybersecurity

5) Customer service and marketing virtual digital assistants (or ‘bots’)

6) Intelligent CRM systems

7) Customer Experience Management.

“The low hanging fruit seems to be chat bots to augment call center workers,” said Heavy Reading Senior Analyst James Crawshaw, who will be one of the expert moderators digging deeper into the use of AI tools by telcos during Light Reading’s upcoming ‘Software-Defined Operations & the Autonomous Network’ event.

“The more challenging stuff is making use of machine learning in network management. That’s still a science project for most operators — Verizon’s Matt Tegerdine was pretty frank about that in his recent interview with Light Reading. (See Verizon: Vendor AI Not Ready for Prime Time).

That analysis from the Verizon executive shows it’s still early days for the application of machine learning in production communications networks. And, as Crawshaw noted, AI is not a magic wand and can’t be applied to anything and everything. “It can be applied to the same things you would apply other branches of mathematics to, such as statistics. But it’s only worth using if it brings some advantage over simpler techniques. You need to have clean data and a clear question you are seeking to answer — you can’t just invoke machine learning to magically making everything good,” adds the analyst, bringing a Harry Potter element to the proceedings.

So what should network operators be ding to take advantage of AI capabilities? BT appears to have set a good example by hiring experts, investing in R&D, applying AI tools in a very focused way (on its cybersecurity processes) and combining the resulting processes with human intelligence and know-how.   “You don’t need to recruit an army of data scientists to take advantage of machine learning,” said Crawshaw. “Nor should you remain totally reliant on third parties. Develop a core team of experts and then get business analysts to leverage their expertise into the wider organisation.”

Alibaba Cloud opened two data centres in London

The e-commerce giant Alibaba is challenging Amazon and Microsoft in cloud service by adding London to its global data centre map.

If anything can indicate that the world is still confident in the UK as a business hub, amidst all the confusions over deal or no deal of Brexit, new investment from Alibaba can certainly do. The cloud service division of the e-commerce giant, Alibaba Cloud, announced on Monday that it is opening two data centres in London.

“Our decision on the location is driven by the rapidly growing customer demand in the U.K. The United Kingdom is one of the fastest growing European markets for Alibaba Cloud,” said an Alibaba spokesperson. “We are also working with many global and local partners to make sure we are offering best-in-class technologies, services and consulting to customers.”

Among the services the data centres will provide include a so-called “elastic computing”, which is a dynamic system to manage traffic spikes in the network, as well as deliver application services and big data analytics. Alibaba Cloud’s UK clients come from sectors like retail, finance, media, education, research, and logistics, and include public companies like the software maker SDL and the B2B media and event company Ascential.

Cloud service has become a key battlefield for the webscale companies and are clearly delivering results for the market leaders. Over 60% of Amazon’s operating income was from AWS, its cloud service division, in the first half of 2018, while Azure has been the most stellar performer among all Microsoft products.

Meanwhile cloud services have also attracted unwelcome following. According to a report by PwC, “Red Apollo”, a hacking group based in China, launched a series of sustained cyber-attacks last year, specifically targeting cloud service providers. The logic goes that, if they could break the defence of a major cloud service, they would be able to spread spying tools and malware to all the companies on these outsourcing services.

London joins Frankfurt to form Alibaba Cloud’s network in Europe. By the time the new data centres are up and running the company will have 52 data centres sites in 19 regions for its cloud service.

Facebook is said to be shopping for a security company

The social network giant Facebook is speculated to be close to acquiring a cybersecurity company to shore up its of data protection capability.

In the wake of a massive security breach, when 29 million users’ data were compromised, Facebook is desperately scrambling for a quick and effective solution. As it emerges, one way of doing so, in addition to working with the FBI, is shopping. The Information reported that according to four separate sources, Facebook has approached several unidentified cybersecurity companies for acquisition. One source told the online technology publication that a deal with one of the target companies could be reached before the end of the year.

A professional security solution sourced from outside could help refresh Facebook’s internal measures that might have overlooked vulnerabilities. The leak in late September, which initially was thought to have affected up to 50 million users, resulted from a coding loophole in the “View As” feature, which was attacked by an unknown party disguised as a 3rd-party marketing company. Facebook later clarified that about 30 million users actually had their access tokens stolen, but the attackers failed to gather information on 1 million of them.

On top of the technical expertise to be acquired, a high-profile purchase of a security company would also improve the perception that Facebook is serious about safeguarding user data. The company’s reputation has been repeatedly battered since the Cambridge Analytica scandal, prompting it to go more aggressive with its PR strategy. After recruiting a high calibre ex-politician to its team, adding a professional security solution to its toolkit would do no harm.

 

Shareholders start wrestling Zuckerberg for Facebook control

Five Facebook shareholders are fighting back against Mark Zuckerberg’s control of the company he founded after several scandals have plummeted share price.

Citing privacy outrages, political influence, the proliferation of fake news and data leaks, the asset managers are hoping to raise support to remove Zuckerberg as Chairman. The reputation and credibility of Facebook as a business which can effectively operate in the digital economy has certainly been called into question, though considering Zuckerberg himself control 60% of the Facebook voting rights, it might prove to be a difficult battle.

New York City Pension Funds, Illinois state treasurer Michael Frerichs, Rhode Island state treasurer Seth Magaziner, Pennsylvania treasurer Joe Torsella, and Trillium Asset Management are the troublesome shareholders, though the filing should be viewed as nothing more than symbolic. With Zuckerberg’s control over Facebook coming close to a dictatorship, it is unlikely anything will change. That will not prevent investors from complaining however.

At the time of writing, the Facebook share price was standing at $159, having started the year at $181 and reaching a peak of $271 in July. This is the lowest since July 2017, a period which has seen Facebook get grilled by politicians over fake news and political influence, Cambridge Analytica dragging the company down and data breaches leaking personal information to nefarious actors. While Facebook will always be a target for hackers and the bottom-dwellers of the internet, the shareholders are calling into question Zuckerberg’s ability to manage the business.

“Facebook plays an outsized role in our society and our economy,” said New York City Comptroller Scott Stringer. “They have a social and financial responsibility to be transparent – that’s why we’re demanding independence and accountability in the company’s boardroom.

“We need Facebook’s insular boardroom to make a serious commitment to addressing real risks – reputational, regulatory, and the risk to our democracy – that impact the company, its shareowners, and ultimately the hard-earned pensions of thousands of New York City workers. An independent board chair is essential to moving Facebook forward from this mess, and to re-establish trust with Americans and investors alike.”

This is not the first time Zuckerberg has faced a challenge to his reign. Three of the aforementioned funds also supported a proposal in 2017 to create an independent board, though many of the largest shareholders voted against the proposal. This new filing, which also suggests the creation of an independent board chair to improve oversight, is set to feature at the 2019 AGM, with the troublesome shareholders stating they will be drumming up support over the coming months.

What is worth noting is this is not a revolutionary idea. Most other companies, especially multinationals, appoint an independent board to oversee operations and maintain transparency for shareholders. It is common business practice. Perhaps the steamroller success of Facebook and the continuous supply of profits have convinced shareholders this is not necessary at Facebook, but the declining share price is certainly something to worry about. Facebook is under pressure from numerous different governments, consumer groups and regulators, and Zuckerberg doesn’t seem to want to do much about it.

The UK is an excellent example of inaction from Zuckerberg. After ignoring numerous calls to appear in-front of a Parliamentary committee, the UK Government has threatened Zuckerberg with a summons should he ever set foot in the country again. It is difficult to imagine any other multi-national business taking this approach to criticism and condemnation.

While the filing might be nothing more than a PR statement, it is clear the shareholders are not happy with the way Zuckerberg is running the business. Unfortunately, it might appear the socially-incompetent Zuckerberg is under little pressure to do anything about it considering his voting power. Ironically, the social media giant seems the closest thing to a dictatorship the US has to offer the world.

UK Gov makes bold steps to tackle long-ignored security problem

The Department for Digital, Culture, Media and Sport (DCMS) and the National Cyber Security Centre (NCSC) have jointly released new guidelines for the manufacture of smart devices, intended to build security into the foundations.

The issue of digital security is one which has been long-running and frequently brushed aside. While it is now generally accepted 100% secure is an impossible ambition, embedding security into the building blocks of every product or service is a way to mitigate as much risk as possible. This idea has also been aired numerous times, with little apparent action, though new Code of Practice aims to correct this oversight.

“From smartwatches to children’s toys, internet-connected devices have positively impacted our lives but it is crucial they have the best possible security to keep us safe from invasions of privacy or cyber-attacks,” said Minister for Digital, Margot James. “The UK is taking the lead globally on product safety and shifting the burden away from consumers having to secure their devices.”

“With the amount of connected devices we all use expanding, this world-leading Code of Practice couldn’t come at a more important time,” said Ian Levy, the NCSC’s Technical Director. “The NCSC is committed to empowering consumers to make informed decisions about security whether they’re buying a smartwatch, kettle or doll. We want retailers to only stock internet-connected devices that meet these principles, so that UK consumers can trust that the technology they bring into their homes will be properly supported throughout its lifetime.”

As it stands, the digital world is not secure. Innovation is progressing at an exciting speed, though advancements in security or even investments in security departments and products, are not keeping pace. The world is currently sleep-walking into a digital environment tailor made for hackers and other nefarious actors to thrive in. These individuals might be in the vast minority, but that does not make the threat any less real.

The new guidelines are as follows:

  1. No default passwords
  2. Implement a vulnerability disclosure policy
  3. Keep software updated
  4. Securely store credentials and security-sensitive data
  5. Communicate securely
  6. Minimise exposed attack surfaces
  7. Ensure software integrity
  8. Ensure that personal data is protected
  9. Make systems resilient to outages
  10. Monitor system telemetry data
  11. Make it easy for users to delete personal data
  12. Make installation and maintenance of devices easy
  13. Validate input data

Should the UK Government and the NCSC be able to nudge manufacturers into maintaining these principles, protections will certainly increase. This is not to say everything will be rosy, but by ensuring security is more than an afterthought in the design and manufacturing process, the right foundations are set.

“This government initiative is exactly what many in the industry have been craving for years,” said John Smith of CA Veracode. “Manufacturers have not really felt any market pressure to improve the security of these devices because consumers still have a lack of understanding of the security implications of IoT devices. Providing concrete guidance to manufacturers while also raising public awareness of these issues can only help address the gap that currently exists. It’s not just about the hardware anymore, it’s about the software behind it, and it’s really encouraging to see that the UK government wake up to the potential vulnerabilities in consumer IoT devices.”

These ideas are not new, more it is promising to see proactive action from the Government. Security experts have long discussed the merit of building security into the foundations of products, for example, Rik Ferguson of Trend Micro has previously suggested an official badge or certification for products which have been designed with the right security protocols and concepts in mind, similar to batteries. People don’t need to know the process of achieving the validation, but a properly audited process can provide peace of mind for the consumer.

However, it is critical the process is embraced by the majority and soon becomes an industry standard. Energy company Centrica has become one of the first to embrace the guidelines with its Hive smart energy devices, while HPE has also committed. This is a good start, and potentially sets the ball rolling for a process which is more official. Right now, the Code of Practice is voluntary.

Security has long been an ignored issue in the industry, mainly because it is incredibly difficult to deal with. If companies were honest with consumers about the threats of the digital economy, many would be turned off from taking more of their lives online. At least there is some positive action to addressing the significant problem of cybersecurity.

Google responds to Google+ data privacy breach by shutting it down

The product designed by Google to take on Facebook appears to have suffered from a similar flaw in the way it allowed developers to access user data.

According to a report from the WSJ, a software glitch in Google’s social networking platform – Google+ – gave developers access to private user data between 2015 and 2018. On the surface this looks similar to the Cambridge Analytica scandal that caused Facebook so much trouble earlier this year.

In this case Google identified the glitch internally and, having resolved it, concluded the security vulnerability hadn’t been exploited. Because of this Google didn’t see any need to disclose it and that’s one of the most contentious aspects of this story, especially since it’s alleged that Google was reluctant to do so for fear of reputational damage and regulatory scrutiny.

In a blog post Google VP of Engineering Ben Smith revealed they started Project Strobe at the start of this year, which seems to have been designed, at least in part, to look into this glitch. Somewhat side-stepping the issue Smith found ‘There are significant challenges in creating and maintaining a successful Google+ product that meets consumers’ expectations.’ And as a result they’re shutting it down.

This is a tad disingenuous since Google+ looked dead in the water soon after its 2011 launch and it seems likely that Google only kept it going to avoid the embarrassment of openly admitting it’s rubbish at social networking. The post did eventually get to the specifics of the glitch, stating the following:

  • Users can grant access to their Profile data, and the public Profile information of their friends, to Google+ apps, via the API.
  • The bug meant that apps also had access to Profile fields that were shared with the user, but not marked as public.
  • This data is limited to static, optional Google+ Profile fields including name, email address, occupation, gender and age. (See the full list on our developer site.) It does not include any other data you may have posted or connected to Google+ or any other service, like Google+ posts, messages, Google account data, phone numbers or G Suite content.
  • We discovered and immediately patched this bug in March 2018. We believe it occurred after launch as a result of the API’s interaction with a subsequent Google+ code change.
  • We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks. That means we cannot confirm which users were impacted by this bug. However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,000 Google+ accounts were potentially affected. Our analysis showed that up to 438 applications may have used this API.
  • We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused.

The last bullet is critical and Google seems to be counting on that for mitigation, to pre-empt the kind of outcry and subsequent regulatory torture faced by Facebook. As you can see from the tweet below, this position seems to be receiving some sympathy and it looks like some people actually still use it. At time of writing we have seen no reports of further adverse consequences for Google.

 

Facebook eyes up the connected home space

Facebook has seemingly taken its first steps towards the connected home market with the launch of Portal.

As it stands, Portal is being marketed simply as a video calling product, though with partnerships with various content streaming channels and a tie-in with Amazon’s Alexa, the future could see Facebook enter the fray as a competitor in the smart home hardware segment.

Two products will be released to start with, Portal and Portal+. Portal will feature a 10-inch 1280 x 800 display, while Portal+ is a larger model with a 15-inch 1920 x 1080 pivoting display. Powered by AI, Facebook claims the smart camera automatically pans and zooms to keep everyone in view, while smart sound features minimize background noise and enhances the voice of whoever is talking. How effective the AI remains to be seen, however now the idea of smart communications products have been normalised in the home it won’t be too long before some pretty impressive products will start hitting the market.

Such a venture could prove to be a very useful gander for the Facebookers, as diversification is going to need to happen sooner or later. With younger demographics searching elsewhere for their social media fix, Snapchat and Facebook-owned Instagram benefiting, pressure will soon start to mount on the advertising business.

Shareholders are used to exceptional year-on-year growth figures, but it wouldn’t be a surprise to see these flatten; people are becoming less engaged by the platform, therefore spending less time exposed to adverts, while recent figures have shown key markets are not boosting total subscription numbers. Sooner or later a threshold will be hit; only so many adverts can be placed in front of users. Perhaps this is where the Portal products can help.

Unlike the other internet giants Facebook hasn’t really done an exceptional job of diversification. It has added more advertising products (i.e. different ways to engage users on the platform), but this isn’t genuine diversification. If the audience for the core product declines, Facebook’s business suffers; it doesn’t matter how many products there are if no-one is one the other side of the screen to see them.

Google or Amazon however have supported their core business with outside bets. Think of the cloud computing businesses they own, or the content platforms, or ventures into the grocery sectors. These are ventures which diversify enough to ensure negative impacts on the core business do not have a significant impact, however, close enough to lean on the brand and expertise.

With the Portal products, Facebook could make a play for the focal point of the smart home. This has a couple of interesting benefits, one of which will be controlling the gateway and therefore access to the consumer. By operating a window to the consumer, the owner of the window can charge access to gaze through. Partnerships are already in place with the likes of Spotify Premium, Pandora, and iHeartRadio, as well as Food Network and Newsy. This is a business model which could certainly be successful should Portal offer scale.

It is a simple, but effective idea. The window owner would also have the opportunity to launch new services and products which be installed as default, offering an entry-point to the data economy, in the same way Google dominates the mobile OS space with Android.

The focal point of the smart home is still an on-going battle, though Amazon and Google do seem to be winning with their smart speakers. The telcos have a chance with the router, though the proactive nature of the internet players is wrestling the ecosystem behind the speakers. However, today’s generations demand screens. Amazon has been trying to launch its own smart device with a built-in screen for months, though a difficult relationship with YouTube has not helped the situation.

Should Facebook be able to launch a video-orientated product, with high-enough specs, deep connections to the smart home ecosystem and smart enough AI applications, it could make a dent in the market. No-one has really produced a product which grips onto the space, and priced at $199 and $349, it isn’t out of the question for the Portal and Portal+.

Unsurprisingly, Facebook has made a point of security. AI applications are stored on the device, meaning data will be processed locally not transferred to the cloud. It’s almost as if Facebook has accepted it has a terrible reputation for data collection and management, and is offering an alternative to trusting the team with your personal information.

The big question is whether people trust the Facebook brand enough to give the business such prominent influence over so many different aspects of their lives. Even with a physical cover for the camera lens, users might be sceptical, though if there is ambition for additional services, there is a lot of work which will need to be done. The brand is not in a very good position when it comes to credibility and trust.

Another area which might prove to be a stickler for the product is that you have to have a Facebook account for it to work. This might not prove to be an issue at all in the long-run, though considering there will be people who don’t have and don’t want a Facebook account, or people who have intentionally deleted theirs as a result of recent scandals, it might be immediately ruling out a number of potential customers.