Home IoT security could come from a glowing rock next year

An Internet of Things security startup thinks it can reduce the complexity of a home full of connected devices to three colors: red, orange, and green.

Those colors will glow from a wireless orb that looks like a smooth river rock and is small enough to fit in your hand. But it’s what is behind this friendly bit of decor that will make the colors meaningful. The San Francisco startup, Dojo-Labs, makes a network security device that plugs into your home Internet gateway and talks to a cloud-based service. It’s all managed through a smartphone app. 

Dojo aims for nothing less than protecting a consumer’s entire collection of home IoT gear against cyber attacks. It plans to do that by monitoring all devices around the clock for odd behaviors and then either alerting the user and fixing the problem (orange light) or telling the user there’s something they need to do (red light). When everything’s fine, it will show a green light. The orb is wireless, battery-powered and controlled by Dojo’s client device via Bluetooth.

The fledgling connected-home market is still fragmented when it comes to how devices communicate and understand each other. That’s one thing that keeps many consumers from buying into IoT. Another is security, with would-be buyers scared off by stories of devices like baby monitors that are vulnerable to hacking, said Harbor Research analyst Jessica Groopman.

“This is a huge barrier to entry for a lot of people,” Groopman said.

Many consumers are already comfortable turning to specialized companies for digital security because they have been buying antivirus software for their PCs for years, Machina Research analyst Godfrey Chua said. The same kind of protection for home IoT may be an idea whose time has come.

Dojo doesn’t look at the content going over the network, it just analyzes metadata about who devices are talking to and how. It learns what’s normal for each device and then checks to see whether it’s doing anything different.

For example, if an Internet-connected thermostat normally only sends small data points like temperatures, and it suddenly starts sending a high-bandwidth stream of packets that looks like a video transmission, that’s a clue the device may have been compromised, co-founder and CEO Yossi Atias said.

Dojo will know something’s amiss and alert the user by displaying a text message in the Dojo app and changing the color emanating from the rock. Users can talk back to the system through that same text-messaging interface.

The brains of the system is a small device that needs to link up with a Wi-Fi router or other home Internet gateway via wired Ethernet. The only thing it can talk to is Dojo’s cloud service, which updates the policies it uses to manage local security. Those policies are based on proprietary algorithms, machine learning and ongoing research by the company. The home device initiates all communication, Atias said.

The product is due to ship early next year, but Dojo is taking pre-orders. It will initially be sold through Amazon’s Launchpad, a site designed for crowdfunding projects, though Atias said the company is venture funded and there are already production units in use in trials.

The hardware will cost US$199 with one year of service included. After that, the service will cost from $7.99 to $9.99 per month based on whether customers pay monthly, quarterly or annually. Pre-orders will cost $99, also with one free year included.