Category Archives: Internet things

Posts about interesting things found on the Internet: websites, web apps, etc.

IP cameras – an update

We do occasional questionnaires and surveys to determine what our users want to do with their outdoor WiFi systems, and “security” and “cameras” have consistently been at the top of the list. So every few months I buy some new cameras and test them out here in the lab. I want to share with you my notes on the cameras we have sitting around here and what we’re still looking at. Spoiler alert: we haven’t found the perfect camera for farm/ranch security use yet.

The first category is “traditional IP cameras” – these are cameras that are pretty much self-contained and have more or less standard interfaces. They are “stand alone” devices that come up on your network and work. They are (mostly) very easy to integrate into an existing security system or home automation system, because they use standards like ONVIF and RTSP. These all require constant power, usually via a “wall wart” power supply, although some use Power over Ethernet (PoE).

Cheap Ebay Camera

Foscam cameras – these are simple, older IP cameras with VGA (640×480) resolution and WiFi. There were also many clones that were similar and used the same firmware, available cheap on Ebay. They aren’t available any more, as far as I know, and they’re quite outdated, the picture quality is not good, but they were very simple to use. You might still find some clones on Ebay, but I wouldn’t bother given the choices that area available now.

Ubiquiti Cameras and NVR, courtesy of Ubiquiti Networks

Ubiquiti AirCams – I used to have a couple of these, but I have never found a way to use them effectively. Ubiquiti created a whole “system” with an NVR and cameras, but it was (in my opinion) good but never great. Their cameras didn’t do WiFi (all wired), and I lost interest in them. Apparently Ubiquiti did, too, as they seem to have discontinued the entire product line. There are still a lot of them available online, and they are a good choice for a building with Ethernet infrastructure.

Axis indoor camera

Axis M1030 and M1031 cameras – Axis products are generally considered the “best” IP cameras available, but the low-cost “M” series are the only ones that are WiFi-capable. The models I have are old and have been replaced by updated versions, which are undoubtedly even better. These are my “workhorse” cameras that keep an eye on things inside our lab buildings, but they can’t be used outdoors at all. Axis makes a very broad variety of cameras, but none of the outdoor cameras use WiFi, so they have to be used with an AyrMesh Receiver. They are relatively expensive, but very, very good.

Amcrest Camera

Amcrest cameras – Amcrest came out a few years ago with some remarkably high-quality, outdoor, WiFi-capable cameras. We have had one at our back door for a couple of years now, and it has been absolutely flawless and has a very nice picture. They are comparable to the low-end Axis cameras at a much lower price; in addition, they are outdoor and WiFi-ready. They use ONVIF and standard RTSP, so they are relatively easy to integrate into an existing NVR and/or security system. These are generally my “go-to” cameras – I recommend them quite a lot. The only shortcomings are that they are “traditional” IP cameras, requiring constant external power, so they’re not easily deployed away from a power source. However, they are my absolute favorite “traditional” IP camera for use where there is a source of power. You can easily buy them on Amazon.

Vivotek IB8369A camera

Vivotek – I have a nice outdoor Vivotek IB8369A camera. It’s a very nice camera, and Vivotek has a very large line of very high-quality cameras. I was interested because it was one of the first cameras I had seen that had more advanced “object detection” capability – much more accurate than the algorithm in most cameras at detecting people and animals moving into the scene. And it works well, but they do not make any WiFi-capable cameras. So the Vivotek has remained connecte to our network, but I don’t generally recommend them, especially now that advanced object detection is becoming available on other cameras.

The second category is “App-centric Cameras” – cameras that depend on an app to provide the “brains” of the camera.

Dropcam

The first of these was the “Dropcam,” which was acquired by Nest and Google. I was an “early adopter” of the Dropcam, later to become the Nest camera, and I found it to be very handy. However, it did not integrate into any home security system (until Nest introduced their own), they did not introduce an outdoor camera for years after the first, indoor camera, and the only way it can be used to detect motion and provide alerts is by paying a monthly fee to Google. Ring (now part of Amazon) came out with similar cameras, with similar shortcomings.

Wyze Camera

I bought a Wyze camera soon after they came out because I was intrigued by their price point: $20 for a good, simple, indoor camera, or $30 for one with pan-and-tilt capability. And I have been delighted with them: they can do motion detection and alterting, and you can easily access them through the very good Wyze app. They use a micro-SD card to store video on the camera, so you don’t have to have a subscription. They are currently my “go-to” for simple indoor cameras (e.g. folks who just want to see what’s going on in their house when they’re gone). They have introduced an outdoor camera, but it really belongs in the next category.

Sim-Cam

I also got a camera that touts itself as being much more capable in terms of locating motion: the SimCam Alloy 1S. This is a camera that uses a Passive InfraRed sensor to detect movement, and then uses advanced software techniques (which they call “artificial intelligence”) to identify people and other items in the camera’s view. So far, it has identfied me, the dog, and the cat next door as “person,” so I am not sure how well the person identification works. It’s a good little camera, and they have introduced a battery-operated indoor version. If they introduce a battery-operated outdoor version with a solar panel, I’ll certainly want to look at it.

The third category is “Battery-operated cameras” – these are app-centric cameras that can be installed remotely, without a power outlet. This is a very tricky category – there are a fair number of variations on this theme, but they are (so far) none that “look” like standard IP cameras. All are app-dependent, but most of them use local storage to avoid having to use “the cloud” to store video after a motion detection event. In order to minimize battery usage, they depend on a Passive InfraRed (PIR) sensor to detect movement, which then turns the camera on until the movement is done. You can get alerts through the camera’s app, and then access the video stored on the micro-SD card on the camera itself. However, none of these are currently capable of being integrated with a “traditional” security system, although some are able to integrate with popular home automation systems like Alexa and Google Assistant.

Reolink Argus

The first camera I used in this category was the Reolink Argus, which runs on four small “CR123” batteries. I was delighted with this camera for about 3 weeks (I had it mounted out where I was having some critter troubles, and it captured lovely video of a rat running around). I replaced the batteries, and, about 3 weeks later, it died. I then got some lithium 16340 batteries and a charger (the camera requires four). They lasted about 2 weeks between charges, and I was starting to get tired of changing the batteries when it had another problem: the latch holding the micro SD card broke, so it would no longer store video.  It does not integrate with any “normal” security system, and it doesn’t have a way to integrate other power sources (e.g. a solar panel to keep the batteries charged), so it is currently sitting on a shelf.

Mail-order camera

I then saw a relatively inexpensive solar-powered camera on Aliexpress.com and decided based on the specifications to give it a try. There were two immediate downsides: first, it shipped with incredibly bad batteries – they died and would not hold a charge after only 2 days. I replaced the batteries with known-good 18650 batteries and it has worked fine ever since. The second problem is that it depends on an app which is published by someone who is unknown (at least to me) and does not seem to be of the highest quality. That said, it has been working pretty reliably for a few months now.

Reolink Argus Eco

Reolink then released their Reolink Argus Eco, which, when paired with the optional solar panel, is functionally very similar to the camera above. I thought it would be interesting to compare and contrast with the “generic” camera above. It was a little more difficult to mount, since the camera and solar panel are separate, but worked essentially the same. The app comes from Reolink, which I found encouraging.

As noted, the performance of these two cameras is very similar. When they have a tight view of a somewhat secluded area (e.g. looking at a door from across the yard) they work very well – they alert every time someone walks through the scene with very few false alerts. When they are looking at a wider area with a lot of different things in the picture, they both generate a lot of false alerts. For instance, I have the Reolink in my brother’s front yard, looking at his cars in the driveway, and I get almost constant alerts from it when the wind is blowing, because it “sees” the branches of the trees moving. I had tested the inexpensive Chinese camera in his back yard and saw the same problem. I put the inexpensive Chinese camera in my back yard and pointed it at the back door, however, and it worked perfectly.

There’s not a single camera I can recommend without reservations. The Amcrest cameras are very good traditional IP cameras, and they integrate well with many traditional home security systems, but they require constant power and careful consideration around IP address planning (including router configuration) if you want to use them with an NVR or from outside your network.

The Wyze indoor cameras are so good and so inexpensive that they’re definitely my current choice for indoor cameras if you don’t need to integrate in with a traditional home security system. Their app is very good, and provides good alerts on motion, as well as good “on-demand” viewing. Unfortunately, they recently introduced an outdoor camera that, due to its design and the reviews I have read, I’m going to decline to test. They are going in a lot of directions right now, and not all of them will be successful, and I hope they “double back” and build a good, simple, outdoor solar-powered camera without the complications of the “Gateway module” and yet another wireless network.

Similarly, I like the Reolink Argus Eco for use in outdoor locations where there’s no power. Just turn off the motion detection and notifications if you need to use it in an area where there’s likely to be a lot of extra motion due to wind or other factors. There are a huge number and variety of similar cameras coming out of China – perhaps we can modify one or more of them to optimize it for rural use.

I’m going to keep looking and testing cameras here with an eye toward what works on the farm or ranch. Of course, I’m always eager to hear about what you have found, what you are using, and what you’re not using any more (successes and failures). Next up for me is the “EyeCube” – I’ll let you know how it goes.

Farmers’ Right to Repair, Right to Replace – Open Standards and Open Source in AgTech (and elsewhere)

The “Right to Repair” movement has been slowly gaining momentum over the last few years, as I was reminded this week by an excellent article on Bloomberg Businssweek, “Farmers Fight John Deere Over Who Gets to Fix a $800,000 Tractor”. Where I found this article much more interesting than others is that it tried to explore both sides of the issue, and it used as a source my friend Willie Vogt, who is an agriculture media industry stalwart, industry-described “agriculture technology geek”, and whose knowledge and understanding of AgTech I admire very much.

Support for “Right to Repair,” with some caveats…

So, to be absolutely clear about my own biases, I am absolutely in favor of the right to repair, of open standards and open source, and of, for lack of a better word, “hackability.” So it stands to reason that I would be fully in the camp of advocate and Nebraska engineer Kevin Kenney and the other “Right to Repair” folks, and I am – but with a few important caveats that keep me actually more closely aligned with Willie. I think this deserves some serious explanation.

Having the right to do something carries with it the obligation to do it responsibly. In this article, Willie is pointing out that an enormous amount of damage can be done by someone hacking away with the very sensitive control system for a large, complex piece of equipment like a combine. And I agree. If you disable the emissions controls on a piece of equipment you are just being a selfish, obnoxious neighbor, polluting your property and that of your neighbors for your own gain. If you disable the safety features, you are literally risking the lift of anyone who comes near it. So, when Kevin talks about the right to “hot rod” his equipment, I bristle: I think he should have the right to “hot rod” his combine if he’s about to take it out to a combine derby, or especially being able to run the combine during harvest season while he’s waiting for a part, but I certainly don’t want him running a combine continuously all fall with its emissions system compromised. Similarly with the safety components – I don’t mind him being able to bypass a “port open” sensor while he’s getting a spare part, but there should be some requirement to (1) label it clearly for the sake of anyone who comes in close proximity of the machine, and (2) get it fixed as quickly as possible.

One of the more nuanced examples in the article, however, is one about a line of Deere combines that are mechanically identical but sold at different horsepower ratings limited only by software. On one hand, this seems inherently dishonest: you buy a machine that’s capable of a certain level of performance, but you are artificially prevented from accessing that performance. On the other hand, it seems completely honest: you paid an appropriate price for a level of performance that Deere successfully provided.

Influence from Other Industries

Modern “Software As A Service” platforms, like Salesforce.com or Oracle NetSuite, have introduced this concept widely: it means that a small business can access the same powerful software as large businesses, and each with the particular modules they need, and each paying an appropriate price for the benefit they get from it. The software runs in the same browser window on the same computer, whether they are paying $100 per month or $100,000. So why not sell farm equipment the same way: different versions and options of software running on the same hardware at the customer site? That way the customer can even “upgrade” the machine or turn on additional features as they are needed, saving the farmer money and allowing the dealer to deliver new capability as the farmer requires without having to deliver additional hardware.

The problem is, of course, that business model only works if the vendor has complete control over the software – the users can’t modify it, and, if something goes wrong, they are completely at the mercy of the vendor. So this business model necessarily conflicts with the right to repair – it is only applicable for equipment that is rented or leased, not for equipment that is purchased.

Need for Open Source

There is a fairly radical solution: the source for all this embedded software in devices we purchase – from smartphones to tractors – should be available freely. Clearly, this would enable people to do things that are stupid, inconsiderate, and dangerous. It would also allow people to understand, repair, and maintain their devices indefinitely, protecting the investment they make in these devices that are frequently critical in running customers’ businesses.

Of course, there are other approaches to the particular problems of the Right to Repair farm machinery. Manufacturers offering complete diagnostic software to all owners is a good first step, enabling at least complete troubleshooting if not necessarily the ability to repair or modify the machine. Providing software that will allow someone to bypass or disable a sensor, for instance, for a period of time might also help a lot.

Networked Devices Need Lifelong Updates

Looking forward, however, the problems with farm equipment and other electronic devices like smartphones start to intersect as farm equipment becomes increasingly network-connected, meaning they can be the target of online hackers. Like smartphones, farm equipment will need to be continuously updated long after there is no economic incentive for the manufacturer to do so. Without some form of open-source software to run on these machines, they’ll be vulnerable to online hacking that can render them useless.

Where Ayrstone Stands

For ourselves, we use open-source software and open standards: you can replace the firmware on any Ayrstone product with the open-source packages from OpenWRT, DD-WRT, etc., and you can replace an AyrMesh Hub with another device that uses standard 802.11s meshing. We’re not competing by “trapping” you into our technology; we’re competing by offering the best, easiest-to-use products and support for our market: wireless networking for farms and ranches.

We get it – nobody wants to collect a new “doorstop” because it can’t have the software updated, whether it’s a $300 WiFi access point or a $300,000 tractor. By making use of standards instead of using proprietary technology, we protect the investment you make in our products and all the wireless technology you use on the farm. We’re hoping our example will influence some of the other vendors of agricultural technology, large and small.

Sensor Networks 2 – LoRAWAN, Sigfox, RPMA, etc. – low-power WAN technologies for agriculture

There is a lot of talk about these technologies – every time I turn around it seems like I’m reading about or hearing an analyst who is saying that these technologies will revolutionize farming with “Internet of Things” devices. And they are exciting.

The attraction for carriers to these technologies is that they can be added easily to an existing cellular (or other wireless) network, using existing backhaul, billing, and other infrastructure. Some of the technologies, like LTE-NB and Cat M1 (which Verizon and AT&T are reportedly testing) just require changes to the LTE station firmware (supposedly).

The appeal of all cellular technologies for solution providers, of course, is that they are easy to install – as long as there is a signal, they just put in an appropriate client radio and a SIM card, and the device starts sending data to a server.

The problem, of course, is that rural cellular networks don’t offer any data services to large parts of the rural U.S. today, and there are areas without even voice service. So there’s a significant investment needed on their part to make these technologies usable across rural America.

But that’s the problem: if you’re the company investing in deploying these technologies, you want to put them where the greatest concentration of potential users are, and that’s in cities. Every power meter, gas meter, water meter, parking meter, flow meter, streetlight, traffic sensor, etc. will be able to connect to the network – there are literally hundreds or thousands of potential connectors per acre in the city, vs. one to ten per acre in the country (except, perhaps, Napa). So, if I’m a shareholder for a cellular company, I do NOT want to hear they are building out rural infrastructure for LoRA or something else – I want them to concentrate in the cities, where those networks are most profitable.

Now, rural WISPs, telephone co-ops, etc. may choose to piggy-back one or more of these technologies on their networks to server local customers. Which WISPs? Which co-ops? Which technology? Your guess is as good as mine, although it is worth mentioning that Senet is a company that’s rolling out LoRA in a few rural areas, for instance. However, their coverage map makes it clear they are concentrating on cities, towns, and some farming areas in Missouri, Arkansas, and California.

Note also that, where there is connectivity, the carriers will want to charge a monthly fee for each device – that’s OK if you have a few devices, but, eventually, believe it or not, you will want to have hundreds of devices on your farm. I am already hearing from growers in specialty crops who have monthly cellular bills of over $1000.

Bottom line: I don’t see these technologies providing any real help to the majority of U.S. growers for the next 5 years, if ever. They will show up in some places as a local option, but it doesn’t pencil out on a national scale.

What does make sense is to put some sort of high-bandwidth wireless network on the farm/ranch (e.g. WiFi of some sort, like AyrMesh) and then, as needed, use WiFi-enabled sensors or run local 802.15.4 networks (e.g. Zigbee, 6LowPAN, Threads, etc.) in the fields for sensor connectivity. The sensors are cheaper, the networks are controlled by the growers, so they cover what needs to be covered, and, since it’s all on the farmer’s LAN, the data can easily be directed to a local server and needn’t leave the farm.

(Note: I’m not actually crazy about ZigBee, but it’s the best and cheapest we have available right now. I’m hoping for better in the future: something like Google’s Threads, but at 900 MHz.)

More to come on this subject…

Privacy and Security on the Internet

On Monday, April 1, 2017, Congress passed and President Trump signed a bill to repeal rules that require ISPs to get your permission before selling information about your online habits. You can read more about it at USA Today or Ars Technica.

As soon as it was publicized, we received inquiries from Ayrstone customers about how they can protect themselves. Unfortunately, we really don’t have much we can offer. There is a lot of talk about Virtual Private Networks (VPNs), and some about the Tor Project, but neither is a very satisfactory solution.

VPNs securely route all your Internet traffic to the vendor’s routers, and then sends that traffic to the Internet. This will prevent your ISP from seeing your Internet habits (because, from their perspective, all your traffic is going to the VPN vendor), but clever spies can untangle your traffic from the VPN’s stream, and there is a danger that the VPN will simply collect your information and sell it.*

The Tor project is the result of a U.S. Navy project (paradoxically, while the government spends your money to reduce your privacy, they also have spent money to improve your privacy…). It is voluntary network of computers – you download their software, and all your traffic is routed through a seemingly random collection of computers around the globe before appearing again on the Internet from a random location. This is much more secure, but there are cases where agencies have re-assembled data from the Tor network.

Either VPNs or Tor will slow down your network, and neither offers perfect privacy. Various ISPs have vowed not to sell your internet usage data, and several states have started investigating passing local laws to protect privacy.

Add to this, unfortunately, that your ISP is far from the only source of information about your Internet usage. Google, Microsoft, Apple, and many, many others gather LOTS of information about your usage, and they use it to target advertising to you.

So there are three things you can do: first, use VPN or Tor software to increase your privacy, second, talk to your lawmakers about re-instating (and, preferably, increasing the scope of) the regulations around privacy, and, third, follow the advice of my old boss, Scott McNealy.


*There is another use of VPN – to connect a remote network to your LAN – and many of our customers use this kind of a VPN. In this case, you have a VPN router on your network, and you connect using VPN software or another VPN router to a remote network, such as (for example) a remote location where you have a different Internet “drop” from your home. In this use of a VPN, devices at that remote location get IP addresses and appear on the network as if they were in your home network, even though their traffic is routed out through a different Internet connection. This means you can be in the remote location and send a job to your printer at home, and it will be printed and ready when you get home, or you can access files on your home PC when you’re away. This does not help your privacy, except against information theft on public Internet connections, but it can make remote working more convenient.

The Internet of Things (IoT) on the Farm – Part 3

In Part 1 and Part 2 of this series, as well as the associated posts on the ezeio and sensor networks, I have focused primarily on IoT hardware: the part you can see and touch, and that touches your farm.

However, in many ways, software is much more important than the hardware. As I observed in Part 2, modern technology products are remarkably similar: a CPU, some memory, some storage, and some peripherals. If the peripheral is a relay, you have a device that can turn things on and off (like a remote-controlled power plug, or a WebRelay). If the peripheral is an “Analog to Digital Converter” (ADC) then the device can monitor sensors and report the values from those sensors. Some devices like the ezeio have both (and even more).

Of course, nothing happens on these devices without software. And software is involved in at least two important places: the software that is running on the devices themselves, sometimes referred to as “firmware,” and the software running on back-end computers (local or cloud servers, PCs, or even your phone or tablet) that is used to store and interpret the results from the devices.

These two pieces of software have to be able to “talk” with each other, and we’ll assume* they do so over your network, with the device connected to your AyrMesh network and the “back-end” software on some sort of cloud-based server on the Internet. Note that the “back-end” software COULD reside on a server on your property if you are using AyrMesh.

What the devices themselves do depends on both the hardware and the firmware on the device – in most cases, that firmware will collect readings from the sensors, upload that information to the back-end server, and, if appropriate, take commands from that server and take action, from turning on a light to starting a pump or a grain auger.

In most cases, that firmware is a closed system – there is no way for you to collect data off or communicate with the device directly, or to direct it to a location other than the vendor’s cloud server. It doesn’t have to be that way, but (1) it’s simpler, and (2) that gives the vendor much more control over the data.

The back-end server usually stores the data and presents it to you (either through a web page or a mobile app, or both). What data you see, how you see it, and what you can do with it depends on that back-end software. It may just present a time series of observations in the field as a graph, it may let you set up simple or complex rules (if the soil moisture is at this level or below, turn on the irrigation system), and it be able to present data in many useful ways (different graphs, superimposed on maps, etc.) and enable very complex control of your farm machinery.

The back-end server is usually a closed system, as well – most times it can only accept data from the vendor’s own devices. Sometimes it may have an “Application Program Interface” (API) that allows it to exchange data with other programs. It may also have the ability to upload data into it for tracking and presentation, or to download data from it for importation into another program. These APIs and import/export mechanisms may be very good, well-written, and well-documented, making them extremely useful. Or they may not. APIs are generally only useful for programmers – it takes code to make them work – but well-written and well-documented APIs can enable even relatively inexperienced programmers to create custom programs to do exactly what you want, and that can be extremely valuable.

On the other hand, back-end software without good APIs and/or import/export features is a “closed box” – what you get is just what you get, and there’s no way to get more or less. Understand, of course, that a closed system like this may do EXACTLY what you need, but, if your needs change, it may suddenly become useless.

Of course, there is also the issue of your data and what happens to it. The terms and conditions for the service may be very clear about what happens to your data, or they may be quite vague. Many of the data services will anonymize and sell the data that you store on their servers (the most unethical may not even anonymize it – beware!). This may concern you or not, depending on the nature of the data and how closely tied to your operation it is. For instance, it is generally valuable to share weather data – if your neighbors do so as well, you can gain a much better insight into the local weather patterns. On the other hand, you may not want to share geo-referenced harvest data – that tells too many people exactly what your land and your harvest is worth. “Fuzzing up” the geo-reference, however, might make it a lot more shareable.

When you are considering new devices to collect data and/or control machinery on the farm, these distinctions between “open” and “closed” systems, and the availability if good, usable APIs may seem abstract. Salespeople for “closed” systems will do their best to minimize the importance of these issues, but it’s absolutely critical. Openness in the device’s firmware means that the devices can be re-purposed to work with another system if you don’t like the vendor’s services, and openness in the back-end database means you can easily get your data and move it where it can be combined with other data and used (e.g. providing it to your agronomist for analysis, or storing it in a system where it can be combined with other data for decision-making).

Being smart about buying new technology for your farm can save you a lot of money in the long term, and a lot of frustration in the short term. We’ll keep an eye out for and report on interesting products that help you on the farm using open technologies.

*some devices connect directly to the network using WiFi or Ethernet, and some devices will have low-power networking (e.g. Zigbee or Google Threads) that use a “gateway” device to connect them to your network (or directly to a public network via cellular or satellite). There are even some that don’t talk to the network at all, using either Bluetooth or an embedded WiFi server to communicate directly with your phone, tablet, or laptop. And, of course, there are still devices that use some sort of flash memory and “sneakernet” (taking the flash memory off the device and walking it to a computer).

Security and the IoT

As you know, I think that the “Internet of Things” (IoT) has enormous potential for the farm. But we have all been recently reminded of the problems we are facing as BILLIONS of new devices come on to the Internet – Friday October 21, the IoT literally broke the Internet.

This event has been called the “Mirai botnet attack.” This is an extremely important event, because it used IoT devices to effectively bring the Internet to a stop for several hours on Friday, October 21. Even Ayrstone was affected: we use Zendesk for our customer support portal, and it was unavailable off and on on Friday.

This attack was innovative in two ways: first, it did not attack the affected sites directly, but rather attacked the Domain Name Servers (DNS, the servers that turn domain names like ayrstone.com into IP addresses like 104.24.21.15) of Dyn.com, making a huge number of websites, including Zendesk, Twitter, and others unreachable, even though they were working just fine.

But the most important innovation was the way the attack was done – using a Distributed Denial of Service (DDoS) attack from IoT devices. DDoS attacks work by sending a huge amount of data to a server from a large number of devices on the Internet, overwhelming the server and causing it to fail. Up until now, the “botnets,” as the devices sending the data are known, have mostly been personal computers infected with viruses that allow a remote user to control them and cause them to send out streams of data to the target server.

As I mentioned, however, this attack was different, because it used IoT devices – IP cameras, routers, wireless networking devices, and other little devices that people don’t see as being “computers.” But your router or IP camera has a lot more computing power than the powerful desktop computer you had just a few years ago.

Hackers were able to access these devices and install “botnet” software on them because – and this is THE IMPORTANT THING – the passwords were NEVER CHANGED from the defaults. For instance, many devices come with a default username of “admin” and a default password of “admin” or “password.” If those are not changed and they are exposed to the Internet, they are an open invitation to hackers.

Now, most of the devices on your network are NOT currently exposed to the Internet – they are safely hidden from the Internet by your router’s NAT firewall. But it is still important to change the default password on devices, and, if you have “port-forwarded” to any devices to make it accessible via the Internet, it is DOUBLY important to make sure it has a STRONG password to protect it.

Ayrstone products, of course, are protected because the username and password for each device is set from AyrMesh.com. The only way an AyrMesh device can have the default username and password is if you don’t have an AyrMesh.com account, and we regularly disable devices that are not checking into an active account. However, even at that, AyrMesh devices should always be used behind a router’s firewall and not exposed to the Internet.

These devices are incredibly useful when used properly, but you have to take some minimal precautions to keep them safe. More information about the Mirai botnet attack and security of IoT devices can be found in this article and elsewhere.

This attack is a good reminder of three things:

  1. Make sure you always use good passwords (long, not a quotation or word) on ALL devices and keep those passwords secret,
  2. Don’t expose devices to the Internet unless you have to, and
  3. Purchase networking/IoT products from reliable vendors who can update the firmware to close vulnerabilities, preferably automatically and over the network. If not, make they make new firmware available to close holes as they are discovered, and install it regularly.

AyrMesh devices have firmware that is updated over the network. We issue several updates per year, and you needn’t do a thing – they happen automatically.

If you have any questions, of course, just let us know – support@ayrstone.com.

 

Welcome Eero and Google to the world of Mesh

Since we started marketing the AyrMesh system five years ago, we have gotten inquiries from folks who have large houses, offices, and small hotels/motels – can AyrMesh work indoors? The answer, of course, is that it can work, but it’s not optimal for a number of reasons, and we do not recommend it. AyrMesh is designed for outdoor use, mainly in rural areas.

We have been able to recommend the fine Open-Mesh products for indoor and urban outdoor use, but some new products have recently entered the market.

Eero was the first in this space, with a very nice-looking product and very good technical specifications. Unlike Open-Mesh, they do not have any way to mount their units outdoors, and they only offer one model (available in a 1-, 2-, or 3-pack).

Then, this week, Google announced the new Google WiFi product, utilizing a very similar approach of very nice-looking indoor meshing access points for larger houses. The Google WiFi products will be available in November, but they can be pre-ordered.

Open-Mesh uses their Cloudtrax website and apps to control their access points; we have used Open-Mesh here in the Ayrstone lab for years and found it to be excellent. It’s a fair bit more complicated than AyrMesh, but it has the more “commercial” features you might want for a business or a motel, and the more complex features are easily ignored for a home setup.

It’s worth mentioning that there have long been WiFi Repeaters (also known as “boosters” and “extenders”) that connect to your WiFi router and create a new WiFi signal, and devices like the Apple Airport routers that use “Wireless Distribution System” (WDS). Although a single repeater can work well, and three Apple Airport routers using WDS (one connected to the Internet and two “extenders”) can work, they don’t have the routing “smarts” of a real mesh network, and they can cause more problems than they solve. For a large house, a real WiFi meshing product like these will provide much better results without running Ethernet cables… of course, for the absolute best WiFi, there is no substitute for just running Ethernet and putting separate Access Points in each location you need WiFi. If you were clever enough to run Ethernet to the far reaches of your house before the drywall, all you have to do is plug in some dumb access points in the Ethernet – no need to mess with the indoor mesh.

The new Eero and Google WiFi products use apps to configure and control the network – I don’t know if there is a website option available, but I get the impression that the apps are the only way to control them. I don’t know about you, but my poor phone is “full” of apps, and I really don’t want another one.

So my own view is that these new players are not quite as good as what already exists in Open-Mesh, but, of course, your mileage may vary, Of course, they are being marketed like crazy, so you’re going to see them in the press all over the place.

What I think is important is that meshing WiFi is becoming mainstream, and, if you live in a large house, you don’t necessarily have to run Ethernet to get WiFi throughout the house.

Getting started with the IoT on the farm with ezeio

 

Courtesy of eze System

A few months ago, I was approached by the folks at eze System, who wanted to know if their ezeio product would work with AyrMesh to help farmers measure conditions on farms and control equipment.

They were kind enough to send me one of the ezeio products so I could try it out. Insofar as it is a standard Ethernet (802.3) product, I had no doubt it would work perfectly with AyrMesh, and, of course, it did – I just connected it to an AyrMesh Receiver with an Ethernet cable and it appeared on my network.

What is cool about the ezeio is that it is a complete package – hardware, firmware, and back-end software – completely integrated and ready to plug in and go. It includes connection points for up to 4 analog inputs (configurable for 0-10V, 4-20mA current loop, S0-pulse, or simple on/off), Modbus devices, Microlan (1-wire) devices, and up to two relay outputs (up to 2 amps). This makes it a very versatile unit for both detecting and controlling things on the farm.

I set mine up on a table to see how it worked. The good folks at eze System included a Microlan temperature probe, so I set up my unit with that connected to the Microlan connector and a couple of LEDs (with a battery) connected to one of the relay outputs.

I then went to their web-based dashboard and started setting things up. It’s pretty simple – you get a login on the dashboard, and you add your ezeio controller. You can then set up the inputs (in my case, the temperature probe) and outputs (the relay) and then set up rules to watch the inputs and take appropriate actions. If you want to see the details, I have put together a slide show for the curious so I don’t have to put it all here.

The bottom line is that I was able to quickly and easily set up a system that checked the temperature continuously and, when the temperature dropped below a certain level, lit up an LED. Big deal, I hear you say, BUT – it could easily have been starting a wind machine or an irrigation pump or some other machine, and it could have been triggered by a tank level switch or a soil moisture sensor or some other sensor or set of sensors. It also enables me to control those devices manually over the Internet, using a web browser, without having to “port forward” on my router.

The ezeio is a very powerful yet easy-to-use device which, in conjunction with the web service behind it, enables you to very easily set up monitoring and automation on your farm. For the do-it-yourselfer, it is a great way to get started on employing the Internet of Things (IoT) on your farm. Even if you’re not inclined to take this on yourself, any decent networking technician  can easily set up your AyrMesh network and the ezeio to help around the farm.

The Internet of Things (IoT) on the Farm – Part 2

In Part 1, I talked a little bit about the vision for the internet of things, but I didn’t really define what I meant by the internet of things.

What I’m talking about when I talk about the Internet of Things is a profusion of small devices that are all connected to the network and therefore to the Internet. Whereas most of the things in your home that are connected to the network have keyboards and screens and are meant for you to interact with, I’m talking about things that instead have sensors and relays and actuators. In most cases, you won’t interact with them at all. They’ll just work automatically in the background either gathering data for you or controlling equipment. Most of these things you’ll set up and never touch them again, but they’ll be working quietly in the background for you day and night.

If you are as old as I am (and I hope you’re not!), you remember the first wave of personal computers: the Apple II, the CP/M machines like the Kaypro and Osborne, and the original IBM PC – these were amazing because they were real computers that could do useful things (spreadsheets, word processing, and calling bulletin board systems) but were small (the size of a suitcase, more or less) and inexpensive (a few thousand dollars – in the 1980s) enough for home use.

Raspberry Pi Zero – $5

The kinds of computers that we are talking about here are significantly smaller (typically the size of a credit card) and significantly less expensive (most under $100, many of them less than $10), even though they have 10-100x the computing power of those early personal computers. Instead of keyboards and screens, they have network ports and connections for various sensors and/or actuators; most can run for hours or days on a small battery – some can run for months. They can sit in in a tiny place, collecting data and transmitting it to the network, or waiting for a command to do something, for years.

Simple Air Temperature Sensor

Decagon Soil Sensor

There are also a wide variety of sensors available, from simple temperature or humidity sensors to weather sensors like anemometers and rain buckets to advanced soil sensors that can measure soil temperature, moisture, and electrical conductivity. There are even sensors for UV radiation, leaf wetness, and chemicals in air and water.

Simple small relay

But these little devices can do more than just sit passively measuring conditions. Devices can also be connected to allow them to take action, from simply turning something on to controlling complex machinery automatically. For instance, it is fairly simple to use a simple, small relay to turn an electrical machine on or off.

Raven PWM Valve

Multiple relays can be used for multiple devices, and relays come from very small, low-power devices to very high-power solid-state relays for switching very heavy loads. Many of these computers, however, also have the ability to output Pulse-Width Modulated (PWM) signals to control variable-rate devices like valves (control pressure through a water valve for irrigation or a hydraulic valve for controlling machinery) and pumps.

75 Amp Solid-State Relay

What ties it all together, of course, is two things: a network and software (both on the device and acting as some sort of “back end” to store and manage the data coming from these devices). Without software, any computer, even a $5 one, is just dead weight; without a network, it’s just sitting out in the field collecting data it can’t move to someplace it can be useful.

We know how to build the network – what Ayrstone does is give you the ability to build a strong, standards-based wireless network across your farm – and in part 3 we’ll consider the software part.

 

The “Third Wave” of AgTech

We wanted to quickly share an article published recently that impressed us quite a bit.

This article in DTN/Progressive Farmer talks about how information technology is making a difference in farming and how that is likely to accelerate in the coming years.

There are a lot of unknowns in the “AgTech” field – most importantly, which vendors and technologies are going to be genuinely important and which will be forgotten. However, one thing is clear: the technology of agriculture, and particularly of agricultural data, is here to stay. And, where you have data, you HAVE to have a way to move it. And, finally, the way to move data is using networks.

So we are encouraged by this article (and others we have seen) that predict increasing importance for data on the farm – it just makes the AyrMesh network that much more valuable for our customers.