It’s been a relatively long hiatus with no posts, but rest assured, I’m still here. Between a mountain of work, and the flu, I’ve had very little time to write anything. Instead, a lot of work got done, and if time permits, I might be able to share some of it with all of you.
Just the other day, I spotted a D-Link SecureSpot DSD-150 on sale at one of my favourite computer shops for just AU$9. This was an oddball device which I remember from 2006 or thereabouts intended to be a middlebox between your modem and router, kind of like a firewall-proxy, intended to protect your whole network from threats and allow you to restrict access to undesired material. It was D-Link’s foray into “internet security” – then, the hot marketing term as anti-virus started to lag behind the networked threats of worms, and downloaded applets. While it received high acclaim, it didn’t achieve popularity.
Now, I don’t suggest anyone should go out and buy one of these today, unless they just want to keep the LAN cable and power adapter. It’s as useless as a brick, and it will become apparent why in a moment.
The Product, the Promise
What I got appears to be a refurbished unit, possibly from the US given the markings. The box had been unsealed before. The front of the box makes many interesting claims.
It markets itself as an Internet Security and Parental Control solution for up to four computers, but also claims to be a solution to a whole list of problems. Opening up the insert elaborates on its abilities.
It claimed to be a money-saving device with quick setup and constant protection for all types of devices on the network, allowing you to protect up to four computers with just one SecureSpot device. In fact, part of the protection relied on a “thin client” application installed on the user’s computer, thus operating system support is important. The purchase of the device, normally priced at AU$199 at introduction, included a 1-year subscription with ongoing subscriptions at about (from memory) AU$80 plus AU$20 per extra computer. It took out Cnet’s Best of CES in Networking in 2006.
Its product pitch on the box gets a little flaky when we get to the rear. The “layers of security” diagram is somewhat confusing, however, it points to a cloud-based internet protection layer which delivers the latest protection and provides management, a SecureSpot device protection layer with the filtering actually undertaken by the device, and the thin client application installed on the user’s PC to protect against viruses.
Unfortunately, designed to sit between a modem and a router, I wonder how that would work with modem-router combination units … heh. I suppose that’s why the SecureSpot2 technology is integrated into the firmware of some of D-Link’s more recent routers.
It is powered by Bsecure Technologies and VeriTest, a service of Lionbridge.
The two sides of the box list the inclusions, requirements and feature comparison. Note that this product doesn’t support “modern” operating systems, the most recent one being Microsoft XP SP2, which was long out of service. The comparison table is interesting, because it uses coloured box logotype which clearly identifies Option M as McAfee and Option N as Norton. It’s likely to avoid trademark issues, but it’s definitely identified its competitors clearly.
The big lie, however, is their choice of metrics. Of course, if you compare other products on their ability to be administered through the web, they won’t compare, but why is that even important in the first place? It’s just one of those marketing tricks they use to sell products, and they should be ashamed of that. It may not be historically accurate, as they may have also been comparing the Anti Virus software solutions rather than their Internet Security (e.g. Trend Micro would have had one at that time) solutions.
I think this one came from America, as the contact details are for USA and Canada and the warranty is only available in USA and Canada. Hmm.
Inside the box, the SecureSpot unit is very similar to the other D-Link products with the same shell molds, but instead of silver and brown-grey, it’s black.
The front of the unit features four LED indicators, two for traffic (one in each direction), one for power and one for threat blocked. The rear of the unit features two sockets, one for LAN (to router) and the other marked WAN (to modem). There is a reset button and the power adapter input as well.
The side of the unit features classic D-Link vents.
The package also includes a power adapter, installation CD and short LAN cable.
The attractive feature of this solution is the simplicity of being able to protect a whole network with the insertion of a middle-box and installation of some light software. That would have appeal to many, especially as the cloud-based services should keep it effortlessly up to date and current. It claims to also help users save money, however, in return, it would have made a decent revenue stream of which D-Link and Bsecure would have very much enjoyed. No longer was it about selling hardware, but more a service.
The unit is easily disassembled by undoing two screws. Undoing two more screws releases the PCB from the case.
Internally, the main PCB shows two Realtek RTL8201CP PHYceivers, each hooked up to a magjack and its own 25Mhz crystal. The main SoC is a Ubicom IP3020 clocked with a 10Mhz crystal, with a Spansion NAND flash chip holding the firmware. The rest of the circuitry appears to be power supply, with a JTAG connector appearing at the front right corner of the board.
The underside reveals nothing of interest.
The Mothership is Dead
The whole premise seems to have been well received by many, however, reviewers did note problems with the device which made it less than ideal. This may have been perceived as a threat by the existing security software vendors.
Unfortunately, if you were to pick up one of these today, you would find it is not much use. I plugged it in and tried to set it up to no avail. It just didn’t work. Maybe there were residual settings inside, but holding down the reset button didn’t do anything for it. It slowed down all the devices going through it, and it also restricted access to some things but inconsistently with no rhyme or reason. There was no ability to configure the device that I could see.
A peruse through the old D-Link FAQs suggest that one can access a local administration page at http://192.168.229.61 but even that didn’t work. Online administration was via http://securespot.bsecure.com/Login.aspx, a dead link.
This is because the device is cloud-based. The company that backs the product, Bsecure, was acquired by AVG in 2011. Subsequently, throughout 2011-2012, people were having problems with their subscriptions and it seems the Bsecure solutions are no longer offered.
This is evident when watching the packet captures of a freshly booted device, which tries to DNS resolve the following domain names:
While the bsecure.com domain name still exists, it leads to a 404. Likewise, the subdomains no longer exist. In essence, the whole Bsecure system has been shuttered, so these devices are practically useless for their intended purpose. Likewise, the software being so out of date, is pretty much useless on a modern machine.
But it goes beyond that as well. Earlier, I had revealed the internals of the device, which is based on a Ubicom IP3020. This is a very unique chipset which has seen applications in networking devices where QoS traffic prioritization is the key. The technology was known as StreamEngine and was used within routers, and traffic accelerators. The technology behind the Ubicom devices appear to include multiple cores of a special architecture, making the devices difficult to impossible to re-use under Linux.
In fact, Ubicom’s IP was so interesting that it was acquired by Qualcomm, and wasn’t heard of since.
This device was a rather gutsy, unique way of approaching internet security in the infancy of cloud-services. It promised ease of installation, and universal protection but fell short in some areas when it came to delivery. It would have been a good solution for some, and would have meant revenue from subscription for D-Link, a traditional hardware vendor.
Unfortunately, as the product was backed by Bsecure, who was acquired in 2011 by AVG, the services were shuttered leaving the hardware useless.
Given that it was launched in 2006, and consumers would have likely had the use of the product until around 2011, its lifetime is not very long. It begs the question of what do you get when you purchase something, say hardware, backed by the cloud. If you paid AU$199 for this, it’s worth about AU$0 now because it does nothing and can be adapted to do nothing. I would feel quite hurt, despite having possibly five years of use from it. Then again, I’m not sure I’d want to pay five years of subscription fees either, which is probably why it was commercially unsuccessful.
It may have been perceived as a threat by anti-virus companies, and bought out just to be shut down. It doesn’t seem likely, however, as the acquisition occurred so late after the device was bought to the market.
It is interesting to meet one of these devices “in person” despite its non-functionality, as I never thought I would. However, I wouldn’t suggest anybody purchases one in 2014 as it’s not even a good doorstop – it’s too light.