Killing botnets: Can AI security fix broken IoT and smart home?

February 10, 2020
John Koetsier
TechFirst with John Koetsier

The smart home industry is projected to be worth over $150 billion by 2024.

But smart home tech has a horrible privacy and security record. From internet-connected cameras with default usernames and passwords to insecure home security systems … we’ve seen it all. If the industry can’t figure it out … all that growth is at risk.

  • See below for full video or links to the podcast
  • Keep scrolling for the full transcript

Our question today: can AI fix this?

In this episode, we chat with Marcio Avillez from CUJO AI, which manages over 500 million devices daily for clients like Comcast, about AI solutions to monitor and protect security, control, and privacy.

Welcome to the second episode of The AI Show:

Listen to the podcast:

Or … watch the livestream:

What we talk about … AI security

  • Give us the 30 seconds on what CUJO AI does and who you do it for?
  • So, you’re currently protecting more than 20 million homes and more than 500 million devices. You must see some interesting things going on in our networks … can you give us some examples?
    • Worst security you’ve seen?
    • Botnet creation attempts?
    • Remote control attacks? (someone trying to grab control of your devices?)
    • Least secure devices?
  • Why do you think IoT security is so bad?/What makes IoT devices so vulnerable
  • How many devices are you seeing in people’s homes now? I recently had to reconfigure my home WiFi, and it seemed like we were updating devices with the new network info for weeks. I can divide 500 million by 20 million and get 25, but what are you seeing out on the fringes?
  • Is that a sign of things to come? Where do you anticipate that number will grow to?
  • I’m guessing that since you help broadband providers, you also see some really noisy devices that want to use up a ton of bandwidth …
  • OK. Let’s hit the big one … we’ve seen some of the biggest DDoS attacks in recent history from stupid smart home devices … “admin” and “password” for the user accounts … how can CUJO AI protect against those?
  • You also let network operators see what’s happening on their networks. How does that work, and what can they see?
  • How do you ensure end-user privacy in all that?

And … here’s a full transcript

John Koetsier: The smart home industry is projected to be worth over $150 billion by 2024. But smart home tech has a horrible privacy and security record. From internet-connected cameras with default usernames and passwords, to insecure home security systems … we’ve seen it all. If the industry can’t figure this out all that growth is that risk.

Our question today: can AI fix this? Welcome to the AI Show. My name is John Koetsier, and today we’re chatting with Marcio Avillez, from CUJO AI. Welcome, Marcio! 

Marcio Avillez: Hey John, good to be with you. 

John Koetsier: Good to have you on the show. Thank you so much for joining us. 

Marcio Avillez: Yeah, no problem. 

John Koetsier: Marcio, every day we hear about new problems with IoT and smart home devices: flimsy security, privacy violations, you name it. We’re going to talk about how to fix all that, but can you set the stage a little bit by telling us … give us the 30 seconds on CUJO AI, what you do and how it works?

Marcio Avillez: Oh, absolutely. First of all, thanks for inviting me. It’s a pleasure to be on the show, looking forward to the conversation. CUJO AI is a company that built an AI-based platform to work with network service providers to enable them to roll out what we call a ‘suite of Digital Life Protection services.’ And it starts with largely smart home kinds of services like you said. We start with identifying devices very accurately and very granularly in the home, and that core capability kind of feeds into the higher layer services that we offer that start with security, content and access control, and then privacy as well.

And all of those services are delivered off of a single platform. It’s one integration, there’s some firmware that goes on the router, there is a cloud platform that gets deployed inside the carrier’s network that we deploy and manage for them, but that single integration gets you access to a big suite of services. And if you look at what one of our big customers, Comcast, has been doing, they rolled out device identification as part of their xFi platform. Earlier this year they announced that they’re making AI security, or what they call ‘Advanced Security’ which is provided by CUJO, available to all of their xFi customers, at the time 18 million customers. And what we’re doing with them is enabling some feature velocity and some innovation at scale that hasn’t been seen before in this industry, and certainly hasn’t been seen in the AI space. 

John Koetsier: Sure, sure. So currently you’re protecting more than 20 million homes, more than 500 million devices. You must see some interesting things going on in your network, in our networks. Can you give us some examples? 

Marcio Avillez: Yeah. So you know I can’t really speak about the data on the Comcast network, but I can give you some anecdotes that I don’t think would breach confidentiality. Before CUJO got into the business of working with carriers, in order to build our AI models we actually went direct to consumers. We sold an appliance that people bought for I think it was $300 or $400, brought them into their homes, and we still have just under 10,000 of those customers. I could talk about the data that we see on their networks. They’re a little bit more early-adopter, a little bit more higher-income, but they’re typically located in North America, so a caveat, think of it as data that’s representative of people who are early adopters. But that being said, there are a few kinds of trends that we see. 

So first of all, we look at the kinds of things that we try to protect consumers from and you look at things and we put them into two different buckets. There’s a bucket of, ‘hey, what are the kinds of things that you would have been able to detect and stop with traditional technology?’ These are typically dynamic technologies but they rely on lists, they rely on being able to know what the bad thing looks like and spot it and try to address it. Typically endpoint solutions is the most common form of this in the home. And then you’re looking at a whole bunch of other types of threats that that type of solution, either because it doesn’t get visibility into the data stream or because it’s not equipped to understand that it’s a threat … there’s threats that fall into those two categories. 

The second category is largely stuff that we use AI to identify, and right now even looking at this consumer base it’s about 60/40. 60% of the threats are things that we leverage some of the core traditional technology to identify, so IP reputation lists, known bad websites, but about 40% right now of the threats are coming in from the space of not the kind of thing that you would be able to stop because it’s not going to be on a list. You’re not going to be able to identify it on the first day.

John Koetsier: So 40% of the threats that you’re seeing are things that you haven’t seen before, they’re novel attacks, they’re different. 

Marcio Avillez: Well, what I’m saying is it’s not novel. It’s just we know they exist, but with AI right now we can see them and stop them. And you know, that’s not the totality of the threats that are out there that could be seen and stopped. But we’ve developed it to the point where if we just relied on traditional technologies which are these list-based things, you know, simple, someone should say, ‘Google Safe Browsing’ when you’re browsing the web right? They have a list of known bad websites, if you try to go there they’ll say, ‘Hey, you sure you want to go there?’

We go beyond that. We bring some AI to the table and we do some predictions. And for things that aren’t on the known good or on the known bad list you have to make a determination in real time, so that’s one of the things we do. So the idea is that what we’re seeing is 40% of the stuff is coming in that second bucket of things that if you just had a list and you were using traditional technologies, you wouldn’t be able to stop. 

John Koetsier: Right and I think it’s one of the benefits of at least working with Comcast and others that you’re working with network operators, you see a lot of stuff, you’re getting a lot of data so the AI is learning very, very quickly.

Marcio Avillez: Absolutely, yeah. And the other thing that we’re learning is that if you look at the devices that are being affected by these threats, and we’re seeing this in the context of Comcast as well, even though the numbers that I’m going to quote you are from our existing customer base not the Comcast customers, but what we’re seeing is close to half of the threats are coming on devices that are not devices that you could traditionally protect with typical solutions like endpoint antivirus. We’re seeing IP cameras, network-attached storage, devices that have a little bit more CPU, a little bit more memory that become kind of very useful tools for hackers to do the kinds of things that they want to do. 

And you know what’s interesting is when we looked at our existing customer base which was these early adopters, and we’ve kind of looked at the Comcast customer base, obviously they’re not as far along on the adoption curve, the things aren’t just penetrated. But some of the trends still happen and what we’re seeing in our early adopter customer base is proving to be a pretty good leading indicator of where the market’s going. 

John Koetsier: So talk to me about some of the worst security you’ve seen. You talked about some of those IP-based cameras, other things like that. What’s some of the worst security you’ve seen in smart home tech? 

Marcio Avillez: Oh gosh, well I’ll give you an anecdote, and this is a real world scenario. I won’t mention the manufacturer just for … well, they’re actually out of business. I don’t think even shaming them is going to get through a whole lot for us as an industry. But if you think about it, we’re in over close to 20 million homes. We’re in this looking at a half a billion devices or so, and when we started looking at one specific threat type that we’ve tried to protect against, which is remote access, so unauthorized remote access into devices, now there are certain kinds of devices that … your light bulb, your thermostat, there’s a whole bunch of other devices that there is no reason to have ports open.

There’s no reason to enable UPnP so people can access them from outside the home. Network-attached storage, cameras, there’s some reasonable use cases. Well, there was a manufacturer that created a network attached storage device and the way they implemented remote access into the device was leaving ports open and UPnP.

Well, guess what? Every single hacker in the world knows about this and is taking advantage of it. So what we found is despite there being, think of it as close to 20 million homes, there were about 50,000 of these devices that were driving 70% of the threat volume that we were detecting. So of the attempts to get into the device for that specific device category, and it was really instructive to see how it doesn’t take a whole lot to drive a whole lot of bad. 

John Koetsier: Yes exactly, I can totally see that. If you go from a high level and you look at the sort of the world or the universe of smart home devices, which class of devices have you seen are least secure, are most vulnerable?

Marcio Avillez: Let me say it this way, the whole industry has a bit of a business model problem in that this idea that you’re going to sell some of these devices that people are going to use in the home, and you’re going to monetize them upfront one time, and you’re going to hope to keep up with security, evolving threat factors, and things like that, and providing updates, just it’s not congruent right?

So I think the industry as a whole has a business model problem that they need to think through. These things should be … people who are selling these things should think of them more as services than as widgets that you sell.

So because of that, it’s one of the main factors for why these devices are just over time, some of them were better thought out than others. Clearly there’s some things, like some of the Google devices, Nest, there’s some real thought put into it. There’s some of the real popular devices have secure communication to the web. They don’t have ports open. So some of the ones that were made by the more sophisticated manufacturers generally do work better.

What you see is the ones that are less expensive are coming from people who are just in the business of making devices, don’t have a whole lot of service experience, tend to have issues.

Now, where that manifests itself, where those two things comes together, or it’s specifically in these two categories I mentioned, network-attached storage and cameras. Why? Because they are the ones that, look, if I’m a hacker and there’s a very insecure light bulb, let’s say you have a LifX bulb …

John Koetsier: That’s a real life scenario, because we just heard about Phillips Hue and the challenges that they had.

Marcio Avillez: Yeah, but if you think about a hacker and you go, ‘okay, yeah, you can do some things like that, you can make them look bad,’ but how useful is it really to you as a hacker? 

John Koetsier: Apparently with the Philips Hue they could actually get through and get control of the network as well. 

Marcio Avillez: Yeah, absolutely, and those kinds of things are, I think, some of the most concerning. But if you think about where we see the most volume of activity is on devices, not like the Philips Hue, I would consider those things as kind of doors into devices that then have memory and processor capabilities that allow you to do the damage.

So it’s kind of the first wave of attacks is really gone against cameras and network attached storage. Because that’s where those two things kind of overlap and come together. It’s the sweet spot of, hey there are a lot of issues, there’s some challenging use cases, they’re hard to secure all the use cases without creating a real burdensome experience for the customer, and they’re really useful to hackers. And when you can’t find those, then you look for other things like the Hue, things that are openings into the network that allow you to kind of propagate laterally to get into other devices. 

John Koetsier: Right, that makes sense. And actually that’s a good segue to talking about privacy and securing that at the device level or at the home level, or what you’re saying is, ‘Hey, it’s actually better done at the network level.’ That’s kind of counter intuitive. Can you talk about that a little bit? 

Marcio Avillez: Yeah, so here’s the thing, and again, I think it’s an extension of what the reality is in the industry. So what you have is a bunch of people who are making devices and selling them and collecting dollars from a customer at one time. And then the business incentive there is to minimize any bad press. So it’s not like there’s zero incentive for them to secure the devices, there is, especially if they want to continue to sell devices in the future, there is an incentive there, but the reality is the business model doesn’t help.

So what happens is as you get into these situations where these devices are coming into the home, that’s a reality. They’re coming into the home in a way that some are better protected than others, and you have to think about what’s the reasonable way where you can provide some sort of umbrella protection that meaningfully improves the security posture of the home.

And you know, there’s a lot of talk around identifying devices, securing devices, and it’s all good, but if you look at the long tail of people who produce these devices this can be really, really hard to get everybody to improve the security of their specific device. There’s this business model challenge that I talked about, so then you say, okay, well what happens is that all of these devices talk to the internet through the router that’s in the home. Well, the router that’s in the home sees all the packets coming and going. So what we did and by working with carriers, and this was, you know, you look at the challenges of getting new pieces of hardware in the home. I mean, we tried to sell hardware directly to consumers. We knew that that wasn’t a great business.

People were having some success, but you even look at Alexa, it’s been one of the more successful companies at selling hardware into the home. Look at how long it took them to get into 20 million homes. When you’re working with carriers, you know, if Comcast turns on the switch you’re in 20 million homes. Charter turns on the switch you’re in 20 million homes. You go to Europe, you work with Orange, Deutsche Telekom, some of the bigger groups, it’s pretty easy to see how you can get into a 100, 200, 300 million homes by just a software push to an asset that’s already there. 

John Koetsier: And that’s really actually quite interesting because it’s not just about individual security and privacy. It is about them, that’s really super important, but it’s also about all the rest of us and our use of the internet, frankly. I mean, if you see what has been done with distributed denial of service attacks based on somebody hijacking IP connected cameras or something like that, we’re all kind of vulnerable when some of us are vulnerable. And so if you protect at the network level that makes some sense. 

Marcio Avillez: Yeah, it does protect, it does make some sense, and there’s some incentive for the carrier. I mean, most of these carriers find themselves in a position where they’re providing a pretty good broadband service to most people in most places. Some of them are even doing some really cool things around WiFi getting better coverage in your home, but they have zero control over the devices you bring into the home. And they typically get the first call when something goes wrong, and most of us think it’s a network problem, so they actually have an incentive.

John Koetsier: Yes, yes.

Marcio Avillez: So the nice thing is they actually have an incentive to help the consumer solve the problem, even though they’re not causing it. But you’re absolutely right and I don’t think it’s a matter of continuously improving your internet facing posture and doing it in a broad based way so that it’s meaningful at an individual broadband subscriber level. Are the things we’re doing going to stop every single threat? No, that’s not how security works. What you’re trying to do is over time continuously improve that posture so that you make it harder and harder and harder for hackers to actually achieve their objectives, which is to break in, install something, and then take actions on objectives. I’m simplifying the whole process but you get the idea. And what we’ve done is exactly that, and I don’t think we could have done it without working with network operators because if you don’t have access to that device that sits at the edge of the home, it’s really hard for you to have that kind of meaningful impact across all the devices that users bring into the home.

You know there’s still threats outside the home and there’s still other things, opportunities for us to continue to improve the internet facing posture as devices move outside the home. But inside the home, if you can leverage that router and make it part of the solution, which is exactly what we did, then you can do things around traditional cybersecurity. You can do things around helping parents protect their children. Because when you talk to consumers about security, what you see is they mix privacy, content, access control, and cybersecurity. In their minds it’s kind of all the same thing, right? So we can deliver all on all three of those fronts.

John Koetsier: Nice.

Marcio Avillez: And that’s about privacy. Privacy is one of the areas that I think we’re starting to wake up to here in the US. I think parts of the world are a little bit more concerned and aware of what’s going on, but one of the features that we’re launching later this year in Barcelona is a service that actually allows consumers to understand what information is being captured on their computers when they’re doing browsing the websites and being transmitted to ad sites without them even knowing. So in a lot of these things, I think it starts with awareness. It’s privacy, security, those things start with awareness, and I think one of the big challenges is these things are happening in the background. They’re in the network and unless you read about it in the newspaper it’s hard to bring it to your context. It’s not my home, it’s happening to somebody else’s home, right? 

John Koetsier: Yeah. 

Marcio Avillez: Unless you happen to have one of those devices that we mentioned. 

John Koetsier: Exactly. And that’s a good segue actually. Let’s talk about that number of devices. I mean, how many devices are you seeing in people’s homes these days? You’d have pretty good visibility into that. I got new insight into that myself recently, I had to reconfigure my home WiFi and it seemed like we were updating devices for the next three or four weeks. I mean, I can divide 500 million by 20 million, get 25 devices per home. But what are you seeing on the fringes? What are the higher numbers that you’ve seen? 

Marcio Avillez: Oh gosh, we have some early adopters, so we’ve seen homes that have upwards of a hundred devices. Now is that a hundred unique devices? No, it’s typically people who live in larger homes who have multiple cameras, multiple connected speakers and things like that. So you can see how in some of the higher income settings you could very easily get into 50, 60, 100, 150 devices. The 20 to 25 if you think about it, is … if you think about the phones, computers, connected TVs, connecting streaming media boxes, some cameras, that’s how you get to 25. But it’s not off base. 

We’re seeing in our installed user base for the early adopters in the CUJO direct customers, kind of north of 30, and I think that’s the direction things are going. You know, people are seeing these devices are useful. I mean, they wouldn’t be buying them. People are using them, there’s real value to a lot of these devices. I love being able to turn on lights and turn off lights when I’m not home. I love being able to look inside the house and look outside the house, we’re using cameras when I’m not home. I love not having to string wires all over the house so I could listen to music. So there’s a whole bunch of these things that have a real benefit. So what we’re seeing is the trend is continuing for sure. 

John Koetsier: The trend is definitely continuing and that number is going up. And I’m guessing what you’re seeing at the high end of your customers is probably what you’re going to see at the mid level of your customers in some number of years, a few years or something like that. One thing I wanted to ask is that we’ve seen in the past that some devices are particularly noisy and they’re sending packets all the time. Have you seen that? Have you seen some devices that just taking up, sucking up a lot of bandwidth?

Marcio Avillez: Not so much, but part of it is when we look at things we’re not looking at … everything we do in the home is in a way that respects privacy. So the way these consumer routers work, once they establish a session what they do is they send these things over hardware acceleration. So a lot of the work we do is at the time that the session is getting established for a device to communicate to the internet or vice versa, we make a determination in real time about whether or not to let that session happen. Once that session happens, we try to stay out of looking at what’s actually happening, where they’re actually going. 

John Koetsier: I understand.

Marcio Avillez: So we don’t really look at that, but what we are doing in that space right now is trying to give carriers a better understanding and give broadband users a better understanding of what’s actually happening in their homes. The chattiness for us comes in play when you talk about mobile platforms. So when you’re a parent trying to understand how is your child using social media, how is your child using streaming media? When an app is running on iOS or on Android it behaves differently when you use it versus when you’re not using it. And we’ve built some AI models to allow us to understand what that looks like so we can actually track active usage.

But what we’ve seen is there are a lot of examples of when these things are in the background, they’re doing a lot of chatting back and forth. Now it’s not volume, but they’re awake, they’re sending communications back and forth to the cloud. Sometimes it’s just a little bit of a heartbeat, sometimes it’s more. One example that we’ve looked at, we haven’t productized yet but it’s an interesting one, is we’ve looked at voice assistance and it turns out when you look at the voice assistance those things are actually sending stuff back and forth to the cloud without the user interacting with it.

And we can actually look at those data patterns and using AI can understand when is the device actually in use, versus when is the device just communicating. Now it says nothing about what it is they’re sending back and forth. I don’t want to assume, but that stuff is happening in the background. It’s real and if you’ve got any kind of sophisticated tools you can see these things happen on your network, even when you’re not interacting with the device. So to me, the chattiness is more about a privacy thing and you know how much stuff is being sent back and forth. How much is reasonable given that the app is in the background. There are a lot of different use cases, so there’s a bunch of stuff that could be totally reasonable for you to send back and forth that is useful, you as a consumer benefit from. The reality is you don’t see it, you don’t know, and the disclosures are meager at best at this point.

John Koetsier: Sure, sure. So let’s hit one of the big ones. We’ve seen some big DDos attacks in recent history from relatively stupid smart home devices, maybe “admin” and “password” for the user accounts. I’m assuming that when you get a new big customer, like a Comcast or others, and there’s 20 million homes there, 10 million homes there, whatever the case may be, there’s some of those in operation already. 

Marcio Avillez: Oh yeah.

John Koetsier: Can you can detect those as you move into a network and can you see those and maybe take some actions against them? 

Marcio Avillez: Yeah, so there’s two ways we look at that. So I talked about identifying the devices. One of the reasons we’ve built what I think is a world-class device identification engine and operating system identification agent, is so that we can know exactly what a device is. It’s not okay to know, oh, it’s a camera. Well who makes it? It’s not okay to know it’s a Nest camera. It’s what generation? Because what we’re trying to do is be able to identify the devices granularly so that once you know exactly what the device is you can then look at how it behaves on the network.

And this is super important for devices that we call ‘unattended devices,’ devices that don’t have browsers, devices that the user interaction with it doesn’t change the way it behaves on the network. You know a tablet, a phone would be different, a computer would be different, how it behaves on the network has a lot to do with what you’re doing and what you’re using.

But a camera, a thermostat … so what we do is we actually pattern the behavior.

Once we’ve seen one, two, three hundred, at some point you’ve seen enough and you say, okay, I know how that device behaves when it’s functioning normally on the network, so now I no longer have to note what are all the bad things that can happen to that device. I know what good looks like. By definition, any deviation from good is going to be bad. So we have a  service that looks at those unattended devices, we call them ‘IoT devices’ as a general category and we look for these deviations of behavior.

And if something actually happens where it’s talking to an endpoint that it normally shouldn’t be talking to and we look at this at the NetFlow layer and there’s a new session that’s a deviation from the normal behavior pattern, what we do is we actually stop that session. We quarantine the session. We don’t take the device off the network, which in some use cases there are some devices you really don’t want to take off the network, you don’t want to quarantine.

You know, you can think of these really bad use cases where like right now it’s snowing outside and let’s just say your door lock got compromised and we quarantined your door lock. Well, guess what? You can’t get in the house. You as a user are not that concerned about your quarantined door lock, you just want to get inside and be warm right? So one of the services that we call ‘IoT behavior analysis’ actually addresses some of the DoS attacks. I mean, the devices who have been conscripted as part of a DDoS campaign, they’re providing a DoS attack so if those DoS attacks to the extent that there are deviations from the normal behavior pattern, we would catch it like that. 

John Koetsier: That makes sense. That’s actually interesting as well because you see those devices, it’s almost like in the future maybe there could be a service around, hey, by the way, these devices in your home are out of date or they have software updates and you should update them and click here. And bang, they’re all updated. I mean, that’s not something you provide today, but that could be interesting in the future. 

Marcio Avillez: So we’ve got some research going into that, and I’m looking at at least starting to tabulate those vulnerabilities. We’re in early conversations with our carrier customers around, hey, how could we turn that knowledge into something useful. So it is an area we’re spending some time on, but you’re absolutely right, if you can’t get at the specific device or have specific device knowledge, this kind of crowdsourcing and patterning of behavior is a really effective way to improve the internet facing posture.

The other thing that we do is we look at rates of communication, and this is our denial of service feature where we understand the device, we look at the protocol, we know that device talks using these protocols and hackers are smart so they make them use the same protocols, and then what happens is they start talking at higher rates frequencies than what they normally do. So we have an AI feature that looks at it from that perspective as well to try and stop those things.

Now, do we stop 100% of them? Probably not. Do we make a meaningful dent in it? Absolutely.

Denial of service is a weird feature, or it’s a weird instance because most customers don’t even notice this happening, it’s no skin off their back. Carriers, on the other hand, are the people who get affected by it. They really care. So you know there’s even a case for making some of these features potentially available to some of these customers without even having to talk to consumers about what’s going on, because at the end of the day it’s usually, unless the hacker’s being really egregious, it usually doesn’t impact your throughput that much on the network. It’s not going all day long, it doesn’t take a whole lot of packets to under distribute a denial of service if you’ve got devices that are conscripted.

Most consumers are kind of oblivious to it and kind of don’t care and don’t really want to take action. So again, this goes back to why it kind of makes sense to have some of this control at the edge of the network in the router, so that these things where the consumer doesn’t have a benefit, doesn’t have an incentive, there’s an opportunity for the carriers to be able to take action and protect us all. 

John Koetsier: Cool, cool. So not too much time left, but real quick, let’s hit what does a carrier see in your tool and how do you ensure end-user privacy in that?

Marcio Avillez: Oh, yeah, so two things. I mentioned that what we’re doing is actually deploying our cloud platform inside the carrier network. So what the carrier sees is the same thing that they see coming across their routers. It’s the same traffic data, same protocol data. Now, what we do is because of the AI, we do create some higher level understanding of that, but we do it in a way that’s compliant with the new California regulations, is compliant with GDPR, and then there’s also data retention policies. So even the carriers here in the US you’d be surprised are really, really tuned in and being aggressive on trying to meet CCPA. And the ones that we’re working with, it’s a big deal. So we’ve got some very aggressive data retention policies and some of these things you might imagine actually kind of go against the AI ethos which is, hey, collect more data, learn more, improve the model.

So we’re working on ways to continue to enable the learning in a way that’s anonymized so that we’re not collecting people’s information and taking it outside the carrier network. So for the most part, the carriers see the same things that they usually see. What we do is we do give them some more insight into what that data stream means. But it’s not like they’re seeing things that they wouldn’t have seen before.

That being said, we go to great lengths, both us and our customers, to do the appropriate level of anonymization … easy for me to say, so that we protect people’s privacy. And it’s a big deal for us, it’s a big deal for the carriers that we’re dealing with. Carriers are an interesting space and you’re starting to see some of this in some of the advertising that’s out there right now, they don’t really profit that much from invading your privacy. So it’s an interesting opportunity for them to kind of think about and talk about and act differently on this privacy front.

We do have a lot of people and a lot of businesses that kind of are counting on the ability to invade your privacy without either you knowing, and profiting mightily off it.

John Koetsier: That is unfortunately true.

Well, I want to thank you for joining us on the AI Show, that was super great. Whatever platform you’re on … please like, subscribe, share, or connect. And if you’re on the podcast later on and you like it, please rate it and review it. Thank you.

Until next time … this is John Koetsier with the AI Show.