Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netflix Just Announced a User Focused Security Application (netflix.com)

Posted by msmash on from the how-about-that dept.

Moving beyond movies and TV shows (and their DVDs), Netflix announced on Tuesday Stethoscope, its "first project following a User Focused Security approach." From a company's blog post: The notion of "User Focused Security" acknowledges that attacks against corporate users (e.g., phishing, malware) are the primary mechanism leading to security incidents and data breaches, and it's one of the core principles driving our approach to corporate information security. [...] Stethoscope is a web application that collects information for a given user's devices and gives them clear and specific recommendations for securing their systems. If we provide employees with focused, actionable information and low-friction tools, we believe they can get their devices into a more secure state without heavy-handed policy enforcement. The company says Stethoscope tracks disk encryption, firewall, automatic updates, up-to-date OS/software, screen lock, jailbroken/rooted status, security software stack configurations of the device.

43 comments

  1. In next weeks news get your nails done at Autozone by pecosdave · · Score: 2

    Wow - this is some pretty cool stuff and I commend Netflix for doing it, but really? Netflix?

    --
    The preceding post was not a Slashvertisement.
  2. AC announces a first post application by Anonymous Coward · · Score: 0

    Hosts files rule!

    1. Re:AC announces a first post application by Anonymous Coward · · Score: 0

      The application is denied.

  3. SCAP by bsDaemon · · Score: 1

    How is this fundamentally different than using SCAP or OVAL content to do a STIG check against a host and then apply remediations against findings? Other than it will hopefully allow "normal" users to understand what the problem is and what to do about it. But normal users probably aren't going to grab an open source security scanner and then follow the recommendations. They would then be abnormal users, by definition.

    1. Re:SCAP by Anonymous Coward · · Score: 0

      It's basically an analogue of Secunia PSI as far as I can tell in a web interface.

    2. Re: SCAP by Anonymous Coward · · Score: 0

      Netflix gets a lot of eyeballs from every day people. If they provide a visible link with some flashy graphics, it will get downloaded a ton.

  4. Need to tune what's being approved by Bruce+Perens · · Score: 1

    I see three things that are properly called "press releases" in the headlines of Slashdot this morning. It's a typical beginner mistake. Please stop.

    --
    Bruce Perens.
  5. Not Interested by Anonymous Coward · · Score: 0

    Netflix, you run in a browser window and have access to nothing else on the computer. That is the way it will stay.

    1. Re:Not Interested by thygate · · Score: 1

      mod parent up, this or netflix goes to the bin and it's back to tpb..

  6. Re:In next weeks news get your nails done at Autoz by Gilgaron · · Score: 1

    I guess it might give your employer a reason to remove Netflix from the blacklist?

  7. Re:In next weeks news get your nails done at Autoz by EvilSS · · Score: 3, Interesting

    Looks like something they developed internally for their own use and decided to open source.

    --
    I browse on +1 so AC's need not respond, I won't see it.
  8. Re:In next weeks news get your nails done at Autoz by chispito · · Score: 3, Informative

    Check out their GitHub: https://netflix.github.io/

    They open source a lot of their in-house software.

    --
    The Daddy casts sleep on the Baby. The Baby resists!
  9. Re:I already cover malware/firewall/phishing via by DontBeAMoran · · Score: 2

    Maybe, but I have to say that your movies library is quite limited and not worth the monthly fee.

    --
    #DeleteFacebook
  10. Re: I already cover malware/firewall/phishing via by Anonymous Coward · · Score: 0

    Has Netcraft confirmed these claims?

  11. Very glad it's open source. by DdJ · · Score: 1

    Upon seeing that it's open source, I'm already starting to brainstorm how to help local schools and libraries set this thing up. Neat!

  12. Re:In next weeks news get your nails done at Autoz by r1348 · · Score: 1

    I was about to say the same. That's pretty much how Amazon became the biggest cloud computing operator out there: by renting out what they developed internally.

  13. Conflict between up to date and not rooted by tepples · · Score: 1

    I couldn't find a public "check my phone" link, or I'd've tried it.

    But two of the "practices" listed in Netflix's blog post appear to conflict. One is "Up-to-date OS/software", an the other is "Not jailbroken/rooted". What does it say when the latest official system software image for a particular device is no longer supported? Does it recommend that the user trade off the "not rooted" practice to obtain "up-to-date OS" by flashing the LineageOS distribution of Android?

    1. Re:Conflict between up to date and not rooted by skids · · Score: 2

      I couldn't find a public "check my phone" link, or I'd've tried it.

      I believe that would be because your phone is not enrolled in an MDM manager.

      From the article: "Stethoscope is a web application that collects information for a given user's devices"

      This implies it is a web app that, by itself, checks your device and maybe even enumerates/discovers
      your devices. That would make it a scary security hole rather than a security tool since web apps really
      should not be able to access any state of health information on a device (though some is quite leakable these days.)

      Fortunately it appears not to be. It seems to be just a way to put a pretty front-end on devices that are using other
      installable agents to assess their security. It goes to the backend databases of those agents, assuming you have an
      account on them which is available through an SSO system or other authenticator, and pulls information
      they have previously collected. Unless you have those backend egents installed and a database set up
      for them to report to, this tool isn't for you. Basically it's for the enterprise.

      Kudos to them for releasing their internal tools to github, though, I'm sure they will get some valuable
      additions from the community.

      --
      Someone had to do it.
    2. Re:Conflict between up to date and not rooted by tepples · · Score: 1

      I believe that would be because your phone is not enrolled in an MDM manager.

      That'd be fine if there were a "Send me to Google Play Store to temporarily enroll my phone in Netflix's MDM for the duration of the test" button.

  14. Re:In next weeks news get your nails done at Autoz by pecosdave · · Score: 1

    That's interesting, wish I was a better coder, I would consider seeing if I could use some of that interface code to make a Kodi compatible Netflix plugin.

    --
    The preceding post was not a Slashvertisement.
  15. I already cover malware/firewall/phishing via by Anonymous Coward · · Score: 0

    Prevention = best medicine (& what u can't touch can't hurt u) via NEW APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

    Ads & malware rob speed/security/privacy

    Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

    Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

    Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

    * Via what u NATIVELY have built in IP stack in FASTER kernelmode!

    APK

    P.S. - Safe URL:https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

  16. Re:In next weeks news get your nails done at Autoz by HideyoshiJP · · Score: 1

    It make some sense, I suppose. People back in the day probably were weirded out calling Toyota for business management consulting.

  17. Re: In next weeks news get your nails done at Auto by Anonymous Coward · · Score: 0

    I think that happened because they were good at it and other corporate structures needed major reworking but Netflix isn't reallly that good at what they do now. What percentage of their content is original and what percentage of their content is just basic cable level chaff presented to present a more well-rounded offering?

  18. Re:In next weeks news get your nails done at Autoz by orient · · Score: 1

    There is a Chrysler dealership in Calgary that offers just that: having their nails done while their car is being serviced.

    --
    Laudele lor desigur m-ar mahni peste masura.
  19. Re:In next weeks news get your nails done at Autoz by BarbaraHudson · · Score: 1

    It's bullshit. What it boils down to is yet another business spying on you, rather than offering a new way to mitigate the problem. Same shit that *every* antivirus player offers. None of this will prevent a well-directed phishing attack - one of the things they claim it will help against - so it's just more "security theatre." Let's face it, unless you actually pre-screen mail for threats (and this doesn't) it won't do sweet f*ck all.

    --
    "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
  20. Re:In next weeks news get your nails done at Autoz by pecosdave · · Score: 1

    I think it's a great idea.

    I always thought businesses that have customers in waiting should have secondary services to soak a few extra bucks off of them and to make their time less wasted. When I was in League City they built a Carwash and Grill. The idea was to eat steak and drink while you were getting a car wash, what I considered genius, but they never actually opened the grill while I still lived there, just the bar. So drive there, get drunk drive home. I had an issue with this, but went there anyways for one beer and then soda.

    I always thought tire shops and what have you should have at minimum WiFi in the lobby. Most don't and usually have a TV pinned on something horrible. I think mixing up barber shops with lube and tire shops would be a great idea

    If I were opening up a coffee shop (which I've considered) I would absolutely target spaces next door to tire, lube, brake, carwash, and any other place I could think of that would have people pinned in place without their vehicles. I tend to walk somewhere to eat when waiting for anything like that and will pick a place that has something within a reasonable/safe walking distance.

    --
    The preceding post was not a Slashvertisement.
  21. Re:In next weeks news get your nails done at Autoz by Anonymous Coward · · Score: 0

    That's not going to happen. Content creators license videos to Netflix only on the condition that people are not able/allowed to create clients compatible with the service.

  22. Re:I already cover malware/firewall/phishing via by Anonymous Coward · · Score: 0

    * Via what u NATIVELY have built in IP stack in FASTER kernelmode!

    Please donate to APK so he may learn to speak English.

  23. Here's a radical idea for Netflix by Anonymous Coward · · Score: 0

    .How about letting me disable the GODDAMNED ANNOYING autoplaying feature that constantly interrupts browsing, and that absolutely NO ONE ON PLANET EARTH asked for?

  24. Not my fault: AC post length size restriction by Anonymous Coward · · Score: 0

    See my subject: I can only fit so much in before post length restrictions on us AC posters kick in (yes it should say "built into" vs. built in, I know this).

    APK

    P.S.=> Just doing my best w/ what I have to work with is all... apk

  25. Re:In next weeks news get your nails done at Autoz by pecosdave · · Score: 1

    My Playstation 3, Wii, and BluRay player all have a client that works. I'm trying to consolidate down to one system.

    Literally all it would take to have a "client" that worked would be for them to code their website in such a way that I could navigate with arrow keys.....

    --
    The preceding post was not a Slashvertisement.
  26. Re:In next weeks news get your nails done at Autoz by geekmux · · Score: 1

    I guess it might give your employer a reason to remove Netflix from the blacklist?

    Corporate whitelisting of Netflix services.

    Thank you for helping identify the Netflix Ulterior Motive.

  27. Re:In next weeks news get your nails done at Autoz by swillden · · Score: 1

    Wow - this is some pretty cool stuff and I commend Netflix for doing it, but really? Netflix?

    It's a tool developed for internal, corporate users, to make Netflix's own operations more secure. They've decided to open source it, probably in hope that others will have good ideas to make it better.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  28. Downloadable video by jtara · · Score: 1

    I guess nobody else noticed that Netflix recently started supporting downloadable video.

    I'd guess that they had to pinky-swear to content providers that they would make some effort to educate users on security, help them secure their computers and devices and networks, etc. etc. etc.

  29. And who vets the vetter? by Anonymous Coward · · Score: 0

    And who vets the vetter? Wanna fix your security? Let me trawl through everything you own and I will make some suggestions.

  30. Software won't fix the real problem by SteWhite · · Score: 1

    " The company says Stethoscope tracks disk encryption, firewall, automatic updates, up-to-date OS/software, screen lock, jailbroken/rooted status, security software stack configurations of the device."

    Fantastic! Which one of those stops the user clicking on the nice shiny link in the email claiming to be from the helpdesk and telling them they need to reset their password instantly or lose their account, then filling in their account details for the nice phisher?

    Oh yeah, none of them. Good luck with that.

  31. Re:In next weeks news get your nails done at Autoz by Anonymous Coward · · Score: 0

    Amazon used to be just a bookstore.

  32. Not really by sethstorm · · Score: 1

    jailbroken/rooted status,

    Which makes it automatically a user-hostile approach.

    --
    Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
    1. Re:Not really by coofercat · · Score: 1

      Maybe, but it'd work well for company owned gear though.

  33. Re:In next weeks news get your nails done at Autoz by Anonymous Coward · · Score: 0

    sounds more like spyware to me. a web application that gathers data on your systems and devices.. uses third parties to process that data... and then what happens with all that data they collect? not like they're gonna just chuck it..

    fuck no. sorry, charlie. nice try, though.

    needs to be a self contained native app or application, with anonymous and untracked updates, that itself solely gathers and processes the data and generates the report... without reporting to anyone but the user in front of the screen.

  34. Netflix: From a company involved in backdooring u by Anonymous Coward · · Score: 0

    I have a hard time taking a company that forces a proprietary piece of software on its customers to use its services seriously in the realm of security. No one who takes security seriously is going to allow proprietary code onto their computer. And to any degree one can't avoid it they're going to minimize it to the extent possible. ie Libreboot (free BIOS), and shortly EOMA68 (everything will be free and in the users control including the keyboard controller and other components that are currently proprietary in Libreboot'd computers).