You might recall that last year we reported on the SOHOpelessly Broken contest that was part of the DEF CON computer security conference. This contest was run by our friends at Independent Security Evaluators (ISE) and attempted to shine some light on the dismal state of security for SOHO or home routers. This is a key step in making our home networks safer. RouterCheck can help you fix the problems, but it takes many dedicated security researchers to first uncover the existence of the problems.
So what’s next? This year’s DEF CON, that’s being held in Las Vegas August 6-9, will see a significant expansion on what was done last year. ISE is organizing an entire IoT Village to not only shine the light on consumer routers, but to any and all Internet of Things (IoT) devices. There aren’t any real limitations – anything and everything that’s connectable to the internet is fair game. This will include things like the Apple Time Capsule device, internet-connected scales, baby monitors, blood pressure monitors, internet-enabled refrigerators. Even the i-spy HappyCow Tank toy won’t be spared.
Participants in the IoT Village will compete in contests to hack IoT devices, participate in workshops and give talks on the subject. The idea is to disseminate the information in the hopes that events like this will raise the knowledge of developers and raise the standards of the products that they produce. Last year’s SOHOpelessly Broken contest contributed 15 new 0-day vulnerabilities to the security research community. IoT Village will most certainly contribute far more.
Events like this are fun and do provide us with some meaningful results. But the biggest result will always be in the raising of awareness of the problems and dangers of these new systems. It is only then that the issues will be addressed in a meaningful way. These events also bring together the researchers who can work together to better understand the problems that we face, and create solutions to address them.
We hope to see more events like IoT Village in the future to help ensure that the Internet of Things does not become the Internet of Dangerous Things.