- Jul 22, 2014
- 2,525
Calling 'tinkerers and thinkers'
America's Federal Trade Commission has kicked off a challenge to see who can come up with good ideas for securing the Internet of Things.
While the US$25,000 top prize will probably end up in the pocket of an infosec pro, the FTC interestingly says it's interested in hearing from “tinkerers” and “thinkers” as well as from entrepreneurs. There are three “honourable mention” prizes on offer at $3,000 each.
“The tool would, at a minimum, help protect consumers from security vulnerabilities caused by out-of-date software. Contestants have the option of adding features, such as those that would address hard-coded, factory default or easy-to-guess passwords”, the FTC's Iot Home Inspector Challenge page says.
Individuals or teams of individuals can compete, but they can't be acting on behalf of companies.
It's a wonderfully-rich field to plough. Merely checking The Register's archives – and we can't claim to have covered every single Internet of Things vulnerability – reminds us that:
...good luck!
America's Federal Trade Commission has kicked off a challenge to see who can come up with good ideas for securing the Internet of Things.
While the US$25,000 top prize will probably end up in the pocket of an infosec pro, the FTC interestingly says it's interested in hearing from “tinkerers” and “thinkers” as well as from entrepreneurs. There are three “honourable mention” prizes on offer at $3,000 each.
“The tool would, at a minimum, help protect consumers from security vulnerabilities caused by out-of-date software. Contestants have the option of adding features, such as those that would address hard-coded, factory default or easy-to-guess passwords”, the FTC's Iot Home Inspector Challenge page says.
Individuals or teams of individuals can compete, but they can't be acting on behalf of companies.
It's a wonderfully-rich field to plough. Merely checking The Register's archives – and we can't claim to have covered every single Internet of Things vulnerability – reminds us that:
- The Mirai botnet proved a simple but effective way to exploit bad defaults on DVRs;
- Webcam vendors notified of vulnerabilities in 2014 still hadn't patched by December 2016. In fact, "vendors don't patch" is a catch-cry reaching from light bulbs to auto-tellers;
- Vendors keep shipping products with default credentials. Sony, Edimax, Cisco, D-Link, ASUS and Fortinet were among a very long list pinged in 2016 alone;
...good luck!
Last edited:
