|IoT Home Inspector Challenge|
|Written by Sue Gee|
|Thursday, 12 January 2017|
Smart home technology is intended to make our homes more more convenient to control and better protected. An unwanted side-effect is that the devices used introduce an easy way for hackers to take over. Recognizing this danger, the US Federal Trade Commission (FTC) has launched the IoT Home Inspector Challenge.
This competition, asks participants to create a technical solution that consumers can use to guard against security vulnerabilities inherent in the software of the current generation of domestic Internet of Things (IoT) devices.
It is open to those aged 18 and over, either as individuals or in teams of any size but is prizes, a main prize of $25,000 plus up to three honorable mention prizes of $3,000 each, can only be awarded to citizens or permanent residents of the United States.
The rubric states:
The tool would, at a minimum, help protect consumers from security vulnerabilities caused by out-of-date software. Contestants have the option of adding features, such as those that would address hard-coded, factory default or easy-to-guess passwords.
It also explains what has led to the contest:
Every day, American consumers use Internet-connected devices to make their homes “smarter.” Consumers can remotely program their smart home devices to turn on their lights, start the oven, and turn on soft music so they return to a comfortable environment when they get home from work. Smart video monitors enable consumers to remotely view their homes, pets, or children. Smart fire and burglar alarms address safety issues through sensors and alerts. And smart thermostats can automatically adjust temperature settings depending on the time of day and presence of people in the house. To tie all these devices together, smart home platforms are also beginning to proliferate across the marketplace.
While these smart devices enable enormous convenience and safety benefits, they can also create security risks.
It proceeds with a reference to the DDoS (Distributed Denial of Service) attack that affected Twitter, Spotify and other sites reliant on the Dyn DNS server in which smart devices, used in “botnets”, were involved.
The FTC comments:
This incident demonstrated that lax IoT device security can threaten not just device owners, but the entire Internet.
It also refers to incidents where live feeds from smart cameras have been publicly available on the Internet.
With this background in mind the FTC is looking for a “tool” that consumers can deploy to guard against security vulnerabilities in software on the Internet of Things (“IoT”) devices in their homes.
The deadline for registering and submitting entries is May 22, 2017 at 12:00pm EDT and what is required is:
The judges will award points as follows:
(i) Functionality (60 points out of 100 total score)
(ii) User-friendliness (20 points out of 100 total score)
How easy is your tool for the average consumer, without technical expertise, to set up and use?
Judges will also take into consideration how well the tool:
(iii) Scalabilty (20 points out of 100 total score)
The Submission must explain how the tool could be used for products other than those addressed specifically in the Submission.
Up to 10 bonus points will be awarded for other ways in which the tool helps consumers guard against broader security vulnerabilities in IoT device software in their homes.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Tuesday, 16 May 2017 )|