Fitbit and Canary security systems are handing their products over to hackers at DEF CON.
Ted Harrington, Independent Security Evaluators partner and an organizer at the annual hacker conference, tells Inverse the two Internet of Things (IoT) companies are submitting their wearable and home security gadgets to the “Call for Devices” at the IOT Village within DEF CON 24, which takes place the first weekend of August in Las Vegas. IoT security is likely to get worse before it gets any better, and the Call for Devices is one way for companies to learn about vulnerabilities their products might have. All they have to do is provide the products and let the hacking community have at it.
“Numerous security researchers will investigate your product for security vulnerabilities,” the IOT Village website says, giving you the “opportunity to fix the issues and make your product more secure.”
Letting hackers have free reign on your product might sound like a nightmare for companies at first, but the IOT Village wants people to look at it more constructively: as an “intense and valuable security assessment” for free.
For a company like Fitbit, one of the most recognizable wearables with a devoted consumer base, this could help shore up some user concerns. After all, a device that people wear 24/7 is ripe for data-mining hackers, and experts have proven in the past that Fitbits aren’t the hardest product to break into.
Potential hacks on Canary, an app-based home security company, could have a more noticeable impact. It’s an all-in-one security system with HD video and audio that monitors people’s homes. Keeping that connection secure is obviously a top priority for the company.
It will be exciting to see what vulnerabilities hackers will be able to expose come August, if they are able to find anything at all.
“This is a shining example of companies taking a proactive step to try to eliminate security vulnerabilities,” Harrington tells Inverse. “I would encourage other manufacturers to also consider this progressive approach.”