Welcome!

News Feed Item

Hackers Mobilize to Attack Routers via ISE Contest

An elite competition is scheduled for hackers and computer scientists from around the world to better protect consumers against widespread security vulnerabilities in wireless routers. A series of studies1 in 2013 discovered a security epidemic affecting small office/home office (SOHO) WiFi routers, wherein vulnerabilities allow an attacker to take control of the device and thereby intercept and modify network traffic. Abundant news coverage over the past 15 months has extensively reported the malicious exploitation of these devices, yet the epidemic persists today with little progress made by router manufacturers to address the issues. By bringing together the brightest minds in security, the hacking competition, dubbed “SOHOpelessly Broken” after the seminal research of the same title, seeks to identify new and existing security vulnerabilities in these widely deployed devices. “By demonstrating that the issues persist and that consumers are still exposed, pressure will be applied to the manufacturers to take the necessary action to better protect their customers who are currently not empowered to protect themselves,” says Steve Bono, founder of ISE and one of the leaders of the event.

The competition will run during the renowned DEFCON hacker conference, from 7-10 August 2014 at the Rio Hotel & Casino in Las Vegas, NV. The contest will host a range of activities, including multiple talk tracks, Capture the Flag, 0-day vulnerability discovery, and others. The contest is organized by a partnership between two leading entities in the security community: Independent Security Evaluators (ISE) and the Electronic Frontier Foundation (EFF). ISE is the respected cyber security company most commonly known for being first to hack the iPhone and most recently for discovering the epidemic of security vulnerabilities in routers. The EFF is the leading nonprofit organization defending civil liberties in the digital world. DEFCON is one of the largest and oldest annual hacker conferences.

“The outcome of this event will be two-fold,” says Ranga Krishnan of the EFF. “First, we will prove that routers are still vulnerable. Second, we will galvanize a community of technologists to demand remediation by manufacturers.” EFF is also driving a related initiative known as the Open Wireless Movement (https://openwireless.org). In order to support this initiative, the EFF is developing a router on which users can confidently turn on an open WiFi channel that provides private internet access to guest users, without compromising the users' own security, privacy or internet experience.

Individuals interested in participating as contestants or as judges are encouraged to contact contest organizers as soon as possible through the contest website, www.sohopelesslybroken.com. Available spots are limited. Sponsorship and advertising opportunities are also available. The official hashtag of the event is #sohopelesslybroken.

About ISE

ISE is most commonly recognized for being the first company to exploit the iPhone2, an achievement that garnered international attention. ISE’s most recent research discovered systemic issues in SOHO routers3 and web browsers4.

About EFF

The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development. We work to ensure that rights and freedoms are enhanced and protected as our use of technology grows.

1 http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp
2 http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=2&
3 http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp
4 http://securityevaluators.com/content/case-studies/caching/index.jsp

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of Soli...
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
"Qosmos has launched L7Viewer, a network traffic analysis tool, so it analyzes all the traffic between the virtual machine and the data center and the virtual machine and the external world," stated Sebastien Synold, Product Line Manager at Qosmos, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
"We are a leader in the market space called network visibility solutions - it enables monitoring tools and Big Data analysis to access the data and be able to see the performance," explained Shay Morag, VP of Sales and Marketing at Niagara Networks, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...