A series of studies in 2013 discovered a security epidemic affecting SOHO Wi-Fi routers, wherein vulnerabilities allow an attacker to take control of the device and thereby intercept and modify network traffic.
Abundant news coverage over the past 15 months has extensively reported the malicious exploitation of these devices, yet the epidemic persists today with little progress made by router manufacturers to address the issues. By bringing together the brightest minds in security, the hacking competition, dubbed “SOHOpelessly Broken” after the seminal research of the same title, seeks to identify new and existing security vulnerabilities in these widely deployed devices.
“By demonstrating that the issues persist and that consumers are still exposed, pressure will be applied to the manufacturers to take the necessary action to better protect their customers who are currently not empowered to protect themselves,” says Steve Bono, founder of ISE and one of the leaders of the event.
The competition will run during DEF CON, from 7-10 August 2014 at the Rio Hotel & Casino in Las Vegas, NV. The contest will host a range of activities, including multiple talk tracks, Capture the Flag, 0-day vulnerability discovery, and others.
“The outcome of this event will be two-fold,” says Ranga Krishnan of the EFF, “First, we will prove that routers are still vulnerable. Second, we will galvanize a community of technologists to demand remediation by manufacturers.” EFF is also driving a related initiative known as the Open Wireless Movement. In order to support this initiative, the EFF is developing a router on which users can confidently turn on an open WiFi channel that provides private internet access to guest users, without compromising the users' own security, privacy or internet experience.
Individuals interested in participating as contestants or as judges are encouraged to contact contest organizers through the contest website.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.