In a forum like this, I’d be surprised if there are not other folks like me, wondering the same thing.
I have the privilege of being able to attend one cyber security conference or another about once a year. As such, I’ve seen a number of presentations about a researcher (or small group) who got a bright idea to try and hack pick-any-device just to see if they could. If you are not in this field, you might be surprised to know that there are companies who treat product security as an afterthought, and thus produce some very vulnerable devices. One of the most recent of these presentations was about hacking police body cameras.
I’m glad to see that Sense has taken some appropriate steps toward security. Also, I’ve just accepted that nothing I own is secure, so I sleep easily at night anyway. I think though there are some interesting questions, and possibly some folks in the community with knowledge to answer/postulate, so let’s see where this topic takes us.
Hypothetically, of course, unless someone at Sense wants a good presentation for a security conference presentation…
- Could a red team exercise or a bug bounty be worthwhile (the point of both are to find and responsibly disclose vulnerabilities so they can be fixed)
- What are the possible attack vectors?
- What could an adversary do with a relevant vulnerability?
On a related point, does Sense have a team/individual responsible for device/data/comms security?