Hacking Regulations for IoT devices

Software has always been a source of tech easiness and convenience for general people and of course for the users. The advancement of software has been coming up with new technologies and innovations and eventually has made us proficient in achieving things that are used to be a day-dream. However, the progression of technology also introduced us to the techniques for hacking those encrypted and encoded software. While some good-faith researchers are using the methods of hacking for a noble purpose, dishonest and wrongdoers have also no lagged behind of exploiting the technical progression for unlawful purposes.

Earlier many rules have been prescribed for preventing the hacking opportunity including the status of copyrights, permission and things like this. Earlier, carrying out research on IoT devices like “smart” homes to smartphones, cars, medical devices, and voting machines and so on without the permission of the copyright holders is considered to be an unlawful act, both for the white-hat and black-hat hackers. But now, Federal Regulators have come up with a new set of copyright laws which exempted ‘good-faith researchers’ from the long-overdue exemptions to the Digital Millennium Copyright Act (DMCA).

The new law which took effect on 28th October 2016 allows the white-hat hackers and good-faith researchers to break into the programming arrangements of IoT devices under certain circumstances.

The new copyright law will provide a two-year opening to the “good-faith” researchers to hack the software that supervises most consumer and commercial Internet of Things (IoT) devices – which are used everything from “smart” homes to smartphones, cars, medical devices, voting machines and more without going against the existing laws of copyright.

However, the new law doesn’t count things like critical transportation, aeroplanes, and major hospital installations. All the integrated IoT devices of these sectors will still maintain the tight restrictions. However, under certain rules and laws, a good-faith researcher can hack into the software system of the devices. And the rules are:

  • The research has to be for security or repair purposes only;
  • The product being investigated must have been lawfully acquired;
  • The research has to be done in a safe environment, so techniques used to hack or otherwise compromise a product are not released into the wild;
  • The research cannot violate other laws.

After the exemption had taken effect on 28th October, EFF staff attorney Kit Walsh in a blog post stated, “The new law would have started a year earlier and will go for three years.”

You might also like