Hacking for certain purposes is now legal – here are some ways software protection can help.
Hacking is becoming much more accessible and legal than ever before. I’m not talking about “hacking” in the illegal sense – even Barbie got hacked recently – but the legal aspects of hacking too. According to The U.S. Library of Congress, it is now legal for a device owner to circumvent restrictions put in place by manufacturers.
As an example, “jailbreaking” and “rooting” are synonymous for hacking and it is now possible and legal in the States. In generic terms, “jailbreaking” or “rooting” is a process of using security exploits to break the security protection of the device that would allow the owner to run unsigned or third party software on any mobile devices such as an iPad®, iPhone® or any Android® device.
Here is an excerpt from an exemption issued by the U.S. Copyright Office:
“(4) Computer programs that enable smartphones and portable all-purpose mobile computing devices to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smartphone or device, or to permit removal of software from the smartphone or device. For purposes of this exemption, a “portable all-purpose mobile computing device” is a device that is primarily designed to run a wide variety of programs rather than for consumption of a particular type of media content, is equipped with an operating system primarily designed for mobile use, and is intended to be carried or worn by an individual.”
As a device manufacturer this is extremely important as it allows hackers to legally build tools that allow for “tinkering” and “modifying” the IoT device and apps in order to take advantage of additional features and capabilities that the owner does not have the rights to use. Relying on the device to provide physical security or the app store provider to provide secure application containers are simply not secure enough anymore.
SoftSummit – April 23 (Europe) & April 25 (North America)
Join 500 industry peers and discover the secrets of software monetization from Advantest, Ansys, Thermo Fisher Scientific, IDC, and more >>>
Therefore, it is important for producers of IoT devices (especially those are consumer-oriented) and application developers to focus on detection and preventative security layers to mitigate security threats. For example, using software protection-based techniques like tamper resistance technology enables apps to detect unauthorized modification of software binaries and call home to report and possibly download updates.
To reduce other security threats consider designing and layering security into your application or devices – read these blogs for more info: How to Reduce Your IoT Security Anxiety, Part 1 and Part 2.
-Tu
Want more? Read "Tamper Resistant Application Fortifies Your Defense Against Hacking"
