Security professionals can now hack IoT devices without breaking the law, thanks to an updated ruling in the U.S. Copyright Office.
The new rule under the Digital Millennium Copyright Act permits security researchers to legally circumvent device manufacturers’ software to control connected devices.
Such devices include all wearable devices, smartphones, tablets, removable wireless broadband modems and similar devices.
The rule requires the hacking to be conducted in a controlled environment, for research purposes and not to be exploited maliciously.
The Internet of Things has been an area of focus for many security professionals working to uncover potential vulnerabilities for device manufacturers.
For example, teams of security experts broke through 12 of 16 smart lock systems, as well as a smart thermostat at a recent hacking conference.
After successfully hacking the devices, the researchers notified the manufacturers to implement future security measures.
On the consumer side, fear of malicious hacking might have an impact on overall adoption of IoT devices.
Half (50%) of consumers said they have not purchased an IoT device because they were concerned about its security, according to a recent study by ESET and the National Cyber Security Alliance.
That study, which comprised a survey of 1,500 U.S. adults, also found that the majority (77%) of consumers said they are aware of the idea that some cars could potentially be hacked.
Researchers have hacked connected cars on more than one occasion already, including vehicles from Jeep and Tesla.