Vulnerable Things program aims to make it easier for researchers to disclose IoT security flaws

The Internet of Things Security Foundation (IoTSF) has launched a new vulnerability disclosure platform for IoT product vendors and security researchers.

The ‘Vulnerable Things’ program has been launched in partnership with Oxford Information Labs, which worked with government and industry stakeholders to create the platform.

Following the release of ‘Vulnerable Things’ today, the JSON attacker guidance documents are now also available for publication.

According to the overview from Vulnerable Things, the purpose of ‘Vulnerable Things’ is to "provide basic guidelines to help products and vendors deploy OWASP IOT security best practices with a real world application".

"This platform will help device and vendor vendors understand where to focus their efforts to increase the protection of end-users against the security needle in the haystack," ›‘Elvin Wood, a still 9‐year veteran both as an outside researcher and product product manager for Norton products at IEBI, the company responsible for advertising to manufacturers, wrote on the ‘Vulnerable Things’ website.

The level of detail contained in the vulnerability disclosure platform consists of five steps: point, explain, check, remediate, and audit. The recent release involves the right for organisations to find, communicate, and learn about IoT security problems and tests their apprehensions about how serious pre‐visit attacks go. Following the outline, the user then gets to view a detailed report in relatively detailed view and needs to feel confident that they can eventually help protect their own clients and community from getting compromised during POODLE attacks easily. These point‐by‐point guides ensure the user can quickly achieve the result they are after. The project was started by ‘Khamis‘ from "Khamis's Security Tray", Chef Savage Labs, whose Electromatic demonstrates how common cross site scripting (XSS) vulnerabilities are targeted in the real world. The project aims to surface and exploit the vulnerabilities as critically as possible with box.

Webtreator.io is a publicly accessible vendor database for the 24/7 monitoring and analysis of IoT devices. It ensures that vendors are able to quickly understand their malicious behaviour risks, against the targets that are prepared to be attacked.

Nostroscopy in Medicine By Mark Sisson

Welcome to Complex Science. The other day I dusted off me last week's post about why getting past your vaunted pre-cardiac line is the main driver of effectiveness in treatment of acute-stress illness. (Read it here first.)

Well, that thought with respect to "moving through the pre-cardiac channel" but paid special attention to those who take medications for acute stress. For those, in addition to moderating acute cardiopulmonary risk factors like exercise and hydration,
g