door locks, and security systems can and doubtless will be leveraged by perpetrators to com-
mit acts of bullying. From the consumer angle, parents will have to become aware of how con-
nected devices in their homes can be abused and do their best to monitor their kids’ behavior
and access to these devices.
Product manufacturers should also think through possible ways they can allow parents to
configure devices that are used by kids to alert them of suspicious activity. For example, we’ve
seen how IoT door locks can allow users to grant others access to their homes via a compan-
ion iPhone app. Kids who use their iPhones to unlock their doors when they return from
school should not be allowed to give others access to their homes. Access to certain IoT devi-
ces can also be limited based on time and the GPS location of children with smartphones that
can track this information.
Ultimately, technology can put children at risk and promote acts such as bullying, but it
can also be leveraged to monitor and promote safety. These are important issues that design-
ers of products should think through to ensure that they are helping kids to lead safer and
healthier lives, while taking into account real threats such as cyberbullying.
Predators
There have been many unfortunate cases of children being “groomed” and sexually abused by
predators who use online chat forums and instant messaging to find and communicate with
minors. Similar to bullies, these abusers are bound to leverage technology that will include
IoT devices to get in touch with and communicate with minors.
Device manufacturers have a profound responsibility to implement and encourage the
use of parental control features in products where appropriate so that children are protected
from suspicious activity, as well as mechanisms for the parents to be alerted when such activ-
ity is detected. One example of this is the ability of parents to monitor and control applications
that are installed on Smart TVs that may allow children to communicate with strangers. As
with the other threat agents, the designers of products should think through who their target
audience may be and embed methods for parents to lock down functionality if their products
are likely to be used by minors.
Bug Bounty Programs
Tinkerers and security researchers often uncover security vulnerabilities by investing their
own time and resources. Sometimes vulnerabilities are discovered by accident, yet in most sit-
uations the researchers get a thrill out of uncovering security lapses. In many cases, the
researchers want to do the right thing and report the issues they discover to the product ven-
dors. Some companies have done a good job of advertising how researchers can contact them
to report security vulnerabilities, but many companies do not advertise how they wish security
issues to be reported to them. This often causes researchers to contact customer support staff,
who may not be equipped to route the information to the right individuals.
BUG BOUNTY PROGRAMS 227