Greetings from Derbycon in Louisville, KY. I wanted to post an update on efforts to get this project up and running.
Had some infrastructure failures, so it will be a few days before we have a system in place for researchers to submit their findings. Good news is that we should be able to track different products findings separately and across many researchers.
We've made some contacts with potential sponsors and also reached out to our first vendor. If you have any interest in sponsoring or contributing to the IoD project, mail us at firstname.lastname@example.org
We've also been talking with other infosec researchers and are getting some of their vulnerability disclosure program framework documents and templates. This means we can just modify and adapt an already working program for the IoD vendors who wish to implement their own as opposed to having to write one from scratch. As well, at Derbycon there was a talk about an Internet of Things attack methodology. Again, we can use this as a template for our own work.
In short, things are progressing behind the scenes as time and attention allows, but it seems like we are onto something here.