Software Integrity Blog

Author Archive

Robert Vamosi

robertvamosi


Posts by Robert Vamosi:

 

Podcast: MISRA and software testing

Standards. Whether they are advisory or compulsory, standards developed for code development promote safety, quality, and security. This is especially important in life-critical industries such as automotive and medical. One example is MISRA C which provides software development guidelines for the C programming language.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Podcast: MISRA and software testing

 

iOS Pokemon GO has full access to your Google account (for now)

Perhaps the number one game app in the world right now, Pokemon GO developers admit their app has too much Google access on iOS devices.

Continue Reading...

Posted in Mobile Application Security, Software Architecture and Design | Comments Off on iOS Pokemon GO has full access to your Google account (for now)

 

Android full-disk encryption flaw may have been previously known to Google

A vulnerability exploiting full disk encryption of Qualcomm-based Android smartphones may have been disclosed to Google more than one year prior to the patch issued last May.

Continue Reading...

Posted in Mobile Application Security, Software Architecture and Design | Comments Off on Android full-disk encryption flaw may have been previously known to Google

 

Nike publishes open source code to GitHub

An athletic retail shoe manufacture is publishing its home-brewed open source code to GitHub.

Continue Reading...

Posted in Open Source Security | Comments Off on Nike publishes open source code to GitHub

 

Will open source drive the future of connected cars?

Currently software in automobiles is at best a Tower of Babel, with different suppliers providing their own software and no underlying system to unify them. That may change—and soon—as some vendors are moving toward open source Linux as a solution.

Continue Reading...

Posted in Automotive Security, Open Source Security, Security Standards and Compliance | Comments Off on Will open source drive the future of connected cars?

 

Board rooms uncomfortable with software risks

A recent panel discussion hosted by a computer analysis firm has concluded that compliance officers lack technical expertise and clear ownership of the technologies involved.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Board rooms uncomfortable with software risks

 

NHTSA investigates Tesla after first autopilot death

In May, a Tesla Model S driver using autopilot was killed when a tractor trailer drove across the highway perpendicular to the vehicle.

Continue Reading...

Posted in Automotive Security | Comments Off on NHTSA investigates Tesla after first autopilot death

 

Supply chain firmware flaw may have helped botnet spawn

Flaws in firmware commonly used by Closed Circuit TV (CCTV) devices worldwide have been exploited to create a powerful IoT-based botnet, according to one security firm.

Continue Reading...

Posted in Internet of Things | Comments Off on Supply chain firmware flaw may have helped botnet spawn

 

Vulnerabilities hit anti-malware software solutions

A Google researcher has disclosed a number of very serious vulnerabilities in Symantec and Norton anti-malware products.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Vulnerabilities hit anti-malware software solutions

 

Feds consider a ‘hack the FDA’ bug bounty program

Coming on the heels of a successful “Hack the Pentagon” bug bounty program, in which one 18-year old received a $1K prize, the U.S. Federal Government is considering a similar program for healthcare.

Continue Reading...

Posted in Medical Device Security | Comments Off on Feds consider a ‘hack the FDA’ bug bounty program