Software Integrity Blog

Author Archive

Robert Vamosi

robertvamosi


Posts by Robert Vamosi:

 

Oracle releases its largest security software update

On Tuesday, Oracle released a record 276 fixes for vulnerabilities across an array of its software.

Continue Reading...

Posted in Software Architecture and Design, Web Application Security | Comments Off on Oracle releases its largest security software update

 

Flaw in ASN.1 code library could impact every form of communications

A code library used in a wide range of telecommunication products, including radios in cell towers, routers, and switches, as well as the baseband chips in individual phones contains a flaw that makes it possible to eavesdrop or disrupt entire networks.

Continue Reading...

Posted in General | Comments Off on Flaw in ASN.1 code library could impact every form of communications

 

Researcher finds theoretical way to stop auto hacking—By listening to clocks

A new detection system listens for normal CAN-BUS traffic, and blocks nascent attacks in connected cars.

Continue Reading...

Posted in Automotive Security | Comments Off on Researcher finds theoretical way to stop auto hacking—By listening to clocks

 

Former Google engineer launches blockchain-enabled OS for financial services

A former Google engineer has created an operating system for the financial service industry that uses blockchain, a component developed by Bitcoin.

Continue Reading...

Posted in Financial Services Security | Comments Off on Former Google engineer launches blockchain-enabled OS for financial services

 

iPhone loss prompts HIPAA violation

The Office for Civil Rights, which oversees and enforces HIPAA has fined the Catholic Health Care Services (CHCS) of the Archdiocese of Philadelphia $650,000 over the theft of an iPhone containing patient information.

Continue Reading...

Posted in Healthcare Security, Medical Device Security | Comments Off on iPhone loss prompts HIPAA violation

 

Podcast: MISRA and software testing

Standards. Whether they are advisory or compulsory, standards developed for code development promote safety, quality, and security. This is especially important in life-critical industries such as automotive and medical. One example is MISRA C which provides software development guidelines for the C programming language.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Podcast: MISRA and software testing

 

iOS Pokemon GO has full access to your Google account (for now)

Perhaps the number one game app in the world right now, Pokemon GO developers admit their app has too much Google access on iOS devices.

Continue Reading...

Posted in Mobile Application Security, Software Architecture and Design | Comments Off on iOS Pokemon GO has full access to your Google account (for now)

 

Android full-disk encryption flaw may have been previously known to Google

A vulnerability exploiting full disk encryption of Qualcomm-based Android smartphones may have been disclosed to Google more than one year prior to the patch issued last May.

Continue Reading...

Posted in Mobile Application Security, Software Architecture and Design | Comments Off on Android full-disk encryption flaw may have been previously known to Google

 

Nike publishes open source code to GitHub

An athletic retail shoe manufacture is publishing its home-brewed open source code to GitHub.

Continue Reading...

Posted in Open Source Security | Comments Off on Nike publishes open source code to GitHub

 

Will open source drive the future of connected cars?

Currently software in automobiles is at best a Tower of Babel, with different suppliers providing their own software and no underlying system to unify them. That may change—and soon—as some vendors are moving toward open source Linux as a solution.

Continue Reading...

Posted in Automotive Security, Open Source Security, Security Standards and Compliance | Comments Off on Will open source drive the future of connected cars?