SCADE embedded security flaw from Heartbleed

Okay, I am behind on posting about embedded/mobile software security concerns, in part because the number of interesting reports has become almost a flood of “issued”. For example this week, you should read about SCADE systems (something I talk about in my attack testing book) at:
http://www.computerworld.com/s/article/9247992/Siemens_patches_Heartbleed_flaw_in_popular_SCADA_system?source=CTWNLE_nlt_security_2014-04-30

The mobile and embedded industry and their testers seem to be in the mode of “let the bad guys find the holes”. This is the classic closing the barn door after the horse are out. It is concerning to many of us. I really don’t want my SCADE controlled power system to be hacked and crash.

I promise I will post more of these “pointers” for embedded/mobile software security testers to have in the “horror” story play book. I just need more time to keep up with the flood.

Advertisements

2 thoughts on “SCADE embedded security flaw from Heartbleed

  1. Hello I am so excited I found your blog page, I really
    found you by accident, while I was researching
    on Digg for something else, Nonetheless I am here now and would just like to say thank you for a incredible post and a all round
    thrilling blog (I also love the theme/design), I don’t have time to go through
    it all at the moment but I have bookmarked it and also added
    in your RSS feeds, so when I have time I will be back to read
    more, Please do keep up the fantastic work.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s