More mobile security hack stories => better testing needed?

I continue my worry (paranoid?) about mobile and embedded security, hacking, and lack of quality testing efforts. Check these links out:
inflight wifi hacks
https://www.yahoo.com/tech/researcher-says-airplanes-can-be-hacked-via-in-flight-93967652124.html

thieves hack key fobs
https://autos.yahoo.com/blogs/motoramic/it-s-official–car-thieves-can-hack-your-keyless-entry–insurers-warn-142252463.html

So am I paranoid or are they really out to get us (development projects)? What is the cost to us and does the cost justify any added security testing? Will standards, e.g. ISO29119 and government reg’s drive testing or will the market?

My guess is some places and project will take mobile/embedded security testing seriously and some won’t and the users will be left to vote with their feet. As individual testers I think we provide information to our development teams so the context of the project can help decide what is needed.  In James Whittaker’s books and my book on software test attacks (available on Amazon), there is the starting point for security testing, but as much as I know, there is far more that I don’t know on security testing.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s