Welcome to this week’s testing Quotes of the Week and software testing news. New security testing platform, Apple’s latest iOS update isn’t that popular and the security bug marketing campaign.
Synopsys unveil Security Testing Platform
“Tools in our portfolio are already being used by 15 of the top 20 global software companies to improve the quality and security of their products, so introducing the Software Integrity Platform as an integrated solution for enabling ‘software signoff’ is the next step.”
The U.S. company has announced that it is showcasing its Software Integrity Platform (a suite of software security testing solutions) at the Black Hat Asia event in Singapore this week. The company is launching the new suite of security testing tools for both developers and testers alike. Read More here
Apple Release iOS update 9.3 Not to Popular Demand
“We are aware of this issue, and we will release a fix in a software update soon.”
The new update for Apple software faced some critism this week when it was found that the activation link for the software update did not work on older Apple devices. This led to many older iPhone’s and iPad’s being “bricked”. Read More here
Pentagon Get Assistance Hunting Bugs
“Embracing the hacker community is not only a watershed move by the Pentagon, among the world’s most powerful organizations, but also signals deeply promising progress for all of software security”
As recently disclosed on these pages, the Pentagon has announced a bug hunting programme. This week the U.S. Department of Defence announced that they have recruited San Francisco company HackerOne to oversee the “Hack The Pentagon” programme. HackerOne chief executive Marten Mickos wrote about the collaboration recently on his company’s blog and the benefits for software security reserach. Read More here
When You Promote Your Own Software Bug
“It is a thin line between drawing attention to a severe vulnerability that should be taken seriously and overhyping it”
The Badlock software bug has got attention recently but not for the potential flaws it could cause in versions of Windows and Samba 4.2 (an open-source software that connects Linux and Unix servers and Windows PCs over a network). Instead the bug has received attention for the fact that the company that has been publicising the bug seems to be the same company that wrote the code the bug where the bug was found in Samba. The Badlock website was powered by German firm SerNet, who’s employee Stefan Metzmacher name appears in many lines of Samba source code. This has led many security researchers to speculate why the company are promoting the bug when a fix has not even been issued yet. Some suggesting that the company are using the bug to promote their activities. Read More here
Images: HackerOne/Badlock
