application security

The FTC announced a $2.2 million settlement with smart TV maker Vizio after the company was caught selling customer viewing information without consent.

TV Maker Vizio Settles with FTC Over Selling Viewer Data

In-brief: Smart TV maker VIZIO agreed to pay $2.2 million to the FTC and the State of New Jersey to settle charges that it collected the viewing history of some 11 million smart televisions without users’ consent. The settlement stems from a 2014 case and requires the company to “prominently disclose and obtain affirmative express consent” for data collection and sharing.

Google announced Android Things, an operating system for Internet of Things devices that promises secure update capabilities.

Google’s Android Things IoT Platform Promises Secure Update

In-brief: Google on Tuesday unveiled Android Things, a new Internet of Things platform based on its Android mobile operating system and earlier forays into the Internet of Things operating space.

Program code on dark background (selective focus)

Google Unveils OSS-Fuzz to test Open Source Software Security

In-brief: Google’s security team on Thursday announced the release of a new tool, OSS-Fuzz that it says will improve the security of the Internet by providing realtime, automated secruity testing of common open source components.

A lab at Underwriters Laboratories, circa 1946. The group is coming under fire for refusing to publish the details of its new cyber security testing standards. (Image courtesy of The Library of Congress.)

White House Effort Yields Rating System for Software Security

In-brief: A White  House-backed effort to develop a system for rating software security is set to launch at this week’s Black Hat briefings with famed hacker Peiter Zatko (aka “Mudge”) at the helm. 

Downloads of open source components almost doubled in 2015 - but security concerns persist.

Developers Gorge on Open Source Amid Worries About Quality, Security

In-brief: The use of open source software is exploding, but concerns about code quality and security in the open source supply chain persist, according to a report from the firm Sonatype.