In-brief: In this podcast, Paul speaks with Craig Smith of Open Garages on GM’s bounty program, the state of connected vehicle security, and what the auto industry can learn from open source.
bounty
GM Launches Bug Bounty Program, Minus the Bounty
In-brief: General Motors (GM) has launched a program to entice white hat hackers and other expert to delve into the inner workings of its software. The reward: so far, a promise not to sue.
Flaw in Super Secret BlackPhone Underscores Third Party Risk
In-brief: Black Phone contains a security flaw that could enable a malicious actor to redirect phone calls or secretly send text messages from the device, according to a report from the firm SentinelOne. The culprit: vulnerable third party software.*
Firm: Two iOS Exploits Could Qualify for $1 Million Bounty
In-brief: One team qualified for the $1 million bounty for a working, remote exploit or jailbreak for devices running Apples iOS 9 operating system, according to the security firm Zerodium. A second may also qualify for at least a partial bounty. However, Apple may only be informed of the holes at a later date.
Teams Closing In On Million Dollar iOS Bounty
In-brief: The CEO of a company offering a $1 million bounty for a working exploit of Apple’s iOS operating system said two teams are closing in on the prize. The offer – for up to three iOS exploits – runs through October 31st.