[Owasp_embedded_application_security] Owasp_embedded_application_security Digest, Vol 4, Issue 2

Nizam Ahamed, Mohamed Musthak monizamahamed at inautix.co.in
Mon Feb 9 06:33:29 UTC 2015


Thanks Aaron,
	
	Got it !, it is something like Top vulnerabilities in mobile based Application Project. I am still under confusion that what phase we are going to  choose(phase is something like GSM based embedded application, network based,etc,.).



Musthak.
	

-----Original Message-----
From: owasp_embedded_application_security-bounces at lists.owasp.org [mailto:owasp_embedded_application_security-bounces at lists.owasp.org] On Behalf Of owasp_embedded_application_security-request at lists.owasp.org
Sent: Friday, February 06, 2015 5:30 PM
To: owasp_embedded_application_security at lists.owasp.org
Subject: Owasp_embedded_application_security Digest, Vol 4, Issue 2

Send Owasp_embedded_application_security mailing list submissions to
	owasp_embedded_application_security at lists.owasp.org

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.owasp.org/mailman/listinfo/owasp_embedded_application_security

or, via email, send a message with subject or body 'help' to
	owasp_embedded_application_security-request at lists.owasp.org

You can reach the person managing the list at
	owasp_embedded_application_security-owner at lists.owasp.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of Owasp_embedded_application_security digest..."


Today's Topics:

   1. Re: [Owasp_embedded_application_security]
      Owasp_embedded_application_security Digest, Vol 4, Issue 1
      (Aaron Guzman)


----------------------------------------------------------------------

Message: 1
Date: Thu, 5 Feb 2015 10:10:48 -0800
From: Aaron Guzman <aaron.guzman at owasp.org>
To: owasp_embedded_application_security at lists.owasp.org
Subject: Re: [Owasp_embedded_application_security]
	Owasp_embedded_application_security Digest, Vol 4, Issue 1
Message-ID: <7C36184F-105B-4BB8-8B95-90015581DD58 at owasp.org>
Content-Type: text/plain; charset="us-ascii"

Welcome Nizam!

This project is still in its infancy and should have more to pick up this year.

An idea for a roadmap can be to start at best practices  and/or downfalls such as:

Secure C coding functions
Vulnerable Libs used in embedded systems (rompager, upnp etc) JTAG headers accessible (if not needed) Serial port accessible (if not needed) Private keys stored on a embedded device insecure transport by not using TLS if network connected



Please add additional information, this was just off the top of my head.


It would be great to get this project off the ground given the publicity around IoT security.


If anyone is interested in getting a call, I can create a Doodle and work on getting together. (doodle.com <http://doodle.com/>)


--
Aaron G
Twitter: @scriptingxss
Linkedin: http://lnkd.in/bds3MgN <http://lnkd.in/bds3MgN>
> On Feb 5, 2015, at 4:00 AM, owasp_embedded_application_security-request at lists.owasp.org wrote:
> 
> Send Owasp_embedded_application_security mailing list submissions to
> 	owasp_embedded_application_security at lists.owasp.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	
> https://lists.owasp.org/mailman/listinfo/owasp_embedded_application_se
> curity
> 
> or, via email, send a message with subject or body 'help' to
> 	owasp_embedded_application_security-request at lists.owasp.org
> 
> You can reach the person managing the list at
> 	owasp_embedded_application_security-owner at lists.owasp.org
> 
> When replying, please edit your Subject line so it is more specific 
> than "Re: Contents of Owasp_embedded_application_security digest..."
> 
> 
> Today's Topics:
> 
>   1. Interested in OWASP Embedded	Application Security Project
>      (Nizam Ahamed, Mohamed Musthak)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Thu, 5 Feb 2015 08:51:09 +0000
> From: "Nizam Ahamed, Mohamed Musthak" <monizamahamed at inautix.co.in>
> To: "owasp_embedded_application_security at lists.owasp.org"
> 	<owasp_embedded_application_security at lists.owasp.org>
> Cc: "Radhakrishnan,	Arunraj Adkapatchi Letchumanan"
> 	<aradhakrishnan at inautix.co.in>
> Subject: [Owasp_embedded_application_security] Interested in OWASP
> 	Embedded	Application Security Project
> Message-ID:
> 	
> <8AB8AEA0062AC74DA7FD505DDFBC11E85A850384 at WTPCPMBMEM18.ams.bnymellon.n
> et>
> 	
> Content-Type: text/plain; charset="us-ascii"
> 
> Hi,
>                This is Musthak with Bachelor Degree in Electronics and Communication Engineering and currently working as a Security Analyst in BNY Mellon. I am interested in your project called  OWASP Embedded Application Security. Could you able to explain me the current status of your project and exact Road Map to follow, So that I can join with you on this wonderful effort if I am able to.
> 
> 
> 
> Thanks,
> Musthak
> Application Security Analyst
> BNY Mellon.
> 
> -------------- next part -------------- An HTML attachment was 
> scrubbed...
> URL: 
> <http://lists.owasp.org/pipermail/owasp_embedded_application_security/
> attachments/20150205/9fe299a8/attachment-0001.html>
> 
> ------------------------------
> 
> _______________________________________________
> Owasp_embedded_application_security mailing list 
> Owasp_embedded_application_security at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_embedded_application_se
> curity
> 
> 
> End of Owasp_embedded_application_security Digest, Vol 4, Issue 1
> *****************************************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_embedded_application_security/attachments/20150205/bcf44d17/attachment-0001.html>

------------------------------

_______________________________________________
Owasp_embedded_application_security mailing list Owasp_embedded_application_security at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp_embedded_application_security


End of Owasp_embedded_application_security Digest, Vol 4, Issue 2
*****************************************************************

******************************************************
This message and any files or attachments sent with this message contain confidential information and is intended only for the individual named.  If you are not the named addressee, you should not disseminate, distribute, copy or use any part of this email.  If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return Email.

Email transmission cannot be guaranteed to be secure or error-free as information can be intercepted, corrupted, lost, destroyed, late, incomplete or may contain viruses.  The sender, therefore, does not accept liability for any errors or omissions in the contents of this message, which arise as a result of email transmission.
******************************************************


More information about the Owasp_embedded_application_security mailing list