Ghost GPS routes, SmartTVs are watching you, and securing open source

Weekly Security Mashup - Ghost GPS routes, SmartTvs are watching you, and securing open source

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.

DevOps Connect:DevSecOps @ RSAC 2022

Ghost route GPS hacks, SmartTVs are watching you, and securing open source. Watch the latest episode below:



A $225 GPS spoofer can send sat-nav-guided vehicles into oncoming traffic

via Dan Goodin, Ars Technica: It’s a trick with no treat! They’re being called “ghost routes,” but they are, or could be, very real and not just a fantasy in a Halloween fun house. A team of researchers reported that for less than $250, car hackers could create a piece of hardware that spoofs a vehicle’s GPS service—potentially sending drivers down the wrong roads, or even to the wrong destinations. Watch this segment to learn why this security news is trending.

Two U.S. senators think SmartTVs are spying on us, ask the FTC to investigate

via Bruce Brown, Digital Trends: You watch TV, and it watches you. Manufacturers of smart TVs are collecting data about what we watch. They say it’s to enhance our user experience. What they haven’t mentioned is that they’re doing it for their own benefit. But why do TV manufacturers want our viewing data? What do the shows we watch say about us, and why should we care? Explore why smart TV concerns are trending in this segment:

How open source became the default business model for software

via Sid Sijbrandij, Forbes: Open source is everywhere. 96% of applications contain open source components, with an average of 257 components per application. But to use open source as an effective business model, you have to understand where it came from: collaboration and knowledge sharing. While collaboration is key in the open source world, so is security. Discover why this open source software security news is trending when you watch this segment.

Stay up-to-date on the latest security news—subscribe to the blog today.

*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Taylor Armerding. Read the original post at: