Blackphone Update Removes Critical Security Threat: Did Code Quality Issues Contribute to the Problem?

As reported in a recent article by InfoWorld, a high profile privacy driven smartphone provider located a security hole capable of exposing their devices to attacks. Blackphone is a specially designed smartphone developed by SGP Technologies, who operates as a subsidiary of Silent Circle. The phone uses VPN for Internet access and runs on a modified Android version titled “SilentOS”. A third-party component Silent Circle used as part of the device design was capable of exposing the secure smartphone to outside attacks.
What Was the Security Issue?
The vulnerability made it possible for an attacker to control the modem functions of the phone. Researchers brought this problem forth when they identified an open socket accessible on the phone during a reverse engineering exercise. Currently, Blackphone is one of the most secure phones on the market because it uses built-in encryption to deliver secure:

Voice Calling
Text Messaging
Video Conferencing
File Transfers

Code Analysis for SAP: What was Learned at ASUG NJ

CAST recently sponsored the ASUG NJ Summer Chapter meeting, held on June 12th. ASUG is a renowned organization across US and Canada for SAP professionals and organizations working in the field of SAP. The conference was attended by more than 100 professionals from companies across various industries. The full day event featured many interesting presentations including a presentation of the latest CRASH report on SAP.