Insignary’s 2017 study analyzing 32 pieces of Wi-Fi router firmware offered in the U.S., Europe and Asia by more than 10 of the most popular home, small-to-medium business (SMB), and enterprise-class Wi-Fi router manufacturers revealed a discomforting truth. The binary scans indicated that the Wi-Fi router firmware sold by the top manufacturers contain versions of open source components with security vulnerabilities. All of the firmware leveraged busybox and samba by default, with more than 60% of which use openssl. Significant security issues are known to arise from openssl, which should have prompted vendors to consistently apply the latest patches or use the version of the software that contains the fix. Beyond openssl, the open source community had created new versions of the components to address all of the detected security vulnerabilities. Vendors should employ these versions to prevent data breaches and subsequent litigations that can cause significant corporate losses.
Insignary Clarity can help address the prevalence of security vulnerabilities in popular Wi-Fi routers by enforcing better, more comprehensive open source risk management. Schedule a demo to find out more.
Insignary’s comprehensive binary code scan of the 700 most popular Android Apps on the Google Play Store from earlier this year revealed that twenty percent of the audited apps had open source components known to contain security vulnerabilities. Given that consumers and businesses rely as heavily as they do on their smartphones, the lack of the most basic security precautions is at the least concerning. While Google's Play Store is much better than other repositories in vetting software code, some countries, such as China, do not permit the Google Play Store, prompting consumers to resort to other software outlets that may be even less secure.
Insignary Clarity can help improve the quality of security and data privacy in Android apps and other software that contain open source software components before reaching businesses and consumers. Schedule a demo to find out more.
Insignary Clarity is a specialized software composition analysis solution that helps customers gain visibility into the binary code they use by identifying known, preventable security vulnerabilities, while also highlighting potential license compliance issues. It uses unique fingerprint-based technology, which works on the binary-level without the need for source code or reverse engineering. This makes it easy for software developers, value added resellers, systems integrators and security MSPs overseeing software deployments to take proper, preventive action before product delivery.