Digital Podcast

MITRE’s CVSS for Medical Device Guide, Cheating with Apple Watch, and Apple v. Facebook/Google Spat


Join Now to Share


InfoSec ICU show

Summary: Gerry and Steve discuss MITRE’s new CVSS scoring guide for medical devices that is currently out for comments and what it could mean for healthcare. They cover a trending issue of unethical behavior using Apple watch to cheat on exams, and they round out the show covering Apple’s revoking the enterprise certificates issued to Facebook and Google for internally developed apps because of abuse.<br> <a href="https://podcast.musc.edu/podcast/infosec/e61-infosecicu/" target="_blank" rel="noopener">Show Notes</a><br> <br> Resources:<br> Facebook and Google distributed what amounts to self-signed apps for iOS users which violate Apple’s AppStore ToS, making the giant fruit very unhappy.<br> <a href="https://arstechnica.com/gadgets/2019/01/facebook-and-google-offered-gift-cards-for-root-level-access-to-ios-users-data/" target="_blank" rel="noopener">https://arstechnica.com/gadgets/2019/01/facebook-and-google-offered-gift-cards-for-root-level-access-to-ios-users-data/</a><br> Mitre, the think tank regularly associated with vulnerability scoring, has a draft rubric for assigning CVSS to medical devices. Think you can help?<br> <a href="https://www.mitre.org/publications/technical-papers/rubric-for-applying-cvss-to-medical-devices" target="_blank" rel="noopener">https://www.mitre.org/publications/technical-papers/rubric-for-applying-cvss-to-medical-devices</a><br> The Apple Watch is the latest way to cheat in school. Are your policies flexible enough to combat the threat?<br> <a href="https://theoutline.com/post/7030/rich-kids-are-cheating-in-school-with-apple-watches" target="_blank" rel="noopener">https://theoutline.com/post/7030/rich-kids-are-cheating-in-school-with-apple-watches </a><br> One Cool Things<br> Thank You For Arguing. What Aristotle, Lincoln And Homer Simpson Can Teach Us About The Art Of Persuasion by Heinrichs, Jay <br> Monday February 4, 2019 Stormcast, Discussing Bitcoin money laundering<br> <a href="https://isc.sans.edu/podcastdetail.html?id=6356" target="_blank" rel="noopener">https://isc.sans.edu/podcastdetail.html?id=6356</a><br> Contact<br> Email <a href="mailto:infosecicu@musc.edu">infosecicu@musc.edu</a><br> Twitter:<br> <br> * <a href="https://twitter.com/Gerald_Auger" target="_blank" rel="noopener">Gerry Auger (@Gerald_Auger)</a><br> * <a href="https://twitter.com/sgcardinal" target="_blank" rel="noopener">Steven Cardinal (@sgcardinal)</a><br> <br>