Qualcomm has recently announced its new Vulnerability Rewards Program, where it is offering £12,000 ($15,000) to anyone able to spot bugs in its modems and processors. The news comes off the back of the DEF CON conference in August where four vulnerabilities were revealed for the company’s chipsets.
Mike Ahmadi, Global Director – Critical Security Systems at Synopsys:
“Chipmakers build chips based on customer needs and specifications, which are mostly driven by features and cost. Most of the better chipmakers build decent quality hardware-based secure chips, which meet or exceed Common Criteria EAL4 or FIPS 140-2 Level 3 requirements for secure hardware, but customers today often opt for lower cost alternatives with software-based security added in. This situation makes security much more challenging, since software-based security is generally easier to compromise.
“Modern chipmakers are expected to provide software (firmware) as well as hardware, so it becomes incumbent upon them to address the more challenging world of software security due to the need to meet customer demands. It is like they have solved a problem, through hardware based security, but the customer expects this to extend to everything the chipmaker builds. In order to compete in the marketspace, chipmakers will have to make software security a priority.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…