| ▲ | dflock 2 days ago | |||||||
No one knows how many vulnerabilities there are in closed source medical record software - because we can't check. There are _probably_ loads though, because that medical software is super terrible in every way that we _can_ check. | ||||||||
| ▲ | nradov 2 days ago | parent | next [-] | |||||||
Well the closed-source EHR applications that use NoSQL databases such as MUMPS (InterSystems Caché) probably don't have many SQL injection vulnerabilities. | ||||||||
| ▲ | oatmeal1 2 days ago | parent | prev | next [-] | |||||||
Or voting machines. | ||||||||
| ||||||||
| ▲ | 1970-01-01 2 days ago | parent | prev | next [-] | |||||||
Isn't anything closed-source by definition this? Why speak of the subset of closed-source medical record software when it's just the entire class of software? | ||||||||
| ▲ | 0xdeadbeefbabe 2 days ago | parent | prev [-] | |||||||
SQL injection and XSS come up in dynamic analysis too. | ||||||||