The design flaws were determined through a workshop consisting of the founding members of IEEE’s Center for Secure Design. Founding members include professionals from Athens University of Economics and Business, Cigital, EMC, George Washington University, Google, Harvard University, HP, McAfee, RSA, the Sadosky Foundation, and the University of Washington.

The full report is available here.