Sunday, November 23 2014
Thursday, October 23 2014
I'm still waiting for the 31C3 program to be released, but since I was reviewing the security submissions I can tell you that there will be a bunch of good mobile security related talks this year. As usual I will be in Hamburg to attend CCC.
So far there are no upcoming conferences that have released their program yet.
I've recently updated to Android 5.0. Overall I think it turned out quite nice. The changes related to notifications suck really badly. Apparently you cannot turn off audio and vibration but still get the visual notification (LED). I really liked the old way to set notifications: ring/vibrate/off.
The extended battery time everybody is talking about I don't recognize (Nexus 5). The more tight integration with googles services sucks too. Why does it need to show my google account logo on the top right of my status bar? This is useful for what?
Links and Stories:
Tuesday, October 07 2014
Time files, I've been super busy the last two month and will be busy until mid/end of November. I just relaized that
I haven't posted anything in September at all.
Hack.Lu October 21-24: Stripping the controversial FinFisher application for Android phones by Attila Marosi; SherlockDroid, an Inspector for Android Marketplaces by Axelle Apvrille, Ludovic Apvrille
PacSec Tokyo, Nov 12-13: An Infestation of Dragons: Exploring Vulnerabilities in the ARM TrustZone Architecture by Josh "m0nk" Thomas, Charles Holmes, Nathan Keltner; Hey, we catch you - dynamic analysis of Android applications by
Wenjun Hu; Root via SMS: 4G access level security assessment by Sergey Gordeychik, Alexander Zaytsev; Blowing up the Celly - Building Your Own SMS/MMS Fuzzer by Brian Gorenc and Matt Molinyawe.
DeepSec Vienna, Nov 18-21: Mobile SSL Failures by Tony Trummer & Tushar Dalvi; TextSecure and RedPhone-bring them to iOS by Christine Corbett; Creating a kewl and simple Cheating Platform on Android by Milan Gabor & Danijel Grah
There is again a new talk on SMS and MMS fuzzing. I really wonder what is going to be different from all the previous work?
Saturday, August 30 2014
I just moved all my domains to a new box. Hope everything is working ;-)
Wednesday, July 30 2014
The Vegas week was as great as it can be as anybody knows who has this ongoing love hate relationship with the yearly pilgrimage.
The Blackphone kinda got rooted, ars on Blackphone root I had to laugh so hard when I saw Jon running around in his new t-shirt.
The SecurityCookies project was a lot of fun. I think people really liked it, likely Guillaume and I had the most fun. We will likely do this again at some point.
The iPhone is finally getting NFC iPhone 6 will reportedly feature NFC and Apple's own mobile payments platform. This should be a lot of fun cause everybody will scramble to actually build and deploy NFC now. I'm not really worried about NFC-payment insecurity but about all the other fun stuff that will be possible. Maybe I have to buy an iPhone 6 and continue my NFC work.
If I actually do get an iPhone I should also get the FLIR ONE an thermal camera case for iPhones. There are various articles about what you could do with this and I think this could be super interesting to play with.
My friend Ravi released darshak an Android app that notifies you if your phone receives silent SMS that are used for tracking your phone. It further displays current network security settings. This can be an indicator about your phone being connected to an IMSI-catcher. So far you need to have a Samsung Galaxy S3 to use this tool, but the S3 is fairly popular. I would like to see vendors providing information about phone network security parameters to the user.
44con September 10-11 London, UK: GreedyBTS: Hacking Adventures in GSM by Hacker Fantastic; Researching Android Device Security with the Help of a Droid Army by Joshua J. Drake (jduck); Manna from Heaven; Improving the state of wireless rogue AP attacks by Dominic White; On Her Majesty's Secret Service: GRX and a Spy Agencyby Stephen Kho; Darshak: how to turn your phone into a low cost IMSI catcher device by Ravishankar Borgaonkar & Swapnil Udar
SEC-T September 18-19 Stockholm, Sweden: Attacking Mobile Broadband Modems Like A Criminal by Andreas Lind
T2 October 23-24, Helsinki, Finland: Style over Substance - how OEMs are breaking Android security by Robert Miller; Reversing iOS Apps - a Practical Approach by Patrick Wardle; Darshak: how to turn your phone into a low cost IMSI catcher device by Ravishankar Borgaonkar and Swapnil Udar
BruCON September 25-26 in Ghent, Belgium: Stealing a Mobile Identity Using Wormholes by Markus Vervier.
August so far was my busiest month of the year, so I guess I missed a lot of what was going on.
Tuesday, June 24 2014
Not much to say about conferences in this post since in early August everybody will be in Las Vegas. I'll post an update after the
show is over.
The one thing I over read was the round tables that are going down at Black Hat. Specifically: EMBEDDED DEVICES ROUNDTABLE: EMBEDDING THE MODERN WORLD, WHERE DO WE GO FROM HERE? hosted by Don Bailey & Zach Lanier, MOBILE SECURITY ROUNDTABLE: WHAT DOES MOBILE SECURITY LOOK LIKE TODAY? WHAT WILL IT LOOK LIKE TOMORROW? hosted by Vincenzo Iozzo & Peiter Zatko and RESPONSIBLE DISCLOSURE ROUNDTABLE: YOU MAD BRO? hosted by Trey Ford look interesting.
There was a lot of fuzz about iOS backdoors. I didn't have time to go into all details but the
basic facts seem to be that iOS has capabilities to exfiltrate data to paired computers.
The danger seems to lie in that fact that you can steal/copy the paring from a computer.
The initial slide deck from Jonathan Zdziarski are available here. There was a huge follow up discussion on twitter. Roundup from the Jonathan:
counter side from Violet Blue: 2
also see Dino Dai Zovi's post: 3
Thursday, May 29 2014
SyScan 360 Play With an Unpublished Kernel Vulnerability for iOS 7.0.x by windknown and dm557; Be cautious, there is an attack window in your android app by pLL; Click and Dagger: Denial and Deception on Android Smartphones by The Grugq; Advanced Bootkit Techniques on Android by Chen Zhangqi and Shen Di; Mobile Browsers Security: iOS by Lukasz Pilor and Pawel Wylecial
Defcon Detecting Bluetooth Surveillance Systems by Grant Bugher; Android Hacker Protection Level 0 by Tim Strazzere and Jon Sawyer; Shellcodes for ARM: Your Pills Don't Work on Me, x86 by Svetlana Gaivoronski and Ivan Petrov; Blowing up the Celly - Building Your Own SMS/MMS Fuzzer by Brian Gorenc and Matt Molinyawe; Burner Phone DDOS 2 dollars a day : 70 Calls a Minute by Weston Hecker; NSA Playset : GSM Sniffing by Pierce and Loki
So people are still building SMS and MMS fuzzers in 2014. I'm really interested to see what new techniques the ZDI guys came up with.
Recon A Bedtime Tale for Sleepless Nights: Josh "m0nk" Thomas and Nathan Keltner; The Making of the Kosher Phone: Assaf Nativ
ShakaconResearching Android Device Security with the Help of a Droid Army: Joshua Drake - Accuvant; Practical OpSec for Android Devices: The Grugq
ToorCamp Collin Mulliner: Hacking Android Apps with Dynamic Instrumentation
Black Hat ABUSING PERFORMANCE OPTIMIZATION WEAKNESSES TO BYPASS ASLR: Byoungyoung Lee & Yeongjin Jang & Tielei Wang; ANDROID FAKEID VULNERABILITY WALKTHROUGH: Jeff Forristal; ATTACKING MOBILE BROADBAND MODEMS LIKE A CRIMINAL WOULD: Andreas Lindh; CELLULAR EXPLOITATION ON A GLOBAL SCALE: THE RISE AND FALL OF THE CONTROL PROTOCOL: Mathew Solnik & Marc Blanchou; IT JUST (NET)WORKS: THE TRUTH ABOUT IOS 7'S MULTIPEER CONNECTIVITY FRAMEWORK: Alban Diquet; MOBILE DEVICE MISMANAGEMENT: Stephen Breen; REFLECTIONS ON TRUSTING TRUSTZONE: Dan Rosenberg; RESEARCHING ANDROID DEVICE SECURITY WITH THE HELP OF A DROID ARMY: Joshua Drake; SIDEWINDER TARGETED ATTACK AGAINST ANDROID IN THE GOLDEN AGE OF AD LIBS: Tao Wei & Yulong Zhang; STATIC DETECTION AND AUTOMATIC EXPLOITATION OF INTENT MESSAGE VULNERABILITIES IN ANDROID APPLICATIONS: Daniele Gallingani; UNDERSTANDING IMSI PRIVACY: Ravishankar Borgaonkar & Swapnil Udar; UNWRAPPING THE TRUTH: ANALYSIS OF MOBILE APPLICATION WRAPPING SOLUTIONS: Ron Gutierrez & Stephen Komal
Defcon NSA Playset - GSM Sniffing: Pierce and Loki; more upcoming but they are not listed yet.
I'm really happy to see two talks accepted at Black Hat that investigate Mobile Device Management (MDM) systems and app wrapping
security solutions. This should be quite interesting since this is more or less the state of the art when it comes
to third-party mobile security applications.
I've been super busy in the last weeks mostly work and travel and more traveling coming up in a few days. Summer will be
pretty awesome again. My talk on GUI security was accepted at Black Hat so did the talks of many of my friends. This
should be a pretty epic year. Also I'm finally making it out to ToorCamp. More updates after I return from ASIA CCS.