So since I have decided to use Flattr I also decided to put my own Thing for Mobile Security News on Flattr.
At T2 Nils talks about some WebOS and Android vulns this should be quite interesting since he likely will cover the bugs he recently found. T2 is really one of the European cons I want to go to, very high priority! Especially since I can't go to SEC-T this year. hacking the RKF ticket system and How to stay invisible (while still using cellphones) sounds quite interesting.
The BruCON schedule looks quite interesting. GSM Security: Fact and Fiction NFC Malicious Content sharing, the abstract sounds like something I've done some years ago - I wonder what kind of new stuff they found. The Monkey Steals the Berries: The State of Mobile Security So BruCON actually looks quite good, another CON I need to go to at some point.
At SecTor there seems to be a single mobile talk: Black Berry Security FUD Free.
Thats it for August as far as I can see.
Update: I totallty forgot DeepSec. This year it seems like a mobile only security conference. Talks are: Pentesting Internet Handheld Devices Debugging GSM Targeted DOS Attack and various fun with GSM Um Mobile VoIP Steganography: From Framework to Implementation Mobile privacy: Tor on the iPhone and other unusual devices OsmocomBB: A tool for GSM protocol level security analysis of GSM networks Malicious applications for Smartphones All your baseband are belong to us Android: Reverse Engineering and Forensics LTE Radio Interface structure and its security mechanism
In a couple of days I'm travelling to Darmstadt to attend the CAST-Workshop on Embedded Security to talk about our embedded systems security lab.
So the PalmPre seems to have a small problem with vCards? Pwn20wn Nils found a nice little bug that seems to be exploitable. Nice find!
Then we got the first Android trojan that sends premium SMS messages. Jon did a nice decode of the trojan over here.
Since this is now on a public website I want to mention it once: Decrypting GSM phone calls by Karsten and other from the Security Research Labs (Berlin)
So I survived Black Hat and Defcon, it was great fun, f**ing expensive and totally exhausting but totally worth it. Saw a bunch of talks at Black Hat some of which where cool stuff but others sadly where not worth it. Defcon was way too crowded. 12K people I was told. Therefore I couldn't attend any talk :-( Talking to cool (new) people made up for it.
Now I'm at Stanford for a couple of days. Many things planed but ping me if you want to chat.