Thursday, March 17 2011
Monday, March 14 2011
The BlackBerry pwnage seems to cause some
trouble as RIM seems to not tell the truth (1 2) in their advisory. Lets see what happens here.
Finally the first Android mod with encrypted storage was released by
This is really really cool. Now they just need to support more Android
devices besides the Nexus S. But moxie told me they are adding support for more soon :-)
For those of you interested in NFC there are two interesting papers from this years NFC Conference 1) Security Vulnerabilities of the NDEF Signature Record Type 2) Practical Attacks on NFC Enabled Cell Phones.
Wednesday, March 02 2011
Tuesday, March 01 2011
CanSec was a blast. I had a real good time. Meeting people I only knew by email and seeing people I only see at cons :-)
Pwn2Own was quite interesting for mobile security folks like me. First,
finally BlackBerry was pwnd and this was really hard work since
there is no SDK and/or debugger available for BlackBerry (the Java stuff
does not count). ZDNet has a longer article on
the case. Second, no body was able to pwn Android and Windows Phone 7 - which
is quite interesting to. Third, the iPhone (pre 4.3) was pwnd once again.
All in all the talks were quite good and mostly interesting. A collection
of reviews on the various talks are here: day I day II day III by talk
Very brief update, but I'm quite busy at the moment.
LEET'11 has two interesting papers
on mobile malware: Why Mobile-to-Mobile Wireless Malware Won't Cause a Storm and Andbot: Towards Advanced Mobile Botnets. I'm looking forward to actually read them.