...stuff I do and things I like...

Thursday, May 29 2014

Mobile Security News Update May 2014

Conferences
    Recon A Bedtime Tale for Sleepless Nights: Josh "m0nk" Thomas and Nathan Keltner; The Making of the Kosher Phone: Assaf Nativ

    ShakaconResearching Android Device Security with the Help of a Droid Army: Joshua Drake - Accuvant; Practical OpSec for Android Devices: The Grugq

    ToorCamp Collin Mulliner: Hacking Android Apps with Dynamic Instrumentation

    Black Hat ABUSING PERFORMANCE OPTIMIZATION WEAKNESSES TO BYPASS ASLR: Byoungyoung Lee & Yeongjin Jang & Tielei Wang; ANDROID FAKEID VULNERABILITY WALKTHROUGH: Jeff Forristal; ATTACKING MOBILE BROADBAND MODEMS LIKE A CRIMINAL WOULD: Andreas Lindh; CELLULAR EXPLOITATION ON A GLOBAL SCALE: THE RISE AND FALL OF THE CONTROL PROTOCOL: Mathew Solnik & Marc Blanchou; IT JUST (NET)WORKS: THE TRUTH ABOUT IOS 7'S MULTIPEER CONNECTIVITY FRAMEWORK: Alban Diquet; MOBILE DEVICE MISMANAGEMENT: Stephen Breen; REFLECTIONS ON TRUSTING TRUSTZONE: Dan Rosenberg; RESEARCHING ANDROID DEVICE SECURITY WITH THE HELP OF A DROID ARMY: Joshua Drake; SIDEWINDER TARGETED ATTACK AGAINST ANDROID IN THE GOLDEN AGE OF AD LIBS: Tao Wei & Yulong Zhang; STATIC DETECTION AND AUTOMATIC EXPLOITATION OF INTENT MESSAGE VULNERABILITIES IN ANDROID APPLICATIONS: Daniele Gallingani; UNDERSTANDING IMSI PRIVACY: Ravishankar Borgaonkar & Swapnil Udar; UNWRAPPING THE TRUTH: ANALYSIS OF MOBILE APPLICATION WRAPPING SOLUTIONS: Ron Gutierrez & Stephen Komal

    Defcon NSA Playset - GSM Sniffing: Pierce and Loki; more upcoming but they are not listed yet.


I'm really happy to see two talks accepted at Black Hat that investigate Mobile Device Management (MDM) systems and app wrapping security solutions. This should be quite interesting since this is more or less the state of the art when it comes to third-party mobile security applications.

Links

I've been super busy in the last weeks mostly work and travel and more traveling coming up in a few days. Summer will be pretty awesome again. My talk on GUI security was accepted at Black Hat so did the talks of many of my friends. This should be a pretty epic year. Also I'm finally making it out to ToorCamp. More updates after I return from ASIA CCS.