...stuff I do and things I like...

Wednesday, July 30 2014

Mobile Security News Update July 2014

Not much to say about conferences in this post since in early August everybody will be in Las Vegas. I'll post an update after the show is over.

The one thing I over read was the round tables that are going down at Black Hat. Specifically: EMBEDDED DEVICES ROUNDTABLE: EMBEDDING THE MODERN WORLD, WHERE DO WE GO FROM HERE? hosted by Don Bailey & Zach Lanier, MOBILE SECURITY ROUNDTABLE: WHAT DOES MOBILE SECURITY LOOK LIKE TODAY? WHAT WILL IT LOOK LIKE TOMORROW? hosted by Vincenzo Iozzo & Peiter Zatko and RESPONSIBLE DISCLOSURE ROUNDTABLE: YOU MAD BRO? hosted by Trey Ford look interesting.

There was a lot of fuzz about iOS backdoors. I didn't have time to go into all details but the basic facts seem to be that iOS has capabilities to exfiltrate data to paired computers. The danger seems to lie in that fact that you can steal/copy the paring from a computer. The initial slide deck from Jonathan Zdziarski are available here. There was a huge follow up discussion on twitter. Roundup from the Jonathan: 1 counter side from Violet Blue: 2 also see Dino Dai Zovi's post: 3

Links