Conferencesupcoming: 32C3 (December), ShmooCon (January)
CFPs
$10 Android Phone Walmart has a $10 Android phone. It is an LG device with Android 4.4 specs. I agree with Patrick McCanna on Smartphones @ featurephone prices will be a significant milestone towards monetizing mobile hacking. These prices really mean everybody is going to have a smartphone. Like everybody. I ordered two of those to play with.
Mobile pwn2own: two interesting results. (1) baseband of a Samsung S6 Edge, the payload was able to redirect incoming calls. This was done by my buddies Nico Golde and Daniel Komaromy. Here a picture of their setup. Story by various sites: 1, 2 (German), 3. (2) drive by APK install on Nexus 6 without user interaction by Guang Gong. tweets: 1 2 (with picture).
LTE Security: pretty interesting talk and paper about LTE design and implementation vulnerabilities. slides white paper. Blogpost by the same people: Practical attacks against 4G (LTE) access network protocols. One thing I didn't notice is how cheap LTE research is already. Their setup is just over $1000, which seems rather cheap for LTE.
JobsWe at Square are looking for engineers, jobs should be super interesting for those who read this blog!
the GSMA is looking for a Cyber Security Director
LinksFakeDebuggerd.D, AFAIK the first Android Trojan infecting system binaries just like traditional virus (in Chinese)
tiny USB drive sized Qualcomm LTE base station
Samsung Mobile Security Blog I didn't know this existed
32c3 again has a GSM network
Remote Code Execution as System User on Android 5 Samsung Devices abusing WifiCredService (Hotspot 2.0)
Hey @sprint @sprintcare, what's up with sprint installing MDM profile on a new iPhone 6s at the store? sprint seems to install MDM profiles on to iPhones at the store, more investigation needed!
A vulnerability known as Wormhole affects the Baidu Moplus SDK and potentially exposes more than 100 Million users to cyber attacks.
VTS for Android vulnerability scanner for Android that is constantly updated!
Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge Google P0 takes a look at the S6 and finds 11 high impact issues.
The Zerodium 1 Million $ iOS 0day bounty was claimed on Nov. 2
ZipFury: Yet another Zip arbitrary file write with system privileges (Samsung Android)
SafetyNet doesn't detect a device as rooted if using the new system-less SuperSU
Characterizing SEAndroid Policies in the Wild (paper)
SEAL: SEAndroid Analytics Library for live device analysis (tool)
Long Term Exploitation - LTE security (slides)
Nexus 6P has two levels of bootloader unlocking
Xposed now for Android 6.0
Copperhead CTO: Nexus Phones Already More Secure Than BlackBerry Priv
AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.
android app capable of "self-compilation, mutation and viral spreading" (paper) and code
When providing a native mobile app ruins the security of your existing web solution(slides)
Why Does My Android Phone Have eFuses And Why Should I Care About Them?
AFL on Android
As Of Android 6.0, OEMs Will Be Required To Provide Secure Factory Reset On Their Devices (If They Haven't Already)
Nexus Security Bulletin November 2015
Remote attestation for TEEs and Verified Boot will be possible on Android N
the Ubuntu phone as security issues
ARMageddon: Last-Level Cache Attacks on Mobile Devices (paper)
GOOGLE AOSP EMAIL APP HTML INJECTION
The Terminator to Android Hardening Services (slides)
Android developer hotlinks an image on some guy's server, DDoS's it. He has no idea who to contact. (reddit)
ARMv8 has unprivileged cache flush instructions. (slides)
Mount Android phones on Linux with adb. No root required.
BlackBerry's PaX / grsecurity configuration
MalwAirDrop: Compromising iDevices via AirDrop (slides)
Android now has Signal too
don't jailbreak your iPhone (or else forensics)
... encrypted com app security scorecard ...