PacSec October, Tokyo. Demystifying the Secure Enclave Processor by Mathew Solnik. Finding Vulnerabilities in Firefox for iOS by Muneaki Nishimura.
ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM) October, Vienna Austria. All talks are related to mobile security.
O'Reilly Security Conference October, NYC. Securing 85% of the world's smartphones by Adrian Ludwig. How Plantronics honed its headsets to create secure wearables by Erik Perotti.
SyScan360 November, Shanghai. Browser Bug Hunting and Mobile by Francisco Alonso and Jaime Penalba. Demystifying the Secure Enclave Processor by Mathew Solnik. Running Code in the TrustZone Land by Edgar Barbosa. Analysis of iOS 9.3.3 Jailbreak & Security Enhancements of iOS 10 by Team Pangu. Security Vulnerabilities on Online Payment: Summary and Detection by Zhang Qing and Bai Guangdong.
KiwiCon November Wellington, NZ. Let's do the Timewarp Again by Karit.
I'm going to be at the O'Reilly Security Conference on Monday the 31st (maybe also the other days). I super excited to speak at KiwiCon this year!
I'm interested in Google's Project Fi does anybody have insights into using it with non Android phones? I've found several posts on this topic but nothing convincing yet. Posts also seem conflicting.
Best of mobile security in pictures:
I've seen this warning a lot in the last couple of weeks while traveling:
This is the real reason for the Galaxy Note 7 recall
While searching for the link to the recall:
Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card
Kwetza: Infecting Android Applications
Pork Explosion Unleashed - Manufacturer Backdoor in the Foxconn Android bootloader
Decap of a SIM card (video)
Android Qualcomm GPS/GNSS Man-In-The-Middle (bug that is fixed now)
KNOXout - Bypassing Samsung KNOX (paper)
Android CVE PoCs for the October bulletin
Osmocom 3G circuit switched voice support with IuCS and Iuh
Multiple Backdoors found in D-Link DWR-932 B LTE Router (hardcoded admin:admin and root:1234)
BlackBerry axes smartphone business
How to keep your Android phone safe from prying eyes
Xiny Android trojan evolves to root phones and infect system processes
IMSI Catcher Report Calls for Transparency, Proportionality, and Minimization Policies
The Messenger Shoots Back: Network Operator Based IMSI Catcher Detection (paper)
How to wipe your phone (or tablet) for resale
attack against compromised Apple accounts to perform SMS spamming
Android Premium SMS Warning Message Manipulation (small android bug, now fixed)
Nexus Support Lifecycle
Google has less control over Pixel devices than people claimed. HTC still signs the bootchain. (via @jcase)
Talk is Cheap, Show Me the Code - How we rooted 10 million phones with one exploit (slides)
The new Android system permissions model analysis and early warning (in Chinese)
Android full-disk encryption: a security assessment (paper)
Android cryptfs.bt for 101editor
iOS9 iCloud backup retrieval proof of concept