...stuff I do and things I like...

Tuesday, September 19 2017

Mobile Security News Update September 2017

    ekoparty Sep 27-29, Buenos Aires. Blue Pill for your phone by Oleksandr Bazhaniuk. Unbox Your Phone - Exploring and Breaking Samsung's TrustZone Sandboxes by Daniel Komaromy. Inside Android's SafetyNet Attestation: Attack and Defense by Collin Mulliner. How to cook Cisco: Exploit Development for Cisco IOS by George Nosenko. Bypass Android Hack by Marcelo Romero.

    Virus Bulletin 4-6 Oct, Madrid Span. Last-minute paper: Publishing our malware stats by Jason Woloz (Google) [This is about Android Malware]. Android reverse engineering tools: not the usual suspects by Axelle Apvrille.
Some comments on BlueBorne: I've been involved with Bluetooth security since like forever (not active in the last 10+ years). The early Bluetooth vulnerabilities were mostly logic bugs and issues such as missing authentication. Bluetooth devices could not be set to hidden and would always show up when scanning for devices. Stuff like that. BlueBorne is different as it is a remote exploitable memory corruption vulnerability in Linux, Android, and Windows. This is quite a novelty since we haven't seen a bug that is more ore less the same on two platforms. Even more interesting is that this bug is pre-authentication and gives you kernel privileges (code exec in the kernel).

In theory this set of vulnerabilities can be bad, bad. In practice the issue is much less of an issue. Exploit mitigations and built variances help mitigating the risk. Devices are not always visible therefore the attacker cannot easily find your device and attack it.

Also see: Hackers Could Silently Hack Your Cellphone And Computers Over Bluetooth.

FaceID: I think it is a really horrible idea! Do not put biometric systems in to consumer products ever! I will not buy products with mandatory biometrics so far iOS allows me to turn it off and use a passphrase - thats why I even consider buying iOS devices. I hate this change -- biometrics are bad.


I agree ^^^