...stuff I do and things I like...

Thursday, February 12 2009

Mobile Security News February 2009

This year's CanSecWest will have a good amount of smart phone security related talks besides the earlier announced mobile pwn2own contest. Talks seem to be focused on the iPhone and the Android platform. 1) Alfredo Ortega and Nico Economou - Multiplatform Iphone/Android Shellcode, and other smart phone insecurities 2) Jon Oberheide - A Look at a Modern Mobile Security Model: Google's Android and 3) Sergio 'shadown' Alvarez - The Smart-Phones Nightmare. I suppose Sergio Alvarez is also going to talk about the iPhone since Apple fixed multiple bugs that he submitted in the iPhone 2.2 update. I'm a bit sad that I can't attend CanSecWest.

At BlackHat Europe Jeroen van Beek will show his NFC-phone-based e-Passport cloning tools. Maybe there is even more mobile security stuff going on there since the speaker list is not yet complete.

Done with conferences for this post. The guys from the Mobile Security Lab just launched their poc site where people can test their phones using exploits developed by the mobile security lab. Nice idea!

Last weekend at ShmooCon Charlie Miller released details on a vulnerability in Android's audio player. Some links: 1 2

Related news: Palm has finally killed PalmOS. I really waited a long time for this to happen. PalmOS was just way past its time. This a good and sad thing but now its over.

Did I miss anything?