...stuff I do and things I like...

Friday, August 07 2009

SMS Security Research

I just created the SMS security research page in order to publish the slides from our (Charlie and myself) talk at Black Hat USA 2009 titled: Fuzzing the Phone in your Phone.

The injection frameworks for the iPhone, for Android, and for Windows Mobile are available for download just now. Charlie provided his Sulley fuzzing test cases. The page is far from complete as we have more tools and scripts to share. But since I'm on vacation/business trip (depending on the actual day) I didn't find time to sort it all out.

I also updated my iPhone Security page with the link to Apple's security advisory for the vulnerability we reported. iPhone OS 3.0.1 fixes this vulnerability.