...stuff I do and things I like...

Friday, December 24 2010

SMS-o-Death @ 27c3

Finally our (Nico and myself) talk SMS-o-Death is in the 27c3 schedule. The talk will be kick ass.

Wednesday, December 22 2010

Antid0te - ASLR for the iPhone

Stefan Esser of PHP Security fame released a tool called Antid0te to add ASLR to jailbroken iPhones.

This looks like really awesome work, very interesting slides.

Mobile Security News Update December 2010

I will give a talk at the 27th Chaos Communication Congress together with my student/colleague Nico Golde The title of our talk is SMS-o-Death: from analyzing to attacking mobile phones on a large scale. The talk is about attacking feature phones. This should be very interesting for everybody since we put quite some effort into this research and prepared a good talk. This will be on Day-1 in Saal 1. (We are still not listed yet).

I hope to see many of you guys at the congress!

TAC Database needed for research...
    recently I (and a friend of me too) was looking for a open TAC database but we could not find one. Does anybody have a hint? If nothing exists what about a TAC database around the OpenBSC/osmocom projects?
Smartphone security paper by enisa Past conferences:
    POC2010 had two mobile related talks. 1) Stefan Esser, "iPhone Hacking and Security(Adding ASLR to Jailbroken iPhones)" and 2) Silverbug, "Android Application Hacking & Security Threat". Unfortunately no slides are available yet.
Fun:

Thursday, December 02 2010

Mobile Security News Update November 2010 part 2

DeepSec was real good and a lot of fun this year. Especially putting faces to email/twitter accounts. The mobile talks were really good and there was a lot to learn and spark new project ideas ;)

Quickies:

Spoof your geolocation

Android Data Stealing Vulnerability thru the web browser.