...stuff I do and things I like...

Friday, November 30 2012

Android DBI v0.2 (BreakPoint version)

I finally managed to release v0.2 of my Android DBI framework. The version I announced at BreakPoint and RuxCon.

New in this version: actually working Thumb support, nfc card emulation code for fuzzing.

Slides
collin_android_dbi_v02.zip

Happy hacking! Feedback is welcome!

Wednesday, November 21 2012

Mobile Security News Update November 2012

The last weeks were pretty crazy for me in terms of work, but stuff got done so I have some new stuff to show next year.

Last month I've travelled to Melbourne Australia to speak at BreakPoint and RuxCon. This was my first time travelling to Australia and I must say it was good fun. BreakPoint was a good conference with some good talks and many interesting people. RuxCon was great fun too, good talks, nice friendly people. The trip was just too short.

Conferences
    Black Hat Abu Dhabi Advanced Exploitation of ARM-based Mobile and Embedded Devices by Stephen Ridley , Droid Exploitation Saga by Aditya Gupta and Subho Halder, Inspection of Windows Phone applications by Dmitriy Evdokimov and Andrey Chasovskikh, Over-the-Air Cross-platform Infection for Breaking mTAN-based Online Banking Authentication by Alexandra Dmitrienko and Ahmad Sadeghi and Christopher Liebchen and Lucas Davi, Practical Security Testing for LTE Networks by Martyn Ruks and Nils, UI Redressing Attacks on Android Devices by Marcus Niemietz

    BayThreat in Sunnyvale has a mobile talk. Daniel Peck - "Dynamic Analysis and Exploration of Android Apps". Some of the other talks look good to.

    29c3 Chaos Communication Congress didn't publish a schedule yet. But some talks should be very interesting, such as Nico's.

Other upcoming conferences are: ShmooCon in February, CanSecWest in March, Infiltrate in April, and Source Boston also in April.

As I said, crazy weeks behind me. So I didn't see much of what happened in the mobile security space.