ekoparty Sep 27-29, Buenos Aires. Blue Pill for your phone by Oleksandr Bazhaniuk. Unbox Your Phone - Exploring and Breaking Samsung's TrustZone Sandboxes by Daniel Komaromy. Inside Android's SafetyNet Attestation: Attack and Defense by Collin Mulliner. How to cook Cisco: Exploit Development for Cisco IOS by George Nosenko. Bypass Android Hack by Marcelo Romero.Some comments on BlueBorne: I've been involved with Bluetooth security since like forever (not active in the last 10+ years). The early Bluetooth vulnerabilities were mostly logic bugs and issues such as missing authentication. Bluetooth devices could not be set to hidden and would always show up when scanning for devices. Stuff like that. BlueBorne is different as it is a remote exploitable memory corruption vulnerability in Linux, Android, and Windows. This is quite a novelty since we haven't seen a bug that is more ore less the same on two platforms. Even more interesting is that this bug is pre-authentication and gives you kernel privileges (code exec in the kernel).
Virus Bulletin 4-6 Oct, Madrid Span. Last-minute paper: Publishing our malware stats by Jason Woloz (Google) [This is about Android Malware]. Android reverse engineering tools: not the usual suspects by Axelle Apvrille.
In theory this set of vulnerabilities can be bad, bad. In practice the issue is much less of an issue. Exploit mitigations and built variances help mitigating the risk. Devices are not always visible therefore the attacker cannot easily find your device and attack it.
Also see: Hackers Could Silently Hack Your Cellphone And Computers Over Bluetooth.
FaceID: I think it is a really horrible idea! Do not put biometric systems in to consumer products ever! I will not buy products with mandatory biometrics so far iOS allows me to turn it off and use a passphrase - thats why I even consider buying iOS devices. I hate this change -- biometrics are bad.
Huh, here I was looking to get a phone similar to Walmarts in-store model... And eBay just has their actual in-store model... Perfect! pic.twitter.com/sq4pUtCBe3— Tim Strazzere (@timstrazz) September 17, 2017
https://t.co/zqdwIa27IR— sp (@LambdaCube) August 28, 2017
"Certified devices are also required to ship without pre-installed malware"
A good requirement IMHO. 😛
I agree ^^^
SELinux in Android Oreo or: How I Learned to Stop Worrying and Love Attributes (presentation)
Kernel Driver mmap Handler Exploitation (paper)
BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews (paper)
AndroidXRef now with Android O/8
Now the native-shim loader can create VM's for ART based Android devices by rednaga
Good thread about the Android Key Store API
IDA AArch64 processor extender extension: Adding support for ARMv8.1 opcodes
INJECTING MISSING METHODS AT RUNTIME
Oppo/Oneplus .ops Firmware decrypter
Android Hardware-backed Keystore (docs)
Samsung to Launch Mobile Security Rewards Program, Welcoming Security Research Community
Android 8.0 includes the following security-related changes
WHAT'S NEW IN KNOX 2.9?
ANDROID O AND DEX 38: DALVIK OPCODES FOR DYNAMIC INVOCATION
The public release of shadow v2 jemalloc exploitation tool with support for Android (both ARM32 and ARM64)
Making it safer to get apps on Android O
Dig Deep into FlexiSpy for Android
Tool for leaking and bypassing Android malware detection system
iOS 8.4.1 32 bit jailbreak