Sunday, July 19 2009
SexyView a Symbian Virus/Worm or bot(net)? I
really don't care too much about viruses, so until this thing has a
real control channel and can auto-update it is nothing. The one thing that
I find interesting about it is the fact that it seems to be signed. This
more or less proofs that signatures don't buy you any security. One can
always somehow obtain a signature for a piece of malware. This is as good
as having no signatures at all - well not exactly it still puts the bar
a little higher.
The Windows Mobile HTC OBEX path traversal bug is interesting. Not because
it is new but rather that this kind of bug made it once again into a device.
So I guess no quality control at HTC. Alberto, the guy who found and
reported the bug, told me that HTC was not really interested in communicating
with him. This is sad since HTC will also be building their own Android
devices soon. I just read that HTC seems to offer a hotfix
for the issue.
On a personal note. As I wrote before I'll be going to Black Hat and Defcon in Vegas. Directly after Vegas I'll travel to the Valley (Los Altos and Mountain View). Before going to Montreal for USENIX I will spend some time around Santa Barbara. So if anybody is up for some mobile phone security stuff contact me.
Otherwise see you in VEGAS!