...stuff I do and things I like...

Monday, May 18 2015

Mobile Security News Update May 2015 part 2

Conferences
    SourceBoston Mat 2015: A Swift Teardown by Jared Carlson; iOS App Analytics VS Privacy: An analysis of the use of analytics by Guillaume Ross. (they still have TBD slots)

    ReCon Montreal, Canada (June): Building a Better Bluetooth Attack Framework by Chris Weedon

    Black Hat USA ADVENTURES IN FEMTOLAND: 350 YUAN FOR INVALUABLE FUN by Alexey Osipov & Alexander Zaitsev; ATTACKING YOUR TRUSTED CORE: EXPLOITING TRUSTZONE ON ANDROID by Di Shen; CERTIFI-GATE: FRONT-DOOR ACCESS TO PWNING MILLIONS OF ANDROIDS by Ohad Bobrov & Avi Bashan; FAUX DISK ENCRYPTION: REALITIES OF SECURE STORAGE ON MOBILE DEVICES by Daniel Mayer & Drew Suarez; HACKING INTO SMARTPHONES AND CARS WITH A SIM CARD by Matt Spisak; STAGEFRIGHT: SCARY CODE IN THE HEART OF ANDROID by Joshua Drake; TRUSTKIT: CODE INJECTION ON IOS 8 FOR THE GREATER GOOD by Alban Diquet & Eric Castro

    CONFidence Krakow: iOS Hacking: Advanced Pentest & Forensic Techniques by Omer S. Coskun; Abusing apns for profit by Karol Wiesek

    Defcon Extracting the Painful (blue)tooth by Matteo Beccaro and Matteo Collura; Build a free cellular traffic capture tool with a vxworks based femoto by Yuwei Zheng and Haoqi Shan

    Android Security Symposium Vienna, Austria, from 9-11 September 2015. Only Android security talks!
Some of the upcoming conferences I covered in earlier month (e.g. HITB Amsterdam).

CFPs
    Breakpoint Melbourne, Australia, October 22th-23th

    SEC-T Stockholm 17-18:th of September 2015

    44con

    The Chaos Communication Camp cfp just closed yesterday.


iPhone: I bought an iPhone 5c (as a tryout device) like two weeks ago. I used to have a iPhone 3G back in 2009. I'm pretty happy with it, usability is great and the radio/antenna seems way better then the one in the Nexus 5. One thing I noticed is that most major apps are much better on the iPhone. There are exceptions like Dropbox. The Dropbox client is missing features compared with the android version. I'm missing the text editor! Also inter-app communication is really a weakness of iOS and a strength of Android. Other annoying stuff: I can't set Chrome to be the default browser. I can't have Signal as the default SMS app. One of the most annoying things are notifications. Many apps don't support privacy friendly notifications on the lock screen. I want to see if there are new emails in an account but I don't want the sender, subject, or content to be shown. The same is true with a lot of apps. It is either no notification or notification with content. Not happy with this! But I'm a big fan of handover.

I total I'm still happy with my tryout iPhone 5c. Let's see how long.

Mobile Killswitch: The mobile killswitch now has it's first possibility for abuse: So this killswitch tech in mobile phones now, kinda scary, especially when I can lock you out from your phone from an app w/ no root by @jcase.


Links