Thursday, February 12 2009
This year's CanSecWest will have a good amount of smart phone security
related talks besides the earlier announced mobile pwn2own contest. Talks seem to be focused on the iPhone
and the Android platform. 1) Alfredo Ortega and Nico Economou - Multiplatform Iphone/Android Shellcode, and other smart phone insecurities 2) Jon Oberheide - A Look at a Modern Mobile Security Model: Google's Android and 3) Sergio 'shadown' Alvarez - The Smart-Phones Nightmare. I suppose Sergio Alvarez
is also going to talk about the iPhone since Apple fixed multiple bugs that he submitted in the iPhone 2.2 update.
I'm a bit sad that I can't attend CanSecWest.
At BlackHat Europe Jeroen van Beek will show his NFC-phone-based e-Passport cloning tools. Maybe there is even more mobile security stuff
going on there since the speaker list is not yet complete.
Done with conferences for this post. The guys from the Mobile Security Lab just launched their poc site where people can test their phones
using exploits developed by the mobile security lab. Nice idea!
Last weekend at ShmooCon Charlie Miller released details on a vulnerability in Android's audio player. Some links:
Related news: Palm has finally killed PalmOS. I really waited a long time for this to happen. PalmOS was just
way past its time. This a good and sad thing but now its over.
Did I miss anything?