Monday, June 20 2011
Not too much happened or I just missed it because I'm way to busy these days.
I'll just update my mobile conference monitor.
Conference:
Black Hat USA has way more mobile talks then last year. Hacking Androids for Profit by Riley Hassell. ARM exploitation ROPmap by Long Le. War Texting: Identifying and Interacting with Devices on the Telephone Network by Done Bailey. Mobile Malware Madness, and How To Cap the Mad Hatters by Neil Daswani. The Law of Mobile Privacy and Security by Jennifer Granick.
Defcon is a little weak on mobile stuff this year. Only very few talks, one of the being: Mobile App Moolah: Profit taking with Mobile Malware by Jimmy Shah.
Wednesday, June 08 2011
There seems to be a massive rise in Android malware. Mostly modified versions
of legit applications. Again one piece of malware [1] contains a root exploit - the one already used by DroidDream. Many of the new trojans will try sending SMS messages to premium numbers.
Other SMS trojans are just funny [2] as they send jokes to every entry in the phonebook.
Conferences:
BlackHat USA: Ravishankar Borgaonkar + Kevin Redon + Nico Golde: Femtocells: A poisonous needle in the operator's hay stack. Dino Dai Zovi: Apple iOS Security Evaluation: Vulnerability Analysis and Data Encryption. Stefan Esser: Exploiting the iOS Kernel. Anthony Lineberry: Don't Hate the Player, Hate the Game: Inside the Android Security Patch Lifecycle. Tyler Shields: Owning Your Phone at Every Layer - A Mobile Security Panel.
Don Bailey will do something on mobile infrastructure security.
Brucon: iOS Data Protection Internals by Andrey Belenko. Smart Phones - The Weak Link in the Security Chain, Hacking a network through an Android device by Nick Walker.
NinjaCon / BSides vienna: Hacking NFC and NDEF, why I go and look at it again (by myself). A Midsummer Droid's Dream (grab a drink, come around, let's reverse some malware) by Manuel Acanthephyra.
ToorCon Seattle: Scott Dunlop, Reverse Engineering Using the Android Emulator. Joshua Brashars, Owning the phone system (and why it still matters).
Defcon: This is REALLY not the droid you're looking for... Nicholas J. Percoco + Sean Schulte.
Every since Google announced Google wallet I'm getting hammered with requests regarding NFC security. Funny part about that I just was getting back working on NFC security because of the Nexus S. First bug reports already filed ;-). Due to the new rising interest in NFC and
NFC security I'll decided to give a NFC security talk at NinjaCon / BSides Vienna on June 18th.
Tuesday, June 07 2011
I'm quite busy these days which is good and bad at the same time. My travel schedule
is packed for my opinion.
June 1 : Bochum @ RUB to give a talk (that was last week)
June 18 : BSides/NinjaCon @ Vienna to give a talk on NFC security.
June 26-28 : I'm doing a talk on NFC security at RFIDsec 11 in Amherst, MA, USA.