...stuff I do and things I like...

This is actually a delayed April update!

Conferences

CircleCityCon Indianapolis. ZitMo NoM - Clientless Android Malware Control by David Schwartzberg. Making Android's Bootable Recovery Work For You by Drew Suarez. Hacking the Jolla: An Intro to Assessing A Mobile Device by Vitaly McLain and Drew Suarez.

ShakaCon Hawaii. Making Android's Bootable Recovery Work for You by Drew Suarez.

PhDays Moscow. Fighting Payment Fraud Within Mobile NetworksTech by Denis Gorchakov and Nikolai Goncharov. GSM Signal Interception ProtectionFast Track by Sergey Kharkov and Artyom Poltorzhitsky. RFID/NFC for the MassesHands-on Labs by Nahuel Grisolia. iOS Application Exploitation by Prateek Gianchandani.

In the last weeks I went to RSA Conference to hangout with a few people. I met the good guys from NowSecure and Zimperium as well as the fellows of DuoSecurity.

The week after I attended Qualcomm Mobile Security Summit 2015. Again this was a super interesting mobile security focused event, most likely the best one of the year. Good talks and good people. There is no general posting of slides but some presenters published their slide deck. Tim and jcase posted their slides here: Android APP Protection. It was good to meet some guys from @K33nTeam. Their presentation was pretty good too.

If you are interested in learning about Android security take Jduck's and Zach's training at DerbyCon. They know what they are talking about.

This picture is sadly very true. I really dislike the trend going towards big smartphones or phablets.


Nexus 5 issue after a long and painful struggle including factory resetting my Nexus 5 and downgrading it to Android 5.0.1 I gave up and determined that it must be a hardware fault. Most likely the power button. I also found out (via @mweissbacher) that the warranty of our Nexus 5 devices ran out in January :-(

I determined that the only decent device to buy right now is a Moto X in the Pure Edition. The pure edition is basically AOSP like shipped with the Nexus devices. So if you are looking for a normal sized smartphone that runs stock Android this might be a device for you. Motorola even states on their site that the pure edition receives more regular updates then carrier branded devices. Most likely also more frequent updates then devices that run a heavily modified Android version (shipped by most other manufacturers).

News and Links

Repository to train/learn memory corruption on the ARM platform

HOW TO CRACK MIFARE CLASSIC CARDS The end of the post shows how to hack a tag to get more credit for a vending machine.

https://www.rsaconference.com/writable/presentations/file_upload/br-w01-but-it_s-an-app-play-store-download-research-exposes-mobile-app-flaws.pdf talk at RSA

Android drive-by download in French (use Google Translate)

ADB backup on Android version 4.0.4 allows for file overwrite via modified tar headers.

ApkDetecter Tool for providing Android APK protector detection with UI

New Root Method for LG Devices

Generic Android Deobfuscator

Android vmlinux loader by K33nTeam

Android wpa_supplicant WLAN Direct remote buffer overflow

A bunch of Android 4.x bugs 1 2 3

HOW I FORCED AN ANDROID VULNERABILITY INTO BYPASSING MDM RESTRICTIONS + DIY MALWARE ANALYSIS (slides)

DEX Parser (Python)

The nightmare behind the cross platform mobile apps dream (slides)

Developer Chainfire Publishes Preview Release Of FlashFire, A 'Spiritual Successor' To Mobile ODIN

Instrumenting Android Applications with Frida

Amazon Fire Phone Source Code Notice

SunShine 3.1 is out, HTC m9 s-off support, as well as experimental simunlock for HTC GSM devices (no CDMA, no m9)

DuoSecurity supports the Apple Watch for their push authentication app on iOS pretty cool actually!