...stuff I do and things I like...

Conferences

Recon Brussels Brussels, 27-29 January. Analyzing iOS apps: road from AppStore to security analysis report by Lenar Safin, Yaroslav Alexandrov, Egor Fominykh, Alexander Chernov.

31CON Auckland NZ, 23-24 February. RAVISHANKAR BORGAONKAR (UK): PRIVACY ISSUES IN 4G. PHILIPPE LANGLOIS (FRANCE): something about mobile networks.

Android Security Symposium 2017 Vienna Austria, March. Many interesting talks.

Troopers Heidelberg, Germany. March. Hunting For Vulnerabilities in Signal by Jean-Philippe Aumasson, Markus Vervier. Samsung Pay: Tokenized Numbers, Flaws and Issues by Salvador Mendoza.

TelcoSecDay @ Troopers It's no use crying over spilled 2G,3G,4G - what we need to fix in 5G. Outlook on 5G security from 3GPP perspective. Automated large-scale detection of rogue base stations: A field report. Exploring fraud in telephony networks, an illustration with Over-The-Top Bypass.

Infiltrate Miami, FL. March. Jean-Philippe Aumasson, Markus Vervier: Hunting For Vulnerabilities in Signal. Georgi Geshev, Robert Miller: Logic Bug Hunting in Chrome on Android. Marco Grassi, Liang Chen: Remotely Compromising a Modern iOS Device. Vasilis Tsaousoglou, Patroklos Argyroudis: The Shadow over Android: Heap exploitation assistance for Android's libc allocator. Ralf-Phillip Weinmann: Did I hear a shell popping in your baseband?.

CFPs

SyScan360 Seattle WA, USA (new conference)

You Shot The SheriffSao Paulo - Brazil

I'm not a fan or a user of WhatsApp but this backdoor story is just bad and will drive users away from a secure messaging app (maybe even the biggest install based of all of them). Zeynep Tufekci wrote an open letter to the Guardian to have them update the story. Moxie also wrote a blog post about these claims. The Guardian should have asked people with the technical expertise for advice before publishing the story.

AT&T 2G network shutdown happened on Dec 31 2016

AndroidXRef is looking for sponsors!

The mobile talks from 33c3 are all totally worth watching (no particular order):

Dissecting modern (3G/4G) cellular modems

Intercoms Hacking

Downgrading iOS: From past to present

Pegasus Internals

Geolocation methods in mobile networks

Shut Up and Take My Money! The Red Pill of N26 Security

Code BROWN in the Air. A systemic update of sensitive information that you sniff from pagers

Pics of the month:

So, um… I guess the person who wrote @Medium's overly-florid app store release notes was part of the layoffs pic.twitter.com/YEbcuC5FVn

— Rod Begbie (@RodBegbie) January 14, 2017

@PatrickMcCanna again pic.twitter.com/UG4Fh1fYHM

— Jon Sawyer (@jcase) January 24, 2017

Best question so far about my 1992 Nokia 101: "How can it be older than the web, if it has a separate button for the #hashtag?" pic.twitter.com/Sa9drZwtPe

— Mikko Hypponen ଙ (@mikko) January 23, 2017

Links

Samsung Android Security Updates for January

Secure boot and image authentication in mobile tech (white paper)

Practical Android Debugging Via KGDB

We reverse engineered 16k apps, here's what we found (hardcoded secrets mostly) they also have an online tool

Very detailed description of hacking the Kyocera KC-S701(Russian)

LG G3 Arbitrary File Retrieval from Cloud Services

Trojanized Photo App on Google Play Signs Up Users for Premium Services

OnePlus 3/3T Bootloader Vulnerability Allows Changing of SELinux to Permissive Mode in Fastboot

Qualcomm releases whitepaper detailing pointer authentication on ARMv8.3 (whitepaper)

IoT mode fuzzing with OpenBTS

buy a BlackPhone for 120 Euros

Security conferences in 2017

Summary of Critical and Exploitable iOS Vulnerabilities in 2016

Switcher: Android joins the attack-the-router club

Cyanogen's Services Will Be Shutting Down (the commercial part of CyanoGen mode)

V3SPA: An Open Source Tool for Visually Analyzing and Diffing SELinux/SE for Android Security Policies

Project Zero exploit for iOS 10.1.1

OWASP Mobile Security Testing Guide (Work in Progress)

Android Banking Trojan Source Code Leaked Online, Leads to New Variation Right Away

A theme pack got you pwned with system privilege on Huawei's EMUI

Google Rolls Out Instant Apps Feature For Android: Download And Run Apps Without Installing Them

Open source 3GPP LTE library

fastboot oem sha1sum

Automating iOS blackbox security scanning (slides)

Meitu Android App TearDown

Hooking Android System Calls for Pleasure and Benefit

iOS9 iCloud backup retrieval proof of concept

Pixel bootlaoder exploit for reading flash storage

Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes

Wap Push bugs in Samsung Android phones

Virulent Android malware returns, gets >2 million downloads on Google Play

HIJACKING WHATSAPP ACCOUNTS USING WHATSAPP WEB

Security Analysis of the Telegram IM (a Master's Thesis)

Android Security Bulletin - January 2017

Classification of Smartphone Users Using Internet Traffic (paper)

LG posts January security bulletin ahead of Google with Android and LG-specific patches

Analysis of multiple vulnerabilities in AirDroid

Android banking Trojan asks victims to send selfies with ID cards

A Whale of a Tale: HummingBad Returns

iOS Dropbear SSH