...stuff I do and things I like...

Conferences

Black Hat Europe November, Amsterdam NL. ALL YOUR ROOT CHECKS BELONG TO US: THE SAD STATE OF ROOT DETECTION by Azzedine Benameur & Nathan Evans & Yun Shen. ANDROBUGS FRAMEWORK: AN ANDROID APPLICATION SECURITY VULNERABILITY SCANNER by Yu-Cheng Lin. AUTHENTICATOR LEAKAGE THROUGH BACKUP CHANNELS ON ANDROID by Guangdong Bai. FAUX DISK ENCRYPTION: REALITIES OF SECURE STORAGE ON MOBILE DEVICES by Daniel Mayer & Drew Suarez. FUZZING ANDROID: A RECIPE FOR UNCOVERING VULNERABILITIES INSIDE SYSTEM COMPONENTS IN ANDROID by Alexandru Blanda. LTE & IMSI CATCHER MYTHS by Ravishankar Borgaonkar & Altaf Shaik & N. Asokan & Valtteri Niemi & Jean-Pierre Seifert. TRIAGING CRASHES WITH BACKWARD TAINT ANALYSIS FOR ARM ARCHITECTURE by Dongwoo Kim & Sangwho Kim.

Secret Conference October 9th, NYC. Talks by Jon Callas and Dan Ford from Silent Circle / Blackphone.

Ruxcon October 24-25 Melbourne, Aus. TEAM PANGU on DESIGN, IMPLEMENTATION AND BYPASS OF THE CHAIN-OF-TRUST MODEL OF IOS. MARK DOWD on MALWAIRDROP: COMPROMISING IDEVICES VIA AIRDROP. JOSHUA KERNELSMITH SMITH on HIGH-DEF FUZZING: EXPLORING VULNERABILITIES IN HDMI-CEC. BABIL GOLAM SARWAR on HACK NFC ACCESS CARDS & STEAL CREDIT CARD DATA WITH ANDROID FOR FUN &PROFIT. COLBY MOORE on SPREAD SPECTRUM SATCOM HACKING: ATTACKING THE GLOBALSTAR SDS.

ToorCon San Diego October 24-25, San Diego, CA. The Phr3$h Pr1nc3 0f Bellk0r3 on Fuzzing GSM for fun and profit.

SyScan360i October 21-22 Beijing China. Fuzzing Android System Service by Binder Call to Escalate Privilege by Guang Gong.

PacSec November, Tokyo JP. BlueToot / BlueProx - when Bluetooth met NFC by Adam Laurie.

ZeroNights 25-26 November, Russia. Extracting the painful (Blue)tooth by Matteo Beccaro and Matteo Collura.

HP / ZDI will not run Mobile Pwn2Own at PacSec (in Japan) due to export restrictions. Source Dragos Ruiu. This is unfortunate.

Personal note: Since September I'm working for Square doing mobile security engineering. This blog will only be temporarily affected by the job switch as I get settled I will return to more then one post per month.

Links

Motorola Marketed The Moto E 2015 On Promise Of Updates, Is Now Apparently Ending Them After 219 Days

ANDROID PAY: PROXY NO MORE Super interesting post on the insides of Android Pay and Google Wallet

iOS 9 code vulnerability lets hackers steal thousands of dollars worth of in-app purchases

XcodeGhost Source

AndFix is a library that offer hot-fix for Android App. some parts looks very very similar to PatchDroid. I have to look closer at this.

Announcing Android Vulnerability Test Suite

PoC code for 32 bit Android OS - ping pong root

Android 5.x Lockscreen Bypass (CVE-2015-3860)

Defeating SSL Pinning in Coin's Android Application

Assessing Android Applications Using Command-Line Fu (slides)

The Latest on Stagefright: CVE-2015-1538 Exploit is Now Available for Testing Purposes

SunShine - The #1 Bootloader Unlock tool For Your HTC or Motorola Smartphone! not new but not too many people know about this

DexHunter General Automatic Unpacking Tool for Android Dex Files

SafetyNet Helper wraps the Google Play Services SafetyNet.API and verifies Safety Net API response with the Android Device Verification API.

SafetyNet: Google's tamper detection interesting insights in the on-device parts of SafetyNet.

Zimperium zLabs is Raising the Volume: New Vulnerability Processing MP3/MP4 Media.

baksmali 2.1

The Nexus 5X And 6P Have Software-Accelerated Encryption, But The Nexus Team Says It's Better Than Hardware Encryption

Android Now Shows Your Device's "Android Security Patch Level" In Marshmallow

The road to efficient Android fuzzing

An IDA Pro based Dex Dumper plugin

Kernel Vulnerabilities in the Samsung S4

Mobile Security Challenge Organized by Alibaba

Ruminations on App CVEs

Spoofing and intercepting SIM commands through STK framework (Android 5.1 and below) (CVE-2015-3843)

DexHook is a small xposed module for hooking BaseDexClassLoader and capturing dynamically loaded jars/dex files without interfering with the normal run of the application.

Android M Begins Locking Down Floating Apps, Requires Users To Grant Special Permission To Draw On Other Apps

Hack Brief: Upgrade to iOS 9 to Avoid a Bluetooth iPhone Attack

Android Security Symposium - all slides online

Unbillable: Exploiting Android In App Purchases by Alfredo Ramirez at Derbycon 2015 I haven't watched this yet.

The problems with JNI obfuscation in the Android Operating System by Rick Ramgattie at Derbycon 2015 Haven't watched this yet.