Wednesday, February 24, 2010

Smartphone Security - Part 3

Lots of researchers are working on the same hot topic, here is another paper presented few hours ago in HotMobile 2010, the researchers presented 3 proof-of-concept rootkits that can be used for various malicious use.

I was surprised that Android has 20 million lines of code, adding the external interfaces of the mobile such as GPS, Camera, voice, mic, sms, etc.., things are really getting more complex.

Slides are available here, and an updated slides in Blackhat 2010 is also available here.

Check the recent presentations on Smartphone Security part 1 and part 2.

Thursday, February 18, 2010

Smartphone Security - Part 2

Another alarming presentation from Shmoocon 2010, discussing Blackberry spyware is now available online. The presentation gives an example of what happened in Etisalat Trojan in 2009, and raises lots of issues as written in the conclusion part:

- Mobile spyware is trivial to write
- Minimal methods of real time eradication or detection of spyware type activities
- Security model of mobile platforms too loose
- No easy/automated way to confirm for ourselves what the applications are actually doing
- We are currently trusting the vendor application store provider for the majority of our mobile device security.

A proof of concept spyware demonstrated how it can be used to dump contacts and messages, intercept text messages, eavesdrop on the room, report on phone usage, and monitor GPS data.

Slides are available here, and the demo is here.
They have also an updated presentation in SOURCE Boston 2010, check it here.

Check the previous post on Smartphone security , and check the smartphone market share by platform.

Wednesday, February 17, 2010

Smartphone Security

In the Shmoocon 2010 conference, an interesting presentation on smartphone security is now available on line.

Jail broken iPhones have lots of risks, with default root password and default services enabled, scanning the mobile network revealed lots of interesting services making them easily hacked. The presenter gives some sample applications that can be installed on the hacked device remotely to enable the mic, record audio, spy on emails, sms, browsing, or get the location of the phone, ....etc

check the slides and the video.

There are some concerns that Apple might block all jailbroken phones from accessing the app store, they start banning iPhone hackers as mentioned in TheRegister article about an Egyptian iPhone baseband hacker (and Neurosurgeon) called Sherif Hashim that was banned with another hacker from app store after developing a hack for the latest iPhone OS 3.1.3.

Monday, February 15, 2010

Thursday, February 11, 2010

Materials, Internet Early Warning and Network Intelligence, EWNI 2010

EWNI 2010 was held in Hamburg, Germany, few weeks ago. This kind of focused events are worth attending, I was there in -15 degrees, anyway check the slides here.

Sunday, February 7, 2010

Saturday, February 6, 2010

Materials, SANS Forensics Summit, 2009

If you missed out SANS Forensics Summit few months ago, it is never too late to check out the presentations available online here.

Monday, February 1, 2010

Botnet Detection with Network Anomaly Detection

Botnet detection using Network Anomaly Detection has some strengths and weaknesses, Damballa blog discussed some interesting points, and came up with a conclusion that NAD has a minor role to play in botnet detection and mitigation due to the new trends in botnets.