openPR Logo
Press release

Pwned by Phone – Vulnerabilities in Apple’s iPhone and Next Generation Mobile Networks

03-30-2011 01:30 PM CET | IT, New Media & Software

Press release from: HITB

HITBSecConf2011 - Amsterdam

HITBSecConf2011 - Amsterdam

Utrecht, The Netherlands, 30 March 2011 – On the 17th till the 20th of May the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Back deep knowledge security conference, HITB2011AMS. Bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this years conference has an agenda packed with iPhone and iOS security goodies plus a very special look into hacking the 3G and 4G mobile networks that tomorrow’s smart phones will be running on.

With increased power and storage capabilities, today’s smartphones are a prime target for forensics investigators and Apple’s iPhone is certainly no exception. In 2008, Jonathan Zdziarski introduced a bit-by-bit copy technique to duplicate an iPhone’s data partition, by booting a custom ramdisk through BootROM DFU mode exploits. In a segment titled iPhone Data Protection In-Depth Jean-Baptiste Bédrune and Jean Sigwald or Sogeti ESEC will look into the passcode system used on the iPhone and will demonstrate a simple bruteforce attack running off a custom ramdisk which results in complete bypass of an iPhone4′s security in less than 20 minutes. While Bédrune and Sigwald cover attacks against the iPhone from a forensics standpoint, Laurent Oudot of TEHTRI Security will focus instead on attacks against iPhone users in a talk titled iNception – Planting and Extracting Sensitive Data From Your iPhone’s Subconscious. Outdot plans to disclose a new attack which combines physical security issues, social engineering & web threats to allow an attacker to steal the credentials of any installed application (Facebook / Twitter / Paypal etc).

Apple has certainly not been sitting idle when it comes to securing their iOS platform and Stefan Esser of SektionEins GmbH will be discussing their newly introduced ASLR (address space layout randomization) implementation in iOS 4.3 which aims to make it more difficult for an attacker to predict target memory addresses. Esser will explain the strength and weaknesses in Apple’s ASLR and also show how with the right vulnerabilities any ASLR protection cannot stop successful exploitation.

To top things off in the mobile security space, a presentation on Attacking 3G and 4G Telecommunication Networks by Enno Rey and Daniel Mende of ERNW will look into the security of GTP or the GPRS Tunneling Protocol. Given that the 3GPP standard mandates that GTP should never be accessible from the Internet their talk will prove that things are never quite as they seem. In addition, an attack based on the GTP protocol will be demoed and a GTP scanning tool to identify entry points into the mobile telecommunication networks will be released to conference attendees.

For further event details please see http://conference.hitb.nl/hitbsecconf2011ams/

HITBSecConf is run as a community-backed not-for-profit effort endorsed by the Malaysian Communications and Multimedia Commission (MCMC), Malaysian National Computer Confederation (MNCC), Multimedia Development Corporation (MDeC), MSC Malaysia and the Malaysian International Chamber of Commerce and Industry (MICCI).

Suzanne Heerschop
Media Officer

Hack In The Box
Suite 26.3, Level 26, Menara IMC,
No. 8 Jalan Sultan Ismail.
50250 Kuala Lumpur,
Malaysia

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release Pwned by Phone – Vulnerabilities in Apple’s iPhone and Next Generation Mobile Networks here

News-ID: 168804 • Views:

More Releases from HITB

HITBSecConf2012 - Amsterdam brings new hackathon, Capture The Flag and keynotes by Bruce Schneier and Andy Ellis
HITBSecConf2012 - Amsterdam brings new hackathon, Capture The Flag and keynotes …
Amsterdam, The Netherlands, 1 February 2012 – Hack In The Box Security Conference is back again in Amsterdam this year for the European leg of its annual circuit. From the 21st to the 25th of May, this deep knowledge security conference will once again bring together a unique mix of security professionals, independent researchers, government and law enforcement officials and members of the hacker underground. This year’s event
Credit Card Skimming and Pin Harvesting in an EMV World
Credit Card Skimming and Pin Harvesting in an EMV World
Utrecht, The Netherlands, 26 April 2011 – On the 17th till the 20th of May, the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Box deep knowledge security conference, HITB2011AMS. In addition to bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this year’s conference also includes a new presentation on EMV security issues. A joint
OpenLeaks Exclusive and Closing Keynote by Richard Thieme Await HITB2011AMS Attendees
OpenLeaks Exclusive and Closing Keynote by Richard Thieme Await HITB2011AMS Atte …
Utrecht, The Netherlands, 13 April 2011 – On the 17th till the 20th of May the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Box deep knowledge security conference, HITB2011AMS. Bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this years event will not only cover the next generation of attack and defence methods but attendees
Protection From Next Generation Web Attacks is Going to Take More Than Just SSL
Protection From Next Generation Web Attacks is Going to Take More Than Just SSL
Utrecht, The Netherlands, 23 March 2011 – On the 17th till the 20th of May the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Back deep knowledge security conference, HITB2011AMS. Bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this years conference will yet again provide attendees with an inside look at the next generation of

All 5 Releases


More Releases for Amsterdam

UNIQLO Netherlands and the Amsterdam Fashion Academy honour 750 years of Amsterd …
In celebration of Amsterdam's 750th anniversary, UNIQLO Netherlands and the Amsterdam Fashion Academy have teamed up once again. The project challenged the first-year Bachelor's with Honours Fashion Design students to upcycle UNIQLO stock inspired by 750 years of creativity, culture and innovation in Amsterdam. Four winning groups have been selected by the expert jury of UNIQLO Netherlands and Atelier Reservé to showcase their collections from June 23rd in the shop
Deliverability Summit: Announce 2025 Amsterdam Event Dates
The Deliverability Summit 2025 is set to return to Amsterdam on April 24-25, bringing together global email deliverability professionals for an unmatched event in the heart of Europe. This year's summit proudly announces Postmastery as the Headline Sponsor and GreenArrow as the Platinum Sponsor, underscoring the event's pivotal role in shaping the future of email delivery. Returning for its fifth year, the Deliverability Summit has become the premier gathering for strategists,marketers,
Best Exhibition Stand Design Company in Amsterdam
Messe Masters is a prominent company in the industry of exhibition stand design and construction in Stuttgart. The company has a rich legacy and years of experience. Messe Masters is now a go-to choice for exhibitors seeking a top-notch exhibition stand design company in Amsterdam for their exhibiting needs. The expertise and reputation speak for themselves, which make Messe Master a premier destination for those in need of exhibiting services
ColossusCloud announces its new Amsterdam location
ColossusCloud, a leading provider of Linux and Windows virtual servers, announces that its platform is now available in the city of Amsterdam, Netherlands. "It is our entry into the rapidly expanding European market. We've positioned ColossusCloud right next to one of Europe's leading Internet traffic exchanges in order to provide the highest in network performance. Along that, our Amsterdam location is fully SSD powered, along with Xeon E5 servers and full
Lawyer Robert Amsterdam Needs Discharge of Mikhail khodorkovsky
Just before night time, in the magnificent Moscow Hyatt, a few roads through Red-colored Sq., the noisy knocking shaken the actual United states attorney mindful. Robert Amsterdam noticed gruff seems, difficult fists impressive their doorway as though trying to split this lower, after which a guy shouting within British. “Moscow law enforcement. Open!” He or she had been position, without runners, gentle going in the vodka he’d consumed along with
Robert Amsterdam Best Attorney
Lately Amsterdam & Peroff promoted which they have been employed because lawful experts in order to prior PM associated with Thailand Thaksin Shinawatra, to assist in our good problem for that rebirth associated with democracy as well as unsafe effects of regulation within the Southeast Hard anodized cookware nation. "We tend to be thrilled to become maintained through PM Shinawatra to work about this immediate issue, and that we take