Pwned by Phone – Vulnerabilities in Apple’s iPhone and Next Generation Mobile Networks
With increased power and storage capabilities, today’s smartphones are a prime target for forensics investigators and Apple’s iPhone is certainly no exception. In 2008, Jonathan Zdziarski introduced a bit-by-bit copy technique to duplicate an iPhone’s data partition, by booting a custom ramdisk through BootROM DFU mode exploits. In a segment titled iPhone Data Protection In-Depth Jean-Baptiste Bédrune and Jean Sigwald or Sogeti ESEC will look into the passcode system used on the iPhone and will demonstrate a simple bruteforce attack running off a custom ramdisk which results in complete bypass of an iPhone4′s security in less than 20 minutes. While Bédrune and Sigwald cover attacks against the iPhone from a forensics standpoint, Laurent Oudot of TEHTRI Security will focus instead on attacks against iPhone users in a talk titled iNception – Planting and Extracting Sensitive Data From Your iPhone’s Subconscious. Outdot plans to disclose a new attack which combines physical security issues, social engineering & web threats to allow an attacker to steal the credentials of any installed application (Facebook / Twitter / Paypal etc).
Apple has certainly not been sitting idle when it comes to securing their iOS platform and Stefan Esser of SektionEins GmbH will be discussing their newly introduced ASLR (address space layout randomization) implementation in iOS 4.3 which aims to make it more difficult for an attacker to predict target memory addresses. Esser will explain the strength and weaknesses in Apple’s ASLR and also show how with the right vulnerabilities any ASLR protection cannot stop successful exploitation.
To top things off in the mobile security space, a presentation on Attacking 3G and 4G Telecommunication Networks by Enno Rey and Daniel Mende of ERNW will look into the security of GTP or the GPRS Tunneling Protocol. Given that the 3GPP standard mandates that GTP should never be accessible from the Internet their talk will prove that things are never quite as they seem. In addition, an attack based on the GTP protocol will be demoed and a GTP scanning tool to identify entry points into the mobile telecommunication networks will be released to conference attendees.
For further event details please see http://conference.hitb.nl/hitbsecconf2011ams/
HITBSecConf is run as a community-backed not-for-profit effort endorsed by the Malaysian Communications and Multimedia Commission (MCMC), Malaysian National Computer Confederation (MNCC), Multimedia Development Corporation (MDeC), MSC Malaysia and the Malaysian International Chamber of Commerce and Industry (MICCI).
Hack In The Box
Suite 26.3, Level 26, Menara IMC,
No. 8 Jalan Sultan Ismail.
50250 Kuala Lumpur,
This release was published on openPR.
Permanent link to this press release:
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Pwned by Phone – Vulnerabilities in Apple’s iPhone and Next Generation Mobile Networks here
News-ID: 168804 • Views: 3596
More Releases from HITB
HITBSecConf2012 - Amsterdam brings new hackathon, Capture The Flag and keynotes …
Amsterdam, The Netherlands, 1 February 2012 – Hack In The Box Security Conference is back again in Amsterdam this year for the European leg of its annual circuit. From the 21st to the 25th of May, this deep knowledge security conference will once again bring together a unique mix of security professionals, independent researchers, government and law enforcement officials and members of the hacker underground. This year’s event
Credit Card Skimming and Pin Harvesting in an EMV World
Utrecht, The Netherlands, 26 April 2011 – On the 17th till the 20th of May, the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Box deep knowledge security conference, HITB2011AMS. In addition to bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this year’s conference also includes a new presentation on EMV security issues. A joint
OpenLeaks Exclusive and Closing Keynote by Richard Thieme Await HITB2011AMS Atte …
Utrecht, The Netherlands, 13 April 2011 – On the 17th till the 20th of May the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Box deep knowledge security conference, HITB2011AMS. Bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this years event will not only cover the next generation of attack and defence methods but attendees
Protection From Next Generation Web Attacks is Going to Take More Than Just SSL
Utrecht, The Netherlands, 23 March 2011 – On the 17th till the 20th of May the Grand Krasnapolsky in Amsterdam will be home to the second annual Hack In The Back deep knowledge security conference, HITB2011AMS. Bringing together a unique mix of security professionals, researchers, law enforcement and members of the hacker underground, this years conference will yet again provide attendees with an inside look at the next generation of
More Releases for Amsterdam
Fairmas expands with company representation in Amsterdam
Ellen Huerst represents Berlin-based hotel software developer Fairmas in Benelux April 27, 2018: Ellen Huerst, co-founder of PowerYourRoom, takes over the representation of Fairmas GmbH in the Benelux region with immediate effect. With this, Fairmas GmbH is taking another important step in the direction of expansion with the aim to further increase its international presence in the highly specialized niche market of the hotel industry. Since its foundation in Berlin in
ColossusCloud announces its new Amsterdam location
ColossusCloud, a leading provider of Linux and Windows virtual servers, announces that its platform is now available in the city of Amsterdam, Netherlands. "It is our entry into the rapidly expanding European market. We've positioned ColossusCloud right next to one of Europe's leading Internet traffic exchanges in order to provide the highest in network performance. Along that, our Amsterdam location is fully SSD powered, along with Xeon E5 servers and full
Innovative Technology celebrate 20th anniversary in Amsterdam
Staff from Oldham based, bank note validator manufacturer Innovative Technology Ltd (ITL) were in Amsterdam earlier this month celebrating the company’s 20th anniversary. Staff from ITL’s European offices (the UK, Germany and Spain) met for a celebratory weekend to mark the company’s 20 ‘Years of Innovation’. Marketing Executive, Dayna Patterson from the UK office said “Everyone had a brilliant weekend, sightseeing and socialising. It is not often we can get together
Robert Amsterdam Best Attorney
Lately Amsterdam & Peroff promoted which they have been employed because lawful experts in order to prior PM associated with Thailand Thaksin Shinawatra, to assist in our good problem for that rebirth associated with democracy as well as unsafe effects of regulation within the Southeast Hard anodized cookware nation. "We tend to be thrilled to become maintained through PM Shinawatra to work about this immediate issue, and that we take
Port of Amsterdam connected to the Betuweroute
As of this week the Port of Amsterdam will be connected to the Betuweroute, a dedicated cargo rail track towards Germany and into Europe. This means the port has managed to efficiently expand its railway connections to the hinterland. This week the railway connection to the Betuweroute near Meteren/Geldermalsen, which is intended for the city of Amsterdam, has been taken into operation. It is a significant milestone in strengthening the
Blender Conference 2006 in Amsterdam
area42 – Agentur & Systempartner, development and solution partner of Bitmanagement Software GmbH, will be presenting at the international Blender Conference 2006 in Amsterdam (20.10.-22.10) a new version of the “BS Exporter for Blender” of Bitmanagement. In his workshop “Using Blender for creating impressive Web3D content based on the open standards X3D and VRML” (21.10. „New Technologies Session“) Eckhard M. Jäger, Creative Director of area42, will show how easy it is