The Nightmare Behind the Cross Platform Mobile Apps Dream

Presented at Black Hat Asia 2015, Unknown date/time (Unknown duration)

A large part of the mobile applications in the store are developed leveraging frameworks for cross platform development, in order to code once and run on every mobile platform. But are those frameworks secure or is the developer trading off security for ease of development?

We will explore and analyze the most popular cross platform frameworks for mobile development, exposing the vulnerabilities found in them, and detail how serious the implications are of using them in terms of security.


Presenters:

  • Sebastian Guerrero - NowSecure
    Sebastian Guerrero Selma's work includes research in mobile security and web security, developing tools and techniques for vulnerability assessment and post-exploitation of mobile devices and applications, reverse engineering embedded platforms and mobile platforms, making his job his passion. In the last few years, he has spoken at several security conferences such as: RootedCON, NoConName, RSA, to mention a few of them. His work has been recognized and listed him on several Hall of Fame Walls including Facebook, Google, Instagram, eBay, Adobe, Tuenti and Firefox. In addition to his regular job, he enjoys photography, reverse engineering, embedded hardware, vulnerability research and sci-fi.
  • Marco Grassi - NowSecure
    At the end of 2012, I started working at NowSecure (formerly viaForensics) as a R&D Team member, where I researched and developed solutions for products, and did reverse engineering/pentesting/vulnerability research in Mobile OS, applications, and devices. As a personal interest, I develop embedded systems and electronic systems.

Links:

Similar Presentations: