Presented at
Black Hat USA 2016,
Aug. 3, 2016, 10:20 a.m.
(50 minutes).
Before we dive into specific mobile vulnerabilities and talk as if the end times are upon us, let us pop the stack and talk about how the mobile environment works as a whole. We will explore the assumptions and design paradigms of each player in the overall mobile space, along with the requirements and inheritance problems they face. The value of this approach is that it allows us to understand and couch the impacts and implications of all mobile vulnerabilities, be it bugs existing today or theoretical future vulnerabilities. The approach also allows us to catalogue all the design assumptions made and search for any generalized logical flaws that could serve as a lynchpin to undermine the entirety of mobile security and trust.
This talk focuses on the entirety of the mobile ecosystem, from the hardware components to the operating systems to the networks they connect to. We will explore the core components across mobile vendors and operating systems, focusing on bugs, logic, and root problems that potentially effect all mobile devices. We will discuss the limitations of mobile trusted computing and what can be done to protect both your data and the devices your data reside on. From the specific perspectives of trusted computing and hardware integrity, there are a handful of smartphone hardware platforms on the market. OEMs are constrained to release devices based on selecting and trusting one of these platforms. If a skilled attacker can break trust at the hardware level, the entire device becomes compromised at a very basic (and largely undetectable) level. This talk is about how to break that trust.
Presenters:
-
Josh Thomas / m0nk
- Atredis Partners
as Josh Thomas
Josh Thomas began his career 14 years ago in network administration and software development. Prior to moving his focus primarily to security, Josh wrote Artificial Intelligence and cryptographic solutions for the Department of Defense. Josh has extensive hands on knowledge of mobile devices and cellular infrastructure. He is also dedicated to hardware reverse engineering and embedded device exploitation. Josh most recently was a Senior Research Scientist with Accuvant's Applied Research team, and has worked as a Senior Research Developer at The MITRE Corporation. At MITRE, Josh performed analyses of the Android, Apple, Symbian and BlackBerry security models as well as other non-mobile embedded platforms and worked closely with the vendors and project sponsors. Josh also developed an open-source mesh networking solution for Smart phone communications that bypasses the need for physical infrastructure, performed advanced spectrum analysis for cleared communications, and designed a secure satellite communications system required to handle the most sensitive communications possible while also being resilient against the highest levels of waveform interference. Prior to his tenure at The MITRE Corporation, Josh developed Artificial Intelligence and embedded cryptographic solutions for General Dynamics and other organizations. Josh projects including the design and development of robust routing architecture for UAV/UGV autonomous vehicles, battlefield troop movement predictive scenario generation, and creation of mathematical models the controlled de-orbit and reentry of the Mir Space Station.
-
Shawn Moyer
- Atredis Partners
Shawn Moyer is a Founding Partner at Atredis Partners, a private security research and software security consultancy created with frequent Black Hat speakers Josh Thomas and Nathan Keltner, performing on-spec vulnerability research and reverse engineering as well as advanced penetration testing for clients all over the world. Shawn has been involved professionally in information security for 20 years, and unprofessionally for longer than he'd care to admit. Shawn's most recent work has focused on mobile and embedded security, as well as continued work with Smart Grid, SCADA, and other industrial technologies. Previously, Shawn created the Applied Research at Accuvant Labs, helped launch the Penetration Testing practice at FishNet Security, and has written on emerging threats and other topics for Information Security Magazine and ZDNet. Shawn's research has been featured in the Washington Post, BusinessWeek, NPR, and the New York Times, as well as countless other industry publications. Shawn has been a very frequent speaker at the Black Hat Briefings, and has been an invited speaker at other notable security conferences in the US, China, Canada, and Japan. Shawn has been a member of the Black Hat Briefings Review Board since 2008.
Links:
Similar Presentations: