We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

This is REALLY not the Droid you're looking for...

3
 Zitieren
 Teilen
 Herunterladen
 Bestellen
Kein Logo verfügbarDEF CON
 Percoco, Nicholas J. Schulte, Sean

Formale Metadaten

Titel
This is REALLY not the Droid you're looking for...
Serientitel
Anzahl der Teile
122
Autor
Lizenz
CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
Identifikatoren
Herausgeber
Erscheinungsjahr
Sprache

Inhaltliche Metadaten

Fachgebiet
Genre
Abstract
Last year, we presented a talk on the implication of malware and rootkits on mobile devices. We focused on the kernel layer of the Android OS stack. With the proliferation of Apps of every size, shape and color being published this year, we focused solely upon the User Interface (UI) of the Android OS. The results of our research yielded a very dangerous flaw that is likely going to require a UI overhaul of the Android OS. Our talk will demonstrate a technique using legitimate and documented APIs to steal credentials and other user information from the most popular Apps in the Android Market. We will demo this technique live and provide a technical walkthrough of the specific methods being used. At the conclusion of our talk, we'll release a Proof of Concept (PoC) built to demo this technique. Nicholas J. Percoco Senior Vice President and Head of SpiderLabs at Trustwave With more than 14 years of information security experience, Percoco is the lead security advisor to many of Trustwaveps premier clients and assists them in making strategic decisions around security compliance regimes. He leads the SpiderLabs team that has performed more than 1000 computer incident response and forensic investigations globally, run thousands of penetration and application security tests for clients, and conducted security research to improve Trustwave's products. Percoco and his research has been featured by many news organizations including: The Washington Post, eWeek, PC World, CNET, Wired, Hakin9, Network World, Dark Reading, Fox News, USA Today, Forbes, Computerworld, CSO Magazine, CNN, The Times of London, NPR and The Wall Street Journal. Twitter: c7five Sean Schulte Software Engineer, Trustwave Sean is an engineer at Trustwave who works primarily with Java and Ruby. He is responsible for building external APIs such as the SSL reseller API, and internal APIs including a Google Safe Browsing blacklist along with the infrastructure to support various SSL services. In his spare time he maintains an unpopular, but feisty, baseball blog. Twitter: sirsean