Mobile phone operating systems and other applications talk to other servers behind users' back all the time. I will discuss how to leverage those channels by network-level and state-level attackers leading to phone crashes, and further steps towards full exploitation. I will also discuss several related vulnerabilities in non-OS applications that are similar, and implications for users and developers.

I am technology generalist focused on solving problems. Some of things I have done include: developing visual SQL tools, contributing to mobile apps to help people get healthier, and helping non-profits preserve books. I also participated in the development of many anti-spam standards used today (SPF and DomainKeys), and created the Abuse Reporting Format (ARF - RFC 5965) used for exchanging spam reports by most ISPs today. Among other things I authored RFC 4180 which documents the CSV format. I dabble in security and contribute regularly to the Nightwatch Cybersecurity Research blog (https://wwws.nightwatchcybersecurity.com/blog/).

Recorded at BSides Philly 2016