| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Smartphones are hot, like a server from 1995, public ip address (phone number) and sending all it’s data over telnet (unencrypted). Add in apps with your passwords and credit card and, you’ve got a way for a bunch of kids to get famous. This presentation is all about plausible mitigations that smartphone and app providers could adopt to mitigate attacks we’ve seen at conferences and in the wild. Can I completly fix smartphone security in 50 minutes or less? No, but in this talk I address specific risks that have been exploited either in the wild or in previous papers and talks, and discuss ways they can be mitigated given what the smartphones already have going for them. For example did you know most of the data you send over the cell provider network is encoded not encrypted? Yet the base smartphone OS has openssl installed. So here’s some code that provides end to end encrpytion for your text messages without even breaking the telecom SMS specficiations. As for the smartphone that acts like a credit card so you buy your Starbucks, if you want it to be secure, I still say throw it in the river.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast