SlideShare a Scribd company logo

Mobile Securty - An Oxymoron?

M
morisson

Mobile devices are becoming the favored location for storing and doing everything we need, anywhere we want. From personal email, to company confidential information, including the social networks, location services and even online banking - we are storing our lives on mobile devices. Is all of this information secure, or are we now facing some of the same problems we faced before in personal computing ? Have we learned something? During this talk we discuss the most common problems affecting mobile devices, from Layer 1 to Layer 7. From poor GSM encryption, to poor application development, and everything in between. What are the risks? Are there solutions? https://codebits.eu/intra/s/session/219

TechnologyBusiness
1 of 91
Mobile Security An Oxymoron? Pedro  Cabrita  <pfcabrita@gmail.com>   Bruno  Morisson    <morisson@genhex.org>  
About  us   Pedro  Cabrita   Bruno  Morisson   <pfcabrita@gmail.com>   <morisson@genhex.org>   h>p://genhex.org/~mori/   •  Principal  Consultant  and  Partner  @   •  Infosec  Consultant  &  Partner  @  BiAHEAD;   INTEGRITY  S.A.;   •  Working  in  InformaSon  Security  for  the   •  Working  in  infosec  for  over  12  years;   past  11  years;     •  In  a  past  life,  Security  OperaSons  Manager   •  About  10  years  working  @  a  financial   and  Senior  Infosec  Consultant  @  a  private   insStuSon;   telco;     •  I  do  mainly  PenTesSng  for  living  (and  have   •  Did  Sme  as  a  developer  (C/C++);   fun);   Also:  secure  coding  guidelines  &  reviews;   •  CISSP-­‐ISSMP,  CISA,  ISO27k1LA,  ITILv3,  …   reverse  engineering;  risk  assessments;   audits…    and  other  security  related  stuff!   •  MSc  InformaSon  Security  student  @  Royal     Holloway,  University  of  London   •  CISSP   •  But  life  isn’t  all  about  security…    
What  is  Mobile  Security  ?  
InformaSon  
Why  do  we  care  ?  
Approach  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Thinking  security…   •  What  can  someone  do  with  momentarily   physical  access  to  my  device  ?   •  How  secure  is  my  informaSon  if  my  device  is   lost/stolen  ?   •  What  else  can  go  wrong  ?  
Demo  
h>p://lifehacker.com/5811383/these-­‐are-­‐the-­‐most-­‐common-­‐lockscreen-­‐pins-­‐and-­‐you-­‐should-­‐avoid-­‐using-­‐them  
h>p://www.whispersys.com/screenlock.html  
h>p://electronicspyeye.info/your-­‐fingers-­‐are-­‐greasy-­‐giving-­‐up-­‐your-­‐android-­‐password/  
h>p://stream.pleated-­‐jeans.com/post/8575021665/password-­‐acquired?e6abb3a8  
Filesystem  
Juice  Jacking  
h>p://www.pcworld.com/arScle/238499/charging_staSons_may_be_juicejacking_data_from_your_cellphone.html  
h>p://krebsonsecurity.com/2011/08/beware-­‐of-­‐juice-­‐jacking/  
Bo>om  line…   •  If    someone  has  physical  access  to  the   device...  GAME  OVER!   •  Turn  on  security  features  (encrypSon,   authenScaSon,  remote  wipe/lock)   •  Choose  an  appropriate  PIN   •  Wash  your  hands  frequently   •  Don’t  connect  it  anywhere...  except  home!  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Thinking  security…   •  Is  my  informaSon  transmi>ed  securely?   •  Can  someone  eavesdrop  my  communicaSons?  
GSM   ...is  broken!  
GSM   Professional  equipment   US$75.000  
GSM   USRP   US$1.500   h>p://openbts.sourceforge.net/  
GSM   Old  phone   Priceless   h>p://openbts.sourceforge.net/  
GSM   Old  phone   Priceless   US$10   h>p://openbts.sourceforge.net/  
Bo>om  line…   Don’t  trust  the  link  layer    J  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Thinking  security…   •  Do  applicaSons  transmit  data  securely  ?   •  What  data  ?   •  Can  someone  intercept  it  ?  
h>p://www.theregister.co.uk/2011/05/16/android_impersonaSon_a>acks/  
h>p://support.apple.com/kb/HT4824  
Bo>om  line…   •  Lots  and  lots  of  apps  send  informaSon  in  clear   •  Some  apps  handle  SSL  errors  really  badly…   •  Bugs  in  the  underlying  OS       CHAOS  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Thinking  security…   •  How  do  security  issues  affect  the  OS  ?   •  Is  it  updated  ?   •  For  how  long  ?   •  Does  it  do  anything  should  know  about  ?  
h>p://www.pcworld.com/businesscenter/arScle/239607/diginotar_cerSficates_are_pulled_but_not_on_smartphones.html  
h>p://www.zdnet.com/blog/london/-­‐8216hacked-­‐server-­‐claims-­‐another-­‐cerSficate-­‐authority-­‐casualty/596  
h>p://threatpost.com/en_us/blogs/new-­‐ios-­‐bug-­‐lets-­‐apps-­‐run-­‐unsigned-­‐code-­‐110711  
h>ps://twi>er.com/#!/dinodaizovi/status/133705807157145600  
h>p://corte.si/posts/security/openfeint-­‐udid-­‐deanonymizaSon/index.html  
h>p://corte.si/posts/security/openfeint-­‐udid-­‐deanonymizaSon/index.html  
Bo>om  line…   •  Difficult  (impossible?)  to  keep  updated   •  “secret”  features  reveal  private  informaSon   •  Encourages  uploading  private  informaSon  to   the  “cloud”   •  Insecure  default  configuraSons   However,  they  do  provide  interesSng  security   features  
Users   Applica4ons   OS   Transport   Transmission   Physical  
Thinking  security…   •  How  do  applicaSons  handle  security  ?   •  Do  they  store  informaSon  securely  ?   •  What  informaSon  do  they  share  ?   •  Are  the  markets/app  stores  safe  ?  
OWASP  Top  10  Mobile  Risks   Release  Candidate  v1.0   •  Insecure  Data  Storage   •  Weak  Server  Side  Controls   •  Insufficient  Transport  Layer  ProtecSon   •  Client  Side  InjecSon   •  Poor  AuthorizaSon  and  AuthenScaSon   •  Improper  Session  Handling   •  Security  Decisions  Via  Untrusted  Inputs   •  Side  Channel  Data  Leakage   •  Broken  Cryptography   •  SensiSve  InformaSon  Disclosure   h>ps://www.owasp.org/index.php/OWASP_Mobile_Security_Project  
h>p://threatpost.com/en_us/blogs/wells-­‐fargo-­‐boa-­‐cited-­‐lax-­‐mobile-­‐app-­‐security-­‐110510  
h>p://www.androidpolice.com/2011/10/01/massive-­‐security-­‐vulnerability-­‐in-­‐htc-­‐android-­‐devices-­‐evo-­‐3d-­‐4g-­‐thunderbolt-­‐others-­‐exposes-­‐phone-­‐numbers-­‐gps-­‐sms-­‐ emails-­‐addresses-­‐much-­‐more/  
h>ps://superevr.com/blog/2011/xss-­‐in-­‐skype-­‐for-­‐ios/  
h>p://www.androidpolice.com/2011/04/14/exclusive-­‐vulnerability-­‐in-­‐skype-­‐for-­‐android-­‐is-­‐exposing-­‐your-­‐name-­‐phone-­‐number-­‐chat-­‐logs-­‐and-­‐a-­‐lot-­‐more/  
h>p://www.androidpolice.com/2011/04/14/exclusive-­‐vulnerability-­‐in-­‐skype-­‐for-­‐android-­‐is-­‐exposing-­‐your-­‐name-­‐phone-­‐number-­‐chat-­‐logs-­‐and-­‐a-­‐lot-­‐more/  
Markets  and  App  Stores  
h>p://www.darkreading.com/insider-­‐threat/167801100/security/vulnerabiliSes/228201093/google-­‐issuing-­‐fix-­‐for-­‐latest-­‐android-­‐vulnerability-­‐disclosure.html  
h>p://news.cnet.com/8301-­‐27080_3-­‐10446402-­‐245.html  
h>p://threatpost.com/en_us/blogs/new-­‐ios-­‐bug-­‐lets-­‐apps-­‐run-­‐unsigned-­‐code-­‐110711  
h>p://www.kaspersky.co.uk/news?id=207576416  
h>p://www.darkreading.com/authenScaSon/167901072/security/news/231500422/gingermaster-­‐is-­‐first-­‐malware-­‐to-­‐uSlize-­‐a-­‐root-­‐exploit-­‐on-­‐android-­‐2-­‐3.html  
Other  Malicious  Soyware  
h>p://www.securelist.com/en/analysis/204792194/ZeuS_in_the_Mobile_Facts_and_Theories  
h>p://www.securelist.com/en/analysis/204792194/ZeuS_in_the_Mobile_Facts_and_Theories  
h>p://www.securelist.com/en/analysis/204792194/ZeuS_in_the_Mobile_Facts_and_Theories  
h>p://www.securelist.com/en/analysis/204792194/ZeuS_in_the_Mobile_Facts_and_Theories  
h>p://www.securelist.com/en/analysis/204792194/ZeuS_in_the_Mobile_Facts_and_Theories  
h>p://www.securelist.com/en/analysis/204792194/ZeuS_in_the_Mobile_Facts_and_Theories  
Bo>om  line…   •  Apps  are  leaking  private  informaSon   •  InformaSon  is  not  stored  securely   •  Have  security  vulnerabiliSes   •  Some  include  malware   •  Android  malware  is  on  the  rise   •  Apps  circumvent  security  features   •  ValidaSng  apps  is  not  enough  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Given  a  choice  between  dancing  pigs  and   security,  users  will  pick  dancing  pigs  every  8me   Gary  McGraw  and  Edward  Felten:  Securing  Java  (John  Wiley  &  Sons,  1999;  ISBN  0-­‐471-­‐31952-­‐X),   Chapter  one,  Part  seven  
Users   ApplicaSons   OS   Transport   Transmission   Physical  
Wrap  Up  
Wrap  Up   •  Users  trust  by  default   •  Apps  sSll  have  room  for  improvement   (security  wise)  J   •  Mobile  devices  are  becoming  a  mainstream   target  for  malware   •  Hardware  has  longer  longevity  than  the  OS   •  Lower  layers  are  not  helping   Mobile  security  is  sSll  in  its  infancy  
Thanks!   Q&A   Pedro  Cabrita  <pfcabrita@gmail.com>   Bruno  Morisson    <morisson@genhex.org>  

Recommended

sanfranAIG3
sanfranAIG3sanfranAIG3
sanfranAIG3Ian Murphy 2500+ all connections welcome
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
งานนำเสนอ1
งานนำเสนอ1งานนำเสนอ1
งานนำเสนอ1kittisak setawan
 
Grofers (Business Model)
Grofers (Business Model)Grofers (Business Model)
Grofers (Business Model)Diljit Singh Khalsa
 
Driving into Future - Indian Radio Taxi market
Driving into Future - Indian Radio Taxi marketDriving into Future - Indian Radio Taxi market
Driving into Future - Indian Radio Taxi marketRedSeerConsulting1
 
Taxi app webinar
Taxi app webinarTaxi app webinar
Taxi app webinarAyush Jain
 
Ola cabs
Ola cabsOla cabs
Ola cabsARSHIYA KHAN
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseBlueinfy Solutions
 

Recommended

sanfranAIG3
sanfranAIG3sanfranAIG3
sanfranAIG3Ian Murphy 2500+ all connections welcome
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
งานนำเสนอ1
งานนำเสนอ1งานนำเสนอ1
งานนำเสนอ1kittisak setawan
 
Grofers (Business Model)
Grofers (Business Model)Grofers (Business Model)
Grofers (Business Model)Diljit Singh Khalsa
 
Driving into Future - Indian Radio Taxi market
Driving into Future - Indian Radio Taxi marketDriving into Future - Indian Radio Taxi market
Driving into Future - Indian Radio Taxi marketRedSeerConsulting1
 
Taxi app webinar
Taxi app webinarTaxi app webinar
Taxi app webinarAyush Jain
 
Ola cabs
Ola cabsOla cabs
Ola cabsARSHIYA KHAN
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseBlueinfy Solutions
 
Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tBeau Christensen
 
AppSec is Eating Security
AppSec is Eating SecurityAppSec is Eating Security
AppSec is Eating SecurityAlex Stamos
 
Brighttalk what should we be monitoring - final
Brighttalk what should we be monitoring - finalBrighttalk what should we be monitoring - final
Brighttalk what should we be monitoring - finalAndrew White
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012Tjylen Veselyj
 
Tingenes internett for finn.no tech day
Tingenes internett for finn.no tech day Tingenes internett for finn.no tech day
Tingenes internett for finn.no tech day Simen Sommerfeldt
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
The fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityThe fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityNowSecure
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-Hjmoore55
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesNowSecure
 
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009Jeff Sonstein
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Advanced monitoring
 
Re-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptxRe-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptxtmbainjr131
 
Security asap
Security asapSecurity asap
Security asapmorisson
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using sshmorisson
 

More Related Content

Similar to Mobile Securty - An Oxymoron?

Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tBeau Christensen
 
AppSec is Eating Security
AppSec is Eating SecurityAppSec is Eating Security
AppSec is Eating SecurityAlex Stamos
 
Brighttalk what should we be monitoring - final
Brighttalk what should we be monitoring - finalBrighttalk what should we be monitoring - final
Brighttalk what should we be monitoring - finalAndrew White
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012Tjylen Veselyj
 
Tingenes internett for finn.no tech day
Tingenes internett for finn.no tech day Tingenes internett for finn.no tech day
Tingenes internett for finn.no tech day Simen Sommerfeldt
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
The fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityThe fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityNowSecure
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-Hjmoore55
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesNowSecure
 
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009Jeff Sonstein
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Advanced monitoring
 
Re-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptxRe-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptxtmbainjr131
 

Similar to Mobile Securty - An Oxymoron? (20)

Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_t
 
AppSec is Eating Security
AppSec is Eating SecurityAppSec is Eating Security
AppSec is Eating Security
 
Brighttalk what should we be monitoring - final
Brighttalk what should we be monitoring - finalBrighttalk what should we be monitoring - final
Brighttalk what should we be monitoring - final
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
 
Tingenes internett for finn.no tech day
Tingenes internett for finn.no tech day Tingenes internett for finn.no tech day
Tingenes internett for finn.no tech day
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
 
The fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityThe fundamentals of Android and iOS app security
The fundamentals of Android and iOS app security
 
Securing, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-HSecuring, Buying, and buying computers 4-H
Securing, Buying, and buying computers 4-H
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
 
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
Mobile Web Apps Best Practices Presentation at Design4Mobile 2009
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’ts
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security Perspective
 
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
 
Re-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptxRe-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptx
 

More from morisson

Security asap
Security asapSecurity asap
Security asapmorisson
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using sshmorisson
 
The Thing That Should Not Be
The Thing That Should Not BeThe Thing That Should Not Be
The Thing That Should Not Bemorisson
 
Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection morisson
 
Virtualization & Security
Virtualization & SecurityVirtualization & Security
Virtualization & Securitymorisson
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgerymorisson
 

More from morisson (7)

Security asap
Security asapSecurity asap
Security asap
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
 
APT
APTAPT
APT
 
The Thing That Should Not Be
The Thing That Should Not BeThe Thing That Should Not Be
The Thing That Should Not Be
 
Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection Honeypot Farms using Ethernet Bridging over a TCP Connection
Honeypot Farms using Ethernet Bridging over a TCP Connection
 
Virtualization & Security
Virtualization & SecurityVirtualization & Security
Virtualization & Security
 
Crash Course In Brain Surgery
Crash Course In Brain SurgeryCrash Course In Brain Surgery
Crash Course In Brain Surgery
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Mobile Securty - An Oxymoron?