pocket security, your mobile
by Vitor Domingosall-around mercenary
Vitor [email protected]://vitordomingos.com
- cloud computing & security consultant- thenextweb editor-
mobilemonday PT founder- videocaster
- ex failed entrepreneur- ex ITIJ / MJ- ex CGD- ex forumB2B- ex
Maxitel- ex Jazztel
Phones ...
- 15 years of pure unsecurity and few exploits
- mobile is the most personal and private item we own
- phones are now computers, the personal kind
- they even run full operating systems
What's in ...
- phone calls; - addressbook; - emails; - sms; - mms; - browser
history; - pictures and some documents; - calendar;- gps tracking
data; - shop details; - credit card info; - other sync evilness
TRUST
- we trust the carrier
- we trust the manufacturer
- we trust the users
- we trust the the phone
- we trust the software
- we trust we're safe cause it's not connected or it's in our
pocket
Mobile Security Levels
- Level 1 - Manufacturer - Level 2 - Carrier - Level 3 - User -
Level 4 - Application - Level 5 - Enterprise (?)
Patching hell ...
Problem #1- if you got a smartphone, then probably you have
somewhat upgraded your base software, if not, you're still using
what came with it Problem #2 - difficult to patch (OTA is neat, but
not used by many) Problem #3 - no enterprise patch; IT people say
it's a carrier / user problem and not their own
Windows Mobile
- digital application signing
- limited access to the filesystem
- permission requests
- device encryption (enterprise)
- pin protection (enterprise)
- profiles (enterprise)
- no granular permission
iPhone
- OSX Security Model
- Appstore
- No enterprise security provisioning
Android / Symbian
- Sandbox
- Tight control on application permissions
- Digital signature
- No enterprise security provisioning
Security Community
- TSTF.net
- Mseclab
- Tam Hanna
- GSM Association Security Group
Password Security
- Try to put a real hard password on your phone - Normally it's
only 4 digit numbers - Normally if used; it's simple cause it's
real hard to input something on the phone
- Try K#$"%'`^!"231Gj
- Two factor authentication (?)
GSM Cracked
- A51 Rainbowtable cracking software
(reflextor.com/trac/a51)
- GSM interception software (airprobe.org)
- Software defined radio (gnuradio.org)
- Cheap radion software (ettus.com/products)
2010
- UTMS cracked (on paper) - Sandwich attack
- MMS Remote Exploit
- iPhone SMS Remote Exploit
- Bluetooth Spamming and Attacks (bluesnarfing, bluebug,
bluebugging) -$18 bluetooth sniffer
- Bluetooth audio flow to headset interception
- Over the air wire tapping
- ... and what about flash ? :)
Look at the screen
- what are you running ?
- what is it doing ?
- are you using network access ? why ?
- do you know that it's doing to the filesystem ? to the memory
? to your data ?
- where is your data ?
- is it using secure protocols ?
- where's the backup ?
Future (risks?)
- Near Field Communications2008: hacking NFC phones, URI
spoofing, NDEF worm; 2010: Nokia announces that all phones are NFC
ready
- Mobile javascript in the browser (2000 called and their want
to block javascript all again)
- Phone SSL, VPN
- Location Based something - gowalla//forsquare problems
Future (risks?)
- Spyware disguised as apps (cydia iphone appstore)
- Virus/Worm/Botnet - iphone; vodafone memory card spyware bug
on android phones - Tinyurl problems (?)
- Social phishing from fake call centers
