Your SlideShare is downloading. ×
0
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Smartphone Insecurity
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Smartphone Insecurity

460

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
460
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Ubiquitous. Rural areas Saving my battery during a hurricane
  • Edit and Read SMS, send SMS, receive SMS Modify/delete USB storage contents Prevent phone from sleeping, write sync settings GPS data Services that cost you money Act as account authenticator, manage accounts Read and write to your personal information including contact data Phone calls, read phone state and identity Full network access
  • Transcript

    • 1. Smartphone Insecurity  Click to edit the outline text  • Georgia Click to Weidman formatedit the outline text format   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 2. Agenda Smartphone Security Basics Common Attack Vectors and Examples Mitigation Strategies Common vulnerabilities in 3rd party apps Attack strategies against apps Secure coding practices for developing apps  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 3. What is a smartphone?  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 4. What is a smartphone?  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 5. What’s on your phone Personal info Work info Location info  Click to edit the outline text Account info formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 6. Do We Need Privacy? (SMS examples) “Hi meet me for lunch” “Meet me for lunch while my wife is out” “Here is your bank account credentials”  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 7. Attacks on Privacy (Infrastructure) Cell Network  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 8. Attacks on Privacy (Infrastructure) ? ? Cell Network io n p t c ry E n  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 9. Is GSM traffic encrypted?SMSPDU:07914140540510F1040B915117344588F100000121037140044A0AE8329BFD4697D9EC37  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 10. Is GSM traffic encrypted?SMSPDU:07914140540510F1040B915117344588F100000121037140044A0AE8329BFD4697D9EC37  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 11. Is GSM traffic encrypted?Sending Number: 1-571-435-4881Data: hellohello  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 12. 2G(EDGE)Bad crypto: Up to the base station Algorithms breakable Click to edit the outline text  No authentication of base format stations Click to edit the outline text format    Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 13. Attacks on Privacy (Infrastructure) Cell Network  Click to edit the outline text  formatedit the outline text format Click to Research by: Chris Pagent   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 14. Attacks on Privacy (Infrastructure) Cell Network  Click to edit the outline text  formatedit the outline text format Click to Research by: Chris Pagent   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 15. Breaking 2G CryptoBreak session key to get on the networkA5/2 trivial to breakKarsten Nohl broke A5/1 in 2009 in minutes  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 16. Attacks on Privacy (Infrastructure) Cell Network  Click to edit the outline text  formatedit the outline text format Click to Research by: Chris Pagent   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 17. Who cares about EDGE anyway? Still deployed By default phones will drop back to EDGE Is anyone on EDGE right now?  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 18. Mitigation Strategies Replace 2G Option to turn off 2G on phones Encrypt data on phones before sending  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 19. Attacks on Privacy (Platform) =Attackers know how to attack these platforms  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 20. Rooting/Jailbreaking Exploiting kernel/platform flaws Client side attacks Gain system level privileges similarly to PC platforms  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 21. JailbreakMe 3.0 iPhone jailbreak Client side flaw in PDF (Mobile Safari) Kernel exploit  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 22. Rootstrap Android app loads kernel exploits Loads code dynamically Runs native code  Click to edit the outline text Packaged with interesting app formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 23. DroidDream Android app in the market Rooted phones via kernel exploits Stole information  Click to edit the outline text Ran up charges formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 24. Payload example: SMS botnet  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 25. Payload example: SMS botnet  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 26. Payload example: SMS botnet  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 27. Payload example: SMS botnet  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 28. SMS PDUSMSPDU:07914140540510F1040B915117344588F100000121037140044A0AE8329BFD4697D9EC37  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 29. How the Botnet Works1. Bot Receives a Message3. Bot Decodes User Data5. Checks for Bot Key  Click to edit the outline text7. Performs Functionality formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 30. How the Botnet Works1. Bot Receives a Message3. Bot Decodes User Data5. Checks for Bot Key  Click to edit the outline text7. Performs Functionality formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 31. How the Botnet Works1. Bot Receives a Message3. Bot Decodes User Data5. Checks for Bot Key  Click to edit the outline text7. Performs Functionality formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 32. How the Botnet Works1. Bot Receives a Message3. Bot Decodes User Data5. Checks for Bot Key (Swallows Message)  Click to edit the outline text7. Performs Functionality formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 33. How the Botnet Works1. Bot Receives a Message3. Bot Decodes User Data5. Checks for Bot Key  Click to edit the outline text7. Performs Functionality formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 34. Demo Demo of Botnet Click to edit the outline text Payload  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 35. Mitigations for Platform Attacks Updating Better sandboxing Vigilance from users  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 36. App attacks on privacy  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 37. App Stores iPhone  Expensive  Closed  Identity verified Android  Cheap  Click to edit the outline text formatedit the outline text format  Self Signed  Click to   Second Outline Level Second Outline Level  Open − − Third Outline Level Third Outline Level  Anonymous Fourth Outline Fourth Outline  
    • 38. Android Permission Model Specifically request permissions Users must accept at install Send SMS, Receive SMS, GPS location  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 39. App attacks on privacyIs this system working? Are usersmaking good decisions aboutapps? Click to edit the outline text   formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 40. Top Android App of All Time  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 41. DemoDemo: App Abusing Permissions  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 42. App Attacks Mitigations Oversight on apps Analysis of permissions User awareness  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 43. Vulnerabilities in Android Apps No coding standards for Android apps Badly coded apps Data Leak  Click to edit the outline text Permission Leak formatedit the outline text format  Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 44. Data Leak Access to sensitive data Insecure storage  sdcard  World readable  Stored in source code  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 45. Return to the Source Free tools available Complete source available Don’t store secrets here  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 46. DemoDEMO: Abusing bad storage practices  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 47. Mitigating this risk Store sensitive data privately Don’t use the sdcard Don’t put secrets in source code  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 48. Permission leak through components Other apps can call public components That’s a reason Android is awesome If not used safely, this can be dangerous  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 49. DemoDEMO: Stealing permissions from exposedcomponents  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 50. Mitigating This Risk Require permissions to access components Use custom permissions Don’t have dangerous functionality accessible without user interaction  Click to edit the outline text  formatedit the outline text format Click to   Second Outline Level Second Outline Level − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline
    • 51. Contact Georgia Weidman Security Consultant, Researcher, Trainer Website: http://www.georgiaweidman.comSlides: http://www.slideshare.net/georgiaweidman Click to edit the outline text  Email:georgia@grmn00bs.com formatedit the outline text format Click to  Twitter: @georgiaweidman Outline Level Second Outline Level  Second  − − Third Outline Level Third Outline Level   Fourth Outline Fourth Outline

    ×