This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, October 25 • 12:00pm - 12:45pm
Ice Cream "sudo make me a" Sandwich

Sign up or log in to save this to your schedule and see who's attending!

With the advent of Android 4.0+, we have seen the rooting landscape shift dramatically. This presentation gives a brief, but highly technical overview of the most ingenious new types of attacks on 4.0+. We will give an overview of Android's device protection mechanisms in 4.0+ and how they can be circumvented or unintentionally undermined by device manufacturers. 

Each device manufacturer and carrier can add or modify code from the Android Open Source Project (AOSP). This can include access to device memory, exploitable processes which run as the root user, initialization scripts which perform privileged actions without proper validation, or APKs which leak access to otherwise-protected information sources. This talk will examine what carriers and device manufacturers are doing to help customers root their devices. We will also detail /boot and /recovery differences between OEMs, how signature checks are performed, and demonstrate some of our tools to examine new devices and find potential security flaws. 

This talk is not about exploiting the AOSP, but rather identifying mistakes and misconfigurations due to customized builds and additional features. 

avatar for Max Sobell

Max Sobell

Independent Consultant
Max is an independent security consultant based out of NYC. He has performed code reviews and conducted mobile application penetration tests for numerous Fortune 500 clients on a multitude of platforms, such as Android, BREW, RIM, and iOS. He specializes in mobile device penetration testing and has spent time researching NFC (for access control and on mobile devices), Bluetooth, mobile wallets, and secure elements. Before working in security... Read More →

Friday October 25, 2013 12:00pm - 12:45pm
HackersForCharity.org Room Norris Conference Center, 2525 W. Anderson Lane, Suite 365, Austin, Texas 78757

Attendees (10)