Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Transparent Smartphone Spying        Georgia Weidman
Agenda• Smartphone Overview• Evil Applications• Evil Jailbreaks• Baseband Spying• Mitigation Strategies
What is a Smartphone?
Data Stored and Transmitted• Personal info• Work info• Location info• Account info
Privacy of Transmitted Data• Mobile communication standards• Encoding vs. Encryption• Attacks against privacy
Privacy Matters: Text Messages• “Hi meet me for lunch”• “Meet me for lunch while my wife is out”• “Here are your bank acco...
Privacy Required Examples• Vendor text messages  – Vendor advertisements  – Provider messages• Mobile banking  – Balance s...
Evil Applications
Application Stores• iPhone  –   Expensive  –   Identity Verified  –   Closed  –   Certificate Authority• Android  –   Chea...
Application Protections: iPhone• ASLR• Mandatory code signing• No dynamic code loading• Sandboxed
Applications Protections: Android• Users accept permissions
Our Text Message Example• Permission to read text message(SMS)  database• Specific permission to send text  message(SMS) m...
Is this system working to protect users?Are users making good decisions about        application permissions?
Top Android App of all Time
DemoDemo: Application abusing       permissions
Abusing the Android Sandbox• Load exploit code at runtime• Safe application becomes malicious  application• In the wild: D...
Evil Jailbreak
Jailbreaking• Get root privileges• Expand feature set• Run unapproved (3rd party apps)
Jailbreaking Gone Wild• Run this code• It jailbreaks your phone• What else does it do?
So I’ve exploited a phone, what now?
Baseband Spying• Read all data sent/receive by the phone• Intercept data before it reaches the  user/before it is sent
How an GSM is sent and received                                  22
How an GSM is sent and received            © Georgia Weidman 2011   23
How an GSM is sent and received            © Georgia Weidman 2011   24
Malicious Proxy• Intercept data• Send data• Alter data• Botnet functionality
DemoDemo: Stealing Text Messages
Mitigation Strategies• User Awareness• Encryption• Updating• Code signing
ContactGeorgia Weidman, Security Consultant           Neohapsis, Inc.   Email: georgia@grmn00bs.com  georgia.weidman@neoha...
Selected Bibliography• John Oberheide and Jach Lanier “Team JOCH vs. Android”  Shmoocon 2011: http://jon.oberheide.org/fil...
You’ve finished this document.
Download and read it offline.
Upcoming SlideShare
transparent electronics ppt
Next
Upcoming SlideShare
transparent electronics ppt
Next
Download to read offline and view in fullscreen.

Share

Transparent Smartphone Spying

Download to read offline

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Transparent Smartphone Spying

  1. 1. Transparent Smartphone Spying Georgia Weidman
  2. 2. Agenda• Smartphone Overview• Evil Applications• Evil Jailbreaks• Baseband Spying• Mitigation Strategies
  3. 3. What is a Smartphone?
  4. 4. Data Stored and Transmitted• Personal info• Work info• Location info• Account info
  5. 5. Privacy of Transmitted Data• Mobile communication standards• Encoding vs. Encryption• Attacks against privacy
  6. 6. Privacy Matters: Text Messages• “Hi meet me for lunch”• “Meet me for lunch while my wife is out”• “Here are your bank account credentials”
  7. 7. Privacy Required Examples• Vendor text messages – Vendor advertisements – Provider messages• Mobile banking – Balance sheet – Electronic bill paying – One time passwords
  8. 8. Evil Applications
  9. 9. Application Stores• iPhone – Expensive – Identity Verified – Closed – Certificate Authority• Android – Cheap – Open – Anonymous – Self signed
  10. 10. Application Protections: iPhone• ASLR• Mandatory code signing• No dynamic code loading• Sandboxed
  11. 11. Applications Protections: Android• Users accept permissions
  12. 12. Our Text Message Example• Permission to read text message(SMS) database• Specific permission to send text message(SMS) messages• Without user consent, application cannot access this information
  13. 13. Is this system working to protect users?Are users making good decisions about application permissions?
  14. 14. Top Android App of all Time
  15. 15. DemoDemo: Application abusing permissions
  16. 16. Abusing the Android Sandbox• Load exploit code at runtime• Safe application becomes malicious application• In the wild: DroidDream• In the lab: Rootstrap
  17. 17. Evil Jailbreak
  18. 18. Jailbreaking• Get root privileges• Expand feature set• Run unapproved (3rd party apps)
  19. 19. Jailbreaking Gone Wild• Run this code• It jailbreaks your phone• What else does it do?
  20. 20. So I’ve exploited a phone, what now?
  21. 21. Baseband Spying• Read all data sent/receive by the phone• Intercept data before it reaches the user/before it is sent
  22. 22. How an GSM is sent and received 22
  23. 23. How an GSM is sent and received © Georgia Weidman 2011 23
  24. 24. How an GSM is sent and received © Georgia Weidman 2011 24
  25. 25. Malicious Proxy• Intercept data• Send data• Alter data• Botnet functionality
  26. 26. DemoDemo: Stealing Text Messages
  27. 27. Mitigation Strategies• User Awareness• Encryption• Updating• Code signing
  28. 28. ContactGeorgia Weidman, Security Consultant Neohapsis, Inc. Email: georgia@grmn00bs.com georgia.weidman@neohapsis.com Website: http://www.neohapsis.com http://www.grmn00bs.com Twitter: @vincentkadmon
  29. 29. Selected Bibliography• John Oberheide and Jach Lanier “Team JOCH vs. Android” Shmoocon 2011: http://jon.oberheide.org/files/shmoo11- teamjoch.pdf• Charlie Miller and Collin Mulliner “Fuzzing the Phone in Your Phone” Blackhat USA 2009: http://www.blackhat.com/presentations/bhusa- 09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf• Dino Dai Zovi “Apple iOS Security Evalution” Blackhat USA 2011: https://media.blackhat.com/bh-us- 11/DaiZovi/BH_US_11_DaiZovi_iOS_Security_WP.pdf
  • IqtadarAli

    Feb. 17, 2018
  • pnirmal

    Aug. 9, 2016
  • DivyangH

    Aug. 8, 2016
  • RushikeshUrunkar

    Oct. 11, 2015

Views

Total views

4,715

On Slideshare

0

From embeds

0

Number of embeds

3

Actions

Downloads

141

Shares

0

Comments

0

Likes

4

×