What'S Old Is New Again: An Overview Of Mobile Application Security presented at OWASP BASC 2010

by Zach Lanier,

Tags: Mobile Security Android Security Hardware Reverse Engineering

URL : http://www.owasp.org/index.php/2010_BASC_Presentations

Summary : The ever-increasing prevalence of mobile devices brings with it a slew of security problems. Applications running directly on mobile devices(and web apps optimized for mobile clients) are ripe for the picking even by unsophisticated attackers. The attack classes that once applied to traditional network-facing, fat client, and web applications are now valid for mobile apps, as well. Insecure authentication and access control; home-grown crypto; and memory management problems are just some of the issues resurfacing on this new frontier. This presentation will discuss the security of some of the most popular applications running on mainstream mobile platforms such as Android, iPhone, Blackberry, and Windows Mobile.

Zach Lanier: Zach is a Senior Consultant with the Intrepidus Group, specializing in network and web application penetration testing. Prior to joining Intrepidus Group's professional services team, Zach served as Senior Network Security Analyst at Harvard Business School, and Security Assessment Practice Manager at Rapid7. Both Jon and Zach have presented at numerous security conferences (eg. BlackHat, CanSecWest, SOURCE Boston, SecTor, etc).