Protecting Sensitive Information on iOS Devices presented at Shmoocon 2013

by David Schuetz,

Tags: Security

Summary : "We've seen the deep technical research showing what makes iOS devices secure (or sometimes not so much). But once you grok ASLR and code signing, are you really any closer to understanding the risk these devices present to your environment?
This talk reviews the key technologies available to keep data protected on iStuff, hopefully framing the discussion in a way decision makers can understand. From built-in features, to tricks for getting around them, to advanced attacks, we look at the most important things you can do to keep your data secure. And provide a non-nonsense reality check on the reasons you'll never be 100% safe.
The talk concludes with a short review of best practices, both for configuration and custom application development, as well as a review of improved controls introduced in iOS 6."

David Schuetz: David is an old-school, dumb-terminal kind of UNIX geek who's always been fascinated by password cracking. Past work in this area has included distributed password cracking, pattern-based dictionaries, and building Rainbow tables for salted passwords. Currently employed by Intrepidus Group, David performs assessments on web applications, mobile devices, and occasionally networks. His alter ego, Darth Null, greatly enjoys solving puzzle contests at security conferences.