Inside Apple's MDM Black Box presented at BlackhatUSA 2011

by David Schuetz,


Summary : Mobile Device Management (MDM) has become a hot topic as organizations are pressured to bring iStuff into their organization. Mobile devices are invading every level of corporate society, making the need to remotely manage and control them increasingly urgent. Apple has provided some enterprise management features, first via over-the-air configuration profiles, and beginning in 2010, full MDM support. Unfortunately, the exact features available through MDM, as well as details of the protocol itself, are tightly controlled by Apple.
This talk dissects how Apple MDM works. Starting with basic iOS configuration principles, the talk explores mobile config profiles generated by the iPhone Configuration Utility, over-the-air profile delivery, and eventually describes the key features and mechanisms behind MDM, including remote device locking and wiping. Finally, we explore how to implement your own MDM server, which allows you to manage iOS devices using official device management APIs. We also explore the security and social engineering impacts of freely available MDM servers with these capabilities.

David Schuetz: David is an old-school, dumb-terminal kind of UNIX geek who's always been fascinated by password cracking. Past work in this area has included distributed password cracking, pattern-based dictionaries, and building Rainbow tables for salted passwords. Currently employed by Intrepidus Group, David performs assessments on web applications, mobile devices, and occasionally networks. His alter ego, Darth Null, greatly enjoys solving puzzle contests at security conferences.