August 16, 2012 at 2:56 am #7808Don DonzalKeymaster
EH-Net is proud to announce another new columnist. This time, we have a smartphone specialist. Get ready to start hacking iOS, Android, BlackBerry and eventually Windows Mobile 8! So give a warn welcome to Georgia Weidman. As with any of our other guest writers and columnists, please give your honest feedback on the article, your experiences to share with all EH-Netters, and your suggestions for future content from our resident mobile device (in any and all forms) expert.
Permanent link: [Article]-Mobile Hacking 101
By Georgia Weidman, M.S., CISSP, NIST 4011, OSCP
Next item on the board meeting agenda: the war on smartphones! For some time now, smartphones have been quietly creeping into our society and slowly infiltrating our families and companies. It started off simply enough: the CEO’s husband bought her an iPad for Christmas, and she thought it would be pretty savvy to be able to answer work email on it at a business meeting half way around the world. The fashion slowly trickled down the food chain until everyone wants to put their smartphone devices on the company network. While vacations used to be a time of relaxation, when the pressures of everyday life at the office could be forgotten, now it can be a serious career hazard to be unable to answer emails during the few minutes at the beach when your laptop is out of Wi-Fi range. Gone are the days of parents hovering around the living room praying teenagers will make it home from their dates in one piece and by curfew. In the age of smartphones there’s voice chat, video chat, text messaging, picture messages, and email continuously available to worried parents. Special smartphones are even being marketed to the under 13 crowd.
Whether it’s bringing your own device or special company BlackBerrys handed out at company meetings, chances are smartphones are able to access emails, deliverables and reports, and other sensitive data in your company environment. How secure are those smartphones? What sorts of attacks are common against the various smartphone platforms? What user behaviors open up your sensitive data to attack? What information could someone who has access to the data on your smartphone learn about you, your family, and your workplace? There are many paths attackers can take to interfere with your smartphone’s intended operation. Jailbreaking, malware, text messages with malicious links, and client-side attacks (like the Safari webkit vulnerability) are a few of the paths discussed in this first entry in a series of articles on hacking mobile devices serves as a primer to the EH-Net crowd. Read on to get a better idea some of the different ways your phone can be compromised along with some of the scenarios attackers are using to make this happen.
August 16, 2012 at 8:14 am #49094Jamie.RParticipant
This really good read and I think smart phone will be target more in the furture as they get smarter and companies will adapted them more to business life.
August 17, 2012 at 12:39 pm #49095sh4d0wmanPPParticipant
Nice post but unfortunately I read similar stories so no new info for me. However I am already looking forward to the tech-part as I never really done any research on smartphones myself, keep up the good work 🙂
August 18, 2012 at 5:22 pm #49096dynamikParticipant
Hey Georgia, that’s quite a way to make a splash as a new member! Welcome to EH!
I’d also rather part with my wallet than my smartphone. I’ve even debated continuing to carry my old 3Gs as a decoy to discard should I ever get mugged.
That was a good intro article. I was also familiar with most of those topics, mostly from your PaulDotCom appearances, but I’m definitely looking forward to the more in-depth articles.
- You must be logged in to reply to this topic.