Dailydave mailing list archives
Things to think about
From: Dave Aitel <dave () immunityinc com>
Date: Thu, 10 Jan 2013 15:25:04 -0500
CES has a dizzying array of things that look essentially identical and are based on Android. It makes you think. And if you're thinking about exploits you're thinking: You know what didn't pan out? "Mobile attacks" in commercial attack frameworks. The reasons are a bit non-obvious, but deep down, writing Android exploits is fairly hard. Not because the exploit itself is hard, but because testing your exploit on every phone is a nightmare. There's literally thousands of them, and they're all slightly different. So even if you know your exploit is solid as a rock, it's hard to say that you tested it on whatever strange phone your customer happens to have around. And of course, iOS is its own hard nut to crack. It's a moving monolithic target, and Apple is highly incentivized by pirates to keep it secure. So if you have something that works in a commercial package, Apple will patch it the next day, and all your hard work is mostly wasted. Regardless, it's interesting to see places where people are making inroads here. So if you've done mobile work (or any interesting offensive work) you should submit your talk to INFILTRATE at cfp () immunityinc com . We work hard to make talking at it the best conference experience you've ever had. Think of it as the opposite of talking at RSA . -dave -- INFILTRATE - the world's best offensive information security conference. April 2013 in Miami Beach www.infiltratecon.com
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Things to think about Dave Aitel (Jan 10)