[Owasp-kansascity] Invitation: KC-OWASP Chapter Meeting - Mobile Device Software Securit... @ Thu Aug 26 7pm - 8:45pm (owasp-kansascity at lists.owasp.org)

Mat Caughron caughron at gmail.com
Wed Aug 25 11:29:28 EDT 2010


You have been invited to the following event.

Title: KC-OWASP Chapter Meeting - Mobile Device Software Security and  
Testing
OWASP Kansas City chapter meeting - Mobile Device Software Security and  
Testing

Agenda:    7:00PM-8:15PM Mobile Device Software Security and Testing

Speaker:  Steve Jensen, BT Global Services

Stephen Jensen has been performing web application security assessments for  
over 7 years. With a background as a software developer, it was his  
experiences within the software industry that led him to shift his focus  
more towards the security aspect of software. Stephen is an advocate of the  
SDLC (Security Development Lifecycle) development process, which attempts  
to include security as a primary objective within the requirements phase of  
the software development lifecycle, as well as throughout the entire  
development process.

Topic: Mobile Device Software Security and Testing Presentation
Introduction:
	- Why we care about these devices?
	- How enterprises are using these devices.
	- Personal data stored on these devices.
	- What we can do depends on the functionality implemented on the device
	- More and more apps are found to be malicious in some way.

	iPhone:
		- What does "jailbreaking" actually do?
		- Installing SSH through Cydia.
		- Using WinSCP to view the underlying filesystem.
		- Files on the file system (sqlite databases, etc.)
		- Proxying WiFi traffic for request/response analysis & manipulation.
		- Proxying 3G traffic through a VPN connection running on a linux VM  
(currently researching and setting up).
		- Where are applications located on the device?
		- Extracting the applications off the phone for further analysis.
		- How to get at the application via iTunes if the iPhone is not  
jailbroken.
		
	
	Android:
		- Rooting the device (not a hands on demonstration as this is version  
dependent).
		- Setting up SSH on the device.
		- Using WinScp to view underlying filesystem
		- Proxying 3G traffic through a VPN connection running on a linux VM  
(currently researching and setting up).
		- Where are the applications located on the device?
		- Extracting the applications off of the phone.
		- Unpackaging the applications.
		- Decompiling the applications to gain a better understanding of what  
they are doing.

8:15 - 9:00 open discussion and networking

When: Thu Aug 26 7pm – 8:45pm Central Time
Where: Johnson County Community College (JCCC), Room 175 in the Regnier  
Center
Calendar: owasp-kansascity at lists.owasp.org
Who:
     (Guest list has been hidden at organizer's request)

Event details:  
https://www.google.com/calendar/event?action=VIEW&eid=YmUwdTF0bTBwNmdtdnVpOWs0N3J1YTQzbmsgb3dhc3Ata2Fuc2FzY2l0eUBsaXN0cy5vd2FzcC5vcmc&tok=MTgjY2F1Z2hyb25AZ21haWwuY29tZmI0MzM1NTk3YzllYjEzNTEzOTVkNGQyZTBmZjliMDI3OTdmZDIxMA&ctz=America%2FChicago&hl=en

Invitation from Google Calendar: https://www.google.com/calendar/

You are receiving this courtesy email at the account  
owasp-kansascity at lists.owasp.org because you are an attendee of this event.

To stop receiving future notifications for this event, decline this event.  
Alternatively you can sign up for a Google account at  
https://www.google.com/calendar/ and control your notification settings for  
your entire calendar.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-kansascity/attachments/20100825/36938ff9/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/calendar
Size: 3305 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-kansascity/attachments/20100825/36938ff9/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: invite.ics
Type: application/ics
Size: 3363 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-kansascity/attachments/20100825/36938ff9/attachment-0001.bin 


More information about the OWASP-KansasCity mailing list