Document Title: =============== Android Security - Boot Camp Workshop & Presentation #1 Date: ===== 2012-02-26 References: =========== http://www.vulnerability-lab.com/resources/documents/454.rar VL-ID: ===== 454 Common Vulnerability Scoring System: ==================================== 6.5 Status: ======== Published Exploitation-Technique: ======================= Slides Severity: ========= High Details: ======== The slides are a documentation of the #1 main presenation by riley hassel in 2012. In this presentation slides he talked about general android security flaws and problems with design & Co. Credits: ======== Riley Hassel - Privateer Labs Riley Hassell is an internationally recognized security professional. He is an industry expert in the fields of application security assessment, software reverse engineering and malware analysis. Mr. Hassell discovered and disclosed many of the most critical software vulnerabilities known. Throughout the year 2000 and 2001 he was responsible for several critical vulnerabilities, each having major repercussions on the security industry at large. Mr. Hassell was responsible for the discovery of the first critical remote vulnerabilities in Windows 2000 and Windows XP. He also discovered the vulnerability that triggered the Code Red Internet worm. His initial dissection of the worm was used to develop and put in place protective measures to safeguard the network targeted by Code Red, the Whitehouse public network.Taking his research a step further he forecast future worm technologies and presented during presentations at the Blackhat security conference. During the year 2002 Mr. Hassell performed an assessment of the popular security products. During his assessment he discovered critical vulnerabilities in several leading security products, pushing security vendors to take a second look at their software. Mr. Hassell spent the following several years working with startup ventures to pioneer product technologies in the patch management, intrusion prevention, vulnerability analysis and malware analysis fields. Following his employment at iSEC he founded Privateer Labs and refocused his combined expertise to the emerging threats of the mobile landscape. Disclaimer: =========== The information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.vulnerability-lab.com/register Contact: admin@vulnerability-lab.com - support@vulnerability-lab.com - research@vulnerability-lab.com Section: video.vulnerability-lab.com - forum.vulnerability-lab.com - news.vulnerability-lab.com Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, sourcecode, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or support@vulnerability-lab.com) to get a permission. Copyright © 2012 | Vulnerability Laboratory