NOWSECURE NOW AVAILABLE IN THE MICROSOFT AZURE MARKETPLACE

Microsoft Azure customers gain access to NowSecure Mobile App Security and Privacy Testing for scalability, reliability, and agility of Azure to drive mobile appdev and shape business strategies.

Read More
Media Announcement
NOWSECURE NOW AVAILABLE IN THE MICROSOFT AZURE MARKETPLACE NOWSECURE NOW AVAILABLE IN THE MICROSOFT AZURE MARKETPLACE Show More
magnifying glass icon

Security in a BYOD Era

Presented on April 17, 2012

The following presentation was delivered by Andrew Hoog during the Good Technology’s Webinar concerning Security in the BYOD (Bring Your Own Device) Era on April 17, 2012.

Click here to watch a recording of the Webinar.

### Security in a BYOD Era: Can Forensics Make the Case? April 2012
What is Digital Forensics?
“¢ Branch of forensic science ““ uses scientific method “¢ The preservation, recovery, analysis and reporting of digital artifacts “¢ Traditionally reactive, very powerful when leveraged proactively:
““ Forensics is used in typical Incident Response scenarios after the fact
““ Forensics can see digital artifacts that other methods cannot
““ Forensics is empirical, data-centric
““ Proactive forensics can solve complex security problems
Attacking the layerEncryption
“¢ Have physical access to iOS device
“¢ Download F/OSS Lantern Lite
“¢ https://github.com/KatanaForensics/LanternLite
“¢ Connect device
“¢ Press button
“¢ Grab a coffee, check back in a while (this is simplest, other techniques exist)
Reverse Shell
“¢ Does not require root
“¢ User installs (interesting) app that requests no permissions, thus no perceived risk
“¢ When screen is locked, reverse shell connects to back end
“¢ Can we used to query device info and download exploit
Forensics attacks and containers
“¢ Forensic attacks, especially on mobile, rarely run on a live system without a reboot (i.e. data will be at rest) “¢ If container encryption and full app is properly implemented, can successfully repel forensic attacks by leaving only brute force “¢ Proper implementation of encryption/app includes (at least):
““ Strong passcode
““ Strong encryption (AES-256, CBC and unique IVs)
““ Verified random number generator
““ Re-encrypt on passcode change
““ App should be pen tested for full security analysis
Weaknesses
“¢ Properly encrypted containers greatly increase security of BYOD devices, but some limitations
“¢ Limitations
““ If attacker has escalated privileges, can simply install key logger, etc.
““ If apps in the container leak data into other parts of the system (clip board, leave unprotected in RAM, call insecure apps outside container), data can be compromised
““ Platform/standards issues
“¢ Trusting SSL
“¢ Using fundamentally flawed mobile OS libraries, https://viaforensics.com/iphone-forensics/preventing-widespread-ios-application-infection.html Questions
Presentation(s) available online at:
https://viaforensics.com/resources/presentations/ Andrew Hoog
Chief Investigative Officer
[email protected]