NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING

The depth and scope of NowSecure Platform testing gives customers assurance that their mobile AppSec programs meet the highest industry standard.

Read More
Media Announcement
NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING Show More
magnifying glass icon

Security in a BYOD Era

Presented on April 17, 2012

The following presentation was delivered by Andrew Hoog during the Good Technology’s Webinar concerning Security in the BYOD (Bring Your Own Device) Era on April 17, 2012.

Click here to watch a recording of the Webinar.

### Security in a BYOD Era: Can Forensics Make the Case? April 2012
What is Digital Forensics?
“¢ Branch of forensic science ““ uses scientific method “¢ The preservation, recovery, analysis and reporting of digital artifacts “¢ Traditionally reactive, very powerful when leveraged proactively:
““ Forensics is used in typical Incident Response scenarios after the fact
““ Forensics can see digital artifacts that other methods cannot
““ Forensics is empirical, data-centric
““ Proactive forensics can solve complex security problems
Attacking the layerEncryption
“¢ Have physical access to iOS device
“¢ Download F/OSS Lantern Lite
“¢ https://github.com/KatanaForensics/LanternLite
“¢ Connect device
“¢ Press button
“¢ Grab a coffee, check back in a while (this is simplest, other techniques exist)
Reverse Shell
“¢ Does not require root
“¢ User installs (interesting) app that requests no permissions, thus no perceived risk
“¢ When screen is locked, reverse shell connects to back end
“¢ Can we used to query device info and download exploit
Forensics attacks and containers
“¢ Forensic attacks, especially on mobile, rarely run on a live system without a reboot (i.e. data will be at rest) “¢ If container encryption and full app is properly implemented, can successfully repel forensic attacks by leaving only brute force “¢ Proper implementation of encryption/app includes (at least):
““ Strong passcode
““ Strong encryption (AES-256, CBC and unique IVs)
““ Verified random number generator
““ Re-encrypt on passcode change
““ App should be pen tested for full security analysis
Weaknesses
“¢ Properly encrypted containers greatly increase security of BYOD devices, but some limitations
“¢ Limitations
““ If attacker has escalated privileges, can simply install key logger, etc.
““ If apps in the container leak data into other parts of the system (clip board, leave unprotected in RAM, call insecure apps outside container), data can be compromised
““ Platform/standards issues
“¢ Trusting SSL
“¢ Using fundamentally flawed mobile OS libraries, https://viaforensics.com/iphone-forensics/preventing-widespread-ios-application-infection.html Questions
Presentation(s) available online at:
https://viaforensics.com/resources/presentations/ Andrew Hoog
Chief Investigative Officer
[email protected]