PHDays video




How to Exploit Certifi-Gate, in Theory and Practice

Want to visit   +24

Author: Dan Koretsky

Millions of Android devices have vulnerabilities that grant root privileges. The speaker will talk about technical reasons for security concerns (collisions of hash functions, inter-process communication abuse, mishandling of application certificates). This lecture will include a demonstration of an attack against an actual device and provide participants with recommendations on reducing potential risks. The participants will discover the reason for which vulnerabilities cannot be totally eliminated and learn about Google Play attacks.

  • Language
  • Russian

With over 8 years of experience in security and low-level research in both Windows and Linux/Android environments, Dan brings deep knowledge of cyber attacks and the information security situation in the mobile and PC worlds. Dan started working in a start-up company before he finished high-school, during which he studied for a bachelor’s degree in computer science. After that, he served for over 5 years in the Israeli army, performing a wide variety of research and development tasks. He works in Check Point as a senior security researcher for mobile products.

Dan Koretsky Dan Koretsky

Back to the list