Program
How to Exploit Certifi-Gate, in Theory and Practice
Author: Dan Koretsky
Millions of Android devices have vulnerabilities that grant root privileges. The speaker will talk about technical reasons for security concerns (collisions of hash functions, inter-process communication abuse, mishandling of application certificates). This lecture will include a demonstration of an attack against an actual device and provide participants with recommendations on reducing potential risks. The participants will discover the reason for which vulnerabilities cannot be totally eliminated and learn about Google Play attacks.
- Language
- Russian
- Info
- Presentation
With over 8 years of experience in security and low-level research in both Windows and Linux/Android environments, Dan brings deep knowledge of cyber attacks and the information security situation in the mobile and PC worlds. Dan started working in a start-up company before he finished high-school, during which he studied for a bachelor’s degree in computer science. After that, he served for over 5 years in the Israeli army, performing a wide variety of research and development tasks. He works in Check Point as a senior security researcher for mobile products.
