Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Faux Disk Encryption - Realities of Secure Storage on Mobile Devices

Black Hat via YouTube

Overview

Explore the complexities of secure data storage on mobile devices in this 57-minute Black Hat conference talk. Delve into the challenges faced by mobile app developers in securing locally cached data, including authentication tokens, on iOS and Android platforms. Examine common misconceptions about full-disk encryption and learn why it falls short in most attack scenarios. Discover sophisticated secure storage techniques available for both iOS and Android, understanding their technical operations and effectiveness in meeting practical security and usability requirements. Analyze potential vulnerabilities even when following current best practices and discuss potential solutions for the security and mobile device community. Gain insights into securely storing data for various use cases and uncovering secure storage flaws in real-world applications. By the end, understand the significant challenges of data storage on always-on, portable devices and how to implement robust security measures.

Syllabus

Intro
Outline 1. Introduction
iOS Encryption Hierarchy
Evolution of Android Security
How Android Encryption Works nccgroup
Android Credential Storage System Credential Store allows for storage of
Importance of Boot Security
Flash Recovery
Backdoor the Kernel nccgroup
Test Exploit 1. Compile backdoored kernal 2. Create boot image 3. Flash boot image via recovery 4. Reboot and test
Best Practices for Developers nccgroup General

Taught by

Black Hat

Reviews

Start your review of Faux Disk Encryption - Realities of Secure Storage on Mobile Devices

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.