Overview
Explore iOS security threats and mitigations in this 47-minute conference talk from GOTO Copenhagen 2015. Gain insights from Emil Kvarnhammar, CEO at TrueSec Syd AB, as he delves into iOS architecture security, malware examples, and successful attacks. Learn about security failures, iOS vulnerabilities, and Apple's responses. Understand the attacker's perspective on app data, code execution, and phishing attacks. Compare iOS and Android security measures, and examine App Store review processes, enterprise certificates, and sandboxing. Discover data protection techniques, keychain items, and App Transport Security. Explore TLS 1.0.2, certificate authorities, and AFNetworking. Watch live demos, including an XcodeGhost demonstration, to enhance your understanding of iOS security threats and mitigation strategies.
Syllabus
Introduction
Is iOS secure
Security failures
Whiler Kerr
Mask Attacks
iOS 9 Vulnerability
Xcode Ghost
Apples Response
Security from attackers point of view
App data
Executing code
Phishing attacks
iOS vs Android
App Store Review
Enterprise Certificate
Sam Boxing
Data Protection
Keychain Items
App Transport Security
TLS 102
Certificate Authorities
AFNetworking
Demos
XcodeGhost
Summary
Taught by
GOTO Conferences