convenience product security
Download
Skip this Video
Download Presentation
Convenience product security

Loading in 2 Seconds...

play fullscreen
1 / 10

Convenience product security - PowerPoint PPT Presentation


  • 143 Views
  • Uploaded on

Convenience product security. Collin Busch. What is a convenience product?. A convenience product is a device or application that makes your life easier For the purpose of this presentation, we will examine different cell phones, apps, and the security behind them

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Convenience product security' - gibson


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
what is a convenience product
What is a convenience product?
  • A convenience product is a device or application that makes your life easier
  • For the purpose of this presentation, we will examine different cell phones, apps, and the security behind them
  • Security software such as findmyphone
  • Browser security on mobile devices
the default
The default
  • By default, a brand new phone or tablet will not have basic levels of security
  • There will be no password or lock until it is set up
  • Different applications on the phone may handle their own security
    • Email clients may use SSL/TLS depending on the client/server
    • Browsers accessing certain websites may use https instead of http
    • Certain programs such as banking apps may have built in encryption
default vulnerabilities
Default vulnerabilities
  • If you keep your device or program at base security, your entire phone is vulnerable.
  • In the case of an iPhone or iPad, one swipe will let anyone access all of the data stored on your phone.
  • The most important thing you can do to a mobile device to keep it safe is to require a passcode or pattern
security breach in ios 7
Security Breach in IOS 7
  • Even if your device is protected by a password lock, it may still be accessible.
  • Due to bugs or bad programming, a sequence of actions may allow you access to a mobile device.
  • On an iPhone running IOS 7, you could bypass the lock screen without a passcode, and have access to the camera and stored photos as well as any app that would share these photos, such as Twitter, Facebook, and email apps.
patching ios 7 breach
Patching IOS 7 breach
  • In IOS 7.0.2 it was documented that this breach was now closed, and that you could no longer bypass the IOS 7 lockscreen
  • 7.0.2 was released September 26 2013, 8 days after IOS 7 was release and 7 days after the exploit was discovered.
  • For an entire week, brand new software release by a huge and experienced software company had a gaping security hole
  • A simple lock screen is not enough.
android vulnerabilities
Android vulnerabilities
  • Many android users are still using the “gingerbread” operating system, which is version 2.3.3 to 2.3.7, which was released in 2011.
  • This out of date OS has a number of vulnerabilities, including”
    • SMS message trojans which continually text a premium rate unknown to the user, resulting in extremely high charges that are usually only noticed at the end of the month/billing cycle
    • Rootkits: in 2011 a software developers rootkit was found on millions of android phones, which logged keystrokes, passwords, and user location data without the user’s knowledge
    • Malicious google play software- the play store is not as strictly monitored as the Apple store, so there are a number of malware programs masquerading as legitimate programs.
biometric bypassing
Biometric bypassing
  • The iPhone 5s implemented a fingerprint biometric scanner to allow “secure” access to the phone
  • This biometric scanner was fooled when a hacking team photographed a fingerprint that had been left on a glass surface.
  • Retina scanners can also be bypassed because the scanner reads the “code” of the retina without checking that there is actually an eye.
  • Synthetic retina “codes” can be used to bypass most retina scanners, such as the one available for android.
  • As demonstrated in the previous vulnerabilities, you need some sort of security past lock screens
how to protect yourself
How to protect yourself
  • During web browsing, try to use sites that have https:// in their header.
  • You may be able to download software such as httpseverywhere to further secure browsers (this is also relevant on computers)
  • Disable automatic connections so that your device does not automatically connect to what could be a wifi network that will steal data from your phone
  • Encrypt your data so that if it is transmitted it is not realistically usable.
  • Consider anti malware software- malware for both android and IOS exists
works cited
Works cited
  • http://www.bbb.org/blog/2013/09/warning-security-holes-found-in-new-iphone-ios7-update/
  • http://en.wikipedia.org/wiki/IOS_7
  • http://www.businessinsider.com/android-security-vulnerability-2013-8#!JOv0m
  • http://publicintelligence.net/dhs-fbi-android-threats/
  • http://www.entrust.com/bypassing-fingerprint-biometrics-nothing-new/
  • http://allgsmtips.com/default-security-code-of-all-mobile-phones/
ad