View analytic
Thursday, July 30 • 11:15am - 12:30pm
Charlie Miller & Collin Mulliner: Fuzzing the Phone in your Phone

Sign up or log in to save this to your schedule and see who's attending!

In this talk we show how to find vulnerabilities in smart phones. Not in the browser or mail client or any software you could find on a desktop, but rather in the phone specific software. We present techniques which allow a researcher to inject SMS messages into iPhone, Android, and Windows Mobile devices. This method does not use the carrier and so is free (and invisible to the carrier). We show how to use the Sulley fuzzing framework to generate fuzzed SMS messages for the smart phones as well as ways to monitor the software under stress. Finally, we present the results of this fuzzing and discuss their impact on smart phones and cellular security.

Thursday July 30, 2009 11:15am - 12:30pm
Milano Ballroom 1-2-3-4

Attendees (0)