Presentation Title iNception – Planting and Extracting Sensitive Data From Your iPhone’s Subconscious
Presentation Abstract

This talks is a technical introduction that aims at giving advice related to the security of the Apple iPhone device. This will not only focus on tricks for the end-users, but also for the corporate environments, where iPhones might be deployed for many employees (global security policies, iPhone Configuration Utility, etc).

In order to add spice to this talk, we will also disclose a new angle of attack against the iPhone (0day) which combines physical issues, social engineering & web threats. This new offensive technique might allow an attacker to steal the credentials of a local app. An exclusive live demonstration will be given to the HITB Amsterdam attendees by targeting famous applications like Twitter & Facebook. This could also be extended further to target against banking applications (PayPal).

About Laurent Oudot

Laurent is a French senior IT Security consultant, who founded TEHTRI-Security (www.tehtri-security.com) in 2010. Last 15 years, he has been hired as a security expert to protect and pentest networks and systems of highly sensitive places like the French Nuclear Warhead Program, the French Ministry of Defense, the United Nations, etc.

He has been doing research on defensive technologies and underground activities with numerous security projects handled, and he was a member of team RstAck and of the Steering Committee of the Honeynet Research Alliance. Laurent has been a frequent presenter or instructor at computer security and academic conferences like HackInTheBox Amsterdam-Dubai-KL, Cansecwest, Pacsec, BlackHat DC-USA-Asia-Europe, Defcon, US DoD/US DoE, Hope, Honeynet, PH-Neutral, Hack.LU, as well as a contributor to several research papers for SecurityFocus, MISC Magazine, IEEE, etc.