Slide 1
Slide 1
Slide 1
Slide 1
Slide 1
Slide 1

ONLINE REGISTRATION NOW OPEN

           

THERE WILL ONLY BE A MAXIMUM OF 1010 SEATS SOLD - BE SURE TO REGISTER EARLY!!!

For up to the minute updates on HITB2012KUL, please follow our @hitbsecconf Twitter stream or join our Facebook Group

STEFAN ‘@I0N1C’ ESSER (Head of R&D, SektionEins GmbH)

PRESENTING WITH MARK DOWD (Director/Founder, Azimuth Security)

PRESENTATION TITLE: iOS 6 Security

PRESENTATION ABSTRACT: 

In recent years, iOS security has become a hot topic, largely due to the unprecedented popularity of Apple iDevices. One of the major exploitation targets within iOS that has received a significant amount of public scrutiny is the kernel, as it encapsulates the security extensions that govern access to the device. A variety of kernel exploits have been publicly released that employ relatively simple attack methodologies, largely due to the fact that very few kernel-level exploit mitigation technologies have been put in place. Apple has addressed this problem in iOS 6 with the addition of a variety of kernel hardening technologies that are intended to thwart popular exploitation strategies that are typically used by attackers.

This presentation introduces these technologies, discusses their impact and effectiveness against popular attack methodologies, and also outline their limitations (where appropriate). It is hoped that attendees will gain an understanding of the current state of iOS kernel exploitation, what techniques have been rendered useless, and the kinds of techniques that will need to be employed in future kernel-level exploits.

ABOUT STEFAN ESSER

Stefan Esser is best known in the security community as the PHP security guy. Since he became a PHP core developer in 2002 he devoted a lot of time to PHP and PHP application vulnerability research. However in his early days he released lots of advisories about vulnerabilities in software like CVS, Samba, OpenBSD or Internet Explorer. In 2003 he was the first to boot linux directly from the harddisk of an unmodified XBOX through a buffer overflow in the XBOX font loader. In 2004 he founded the Hardened-PHP Project to develop a more secure version of PHP, known as Hardened-PHP, which evolved into the Suhosin PHP Security System in 2006. Since 2007 he works as head of research and development for the german web application company SektionEins GmbH that he co- founded.

 

EVENT ORGANIZER

SUPPORTED AND ENDORSED BY

GOLD SPONSORS

SILVER SPONSOR

HACKWEEKDAY SPONSOR

TITANIUM SPONSOR (POST CONFERENCE RECEPTION + SPEAKER RECEPTION)

ALCO_PWN SPONSOR (POST CONFERENCE RECEPTION)

CTF SPONSOR

CTF PRIZE SPONSOR

CTF MANAGED BY

VIDEO RECORDING SPONSOR

NETWORK EQUIPMENT SPONSOR

INTERNET CONNECTIVITY SPONSOR

ADDITIONAL SUPPORT BY

SUPPORTING MEDIA

FRIENDS OF HITB

Copyright © 2012 Hack In The Box | http://www.hackinthebox.org