Portland Linux/Unix Group Advanced Topics: Android App Collusion
Access Notes
Please register for class via Eventbrite: https://freegeek.eventbrite.com Please check in at the front desk when you arrive to let them know you are here for the class. Bags must be checked at the front entrance.
Use the left door
Website
Description
Who: Rogan Creswick
What: Multi-App Security Analysis: Looking for Android App Collusion
Where: Free Geek, 1731 SE 10th Avenue, Portland
When: Tuesday, November 19th, 2013 at 7pm
Why: The pursuit of technology freedom
The Android permission model opens up a number of opportunities for apps to bypass the established single-app permission checks that Android users rely on to control data flow and application behavior on their devices. I'll do my best to terrify the Android-using audience by describing the attack surface for colluding applications and showing interactive visualizations of multi-app data flow. We'll look at the Android permission model, the user-interface it results in, and I'll show just how easy it is to make apps that look innocuous.
Bio:
Rogan Creswick develops unique tools and techniques for software development and security analysis at Galois, Inc. His research interests focus on improving the state of the art in software engineering tools and user interfaces. His experience also reaches into the areas of user interface automation and customization via integrated assistants and automated documentation aides at IBM Research. He has striven to provide natural interfaces to ease communication with complex and semi-sentient agents through existing tools that have already become trustworthy and familiar to their users.
Many attendees will break for a social hour at the Lucky Lab on Hawthorne after the meeting
See you there!
beer
linux