This Information Security meetup intends to disseminate information and create awareness about security in IoT and about securing iOS applications.

This meetup is open to anyone with an interest in Information Security, Internet of Things and iOS application.

Internet of Things is a buzzword in today’s world. With this whole new world of possibilities and the amount of data that’s collected, we often tend to overlook the security and privacy aspect of it.

Date: 11th Feburary, 2017 Time: 3 PM - 5 PM
Venue: HasGeek House, No. 2699, 19th Main, 5th Cross, Indiranagar HAL 2nd Stage, Bangalore - 560008

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

Swaroop Yermalkar

@swaroopsy

Crypto Attacks in iOS Applications

Submitted Feb 6, 2017

In context of mobile apps, it’s always said that never store sensitive data locally in plain text formats. It’s recommended that if require local storage, store data in encrypted format. However it’s still possible for attacker to gain the access to sensitive information when data is encrypted in improper way. There could be multiple reasons including bad algorithms, hardcoded encryption keys and so on. In this talk, we will look at crypto attacks which are commonly found in iOS applications.

Outline

TBD

Speaker bio

Swaroop Yermalkar works as a Senior Security Engineer at Philips and his interests include threat modelling, security research and the assessment of IoT devices, healthcare products, web applications, networks, and Android, iOS applications.

He is the author of popular iOS security book ‘Learning iOS Penetration Testing’, Packt Publishing. He is also one of the top security researchers worldwide, working with Cobalt.io, Synack.inc.

He has been invited to give talks and training at various security conferences, such as Hacks In Taiwan (HITCON), Europeansec, ROOTCON, GroundZero, c0c0n, 0x90, DefconLucknow, and GNUnify. He has been acknowledged by Microsoft, Amazon, eBay, Etsy, Dropbox, Evernote, Simple banking, iFixit, and many more for reporting high-severity security issues in their mobile apps.

He is an active member of NULL, an open security community in India, and is a contributor to the regular meetups and Humla sessions at the Pune, Bengaluru chapter. He holds various information security certifications, such as OSCP, OSWP, SLAE, SMFE, SWSE. He has written articles for clubHACK magazine and also authored a book, An Ethical Guide to Wi-Fi Hacking and Security.

Links

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more