Abusing Windows Mobile Software Or Windows Mobile Software: Raw And Exposed

No ratings

Presented at ShmooCon 2007 by

Seth Fogie

For years, PC software has been poked, prodded, and scrutinized for security bugs. As a result, desktop based software is slowly becoming more secure. Unfortunately, Windows Mobile (AKA Pocket PC or Windows CE) software has avoided this same level of scrutiny...until now. This talk will expose Windows Mobile software for what it is - a bunch of buggy and insecure code. In the time allotted, we will look at several different programs (or genres of programs) and demonstrate why Pocket PC security must be taken seriously. From poorly designed software, to traditional local and remote buffer overflows, and back around to program abuses, we cover it all. If there is an attack vector, we will probably be discussing it from the mobile perspective. The point of the talk is simply to raise awareness. When it comes to mobile device security - size shouldn't matter.