Mobile Perspective: How Malware Can Actually Do You Good
While enjoying CypherCon pre-event talks, activities, and hallway CON with Mrs. Schwartzberg, the final presenter of the late Milwaukee night was Chris Roberts. Roberts is well known for many security research activities to promote public safety. Roberts’ most well-known security work was in 2015 when he was removed from a United Airlines flight while he was traveling from Chicago, IL to Syracuse NY after he posted a tweet that he was able to hack into the in-flight entertainment (IFE) system.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)
— Chris Roberts (@Sidragon1) April 15, 2015
Next month will mark the one year anniversary of Chris's tweet.
Hacking Human Pillars
The entire presentation titled All Your Wheaties Belong To Us is available for your personal viewing so there is no need to provide a complete written recap. I will state that we take for granted the quality of everyday necessities, which a nefarious individual who has done similar research as Chris Robert and his teammates could easily exploit those necessities.
During an impromptu moment, I asked Chris if he minded being recorded for a brief mobile podcast to discuss his presentation from the prior night. He agreed! Take a listen.
Note: There was a tremendous amount of background noise, so if it sounds like we were yelling, it’s because we were. Amazingly, the podcast recorded from my smartphone can be heard clearly without any audio tuning.
How does this relate to mobile? Roberts’ talk relates to mobile because there is inherent trust. Trust that the mobile ecosystem we bring into our lives, schools, offices and such will have the same level of wholesomeness and social nourishment for our families. Like that box of cereal and gallon of milk we bring home from the grocery store. We expect it to be untampered with from production to delivery. We trust that it’s safe.
No security, no privacy. Know security, know privacy.
David Schwartzberg
Sr. Manager, Security & Privacy for MobileIron
About the author
David Schwartzberg, CISSP, GMOB, is Sr. Manager, Security & Privacy for MobileIron. He has 23 years of information security and information technology experience. Specializing in mobile device management and security, David works closely with technology executives and security professionals to help them protect corporate secrets and remain compliant. In his spare time, he co-founded Hak4Kidz, www.hak4kidz.com, and has blogged for Dark Reading, Naked Security and Baracuda Labs. David has spoken at conferences including: RSA, ISC(2) Congress, Black Hat Arsenal, BSides, Converge, DerbyCON, GrrCON, OWASP AppSec, THOTCON and Wall of Sheep Village, among others. You can learn more about David from his Linkedin profile http://www.linkedin.com/in/davidschwartzberg and follow David on Twitter @Dschwartzberg to see what he has to say on the industry and conferences.
