MOSEC

The Mobile Security Conference (MOSEC) is organized by Team Pangu and PoC and was first started in 2015. MOSEC focuses on cutting-edge research topics the area of mobile security, fosters information exchange among researchers and practitioners, and received high praise from both the attendees and the community.

MOSEC 2017 will be held on Friday, June 23rd, 2017 at the Grand Kempinski hotel, at Shanghai, China. Following the success of the past events, MOSEC 2017 will continue to facilitate the most advanced knowledge and technology sharing. MOSEC 2016 will bring excellent security researchers to present their frontier studies to the world.

Organizers

Founded by Team Pangu, the Pangu Lab is a security laboratory consisting of many senior security professionals with rich experience across a wide range of security research and industrial development. The members of the Pangu Lab discovered hundreds of 0day vulnerabilities in major operating systems and applications, and presented many papers and talks at the premier forums such as Black Hat, CanSecWest, Syscan, RUXCON, HITCon, PoC, XCon , IEEE S&P, USENIX Security, ACM CCS, and NDSS.

Pangu Lab’s current research focuses on mobile security. Team Pangu is known for its multiple releases of untethered jailbreak tools for iOS 7, iOS 8, and iOS 9. Team Pangu was also the first to jailbreak iOS 8 and iOS 9 in the world. Besides iOS, Pangu Lab also made great progress in Android security research, and developed various products for discovering vulnerabilities in Android apps, detecting malicious Android apps, and mining mobile threat information.

POC started in 2006 and has been organized by Korean hackers & security experts. It is the biggest international security & hacking conference in Korea. POC concentrates on technical and creative discussion and shows real hacking and security. POC will share knowledge for the sake of the power of community. POC believes that the power of community will make the world safer. POC has been making a history with sincere staffs, hackers from the world, and sponsors since 2006.

Speakers
Topic Pwning Apple Watch
Time 2017/06/23
Introduction

Apple Watch was introduced in 2015 and became a popular device. Apple Watch is running watchOS, which is modified version of 32 bit iOS operating system.

In this talk I will show how to compromise an Apple Watch. I will make an overview of watchOS security mechanisms, like codesign enforcement, sandboxing, memory protections etc.

I will cover a sequence of vulnerabilities and exploitation details that were used for initial kernel memory dump, sandbox bypassing, kernel level ASLR bypassing, kernel level code execution and finally setting up an SSH tunnel on a watch.

Current talk also will focus techniques used in a process of making a Apple Watch jailbreak. This includes kernel symbolication tools, patchfinder or a kernel structures analyzer.

And, following its security issues, compromised Apple Watch can spy on a user. Watch jailbreak does not require a phone jailbreak, so spyware can run autonomously only on a watch.

I will make a demo on how jailbroken watch can access user data, such as messages, contacts, gps or activate microphone without any indication it is happening.

Speaker

Max is a Staff Security Researcher at Lookout who has more than ten years experience in areas as mobile security, security protocols design and analysis, mobile security research, tools and techniques development for vulnerability assessment and post-exploitation, reverse engineering mobile\desktop platforms and penetration testing. Max was a lead security researcher at Pegasus malware investigation.

In the past few years, Max was a speaker on various security and engineering conferences, including BlackHat, CCC, Defcon, Ruxcon, RSA, UIKonf, Mobile Central Europe.

Max holds a Masters degree in Computer Science and currently is PhD student at the National Technical University of Ukraine “Kyiv Polytechnic Institute” where he’s working on dissertation in code obfuscation and privacy area.

Topic ...
Time ...
Introduction
...
Speaker
...
Topic ...
Time ...
Introduction
...
Speaker
...
Topic ...
Time ...
Introduction
...
Speaker
...
Topic ...
Time ...
Introduction
...
Speaker
...
Topic ...
Time ...
Introduction
...
Speaker
...
Topic ...
Time ...
Introduction
...
Speaker
...
Schedule

08:00 - 09:00

On-site Registration

09:00 - 09:10

Welcome Speak

09:10 - 10:00

...

...

10:00 - 10:50

...

...

10:50 - 11:10

Break

11:10 - 12:00

...

...

12:00 - 13:30

Lunch

13:30 - 14:20

...

...

14:20 - 15:10

...

...

15:10 - 15:30

Break

15:30 - 16:20

...

...

16:20 - 17:10

...

...

17:10 - 17:30

Close

Hotel
Grand Kempinski Hotel Shanghai
2017/06/23 (Friday)