William Taylor
Security Consultant at WithSecure
New York City, New York, United States
Actions
Security consultant with a background in embedded engineering and DevOps, which has lead to an interest in mobile, Cloud, and Kubernetes security. I used to make things work; now I break things, professionally and ethically.
Area of Expertise
Topics
Per-mission Impossible: Exploring the Android Permission Model and Intents
The way in which Android applications talk to each other is often misunderstood, and it is entirely too common to see apps whose sensitive functionality is completely open to anyone who asks nicely.
This workshop will cover several case studies of overly permissive apps/devices found in the wild, including an OEM's voice recorder application that could be made to start and stop voice recordings without the user's knowledge.
We will go over common implementation flaws, play around with exploiting them from the perspective of an unprivileged application, and explore how an understanding of Android permissions could help us avoid these mistakes.
AppSec Village - DC31 Sessionize Event
William Taylor
Security Consultant at WithSecure
New York City, New York, United States
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top