Portland Linux/Unix Group Advanced Topics Meeting Announcement Who: Rogan Creswick What: Multi-App Security Analysis: Looking for Android App Collusion Where: Free Geek, 1731 SE 10th Avenue, Portland (Left Entrance) When: Tuesday, November 19th, 2013 at 7pm Why: The pursuit of technology freedom
The Android permission model opens up a number of opportunities for apps to bypass the established single-app permission checks that Android users rely on to control data flow and application behavior on their devices. I'll do my best to terrify the Android-using audience by describing the attack surface for colluding applications and showing interactive visualizations of multi-app data flow. We'll look at the Android permission model, the user-interface it results in, and I'll show just how easy it is to make apps that look innocuous. Bio: Rogan Creswick develops unique tools and techniques for software development and security analysis at Galois, Inc. His research interests focus on improving the state of the art in software engineering tools and user interfaces. His experience also reaches into the areas of user interface automation and customization via integrated assistants and automated documentation aides at IBM Research. He has striven to provide natural interfaces to ease communication with complex and semi-sentient agents through existing tools that have already become trustworthy and familiar to their users. Many will head to the Lucky Lab on Hawthorne after the meeting. Calagator Page: http://calagator.org/events/1250465052 PLUG Page with information about all PLUG events: http://pdxlinux.org/ Follow PLUG on Twitter: http://twitter.com/pdxlinux See you there! Michael Dexter PLUG Volunteer _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
