WINDOWS PHONE 7 INTERNALS AND EXPLOITABILITY

Black Hat USA 2012

Presented by: Tsukasa Oi
Date: Thursday July 26, 2012
Time: 15:30 - 16:30
Location: Palace II
Track: 92.2% Market Share

Windows Phone 7 is a modern mobile operating system developed by Microsoft. This operating system -- based on Windows CE 6 -- protects the system and the user by modern sandbox and secure application model. These security models are veiled and were difficult to uncover but we succeeded to analyze and inspect not well-known Windows Phone 7 security internals by comprehensive reverse engineering.

This operating system is properly implemented which makes exploitation and privilege escalation extremely difficult. However, it does not mean exploitation is impossible. Even the sandbox can be breached on some latest Windows Phone 7.5 devices.

The first topic is Windows Phone 7 security analysis. In this presentation, I will talk how we analyzed the system and how Windows Phone 7 looks secure/unsecure along with examples.

The second topic is customizations by thirt-party vendors. Windows Phone 7-based devices by some vendors have special interfaces for system applications. Some interfaces however makes subverting sandbox easier because of various design/implementation issues such as directory traversal and improper privileged operations. I will talk about this kind of vulnerability along with its countermeasure.

Tsukasa Oi

Tsukasa Oi is a research engineer at Fourteenforty Research Institute, Inc. He is interested in general low-level technologies such as virtualization and rootkits. He spoke at PacSec about anti-forensic rootkit and virtualization-based tracer. Currently, he focuses on mobile security and reverse engineering.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats