Tipsglobe Logo Facebook Share Twitter Share Google Share LinkedIn Share StumbleUpon Share

When Dino Dai Zovi speaks about Apple and security, you stop and listen.

Best known for his successful hijack of a MacBook at the CanSecWest hacker conference, Dai Zovi has now turned his attention to Apple’s iOS, the smartphone platform that powers iPhones and iPads.

Dai Zovi performed a detailed audit of the security mechanisms and features of iOS 4 and will share his findings on things like Trusted Boot, Mandatory Code Signing, Code Signing Enforcement, Sandboxing, Device Encryption, Data Protection, and (as of iOS 4.3) Address Space Layout Randomization.

The security assessment focused on the concerns of an enterprise considering a deployment of iOS-based devices or allowing employees to store sensitive business data on their personal devices so we can expect to hear about the real-world implications of using iPhones and iPads in the enterprise.

Dai Zovi is promising to document the risks of a lost device or a remote iOS compromise through a malicious web page or e-mail and, based on the strengths and weaknesses identified, make concrete recommendations on what compensating measures an organization can and should take when deploying iOS-based devices for business use.

Post a Comment Blogger