Ag3nt47 Security – Shmoocon 2013 – Protecting Sensitive Information On Ios Devices

Description: David Schuetz
We’ve seen the deep technical research showing what makes iOS devices secure (or sometimes not so much). But once you grok ASLR and code signing, are you really any closer to understanding the risk these devices present to your environment?

This talk reviews the key technologies available to keep data protected on iStuff, hopefully framing the discussion in a way decision makers can understand. From built-in features, to tricks for getting around them, to advanced attacks, we look at the most important things you can do to keep your data secure. And provide a non-nonsense reality check on the reasons you’ll never be 100% safe.

The talk concludes with a short review of best practices, both for configuration and custom application development, as well as a review of improved controls introduced in iOS 6.

David is a Senior Consultant with Intrepidus Group, where he performs web and iOS application security testing, penetration testing, iOS research, MDM reverse engineering, and other such fun. He’s fortunate to have spoken at multiple security conferences on topics from rainbow tables to MDM to puzzle contests.

When not actively engaged in paying work, David loves solving crypto puzzles, working on side projects like, and, when he remembers the app on his phone, looking for Geocaches. He can be found on Twitter as DarthNull, and is way behind on his puzzle writeups at


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s