Blog is available at:
Donkey On A Waffle Blog
Papers and Presentations:
All papers and presentations by Tyler Shields unless specifically noted. Some slide decks are duplicated across presentations but mirrored independently for posterity.
Upcoming
RSA Conference - Mobile Panel - March 2012
2011
AnDevCon II - Avoid The Pandora Pitfall: Secure Coding Practices for Mobile App Privacy - November 6-9, 2011
Innotech Oklanoma City - Mobile Application Flaws - How Dangerous Code Puts Data at Risk - November 3, 2011 (Not Delivered Publically)
Innotech Oklanoma City - Mobile and Social and Cloud - OH MY!- November 3, 2011
Technology Managers Forum - Security Forum Keynote "Social and Mobile and Cloud - OH MY!" - October 2011
Veracode Social Networking Webinar - September 2011
IQT Briefing - More Apps More Problems - June 2011
Veracode / Praetorian Mobile Webinar - Mobile Applications, What's Under The Hood - June 2011
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assesing Security Risk in Mobile Applications - September 2011
Blackhat USA 2011 - Owning Your Phone at Every Layer - A Mobile Security Panel - August 3-4, 2011
Pre-Blackhat USA 2011 - Owning Your Phone at Every Layer - A Mobile Security Panel - Webinar
IT Hot Topics Conference 2011 - Mobile Security, Attacks At Every Layer - May 2011
2010
GOVCERT.NL Symposium 2010 - Mobile Malware - November 2010
CSI Annual Conference - Mobile Malware (Prezi)- October 2010
Triangle InfoSeCon 2010 - Mobile Malware (Presentation lost, drive failure)
Mobile Spyware- Software Development Forum Security Special Interest Group October 2010
Mobile Spyware - 2010 SF ISACA Fall Conference October 2010
Mobile Spyware - BruCON Security Conference September 2010
Application Security Scoreboard in the Sky - OWASP Ireland Appsec 2010 Conference September 2010
Mobile Spyware - iSec Forum NYC June 2010
The Coming Wave of Smartphone Attacks - The Monkey Steals the Berries - IT Hot Topics Conference 2010
Mobile Spyware - Texas DIR Conference April 2010
Blackberry Mobile Spyware - The Monkey Steals the Berries Part Deux - Source Boston 2010
Blackberry Mobile Spyware - The Monkey Steals the Berries: Raleigh ISSA April 2010
Static Detection of Application Backdoors: Datenschutz und Datensicherheit - DuD Vol 34, Number 3: Paper by Chris Wysopal/Tyler Shields/Chris Eng
Blackberry Mobile Spyware - The Monkey Steals the Berries: Shmoocon 2010
Shmoocon 2010 Presentation Video
V1.0 txsBBSpy source code: Released at Shmoocon 2010
2009
Detecting "Certified Pre-0wned" Software: Triangle Infosec Conference 2009
Detecting "Certified Pre-owned" Software : Paper by Chris Wysopal/Tyler Shields
Anti-Debugging - A Developers View : Source Boston Conference Presentation
Anti-Debugging - A Developers View : Paper
Anti-Debugging - A Developers View Sample Code
Anti-Debugging - A Developers View Video
2008
Survey of Rootkit Technologies and Their Impact on Digital Forensics : Paper
Rootkits - Then and Now : CarolinaCon Presentation
Rootkits - Then and Now : CarolinaCon Presentation Video
2006
Reverse Engineering 101 : CarolinaCon Presentation Video
2005
Web Attacks 101 : CarolinaCon Presentation
2004
Web Attacks and Defenses : Infragard Presentation
Web Attacks and Defenses : North Carolina State Invited Lecture
2002
Open Source Methodology Manual : Hope 2002 Conference
Symantec Acquires SecurityFocus - Good or Evil?
Media References:
Mobile Spyware Raises Ethical, Legal Questions
The CyberJungle Episode 224 - Discussion on mobile security
Counterpoint: Wrong about Anonymous, Facebook in response to a post by Bill Brenner @CSO Online here
The Downside to Western Technology in the Middle East - National Public Radio (NPR) Marketplace
Busted! Is Streaming Music Service Pandora Sharing Users' Information? - Rolling Stone Tech Blog
Pandora Responds to Claims That Its Online Service Violates User Privacy - Rolling Stone Tech Blog
Pandora for Android: Example of data-leaching flipside of apps - International Business Times
Privacy violations by popular mobile apps under investigation - Net-Security
Pandora Android App Slurping Tremendous Amounts of Personal Data - eWeek
Pandora Transmits 'Mass Quantities' Of Personal Data - Information Week
Pandora sends user GPS, sex, birthdate, other data to ad servers - ARSTechnica
Mobile App Privacy and Security - Digital Underground Podcast Episode 78
Pandora Mobile App Transmits Gobs Of Personal Data - Threatpost
Pandora's mobile app transmits 'mass quantities' of user data - The Register
Mobile Phone Hacking - National Public Radio (NPR) Marketplace
Mobile Phone Hacking - National Public Radio (NPR) Money
BlackBerry Cracked In Hacking Contest - DarkReading
iPhones, Blackberrys, Droids Becoming a Moveable Feast for Attackers - Threatpost
Blackberry makers feel the heat from governments - National Public Radio (NPR) Marketplace
How secure is it? The new world of cell phone dangers
Fake smartphone apps 'steal data' video - BBC News
Smartphone Security Put On Test - BBC News
BlackBerry's armor has cracks, security experts say - Reuters
RIM Helps Russia, China Monitor Blackberry Users' E-mails - Forbes.com
Hack into a smart phone? It's easy, security experts find - Los Angeles Times
Security policies needed for mobile access - ZDNetAsia
The Coming Wave of Mobile Attacks - ThreatPost
Goodbye Blackberry: Future Belongs to iPhone - Computer World (Slightly out of context quote)
New Hack Pinpoints Cell Phone User's Location, Personal And Business Relationships - Dark Reading
What Your iPhone Apps Know About You - Forbes.com
BlackBerry has spyware risk too, researcher says - CNET.com
Blackberry spyware source code released - Network World
BlackBerry Spyware Can Intercept Texts, Email, Track User's Location - ThreatPost
Hacker Unleashes BlackBerry Spyware Source Code - DarkReading
Threatpost Digital Underground Postcast
Risky.biz Podcast