Adam Donenfeld - Stumping the Mobile Chipset


Manage episode 215601406 series 2427673
By DEF CON. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Materials: CON 24/DEF CON 24 presentations/DEFCON-24-Adam-Donenfeld-Stumping-The-Mobile-Chipset-UPDATED.pdf CON 24/DEF CON 24 presentations/DEFCON-24-Adam-Donenfeld-Stumping-The-Mobile-Chipset-WP-UPDATED.pdf

Stumping the Mobile Chipset
Adam Donenfeld Senior Security Researcher, Check Point

Following recent security issues discovered in Android, Google made a number of changes to tighten security across its fragmented landscape. However, Google is not alone in the struggle to keep Android safe. Qualcomm, a supplier of 80% of the chipsets in the Android ecosystem, has almost as much effect on Android’s security as Google. With this in mind, we decided to examine Qualcomm’s code in Android devices. During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems. In this presentation we will review not only the privilege escalation vulnerabilities we found, but also demonstrate and present a detailed exploitation, overcoming all the existing mitigations in Android’s Linux kernel to run kernel-code, elevating privileges and thus gaining root privileges and completely bypassing SELinux.
Adam Donenfeld is a lead mobile security researcher at Check Point with vast experience in the mobile research field. From a young age he has been hacking and reverse engineering for fun and profit. Prior to Check Point Adam served in an Israeli elite intelligence unit, as a security researcher. In his free time, Adam studies German.

104 episodes