You don t hear me but your phone s voice interface does. José LOPES ESTEVES & Chaouki KASMI
|
|
- Annabel Lloyd
- 8 years ago
- Views:
Transcription
1 You don t hear me but your phone s voice interface does José LOPES ESTEVES & Chaouki KASMI Hack In Paris - 18/06/2015
2 WHO WE ARE José Lopes Esteves and Chaouki Kasmi ANSSI-FNISA / Wireless Security Lab Electromagnetic threats on information systems RF communications security Embedded systems Signal processing ANSSI 2
3 AGENDA Voice command interpreters Voice and command injection Attack scenarios Countermeasures Conclusion ANSSI 3
4 Voice Command Interpreters Your phone hears
5 VOICE COMMAND INTERPRETERS Definition Commands scope Activation conditions Process description Security ANSSI 5
6 DEFINITION Hands-free UI More and more deployed Smartphones, smartwatches, IoT, cars, desktop OS, browsers, apps Apple: Siri, VoiceControl Microsoft: Speech, Cortana Google: Google Voice Search 3rd party apps (e.g. Samsung S-Voice) ANSSI 6
7 COMMANDS SCOPE Telephony: calls, SMS Internet: browsing, s, social networking, web searches, maps Local: launching/using apps, changing settings, creating notes, alarms, calendar entries ANSSI 7
8 ACTIVATION CONDITIONS Always on: keyword (OK Google, Hey Siri) Via soft button: in specific applications Via hard button: on phone or on headset remote ANSSI 8
9 PROCESS Local: keyword detection, limited actions Remote: voice processing and command recognition 1 OK GOOGLE Call Mom 2 <Cmd: Call Mom> ANSSI 9
10 SECURITY Pre-auth actions (limited but still ): auth bypass [1] Cloud based: malicious server responses [2] Voice processing: privacy [3], biometric data Local attacks: malicious app voice sending commands by audio front-end [4] ANSSI 10
11 SECURITY Pre-auth actions (limited but still ): auth bypass [1] Cloud based: malicious server responses [2] Voice processing: privacy [3], biometric data Local attacks: malicious app voice sending commands by audio front-end [4] Today: Remote and Silent Voice Command Injection by Smart IEMI ANSSI 11
12 Voice and Command Injection But you don t hear anything
13 VOICE COMMAND INJECTION Smartphones, headsets, FM Transmission principle and field to line coupling Experimental setup Results ANSSI 13
14 FM processing SMARTPHONES, HEADSETS, FM Some smartphones are FM radio capable Use headphones cables as an antenna Remote buttons change the signal on the MIC cable Bandpass Filter FM Demodulation Lowpass Filter Amplification Voice processing Audio IN Audio IN ANSSI 14
15 SMARTPHONES, HEADSETS, FM Some smartphones are FM radio capable Use headphones cables as an antenna Remote buttons change the signal on the MIC cable Headphones are good [80MHz-108MHz] coupling interfaces Maybe we can inject a signal interpreted as sound by abusing the low-pass filter with a VHF AM signal ANSSI 15
16 AM modulation SMARTPHONES, HEADSETS, FM PoC: Main hypothesis MHz CW Lowpass Filter Amplification Voice processing «OK GOOGLE» Audio IN ANSSI 16
17 EXPERIMENTAL SETUP PoC: injecting music AM MHz Wi-Fi Audio streaming Faraday Cage ANSSI 22
18 EXPERIMENTAL SETUP PoC: injecting commands? AM MHz Wi-Fi Faraday Cage Internet access <Cmd: Call Mom> Cloud ANSSI 24
19 RESULTS Activation (if needed): CW (80-108MHz), Frequency modulated signal Exploitation: CW (80-108MHz), Amplitude modulated CW by audio voice commands Electric field level/range: 28V/m at 100MHz (< than the human safety limit) ANSSI 25
20 RESULTS Limitations Antenna size (~30cm) Emitted power E-field level/range 28V/m at 100MHz Power level/range 40W/2m, 200W/5m 5m 2m ANSSI 26
21 Attack scenarios Silent and Remote Command Injection
22 ATTACK SCENARIOS Tracking Eavesdropping Cost abuse Reputation / Phishing Malicious app trigger Advanced compromising ANSSI 28
23 ATTACK SCENARIOS Tracking Activate wireless interfaces (Wi-Fi, BT) Capture advertising packets (Probe Requests) Use MAC addresses to identify Use presence of packets to locate Use Wi-Fi SSIDs to identify known locations Demo: S-Voice bluetooth (de)activation Payload: Hi Galaxy Bluetooth ANSSI 29
24 ATTACK SCENARIOS Eavesdropping Place a call to a monitoring phone s number Simply listen to the target s sound environment Demo: placing a call Payload: Call «Mon Compte» («My account») ANSSI 30
25 ATTACK SCENARIOS Cost abuse Massive attack in a crowded place Place a call or a SMS to a paid service Browse to some URL with ads Demo: web browsing Payload: OK Google Go to ANSSI 31
26 ATTACK SCENARIOS Reputation / Phishing Create malicious content (embarrassing, phishing) Send by SMS, Or publish to social media Web/search history poisoning ANSSI 32
27 ATTACK SCENARIOS Malicious app trigger Launch an already installed malicious application Use voice input to trigger a payload Launch a critical application (e.g. Sesame) Demo: launching an application Payload: OK Google Open Gmail ANSSI 33
28 ATTACK SCENARIOS Advanced compromising Use voice command injection as a way to extend the attack surface (Interface activation, web browsing ) Exploit vulnerabilities to compromise the device Ex: silent application install via a malicious web page [5], local priviledge escalation Ex: wireless interface reset, capture initial exchange, exploit protocol weaknesses, rogue AP [6], launch an application ANSSI 34
29 Countermeasures Restrict, Detect and Alert
30 COUNTERMEASURES For To Users Manufacturers/editors Reduce attack surface Limit impact Increase attacker level Detect the attack ANSSI 36
31 USERS Unplug headphones when not used Use mic-less headphones Only enable voice command when needed Personalize keyword Carefully select commands available (especially pre-auth) Enable as many feedbacks as possible (sound, vibration ) ANSSI 37
32 EDITORS Limit critical commands available Reduce audio front-end sensitivity Voice recognition Provide finer-grain settings to users Detect abnormal EM activity with built-in sensors [7] ANSSI 38
33 Conclusion
34 CONCLUSION Voice command interface IS critical and shall be correctly secured Users: use it wisely Editors: allow users to use it wisely and implement secure defaults Researchers: take a look at it, it is a critical and complex command input interface ANSSI 40
35 CONCLUSION Smart IEMI can be an efficient attack vector against information systems Not limited to DoS More and more affordable (SDR ) Take it into account for risk analysis ANSSI 41
36 References
37 REFERENCES [1] N. Gonzalez, Siri exploited again how to bypass the lock screen in ios 8, ios.wonderhowto.com, 2014 [2] Applidium, Cracking Siri, GitHub, 2011 [3] W. Wei, Apple admits Siri voice data is being shared with third parties, [4] W. Diao et al., Your Voice Assistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone. SPSM 2014 [5] A. Moulu, Abusing Samsung KNOX to remotely install a malicious application, Quarkslab, 2014 [6] G. Wilkinson, The machines that betrayed their masters, BH Mobile Security Summit, 2015 [7] C. Kasmi, J. Lopes Esteves, Automated analysis of the effects induced by radio-frequency pulses on embedded systems for EMC safety, AT- RASC, URSI, 2015 ANSSI 43
38 IMAGE CREDITS dailymail.co.uk, jimmymacsupport.com, scene7.com, wonderhowto.com, eroelectronic.net, dryicons.com, webniraj.com, shopify.com, icon100.com, icon8.com, tagstation.com, wikipedia.org ANSSI 44
39 Thank You
40 QUESTIONS? Jose Lopes Esteves, Chaouki Kasmi, ANSSI 46
Lecture Embedded System Security A. R. Sadeghi, @TU Darmstadt, 2011 2012 Introduction Mobile Security
Smartphones and their applications have become an integral part of information society Security and privacy protection technology is an enabler for innovative business models Recent research on mobile
More informationMonitoring mobile communication network, how does it work? How to prevent such thing about that?
Monitoring mobile communication network, how does it work? How to prevent such thing about that? 潘 維 亞 周 明 哲 劉 子 揚 (P78017058) (P48027049) (N96011156) 1 Contents How mobile communications work Why monitoring?
More informationETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001
001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110
More informationFeature List for Kaspersky Security for Mobile
Feature List for Kaspersky Security for Mobile Contents Overview... 2 Simplified Centralized Deployment... 2 Mobile Anti-Malware... 3 Anti-Theft / Content Security... Error! Bookmark not defined. Compliance
More informationDetailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
More informationKaspersky Security 10 for Mobile Implementation Guide
Kaspersky Security 10 for Mobile Implementation Guide APPLICATION VERSION: 10.0 MAINTENANCE RELEASE 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful
More informationChapter 15: Computer and Network Security
Chapter 15: Computer and Network Security Complete CompTIA A+ Guide to PCs, 6e What is in a security policy Mobile device security methods and devices To perform operating system and data protection How
More informationFEATURE GUIDE AeroSphère / Small / Large / Base
FEATURE GUIDE AeroSphère / Small / Large / Base Content: Wi-Fi Setup - advanced topics WPS - advanced topics Wi-Fi Setup with the AeroSphère Network Setup webpage Troubleshooting & FAQ Version v0.52 WI-FI
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationKaspersky Lab Mobile Device Management Deployment Guide
Kaspersky Lab Mobile Device Management Deployment Guide Introduction With the release of Kaspersky Security Center 10.0 a new functionality has been implemented which allows centralized management of mobile
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationRadio R 4.0 IntelliLink Frequently Asked Questions
List of content 1. Audio... 1 2. Phone... 2 3. Apple CarPlay... 2 4. Android Auto... 5 5. Gallery... 7 6. Other... 7 1. Audio Q: How can I change between different audio sources (e.g. FM radio and USB
More informationTOTAL DEFENSE MOBILE SECURITY USER S GUIDE
TOTAL DEFENSE MOBILE SECURITY USER S GUIDE Publication date 2015.04.09 Copyright 2015 Total Defense Mobile Security LEGAL NOTICE All rights reserved. No part of this book may be reproduced or transmitted
More informationThreat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue
Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?
More informationRunning Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University
Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1 Awareness of BYOD Security Concerns Benjamin Tillett-Wakeley East Carolina University AWARENESS OF BYOD SECURITY CONCERNS 2 Abstract This paper will
More informationTrust Digital Best Practices
> ARMING IT AGAINST SMARTPHONE THREATS Trust Digital Best Practices April 2009 The information contained herein is subject to change at any time, and Trust Digital makes no warranties, either express or
More informationKaspersky Security for Mobile Administrator's Guide
Kaspersky Security for Mobile Administrator's Guide APPLICATION VERSION: 10.0 SERVICE PACK 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful and that
More informationof firms with remote users say Web-borne attacks impacted company financials.
Introduction As the number of users working from outside of the enterprise perimeter increases, the need for more efficient methods of securing the corporate network grows exponentially. In Part 1 of this
More information...Some people / organizations will be a target REGARDLESS of what they do, but most will be a target / victim BECAUSE of what they do
...Some people / organizations will be a target REGARDLESS of what they do, but most will be a target / victim BECAUSE of what they do (2013 DATA BREACH INVESTIGATIONS REPORT p.1) MOBILE D EVICE S AFETY
More informationAVG Business SSO Partner Getting Started Guide
AVG Business SSO Partner Getting Started Guide Table of Contents Overview... 2 Getting Started... 3 Web and OS requirements... 3 Supported web and device browsers... 3 Initial Login... 4 Navigation in
More informationUser Manual for HOT SmartWatch Mobile Application
User Manual for HOT SmartWatch Mobile Application HOT SmartWatch mobile application is a companion to your HOT Watch. It runs on the smartphone which is connected to the watch via Bluetooth. Currently
More informationEnterprise Mobility Report 10/2014. Creation date: 31.10.2014. Vlastimil Turzík, Edward Plch
10/2014 Creation date: 31.10.2014 Author: Vlastimil Turzík, Edward Plch Content Content... 2 Introduction... 4 Interesting Articles... 4 95% of companies challenged by BYOD security... 4 ios... 4 Vulnerability...
More informationBroadcom Bluetooth Software BTW6.X Audio Switch Function
White Paper Broadcom Bluetooth Software BTW6.X Audio Switch Function This document describes the audio output switching mechanism of BTW software. February 28, 2007 Background Broadcom Vista Profile Pack
More informationFRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationD-Link DAP-1360 Repeater Mode Configuration
D-Link DAP-1360 Repeater Mode Configuration Outline 1. Package Contents 2. System Requirements 3. Hardware Overview Connections LED s WPS LED/Button 4. Default Settings 5. Configuring your LAN Adapter
More informationTutorial on Smartphone Security
Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationAndroid Security. Device Management and Security. by Stephan Linzner & Benjamin Reimold
Android Security Device Management and Security by Stephan Linzner & Benjamin Reimold Introducing Stephan Linzner Benjamin Reimold Consultant, Software Engineer Mobile Developer Founder of Stuttgart GTUG
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationConnecting With Lifesize Cloud
There are several different ways to connect to a Lifesize Cloud video conference meeting. This guide will provide you instructions for each way. Ways to Join a Lifesize Cloud Video Conference After getting
More informationHIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY
GOLD EMM SUBSCRIPTIONS Experience the most secure mobility management solution with BES12 and Gold Enterprise Mobility Management (EMM) subscriptions. HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY
More informationTektronix RSA306 USB Spectrum Analyzer
Tektronix RSA306 USB Spectrum Analyzer Simple Demos The Demo of the RSA306 is easy. Even you do not have signal generators, devices under test, or demo boards, using the whip antenna provided in box, you
More informationCARRIOTS TECHNICAL PRESENTATION
CARRIOTS TECHNICAL PRESENTATION Alvaro Everlet, CTO alvaro.everlet@carriots.com @aeverlet Oct 2013 CARRIOTS TECHNICAL PRESENTATION 1. WHAT IS CARRIOTS 2. BUILDING AN IOT PROJECT 3. DEVICES 4. PLATFORM
More informationCIPCAM720PTIWL,CIPCAM720OD,CIPCAM720ODWDR,CIPDC AM720OD
Wireless Network Camera User Manual CIPCAM720PTIWL,CIPCAM720OD,CIPCAM720ODWDR,CIPDC AM720OD V1.0 Default DEFAULT SETTINGS IP Address 192.168.1.58 User/Password admin/123456 Notice 1 Installation Environment
More informationADMINISTRATOR GUIDE FOR USA MOBILITY AMC SELECT
ADMINISTRATOR GUIDE FOR USA MOBILITY AMC SELECT AMC Select Administrator Guide 1 March 5, 2013 This page intentionally left Blank. AMC Select Administrator Guide 2 March 5, 2013 I. INTRODUCTION... 4 II.
More informationMobile Application Security Sharing Session May 2013
Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More informationEbonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science
Security Measures taken in Securing Data Transmission on Wireless LAN 1 AGWU C. O., 2 ACHI I. I., AND 3 OKECHUKWU O. 1 Department of Computer Science Ebonyi State University Abakaliki 2 Department of Computer
More informationHow Attackers are Targeting Your Mobile Devices. Wade Williamson
How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best
More information3. Security. 3.1. Security center. Open the Settings app. Tap the Security option. Enable the option Unknown sources.
G DATA Software 1. Introduction G DATA INTERNET SECURITY FOR ANDROID offers comprehensive protection against malware, intrusive apps and phishing attacks. Locate lost devices or wipe their content remotely
More informationMobile Print/Scan Guide for Brother iprint&scan
Mobile Print/Scan Guide for Brother iprint&scan Version K ENG Definitions of notes We use the following note style throughout this user s guide: specifies the operating environment, conditions for installation,
More informationWiPG Presentation Gateway
WiPG Presentation Gateway Deployment Guide For more information www.wepresentwifi.com Sales: sales@wepresentwifi.com Support: help@wepresentwifi.com wepresent 2015 Contents Introduction 1 User Experience
More informationNEW! CLOUD APPS ReadyCLOUD & genie remote access
Performance & Use AC1900 1900 DUAL BAND 600+1300 RANGE AC1900 WiFi 600+1300 Mbps speeds 1GHz Dual Core Processor Advanced features for lag-free gaming Prioritized bandwidth for streaming videos or music
More informationSecurity Awareness. Wireless Network Security
Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition
More informationSTATUS POWER MONITOR ALARM SOS DISARM
STATUS POWER MONITOR ALARM SOS DISARM I. Features II. Preparation before use III. Host 1.LED status explanation 2. Host panel IV. System Settings 1. Coding of wireless sensors 2. Exit coding 3. Settings
More informationWIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able
More informationConnecting With Lifesize Cloud
There are several different ways to connect to a Lifesize Cloud video conference meeting. This guide will provide you instructions for each way. Ways to Join a Lifesize Cloud Video Conference After getting
More informationASL IT Security Advanced Web Exploitation Kung Fu V2.0
ASL IT Security Advanced Web Exploitation Kung Fu V2.0 A S L I T S e c u r i t y P v t L t d. Page 1 Overview: There is a lot more in modern day web exploitation than the good old alert( xss ) and union
More informationNames of Parts. English 1. Mic. Record Button. Status Indicator Micro SD Card Slot Speaker Micro USB Port Strap Hook
User Manual Names of Parts Record Button Mic Status Indicator Micro SD Card Slot Speaker Micro USB Port Strap Hook Video Mode Photo Mode Local Mode Cloud Mode Mode Button Power Button Tripod Mount Clip
More informationAttacks from the Inside
Attacks from the Inside Eddy Willems, G Data Righard J. Zwienenberg, Norman Attacks from the Inside. Agenda - Social Networking / Engineering - Where are the threats coming from - Infection vectors - The
More informationIJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.
Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the
More informationWLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.
Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised
More informationEnhancing the Security of Corporate Wi-Fi Networks Using DAIR. Example : Rogue AP. Challenges in Building an Enterprise-scale WiFi Monitoring System
Challenges in Building an Enterprise-scale WiFi Monitoring System Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Scale of WLAN Microsoft s WLAN has over 5 APs Paramvir Bahl, Ranveer Chandra,
More informationVPAT for Apple ipad Air 2
VPAT for Apple ipad Air 2 The following Voluntary Product Accessibility information refers to the Apple ipad Air 2 running ios 8 or later. For more information on the accessibility features of the ipad
More informationSecure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification
Secure Web Development Teaching Modules 1 Security Testing Contents 1 Concepts... 1 1.1 Security Practices for Software Verification... 1 1.2 Software Security Testing... 2 2 Labs Objectives... 2 3 Lab
More informationDATA PROJECTOR XJ-A147/XJ-A247/XJ-A257 XJ-M146/XJ-M156 XJ-M246/XJ-M256. XJ-A Series. XJ-M Series. Network Function Guide
DATA PROJECTOR EN XJ-A Series XJ-A147/XJ-A247/XJ-A257 XJ-M Series XJ-M146/XJ-M156 XJ-M246/XJ-M256 Network Function Guide In this manual, XJ-A Series and XJ-M Series refer only to the specific models listed
More informationSecurity within a development lifecycle. Enhancing product security through development process improvement
Security within a development lifecycle Enhancing product security through development process improvement Who I am Working within a QA environment, with a focus on security for 10 years Primarily web
More informationWLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network
WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Executive Summary Wireless
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationLEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS
1 LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS Te-Shun Chou and Tijjani Mohammed Department of Technology Systems East Carolina University chout@ecu.edu Abstract
More informationMWR InfoSecurity Security Advisory. BT Home Hub SSID Script Injection Vulnerability. 10 th May 2010. Contents
Contents MWR InfoSecurity Security Advisory BT Home Hub SSID Script Injection Vulnerability 10 th May 2010 2010-05-10 Page 1 of 8 Contents Contents 1 Detailed Vulnerability Description... 5 1.1 Technical
More informationONE Mail Direct for Mobile Devices
ONE Mail Direct for Mobile Devices User Guide Version: 2.0 Document ID: 3292 Document Owner: ONE Mail Product Team Copyright Notice Copyright 2014, ehealth Ontario All rights reserved No part of this document
More informationHello Modem. Today I would like
Quick Setup Guide Hello Modem. Today I would like to Start from scratch 1 Plug Modem in 3 Connect a computer to Modem 7 Learn how to view Modem settings 21 Change my wireless network name 22 Change my
More informationMobile Operating Systems & Security
Mobile Operating Systems & Security How can I protect myself? Operating Systems Android Apple Microsoft What do they do? operate smartphones, tablets, watches and other mobile devices includes touchscreens
More informationVulnerability Analysis and Attacks on NFC enabled Mobile Phones
Vulnerability Analysis and Attacks on NFC enabled Mobile Phones Collin Mulliner Fraunhofer SIT (Darmstadt, Germany) 1st International Workshop on Sensor Security March 2009 Fukuoka, Japan 1 Near Field
More informationGROUPTALK FOR ANDROID VERSION 3.0.0. for Android
for Android Requirements Android version 2.3 or later. Wi-Fi or mobile data connection of at least 20kbit/s network bandwidth. Optional: Bluetooth audio requires Android version 4.0.3 or later. Optional:
More informationConnecting your Aiki phone to a network
Connecting your Aiki phone to a network Connect to mobile networks Depending on your carrier and service plan, your phone may connect automatically to your carrier s fastest available data network. Or
More informationCHAPTER 7. Wireless Technologies and the Modern Organization
CHAPTER 7 Wireless Technologies and the Modern Organization CHAPTER OUTLINE 7.1 Wireless Technologies 7.2 Wireless Computer Networks and Internet Access 7.3 Mobile Computing and Mobile commerce 7.4 Pervasive
More informationClosing Wireless Loopholes for PCI Compliance and Security
Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop
More informationCertified Wireless Security Professional (CWSP) Course Overview
Certified Wireless Security Professional (CWSP) Course Overview This course will teach students about Legacy Security, encryption ciphers and methods, 802.11 authentication methods, dynamic encryption
More informationIP Camera (M series) User manual 2013-06 V4.0
Dear users, the configuration for this camera is professional, so please read the user manual carefully before using the camera. IP Camera (M series) User manual 2013-06 V4.0 Statement If the user manual
More informationCyber Threats in Physical Security Understanding and Mitigating the Risk
Cyber Threats in Physical Security Understanding and Mitigating the Risk Synopsis Over the last few years, many industrial control systems, including security solutions, have adopted digital technology.
More informationHands on, field experiences with BYOD. BYOD Seminar
Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl
More informationGetting Started on the PC and MAC
Getting Started on the PC and MAC Click on the topic you want to view. Download the Desktop App Download the ios or Android App Desktop App Home Screen Home Screen Drop Down Menu Home Screen: Upcoming
More informationSecurityMetrics Vision whitepaper
SecurityMetrics Vision whitepaper 1 SecurityMetrics Vision: Network Threat Sensor for Small Businesses Small Businesses at Risk for Data Theft Small businesses are the primary target for card data theft,
More informationMobile Application Threat Analysis
The OWASP Foundation http://www.owasp.org Mobile Application Threat Analysis Ari Kesäniemi Nixu Copyright The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under
More informationSectra Communications ensuring security with flexibility
Panthon Sectra Communications ensuring security with flexibility Sectra has more than 30 years of experience in developing secure communications. We know what is required to meet the toughest demands.
More informationGPS Vehicle and personal location tracker. User manual
GPS Vehicle and personal location tracker User manual 1 Contents 1. Product overview... 2 2. Safety instruction... 3 3. Specification and parameters... 3 4. Getting started... 4 4.1 Hardware and accessories...
More information, ACTIVITY AND, SLEEP TRACKING SMARTWATCH
2, ACTIVITY AND, SLEEP TRACKING SMARTWATCH TIME CALLS ACTIVITY KEY FACTS UNIQUE SELLING POINTS PRICE 79,90 COMPATIBILITY ios, Android, Windows Phone, PC Windows, MAC DESIGN fashion and Swiss, Available
More informationQuick Start Guide. Version R9. English
Mobile Device Management Quick Start Guide Version R9 English February 25, 2015 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept
More informationGSM Risks and Countermeasures
GSM Risks and Countermeasures STI Group Discussion and Written Project Authors: Advisor: Johannes Ullrich Accepted: February 1, 2010 Abstract Recent research has shown that GSM encryption can be cracked
More informationFMC VoIP. User Manual. OfficeServ 7000
FMC VoIP User Manual OfficeServ 7000 COPYRIGHT This manual is proprietary to SAMSUNG Electronics Co., Ltd. and is protected by copyright. No information contained herein may be copied, translated, transcribed
More information1. Introduction... 1. 2. Activation of Mobile Device Management... 3. 3. How Endpoint Protector MDM Works... 5
User Manual I Endpoint Protector Mobile Device Management User Manual Table of Contents 1. Introduction... 1 1.1. What is Endpoint Protector?... 2 2. Activation of Mobile Device Management... 3 2.1. Activation
More informationIzplatītākie mobilo iekārtu lietošanas riski, kas apdraud organizācijas datu un informācijas sistēmu drošību Raivis Kalniņš 2015, Riga
Riga, Latvia Izplatītākie mobilo iekārtu lietošanas riski, kas apdraud organizācijas datu un informācijas sistēmu drošību Raivis Kalniņš 2015, Riga What We Do? Data Security Solutions business card Endpoints
More informationSummary Table Voluntary Product Accessibility Template
The following Voluntary Product Accessibility information refers to the Apple iphone 4S ( iphone ). For more information on the accessibility features of the iphone and to learn more about iphone features,
More informationCertified Secure Computer User
Certified Secure Computer User Course Outline Module 01: Foundations of Security Essential Terminologies Computer Security Why Security? Potential Losses Due to Security Attacks Elements of Security The
More informationAgenda What can we do now? And 5 years from now we will still be current!
Pittsburgh Steelers Alcatel-Lucent OmniPCX Enterprise IP Telephone System Alcatel-Lucent OmniSwitch Network Infrastructure Alcatel-Lucent Collaboration and Fax Server AVST Unified Messaging Wireless Network
More informationSPH-DA120. English. Operation Manual. Smartphone Receiver
Operation Manual Smartphone Receiver SPH-DA120 Notice to all users: This software requires that the product is properly connected to your vehicle s parking brake and depending on your vehicle, additional
More informationINFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008
INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee
More informationQuickstart Guide Vodafone Mobile Wi-Fi R216-Z
Quickstart Guide Vodafone Mobile Wi-Fi R216-Z Welcome to the world of mobile communications 1 Welcome 2 Device overview 3 Getting started 5 Mobile Wi-Fi Web app 6 Web app overview 7 Current network panel
More informationPremium Design Phone with Smartphone Connect
Smartphone Connect App Guide Premium Design Phone with Smartphone Connect Model No. KX-PRW130 Thank you for purchasing a Panasonic product. This document explains how to use the Smartphone Connect app.
More information10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011
10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection September 2011 10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 2 It s
More informationBlackVue Cloud App Overview...3. Getting Started...6. Basic Menu Screens...15. BlackVue Cloud...24. BlackVue Wi-Fi...40. Internal Memory...
Table of Contents BlackVue Cloud App Overview...3 Key Functions When Cloud is Connected...4 Key Functions When Wi-Fi Connection is Made...4 Key Features of Internal Memory...4 Supported Devices...5 Getting
More informationOverview. Summary of Key Findings. Tech Note PCI Wireless Guideline
Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the
More informationEndUser Protection. Peter Skondro. Sophos
EndUser Protection Peter Skondro Sophos Agenda Sophos EndUser Solutions Endpoint Usecases Sophos Mobile Solutions Mobile Usecases Endpoint Sophos EndUser Solutions EndUser Protection AV Firewall Application
More informationRemote Desktop Web Access. Using Remote Desktop Web Access
Remote Desktop Web Access What is RD Web Access? RD Web Access is a Computer Science service that allows you to access department software and machines from your Windows or OS X computer, both on and off
More informationAttacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com
Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com We made Slashdot! Hackers, Meet Microsoft "The random chatter of several hundred
More information