The task of providing privacy and data confidentiality with mobile applications becomes more and more important as the adoption of smartphones and tablets grows. As a result, there are number of vendors and applications providing solutions to address those needs, such as password managers and file encryption utilities for mobile devices.
In this talk we will analyze several password managers and file encryption applications for Apple iOS platform and demonstrate that they often do not provide any reasonable level of security and that syncing data between desktop and mobile versions of the applications increases the risk of compromise. We will also show that the best way to provide privacy and confidentiality on Apple iOS platform is by adhering to Apple Developer Guidelines and not by reinventing the wheel.
Dmitry Sklyarov is a Head of Reverse Engineering Department at Positive Technologies. Former Security Researcher at Elcomsoft and a lecturer at Moscow State Technical University. He did a research on the security of eBooks and on the authentication of digital photos. Recent research projects involved smartphone forensics.