I just got back from two weeks traveling to Los Angeles (Irvine) and Dublin, Ireland for OWASP conferences where I gave my talk “Smart Phones Dumb Apps” The talk looks at a generic threat model for a smartphone application and then walks through how attackers can take the applications apart with examples for both Android and iPhone.
Here is the video of my session at OWASP AppSec Irvine 2010:
The slides are available here:
The code used to automate parts of the analysis can be found in the Google Code repository here:
Also, Colin Watson did a quick writeup on the presentation in Ireland.
Contact us for help developing and deploying secure smartphone applications.
dan _at_ denimgroup.com