CanSecWest is in Vancouver this week at the Sheraton Wall Centre hotel and is a gathering of security tech professionals. People can come from anywhere in Canada and across the globe to learn and share information and experiences on applied digital security.
Security professionals who attend CanSecWest work in government, the private sector or as independent contractors. They often find flaws in apps they or others develop and come to CanSecWest to look at ways to protect them from being hacked.
While I am not a developer I found both the subject and premise of the conference interesting. One would think that this is a conference that teaches people how to hack. A little digging reveals something else entirely.
“CanSecWest is really about anything says Saurabh Harit, Director of Security Research and Senior Security Consultant for Security Compass. It’s not just mobile security. Being curious about how something works and try to make it work in an undesired way can be both fun and interesting. Hacking doesn’t have to be bad all the time either.”
Android/iOS Hacking and Securing Workshop
Harit’s workshop, Android/iOS Hacking and Securing, helps students discover mobile hacking techniques for Android and iOS. It also helps them understand mobile app security including what hackers look for in mobile apps. Hacking apps themselves will equip them with the skills required to protect their own apps from attacks.
“At Security Compass, we care about iOS and Android security. There are many things offered to protect your applications from security risks. Those include application permission, physical security and encryption” notes Harit.
Android and iOS both support encryption but the model used by iOS is more robust.
“Android encryption happens at the software level says Harit and does not encrypt your devices SD Card. We don’t recommend saving information on SD Card as a result. iOS does so at the hardware level right on the chip. This makes it faster to encrypt and protect.”
Harit was the only workshop leader I spoke to so I urge you to check out the CanSecWest website and its Dojo section. The wide range of topics on security is very interesting. I’ll also be keeping an eye out for next year’s conference!