Software vulnerability research + cell phone q&a
Please answer both questions with no more that 250 words for each
1. Our task in this week’s conference is to discuss, mobile phones (including smart phones and tablets). with an emphasis on an auditing system for such phones/devices. The solution space should be applicable to phones brought to work as well as to phones that are not brought to work.
Let’s have a robust and lively dialogue with respect to the following questions:
- What do you need to log/audit in a mobile phone? Why?
- How is that different from auditing a desktop/laptop/server?
- What tools, methodologies, or frameworks are available to assist us in detecting vulnerabilities and auditing issues in the mobile phone environment?
- Is privacy sufficiently catered for? If not how it could be addressed better?
2. Provide in a paragraph a list of pro’s and con’s for the NESSUS vulnerability tool scanner.