Abstract: In GeeekPwn2016 Shanghai, Nick built an Android APP, which can exploit the vulnerabilities in THE Android devices with TrustZone. It can execute arbitrary code with root privilege. In the demo, the fingerprint authentication module is pwned and set to allow any fingerprint to pass.

Speaker: Nick Stephens
Nick is a security researcher and a member of the Shellphish team from UCSB. He has published papers in a number of top-tier computer security conferences as well as disclosed a number of vulnerabilities in various Android phones. He won the biggest prize and the G-Influence Award in GeekPwn2016 Shanghai.