Pau Oliva Follow @pof
Tweets from December 2010
Happy 0day to everyone!! :D
RT @bquintero: about Trojan.AndroidOS.Geimini http://bit.ly/e1niXg
@trufae ja trigues :) per cert lo del .es es culpa meva O:) it was cheap :P
1:41pm December 31st 2010 via Twitter for Android in reply to trufae
RT @PaulOBrien: If you have an app distributed, that's not in the Market, put in the Market as 'unpublished' NOW to protect your Namespace. No brainer.
RT @PaulOBrien: If anyone has shipped APKs signed with the test cert (it HAS happened lots) it's even more of a danger - spam updates will actually install.
RT @PaulOBrien: For example, I could hijack 'Swype' (com.swype.android.inputmethod") in the Market with a namespace collision' and spam Swype users.
RT @PaulOBrien: Namespace hijacking is a big issue that hasn't come to the forefront yet. If you have an app out there, not in the market, you're at risk.
RT @0x90code: new nopcode url shortening service! - http://x90.es
1:05pm December 31st 2010 via web
RT @fo0_: http://achtbaan.nikhef.nl/27c3-stream/releases/mkv/ 27th Chaos Communication Congress #video collection #27c3 #events
RT @Garzari: -Un gintonic, por favor. -Le pongo pepino, caballero? -Desde el primer día que la vi, señorita. Lamento que se me note tanto.
2:18pm December 30th 2010 via web
RT @a0rtega: #27C3 - Console Hacking 2010 video http://vimeo.com/18278625 #fail0verflow @fail0verflow
RT @revskills: [Video] Stripping SSL and Sniffing HTTPS using SSLstrip http://bit.ly/htvVEJ (via @SecurityTube)
RT @c3streaming: Good morning at day 4! First recordings hopefully are going to get released today, stay tuned.
RT @secbydefault: #fail0verflow demo en #saal3 http://saal3.h264.27c3.fem-net.de/ con @marcan42 en escena
RT @0xcharlie: Inspired by the popular press, I now write "cyberweapons" instead of exploits in my "cyberweapon factory", aka home office.
Hay algún registrar de dominios .es (baratos, a menos de 5 eur) que acepte paypal como forma de pago? http://is.gd/jJS2F
1:22am December 30th 2010 via web
RT @secbydefault: Charla del team @fail0verflow disponible en video http://secby.us/dGj6va #27c3 #fail0verflow
1:19am December 30th 2010 via web
RT @sjmurdoch: The slides for my #27C3 talk, Chip and PIN is Broken, are now online: http://prezi.com/tkklfutly8ke/27c3-chip-and-pin-is-broken/
1:16am December 30th 2010 via web
Update your #wordpress to 3.0.4 now: http://is.gd/jJQDG (critical XSS vuln found in previous versions, err.. again!)
1:15am December 30th 2010 via web
@trufae mplayer http://wmv.27c3.fem-net.de/saal1 || ffplay rtmp://berlin1.rtmp.27c3.fem-net.de/rtmp/saal1_hq
3:14pm December 29th 2010 via TTYtter (pof) in reply to trufae
#27C3 console hacking 2010, PS3 Epic Fail - is about to start. Stream: http://is.gd/jDTcG +info: http://is.gd/jHRdd
RT @lostinsecurity: Flaws in Tor anonymity network spotlighted http://bit.ly/iiUZRe
RT @aramosf: PHP Security Guide & Checklist for Websites and Web Applications – Bottom Line for Every Good PHP Developer: http://secby.me/ehfNVC
#27C3 Lightning Talks starting in 10 minutes - http://is.gd/jD43G #SAAL3 - Stream: http://saal3.h264.27c3.fem-net.de/
RT @bandaanchaeu: Orange, el primer operador con numeración que empieza por 7 http://bit.ly/eje0JK
8:47am December 29th 2010 via web
RT @secbydefault: Gran jornada hoy del #27c3! recordamos que a las 16h será la charla de Hector Martín (@marcan42) Console Hacking2010 http://secby.us/fG6i2W
nice talk from Ralf-Philipp Weinmann #27C3 - pretty much complements if you've read his previous work here: http://is.gd/jEEcj [PDF]
RT @trufae: RT @4v4t4r: Reto: Android crackme#1 > http://tinyurl.com/3573drt
Ready to see The Baseband Apocalypse #27C3 - All your baseband are belong to us: http://saal2.h264.27c3.fem-net.de/ starting in ~10min
@pfreixes Que mires punyetero? no veus que és un lletrero
7:22pm December 28th 2010 via TTYtter (pof) in reply to pfreixes
Radare2 preview - new feature "artificial intelligence assistant": http://radare.org/img/r2clip.png
RT @trufae: @pof bah :p i thought it was a disassembler from scratch or for radare. Doing it for IDA has no interest for me.
4:13pm December 28th 2010 via web
@trufae mplayer http://wmv.27c3.fem-net.de/saal1 - now!
#27C3 talk from @41414141 starting in 10 minutes: Building custom Disassemblers - stream: http://is.gd/jDTcG (+info: http://is.gd/jDTk2)
RT @chiptune: First #Zelda prototype! http://tcrf.net/Proto:The_Legend_of_Zelda (link to nsf disk at the end) #nintendo #famicom
OsmocomBB: http://is.gd/jDsZV (open source GSM baseband) + A5/1 Rainbow Tables: http://is.gd/jDt11 , http://is.gd/jDt1U (A5/1 Decryption)
amazing lesson to GSM operators from Karsten Nohl and Sylvain Munaut - #27C3 - GSM sniffing possible using a $10 phone
#27C3 next talk "Wideband GSM sniffing" in Saal1: http://saal1.h264.27c3.fem-net.de/ - starts in 15 min
#27C3 - anonymous ninja in Saal3 -> http://saal3.h264.27c3.fem-net.de/ - Lightning Talk (guest@agent5-eee) #wikileaks
NetS-X: e-learning on network security - http://code.google.com/p/nets-x/
#27C3 Lightning Talks in Saal3: http://is.gd/jD43G - Stream: http://saal3.h264.27c3.fem-net.de/
Distributed FPGA Number Crunching For The Masses #27C3 - is about to start: http://saal2.h264.27c3.fem-net.de/
REMnux: #Malware Reversing Linux Distro - http://bit.ly/fqVHCK includes Zerowine and radare (via @revskills) /cc @matalaz @radareorg
wow ... di.fm has an android app: http://di.fm/apps
@trufae si, algun problemilla amb l'audio aquest mati xo ho han solucionat rapid, es veuen millor dsd casa q dsd allà :)
9:21pm December 27th 2010 via Twitter for Android in reply to trufae
RT @revskills: WPA-PSK Wordlist Download - 13GB http://bit.ly/gkN3hA (via @devilok)
Hacking Smartphones #27C3 starts now - http://saal2.h264.27c3.fem-net.de/
impressive talk from Collin Mulliner and Nico Golde (SMS-o-Death) #27c3 - Use openBSC to do fuzzing with SMS against feature-phones.
SMS-o-Death #27C3 starts now - http://saal1.h264.27c3.fem-net.de/
@c3streaming thanks, Saal2 audio working now :)
@c3streaming no audio in saal2 stream... please fix :)
#27C3 code deobfuscation by optimization starts now. Stream: http://is.gd/jysQX + Slides: http://is.gd/jysSm
RT @c3streaming: Only a few minutes left until the 27C3 opens. Official streams available via http://27c3.fem-net.de/
Read Embedded NAND Flash Chips without removing them: http://bit.ly/fuEftJ
@whatsbcn q cosas :)
10:26pm December 26th 2010 via Twitter for Android in reply to whatsbcn
@hdubli which kind of lock is it? And why did it happen?
10:12pm December 26th 2010 via Twitter for Android in reply to hdubli
RT @reversemode: Los creadores de virus cambian sus tácticas en busca de ingresos http://is.gd/ju7l0
RT @hdmoore: Takeaway from ExploitDB/Offsec/Ettercap compromise: PHP and sloppy web roots get you owned: http://bit.ly/fjIKkl
RT @secbydefault: Publicada owned & exp0sed #2, hackeados inj3ct0r, exploit-db, backtrack, free-hack, ettercap y de nuevo, carders.cc http://secby.us/gGWS4F
I liked a YouTube video -- Speed-Riding Down The Eiger http://youtu.be/rLKVx60I5BM?a
Major Internet TV Brand Can Be Hacked http://bit.ly/fb8Sdj #panasonic
La búsqueda social será el nuevo Page Rank http://bit.ly/ejpmtL #MIBers
RT @jcanto: es un buen chiste geek. 'un niño tan feeeo tan feeeo que cuando nació le asignaron un CVE'
New blog post - Fully backup KVM virtual machines: http://is.gd/jjbBm #pofHQ
3:36pm December 23rd 2010 via web
Not All Retailers Overreacting To Mobile Phone Wielding Shoppers http://bit.ly/gmMcEY
@whatsbcn all your browser extensions are belong to us ;-)
new profile picture, by popular request :*
1:41am December 23rd 2010 via web
RT @jduck1337: Oh my! Santa came early! He brought a .NET 2.0 ROP enabling my unpatched IE CSS exploit to work against Win7! http://j.mp/h27caQ
@toomanysecrets LMAO!! Ya no lo tengo, ahora hay algo mejor y se llama 'metasploit' :-) que tiempos...
5:47pm December 21st 2010 via Twitter for Android in reply to toomanysecrets
RT @AndroidDev: It’s not “rooting”, it’s openness: http://goo.gl/GlcIG
RT @prodrigestivill: @pof Here Is The Fake HTC Official Site (M.I.C. Gadget) http://t.co/hSFWTM9
RT @stalkr_: Database of private SSL keys for embedded devices http://code.google.com/p/littleblackbox/ by http://www.devttys0.com
@MikeTracking el kill era amb -USR1 o algo similar, mira el man, estic fora d casa amb el mov i parlo d memoria O:)
10:59pm December 18th 2010 via Twitter for Android in reply to MikeTracking
@MikeTracking kill -HUP $(pidof dd)
6:39pm December 18th 2010 via Twitter for Android in reply to MikeTracking
Eugenio "hay dos fuerzas en el mundo: la avaricia y el miedo"
RT @freakboy3742: Newly discovered XSS vulnerability in Amazon. Attack vector -- you have to write a book http://bit.ly/f1203K
10:58am December 18th 2010 via web
RT @roman_soft: RT @fo0_: sshttp feature http://bit.ly/bptKub hide #SSH inside #HTTPS as well.\n#linux #security #tunneling
RT @OxbloodRuffin: Facebook Password Trick http://t.co/j8nnwjG Hahahaha
RT @olopez: Android 2.3 Gingerbread's source code now available OH OH OH !
reading rfc2109 - http state management mechanism (cookies) - http://is.gd/iUkyq
I uploaded a YouTube video -- Titanic performance http://youtu.be/fXTM9ukowZU?a
@quetzal no tinc massa experiencia, nomes he provat sipdroid i n'estic força content, això si ha d ser un andoid d gama alta x q funcioni b.
1:16pm December 16th 2010 via Twitter for Android in reply to quetzal
Angry Birds y su modelo de negocio en Android: http://bit.ly/g2s9m4
@quetzal nope, http://is.gd/iNq6d y despres http://twitpic.com/3g6w37
5:09pm December 15th 2010 via TTYtter (pof) in reply to quetzal
algun admin de seguridadwireless q tenga +d 15 años puede explicar q ha pasado? en lugar d censurar el foro podriais publicar el algoritmo.
screenshot de la pagina de seguridadwireless que calculaba las claves WPA antes de que la quitaran. http://twitpic.com/3g5rrt
Han quitado la pagina de seguridadwireles que "calculaba" las claves WPA de Movistar y Jazztel: http://is.gd/iN4wl ¿alguien tiene +info?
RT @trufae: Claus WPA de les WLANs de Movistar i Jazztel compromeses :DD http://j.mp/hU8KVg
@trufae podria ser mailman ? /cc sha0coder
10:52am December 15th 2010 via TTYtter (pof) in reply to trufae
@jcanto fermat... :)
RT @thorstenholz: Yahoo search hacked? Image result thumbnails are leading to porn pictures. [Updated] http://t.co/aKmlKPP via @tnwmedia
RT @mdowd: Suggestion for OpenBSD webpage: "Only one government-installed backdoor in over 10 years!"
RT @anow_null: Facebook 0-day SQL Injection vulnerability has been found. [ http://oxod.ru/?p=252 ]
RT @ioerror: Back doors in OpenBSD? Props to Theo for disclosing this email - http://marc.info/?l=openbsd-tech&m=129236621626462&w=2
RT @GadixCRK: Themida [2.1.5.0] http://www.oreans.com/ThemidaWhatsNew.php
@poltarrago i de moment s'integra amb twitter i facebook (amb FB no ho he provat, no tinc compte :P)
11:54am December 14th 2010 via TTYtter (pof) in reply to poltarrago
@poltarrago encara està una mica verd, pero IMHO promet bastant. Si vols encara em queda alguna invite /dm el teu mail.
11:52am December 14th 2010 via TTYtter (pof) in reply to poltarrago
@ismaller nooo... la inteligencia colectiva de Y! answers :)
10:09am December 14th 2010 via TTYtter (pof) in reply to ismaller
testing #diaspora social network, I don't think this will be a facebook killer but it certainly is privacy aware, decentralized and open ...
Evangelizando #ubuntu con @aitorferrando
"Crowd Fighting": guerras sin generales se han ganado muchas, pero guerras sin tropas nunca se ganó ninguna. (Via http://is.gd/iFmQa)
congrats @earada for adding Haret IO support to radare2: http://is.gd/iEZKC /cc @radareorg
RT @Luis_Corrons: BlackHat SEO attack – Target: Wikileaks http://bit.ly/gI8FSR PandaLabs blog
Introduction to OpenCL http://bit.ly/dIn1WC
RT @hdmoore: Anonymous Releases Very Unanonymous Press Release: http://bit.ly/hQaze6
+1 RT @Annabel210: @_Kimbosch Bona sort en la nova etapa!!
RT @petezin: RT @opleakspin: Official Website done: http://operationleakspin.org/
@hdubli probably... but who knows yet :) we'll see it in tablets and high profile phones next year... maybe in MWC 2011.
12:57am December 11th 2010 via Twitter for Android in reply to hdubli
Open source ARM Cortex simulator models debut - http://bit.ly/feMpH6
TI OMAP 4440 dual core Cortex A9 ARM, 3D GPU and 75% more performance: http://bit.ly/elj7KO
@roman_soft eso que acabas de decir ya es una maldad en si :P /cc @bquintero @gadixcrk
RT @aramosf: This is a hack that makes your machine appear (to unix traceroute) to be anywhere on the internet.: http://secby.me/guxfSq
@aramosf otro... ok ok, entendido ya lo cambiare! O:-)
4:52pm December 10th 2010 via TTYtter (pof) in reply to aramosf
RT @coolkamio: No entiendo el entusiasmo de que Amazon llegue a España… ¿No la estabais boicoteando por lo de wikileaks?
Oferta de trabajo: Técnico de producto +info: http://is.gd/iuKAK - interesados, contact me :)
RT @msuiche: http://twitpic.com/3ekeyl WikiLeaks & Google Insight (Must see) So much fun (via @Nico_Lanter)
Toshiba #Wikileaks ad on linkedin: http://i.imgur.com/0cUSB.png (Avoid a Wikileaks Deisaster - Document Security Webinar)
Ever wondered why some URLs (eg: twitter) have a '#!' sign? here's the answer: http://is.gd/isXSk #SEO #ajax #MIBers
12:45am December 10th 2010 via web
RT @_ikki: "1499 websites (29.88% of the total we analyzed) contained at least one page vulnerable to HTTP Parameter Injection" - http://bit.ly/i3J6R6
Why #WikiLeaks Is Good for America http://bit.ly/hXQYgg
99.98% Of Domains Unsigned By DNS Security Extensions http://bit.ly/gV7ZG8
RT @meneame_net: Vicepresidente de Paypal sobre el bloqueo a Wikileaks: "El Departamento de Estado nos dijo que era... http://m.menea.me/nuzw
@MarioVilas en linux no funciona, pero puedes usar "netstat -pene" para lo mismo /cc @aurelianito
4:06pm December 7th 2010 via TTYtter (pof) in reply to MarioVilas
@astralia bon profit :-)
2:11pm December 7th 2010 via Twitter for Android in reply to astralia
RT @Reuters: FLASH: WikiLeaks founder Julian Assange arrested in Britain - UK police
10:29am December 7th 2010 via web
ALF (TV Serie) #chiptune song by irq7: http://is.gd/ikCsE
Restaurant el pescador (casa angelina) les cases d'alcanar http://twitpic.com/3d6f84
Dotfuscator SKU for WP7 apps with patented renaming, string encryption, metadata removal obfuscation transforms: http://bit.ly/hhTEZk
@hdubli not yet unveiled, but I guess will be the major SoC along with Tegra when LTE devices become widely available.
8:25am December 5th 2010 via Twitter for Android in reply to hdubli
Qualcomm MSM8960: 5x performance, 75% less power. Can u believe? http://bit.ly/emzBa0
RT @nacionred: Aumenta la presión sobre WikiLeaks: PayPal cancela su cuenta para recibir donativos http://bit.ly/fQshXz
RT @YJesus: Explotando Android vía Web con airbase-ng http://is.gd/i8Ccc
RT @se_lain: 25 More – Sick Linux Commands - http://blog.urfix.com/25-sick-linux-commands/
RT @trufae: El tema de #chiptune 'kung fu goldfish' es realment gran. @pof @neuroflip busqueu-lo que us molarà :D happy blirping
12:20am December 3rd 2010 via web
RT @radareorg: Another yummy update of what is happening in ragui ... http://j.mp/eOxXqp
12:18am December 3rd 2010 via web
RT @roman_soft: RT @pentestit http://bit.ly/gvJizI <~~ Nice! Update to WordPress 3.0.2. NOW!
RT @txipi: RT @ArtePresentar: RT @dreig: Realidad aumentada y Kinect, increible... http://dreig.cc/fHAmPc
@toomanysecrets tu por lo q veo sigues con la poligamia... suse + *BSD, no?
12:24pm December 2nd 2010 via TTYtter (pof) in reply to toomanysecrets
@toomanysecrets no ha llovido ni nada ;-) casi todo lo q tengo s ubuntu con gnome... aunq m sta empezando a gustar archlinux tb O:)
12:23pm December 2nd 2010 via TTYtter (pof) in reply to toomanysecrets
Ubuntu-based ARM server runs on 80 Watts - http://bit.ly/i69J6M
@hdubli does it last at least 24h with 3G data connection always on?
8:42am December 2nd 2010 via Twitter for Android in reply to hdubli
shame on @amazon for dropping @wikileaks out of their cloud. Period. #amazonfail
2:03am December 2nd 2010 via web
RT @Xylit0l: Armag3ddon Armadillo unpacking tool 1.9 released, here you go dude -> http://www.accessroot.com/arteam/site/download.php?view.262
12:47am December 2nd 2010 via web
@hdubli nice, will b launched by @vodafone_es here very soon, i'll try to see if i can get one too! :D
5:50pm December 1st 2010 via Twitter for Android in reply to hdubli
RT @0x90code: click on "Listen": http://is.gd/i3kd4
4:35pm December 1st 2010 via web
RT @corelanc0d3r: Exploit dev cheatsheet wallpaper v8 online - http://bit.ly/aLHZ6l - sorry for messing up v7
12:00am December 1st 2010 via web
- All Tweets 6562
- June 2013 46
- May 2013 211
- April 2013 154
- March 2013 152
- February 2013 121
- January 2013 208
- December 2012 201
- November 2012 348
- October 2012 137
- September 2012 259
- August 2012 251
- July 2012 195
- June 2012 102
- May 2012 156
- April 2012 141
- March 2012 213
- February 2012 229
- January 2012 183
- December 2011 162
- November 2011 104
- October 2011 224
- September 2011 165
- August 2011 130
- July 2011 248
- June 2011 285
- May 2011 417
- April 2011 264
- March 2011 298
- February 2011 321
- January 2011 260
- December 2010 165
- November 2010 81
- October 2010 35
- June 2010 4
- May 2010 8
- March 2010 1
- February 2010 6
- November 2009 3
- October 2009 2
- November 2008 3
- October 2008 1
- August 2008 68
Clients
- TweetDeck 4338
- TTYtter (pof) 480
- Falcon Pro 418
- web 378
- Falcon Pro 377
- Twitter for Android 247
- Google 45
- Google 38
- Boid for Android 28
- Plume for Android 27
- PockeTwit 26
- Identica 23
- Tweet Lanes for Android 22
- pofHQ 21
- FalconPro 15
- Tweet Button 14
- Ubuntu 12
- Mustard! 11
- TweetComb 5
- Echofon 5
- identica 5
- TweetCaster 4
- Plume 4
- twicca 2
- Falcon Pro (BETA) 2
- Twitula 1
- twidroid 1
- ceTwit 1
- Twitpic 1
- Swift 1
- TwitPic 1
- TinyTwitter 1
- Twitter for iPad 1
- Carbon for Android 1
- Twitter for Mac 1
- Twitter for Android 1
- yfrog 1
- mobile web 1
- Echofon 1
- Diaspora 1