@Antoniojojojo no conozco droidVPN, pero a simple vista yo no dejaría pasar mi tráfico por el servidor vpn de un tercero
8:06am July 31st 2012 via web
@xanda still on early beta but very complete and up to date, very promising :)
@timstrazz hahaha :) I'm about to go to sleep now... but saw your tweet and couldn't resist looking at the ruby sauce :P
Downloading Santoku Linux Alpha Release: Linux distro for Mobile Forensics, Malware Analysis and App Security Testing - http://t.co/GQGXvtqq
@trufae yes, but that's what you need :P i've tested it on android and works amazingly well for mobile irc without draining the battery.
@trufae doesn't run on ios, but survives network loss/packet drop b/c it uses a server side client to translate irc protocol into json stram
RT @subreption: For the record. Android exploit covering >80% of the market today: f572bff595b80061dde9028a12ef8df2f1e2db331a00f11bf2312f5529c7a725 - Soon.
@thomas_cannon seems doable, what about a NFC tag instead of a USB dongle to enter the encryption passwd at boot?
@jcespi2005 haha.. not really, but i find the project interesting and will have a look.
ios-ssl-kill-switch GitHub: MobileSubstrate extension to disable certificate validation on jailbroken iOS - http://t.co/3p4oXeix
btw @thomas_cannon if you change the encryption password using the command line, this passwd is different from lockscreen so it can b longer
@PaulOBrien what's the benefit over Android's built in wifi tether? I don't get MiFis when you have a spare Android phone...
Themida 22.214.171.124 released today, reversers rejoice - http://t.co/K5B2AHuQ
@braincode i posted the script on my blog some time ago :)
picture on last twit taken with my tablet, which is wifi tethered through GNex at the same time. Balancer script here: http://t.co/IyKdBJZp
@MRYangQ no idea, sorry... try firstname.lastname@example.org
11:14am July 23rd 2012 via web
@simyo_es es nacional, ahora os mando el correo
@simyo_es tengo SMSC correcto +34644109030, SMS se tarifica n el panel d consumo, pero destinatario no recibe. Android 4.1. q puede ser?
X-Ray vulnerability scanner for Android - http://t.co/5I0cDOyU looks promising :)
@MikeTracking jeje, com ho saps eh bandarra!
RT @jduck1337: Successfully obtained a connect-back shell on an Android 4.0.1 device after much work. More details to come next week at BlackHat =)
@MordodeMaru adb shell; su; pm uninstall com.lbe.security.lite
@MordodeMaru glad to hear all went well :)
"Package Enabler" updated to auto enable packages on phone boot - http://t.co/RoZsDr8L
RT @timstrazz: Sent out a little PoC crackme that will be public after my Blackhat talk next week - wonder if people will like it :D
A must read: Exploit Mitigations in Android Jelly Bean 4.1 - http://t.co/ixUE7ddJ
I've just released "Package Enabler" in the play store, it allows to enable disabled apps on rooted android phones - http://t.co/RoZsDr8L
@GabrielGonzalez i usually want to see tx power and rx sensitivity in wifi products, also number of radios and available frequencies on each
RT @Pwn2Own_Contest: Announcing details about Mobile Pwn2Own next week. Get your 0days ready!
Several weaknesses in implementation of security features in AirDroid - http://t.co/IRE4W9mu
Bytecode for the Dalvik VM - http://t.co/EjrsBhV3 (wish i knew this page existed before!)
@timstrazz yes... read something about sqli... ;)
No android botnet :P viaForensics confirms Yahoo! Mail App Flaw - http://t.co/e4CB1D8v
@PaulOBrien can u give more details? any possibility of enabling them when running a stock rom?
@TeamAndIRC no idea, I was not registered
RT @PaulOBrien: Found where in Jelly Bean Google are PM disabling apps not for your region (Wallet, Ears etc.) - patched that right out! :-)
@boidapp swiping to delete a list in 'my lists' column without confirmation is a bad idea, I accidentally deleted one of my lists :(
MeeGo Security Architecture: an overview of Mobile Simplified Security Framework (MSSF) - http://t.co/2yC8xeo9
@MordodeMaru ok, si tengo tiempo igual hago un post explicando el proceso :)
NIST Draft: Guidelines for Managing and Securing Mobile Devices in the Enterprise - [PDF] http://t.co/j9lpe2JX
@rhcp011235 still, no excuse for not encrypting your data ;)
@rhcp011235 LOL!!! it could get lost or forgotten anywhere, and if the person who finds it is tech savy you're fucked anyways :P
@rhcp011235 there's still risk of loosing your data if your phone gets stolen, as the wipe from oem unlock is not "forensics safe"
root + stock recovery + encrypted data + BootUnlocker (OEM locked bootloader) for daily use, and TWRP for nandroid and flashing OTAs = #WIN
just noticed TWRP (teamwin recovery) has support to decrypt encrypted userdata partitions since ~1 month - http://t.co/6q7s50V5
@oliverxxx yes, you need root for a manual install via recovery. Otherwise wait for the OTA to show up on your device automatically.
@xanda oh... not much dev community on this i guess :( I decided long ago to only buy AOSP supported devices.
@xanda what device u have now? i have xoom (wingray) and gnex (maguro), both with JellyBean :)
@TeamAndIRC the only one i've seen yet is JRN84D -> JRO03C for takju. Still no 4.1.1 OTA for yakju AFAIK :(
@timstrazz only valid for native dynamic code, no dalvik (and doesn't work with static native binaries either)
Definitely a must read: The 'broken patent system': how we got here and how to fix it | The Verge - http://t.co/ATLr8g49
@tripledes me alegro de saber que estás bien... cuidate y anda con cuidado!
...and the Android equivalent available in contagio too: Android FindAndCall spyware - http://t.co/MZziStW2
ios "malware" sample uploaded to contagio mobile: Apple IPhoneOS FindAndCall spyware - http://t.co/r26Jm6eu
@esanfelix most people won't as it main use case is LAN only, but never underestimate the power of human stupidity ;-)
@esanfelix no, the password goes in cleartext
DroidMote: Remote control of your Linux desktop (keyboard+mouse) from your Android phone: http://t.co/Bj3aQ3KL
Android Security Overview documentation updated to include Android 4.1 security enhancements - http://t.co/yN9xTmfZ
@cryptax make sure the filesystem on the USB key supports files larger than 4GB
I've submitted CVE-2012-1675 as lamest vendor response nomination for the pwnie awards /cc @matalaz
UEFI Secure Boot and Ubuntu (implementation details planned for 12.10) - http://t.co/7THOQWoR
it's 2012 and looks like @simyo_es is still not hashing its user's passwords, got my password in cleartext on the password recovery email.
@timstrazz ok, we'll see when they publish more details :) been a few days out of twitter and i'm catching up with old stuff...
@timstrazz agree that the vuln is lame, but why the video has to be faked?
Androwarn: Yet another static code analyzer for malicious Android applications - (github) http://t.co/jelZ6FxJ
never 'tell htc' about your phone crashes, the log file sent might contain all your keystrokes - (video: http://t.co/qnwdhRaX )
@0xroot waiting to see your "recipe" for this :) i guess you used some mitm proxy
Android library for using the Honeycomb+ animation API on all versions of the platform back to 1.0! - http://t.co/RkbvSlzP
I'm looking for people with an USB or RS232 EETI (eGalax) Touchscreen on Linux, who can test my open source driver - http://t.co/mIqxZi3k
RELRO support has been added to Android 4.1, all 3rd party native apps will pick up relro protections - http://t.co/Kct3SNuJ
pretty good article about "Tuning Linux IPV4 route cache" - http://t.co/xNUjlv6g