Pau Oliva Follow @pof

this just saved my life, dos2unix in a perl oneliner: perl -pi -e 's/\r\n/\n/g' file #CambioIVA #cambioIVA21

RT @radareorg: Expect some more Android suprises soon.

cool! :D RT @radareorg: Thanks to @thuxnder r2 is now supporting the dalvik payload opcodes. /cc @pof

RT @ChainfireXDA: Mobile ODIN updated to v3.25 ! http://t.co/Pcghn3lA - Can flash OTA and Update ZIPs, read all about it here: http://t.co/hFPA2MVb

RT @timstrazz: Good #android write up on the string obfuscation used inside the WhatsApp - does look like KlassMaster http://t.co/eOOr3SIz

RT @timstrazz: Anyone ever used or seen the output from #Android DexGuard? http://t.co/ZXpcOuiV looking for a sample...

RT @adulau: http://t.co/aD4F5kT2 Interested in Fuzzing the GSM protocol stack -> this talk will be at hack.lu 2012 @hack_lu #gsm #infosec

XML with shortcodes and MCCs for the "hotvideos" android malware - http://t.co/aKam5YEz

Found "hotvideos" android malware, auto downloaded by visiting a website: virustotal 0/42 http://t.co/8UsfDWTo same as: http://t.co/wY8wZv1F

RT @Amon_RA: Install adb and fastboot in Ubuntu via PPA : http://t.co/FJWnxm2H

RT @i0n1c: One thing missing from the #FinSpy mobile article is how is it installed on iOS? Are victim phones made dev phones? or does it jailbreak?

RT @billmarczak: New #FinSpy work by @headhntr & I. We analyze FinSpy mobile malware, find new FinSpy servers, confirm @rapid7 results: http://t.co/OGvzczZ6

my #nexus7 arrived this morning, 1st thing update & root it - http://t.co/JA1Df9Jr

RT @insitusec: The glue that holds it all together, Binder: The Android IPC mechanism (82 slides, pdf) http://t.co/W0vXpyYD

RT @SantokuLinux: I am BETA. Santoku 0.2 release is available now: https://t.co/8yrGEjGY New OS base, new tools. Android, iOS beware.

RT @insitusec: Dexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot (paper: http://t.co/uFHFq9nS)

Learning C with GDB - http://t.co/RvF20isB nice article via OSnews

A bunch of android ebooks - http://t.co/FreU7uaF

RT @insitusec: Understanding the Dalvik Virtual Machine (PDF, 102 slides) http://t.co/al2RhOqt

Comparison of Dalvik and Java Bytecode - http://t.co/99hy4JBD

RT @kevinrose: Men's bathroom at Google Android @ Google Android Camp http://t.co/iOqgdW9r

RT @jkwkc: Much more detailed write-up on the java vulnerability, with exploitation method. http://t.co/rAaS6neV

RT @insitusec: @pof @georgiaweidman analyzing the android permission specification http://t.co/sJLlATLt

RT @kapitanpetko: Exploring Google Wallet using the secure element interface http://t.co/unuXHkjV

RT @subreption: Our measurements for Android 4.1.1 ASLR (bits of entropy): heap 12-14, stack 11, text/et_dyn aka PIE 9, text/et_exec 0, dso 9, anonmap 10.

RT @dsixda: CyanogenMod build terminology explained: Breakfast, Brunch, and Lunch! | Cameron Pickett http://t.co/1F728LYv

RT @jmattheij: http://t.co/naJ3fnI2 The Tim Cook memo, line by line commentary. Sick and tired of #apple and #patents.

AREsoft-updater: script to update all RE tools in your Honeynet Project A.R.E virtual machine - (github) http://t.co/BX09v17D

RT @Dees_Troy: However, TWRP 2.2.2.0 released for Galaxy Nexus (all versions) with USB OTG support. Also announcing support for Galaxy Note 10.1

RT @0xroot: Android 4.1 Jelly Bean is vulnerable to our TapJacking poc. Time to improve it and create something funny :) http://t.co/wBY26Ius

RT @koush: AndroidAsync - a NIO socket and HTTP library for Android https://t.co/R33TFC3d

awesome post (as always!) : RT @kapitanpetko Android secure element execution environment http://t.co/jmi8lUlR

RT @freebsdhelp: Initial support for running #FreeBSD on the Nintendo Wii: http://t.co/zxQ1p5Ei #SVN

RT @PaulOBrien: Could Google mandate the provision of device profiles to AOSP by manufacturers before certifying devices for release? https://t.co/MIJJoXDl

"Bypassing the Android Permission Model" by @georgiaweidman #hackinparis - slides: http://t.co/GDd8gfdp video: http://t.co/SXhgxViX

RT @subreption: We are releasing our patch for adding Android emulator support to 3.2.x Linux kernels: https://t.co/bFuFtbB1 #android-hacking

Eclipse plugin for developing the android platform - (github) http://t.co/H62aEAKZ wiki: http://t.co/6YpVbDC9

RT @HackAck: Best easteregg ever? #xss #google http://t.co/wWbnbz90

apkil: APK instrumentation library and DroidBox APIMonitor - (GitHub) - http://t.co/aSrmWt9G

Beta Release of DroidBox for Android 2.3 and APIMonitor - http://t.co/nlJ1SS4e

DroidScope, Reconstructing OS&Dalvik Semantic Views for Dynamic Malware Analysis: slides http://t.co/TFJkzGZj and video http://t.co/SyHCp0q7

From Usenix: Aurasium, Practical Policy Enforcement for Android Applications: slides http://t.co/Ri6odBHD and video http://t.co/CvclPSda

Videos from talks at 21st USENIX Security Symposium are available online - http://t.co/QID6PseK

RT @cryptax: @timstrazz Finally posted my write-up on your #android #challenge (Dex in Dex): http://t.co/saUAEih5

RT @vtipy: Java is like Alzheimer's It starts off slow, but eventually, your memory's gone.

Watch @timstrazz blackhat talk video "Dex Education: Practicing Safe Dex" - (173Mb) http://t.co/NsAmy1GA

WOW, just WOW! @ #BlipFestival Tokyo Artists - http://t.co/ML27ZlUg #chiptune

Accessing the embedded secure element in Android 4.x - http://t.co/fqPZFfbC

Schneier on Security: Is iPhone Security Really this Good? - http://t.co/No5AkbGU

Updated ldpreloadhook to also spy on free() syscalls - http://t.co/mQRQiTaP thanks @joedamato for the idea ;-)

RT @timstrazz: Fresh sample of #Android #Malware SMSZombie, ripe for the analysis! http://t.co/MMmi1GzS

"A Generation Lost in the Bazaar", very fun read for #Unix #BOFH - http://t.co/QmTPJ1UI (via @pecei)

RT @joedamato: new blog post: Ripping OAuth tokens (or other secrets) out of TweetDeck, Twitter.app, and other apps http://t.co/SzRdjj2s

Linux Audit ported to Android, includes system applications, AOSP patches, and kernel patches - (github) http://t.co/5djPtm75

LBE privacy guru with support for Android 4.1, Google Translated - http://t.co/C7XNx7Y8

Anyone tried this? -> LBE Security Manager, translated and repackaged (works on Jelly Bean) - http://t.co/ZF2MBvwG #lookslegit

I liked a @YouTube video http://t.co/AnRVezI1 Android JellyBean on Nokia n9, short demo

RT @MarioVilas: Using the result of CPUID to xor-encode the payload, defeats emulation. Nice idea. https://t.co/FJcGduY4

RT @ChainsDD: Note that I have temporarily disabled the binary updater over some security concerns. It'll be back once I figure out a better way to do it

RT @lbutlr: Son: Why don’t churches have wifi? Me: ? Son: They don’t want to compete with an invisible power that works.

RT @carlosacastillo: Resilient 'SMSZombie' Infects 500,000 Android Users in China http://t.co/qUMqBkbP // Malware forcing users to add itself as a "Device Admin

RT @csoghoian: CEO of 0-day merchant Netragard: Market for 0-day exploits should be regulated: https://t.co/3f0Jmgxn 0-Day Pricelist: http://t.co/wu9uUbkq

I liked a @YouTube video http://t.co/bSOFAQG7 Experimental one-line algorithmic music - the 2nd iteration

RT @vimtips: :w !sudo tee % will use sudo to write the open file (have you ever forgotten to `sudo vim /path/to/file`?) (via @gbretou)

SymDroid: Symbolic Execution for Dalvik Bytecode - http://t.co/DRca32pH

A quick command line whatsapp client in php - (github) http://t.co/5jjvOHo7

Android exploitation primers: lifting the veil on mobile offensive security (Vol. I) - [pdf] http://t.co/sNHlmUm8

RT @apuigsech: A tool to brutefoce P1 and P2 on EMV read data. Tag parsing is working very good now :) http://t.co/NSnlqMNN

RT @SantokuLinux: Phones beware, the blade is alive. Mobile Security Testing, Malware Analysis, and Mobile forensics all in one. http://t.co/zTokHUIi

RT @0vercl0k: Finally decided to release my C++ rop-finder: https://t.co/KnxzsHbh, works on Lin/Win/Osx/Fbsd & PE/ELF/Mach-O x86/x64. Hope you'll like it!

RT @cntrmeasurecon: Zach Lanier @quine and Andrew Reiter @Paucis__Verbis will present "Mapping and Evolution of Android Permissions" http://t.co/36fUGVaK

vulnerabilities in Samsung Epic 4G Touch with 2.3.6 and probably other Samsung Galaxies - http://t.co/pWRa7Ss0

ASEF, Android Security Evaluation Framework: Open Source Project to perform security analysis of Android Apps - http://t.co/FQH3Uw0u

RT @timstrazz: @pof pffhh real men just run the protocol from a console, encoding/decoding it by hand

Run Google Play on an emulator and pretend to be any device - http://t.co/kndu8vNt

RT @tutterr: Yay! Talk with @6e726d about reversing and modifying broadcom mobile wifi cards firmware got accepted to #ekoparty2012

RT @scarybeasts: Announcing Pwnium 2!! It is ON! Please RT :) http://t.co/wEszN0a6

RT @_defcon_: Huawei's response to the DEF CON presentation about security vulnerabilities in widely used routers. http://t.co/D0nXn4Nz

RT @PaulOBrien: Ooh, this looks like a very cool Tasker plugin! https://t.co/SruK9Bp9

Gnu Emacs ported to Android, insane! - http://t.co/7UlO00Eu

RT @timstrazz: #Android Zitmo Analysis: Now you see me, now you don't - http://t.co/TcCdM6vy

Baseband Attacks: Remote Exploitation of Memory Corruptions in Cellular Protocol Stacks [PDF] - http://t.co/9ssQYPyo

Quick article on "Basics of Android Secure Coding" (permissions, intents, broadcast receivers, activities, services) - http://t.co/Tkla4Hrb

ClubHack Magazine's Aug 2012: Malware Memory Forensics, Tamer Data, iOS vluns, etc...- [pdf] http://t.co/evGMUsnq

RT @viaforensics: viaExtract now supports cracking #Android #encryption (brute force) for ICS and Jellybean https://t.co/c6FMPHA6

RT @nibble_ds: I’ve just implemented a new ARM disasm plugin for radare based on the winedbg’s one. It’s definitely the only sane ARM-disasm lib out there…

RT @romainguy: Interesting post-mortem on publishing a game on Google Play http://t.co/WZs1h8vj

RT @attrc: New Blog Post: Recovering tmpfs with Volatility: http://t.co/4AOHzPku CC: @gleeda @imhlv2 #dfir #infosec

fresh meat on contagio #android #malware - VDloader: http://t.co/U74mEAgn New Zitmo: http://t.co/jL1B5Ku9 LuckyCat.A: http://t.co/KdEX272l

RT @singe: On iOS forensics "Trying all 4-digit PINs therefore requires no more than 800 seconds, a little more than 13 minutes." http://t.co/wQTdKdHa

RT @MarioVilas: iKAT 2012 Release - Interactive Kiosk Attack Tool http://t.co/Dh83e1Ob

RT @thomas_cannon: Vulns in Android Superuser app? http://t.co/ap2HhbU2

p2p-adb: Phone to Phone Android Debug Bridge (github) - http://t.co/RwCng2Ql

RT @DrMacinyasha: Superuser by @ChainsDD has a new home on @GooInsideme: http://t.co/CWun2qnP

RT @1zn0g0ud: .Bash_history deduplication and stats https://t.co/CzxdUKCE

RT @s7ephen: BlackHat 2012: A Blogpost, A PhotoJournal, and slides from our talk and training http://t.co/TikB9T0X

RT @aloria: There will never be a realistic movie about hackers because few people want to watch a dude in his boxers hunched over IDA for 16 hours.

RT @xdadevelopers: Android: LiME Forensics Kernel Module for Raw Memory Snapshots http://t.co/3okesvEn

lol "vim & ls colors (dark blue over black.. what were they thinking?)" - http://t.co/WLy75xy3

RT @roman_soft: About #Defcon #Ctf winner: "My understanding is you had 30 people at the Rio, and 50 outside" -> 80 ppl team!!! Rules should change :-/

RT @thuxnder: I have just released the source of my #dalvik obfuscator script - Yes it is quick'n'dirty ;) https://t.co/36XMqpNI #android #obfuscation

RT @dguido Samurai CTF, the winning team from Defcon CTF this year, is doing an AMA on /r/netsec http://t.co/R89t8Txw /cc @roman_soft

AdSplit: Separating Smartphone Advertising from Applications - http://t.co/slJpSrbi

Aurasium: Practical Policy Enforcement for Android Applications - http://t.co/CvclPSda

DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis - http://t.co/SyHCp0q7

Remote Debugging on Firefox for Android - http://t.co/FGDJjMOE

RT @timstrazz: Great mini tutorial for beginner ARM reversers, "Elementary ARM for Reversing" http://t.co/CObeoiFV

RT @dexlabsorg: New blog post about Android Emulator and Sandbox Detection is online: http://t.co/4IwIz2gf credits to @pleed_ and @thuxnder

I liked a @YouTube video http://t.co/2GtJTxLP Android 4.1 Jelly Bean - CM10 on the T-Mobile G1

RT @erocarrera: Just committed and uploaded packages for pefile-1.2.10-118 with a few bugfixes for corner cases. http://t.co/uS5bGdNF

RT @jlalcazar: How to Make Your Linux PC Wake From Sleep Automatically http://t.co/ophEDfLB #linux #rtcwake #sleep #hibernate

Android app DRM quietly disabled due to bug: http://t.co/7uhHfVU4 sensationalist headline: only affects apps w/ installLocation=internalOnly

RT @serverdensity: MySQL 5.6 now embeds memcached for performance with durability, does this obsolete NoSQL products? http://t.co/qlYyVAss #nosql #sysadmin

RT @radareorg: <@pof> radare can triforce http://t.co/DtSD1fr7

RT @quine: Errata to "Avoiding Android App Security Pitfalls" preso http://t.co/iXDJRVHA

RT @thomas_cannon: Very nice 'TOCTTOU Attack' from @collinrm https://t.co/u9FlbIqj. Better than my PoC on old droids using USB-SD adapter http://t.co/viY7Tk4U

RT @hackfest_ca: Speakers 2012 : Aditya Gupta @adi1391 & Subho Halder presents "Attacking Angry Droids : Advanced Android Exploitation" http://t.co/Teq1rUZ

Official Google Enterprise Blog: Make mobile more manageable - http://t.co/2opYbST5

RT @mikko: F-Secure Mobile Threat Report Q2 2012: http://t.co/jtELKsXW [pdf]

RT @saidelike: http://t.co/N0gvTLqt I (finally) released the source code for the FUSE method I used more than one year ago. See github link at the end.

RT @PortSwigger: Burp now supports Android SSL proxying http://t.co/1pZgCHZr

Very interesting insights about the new "cloud based" google wallet: The Cloud Comes to Your NFC Wallet - http://t.co/8wnwCdIM

RT @xanda: AntiTaintDroid - Escaping Taint Analysis (and stealing private information) on Android for Fun and Profit http://t.co/tDqqTqRA

agcc.bash: Make Native Android C Programs Using the NDK - http://t.co/2vkX8b2r

RT @cryptax: @thuxnder it is now available on http://t.co/X0aWqwEs, section réaliste, name insomni'droid #challenge #android

RT @lizcastro: Spanish tweeters threaten Catalan Olympian #AlexFabregas for saying he plays for Spain because “he has no other choice” #London2012

RT @dloss: Assembly Summer 2012 1k intro competition entry, 1st place: Embers, by TDA http://t.co/KPgooLNL

RT @adesnos: Androguard 1.5 out: http://t.co/dByCdoCp #android #security #decompiler #arm

Ownclowd: open source clowd hosted on your own infrastructure (with android & ubuntu clients available) - http://t.co/eRigYt4M via @trufae

RT @0xroot: [Article] I just wrote a new post about how to cheat on Android Games - http://t.co/F9LnrNX9

che! http://t.co/Wjj3k3fQ

RT @CiphersSon: Kinda like "pentest bookmarks" http://t.co/VOHGioCY on google code I made a list of Android Security related apps. http://t.co/cGqxqDAT

RT @rallat: Is important to secure intents to avoid security issues http://t.co/Zkg57wwg

RT @iamnion: nice addon to the talks and the #baseband chapter of the #iOS hackers handbook by @esizkur https://t.co/ZGeti4pn #usenix #woot

RT @teamcymru: IP Reputation Database from Alienvault http://t.co/1vgsm5xI

RT @gtvhacker: Google TV Logitech #Revue root exploit by @djrbliss has been released. Read the warning and check out the exploit at: http://t.co/4FFATKL2

RT @thuxnder: A simple PoC demo showing an app which catches your #Android device in a boot loop. http://t.co/1BVAI0Bp #dexopt #bug

RT @xanda: RT @thomasfuchs: If your Android emulator is slow like molasses with x86 images on ML, reinstall the Intel HAXM. http://t.co/9f4cZ5Kg

.@timstrazz is giving me too much homework :P

RT @timstrazz: Dexploration: What a default Dex looks like; http://t.co/fnI2DcYq - little details I was unable to fit into #Blackhat

RT @timstrazz: #android "white hat" develops "malware kit"… http://t.co/CVee9Q3C wait - what? I don't know the meaning of words anymore…

heh... RT @AndroidPolice Android Jelly Bean's Face Unlock "Liveness Check" Circumvented With Simple Photo Editing http://t.co/4XeRVFrb

I use twitter lists, read down to up so keep timeline position is a must, and also need a quick functional widget like tweetdeck bar.

Same story on desktop, i've tried a bunch of twitter clients, still think the old adobe air based tweetdeck is the best

I've tried most (if not all) android twitter clients available on Google Play, still can't find any which can fully replace tweakdeck

I liked a @YouTube video http://t.co/LxmliLgS Maru - Insane Youth // Gameboy Chiptune Music

Great post by @0xroot 'Auditing android applications' (in Spanish) - http://t.co/qqbjs7Xt

RT @eliot: I've posted my writeup of building NinjaTel http://t.co/abmKSuGJ

RT @timstrazz: Finally got around to writing up a blog post for my #Android presentation at #Blackhat http://t.co/iog8yfj5

RT @carlosacastillo: DeObfuscate Jar With Dex Tool http://t.co/07wbcdS2

RT @kapitanpetko: A bit late but: Changing Android's disk encryption password, comes with a handy tool! http://t.co/yzP5XDwh

LOL! "@andremoulu: Asked for INTERNET permission... got INSTALL_PACKAGES http://t.co/vMVG6N45"

RT @thomas_cannon: A FUD-free balanced article about my #defcon talk re: the Android Encryption part. http://t.co/fX7Hgqoe

How to switch user profiles on Jelly Bean - http://t.co/eal7BHN3

RT @gtvhacker: The root method we presented at #Defcon which allows for boot-loader access on the Sony is now documented on our site: http://t.co/torRSnt6

Street fighter II Guile's Theme 8-bit - http://t.co/g82Aveyr #chiptune

Using Password-based Encryption on Android - http://t.co/mtZ3pAG9

Storing application secrets in Android's credential storage - http://t.co/4baF6bBi

Unpacking 'adb backup' Android backups - http://t.co/T3yW41ff

Using app encryption in Jelly Bean - http://t.co/XO6VllCx

Jelly Bean hardware-backed credential storage - http://t.co/Mp5I6v8h

Certificate blacklisting in Jelly Bean - http://t.co/SxSMtwhZ

I'm checking out @TweetLanes, a brand new Twitter app for Android. Looks pretty cool so far. http://t.co/Rt16qh5J

sfdisk -d /dev/sda |sfdisk /dev/sdc ; mdadm --manage /dev/md0 --add /dev/sdc1; mdadm --detail /dev/md0 #raid rebuilt successfully :-)

@PCGREENSL en agosto haceis el mismo horario?

Garntner 2012 Magic Quadrant for Mobile Device Management Software (MDM) - http://t.co/40pKdbAr

Fitrefox OS (B2G) for Galaxy Nexus fastboot images, working wifi & 3G, still pre-alpha - download: http://t.co/53FCmDII