Tweets from September 2012

@hteso felicidades y no rompas nada :P

6:31pm September 30th 2012 via TweetDeck in reply to hteso

RT @rallat: Anyone knows good Android apps for Autism children?

10:17am September 30th 2012 via TweetDeck

TweakDeck patch to include retweets in lists timelines: http://t.co/ZeQkX6m9 /cc @PaulOBrien

1:53am September 30th 2012 via TweetDeck

RT @AndroidPolice: CyanogenMod Dropping ROM Manager For Its Own OTA Update System http://t.co/kessmYKU

1:47am September 30th 2012 via TweetDeck

@Antoniojojojo yo lo he marcado para mirarlo, pero no he tenido tiempo de probar... si funciona bien espero que lo integren en CyanogenMod

4:14pm September 29th 2012 via TweetDeck in reply to Antoniojojojo

@TeamAndIRC @xanda thanks, i have not seen anything other than what has been posted all over news sites...

3:42pm September 29th 2012 via TweetDeck in reply to TeamAndIRC

RT @volkerdi: And... we're there! Slackware 14.0 is finally released: http://t.co/QriczUZc

10:22am September 29th 2012 via TweetDeck

RT @nmap: Hakin9 Magazine's Nmap issue successfully trolled by security researchers! http://t.co/WHhYVfk6

10:20pm September 28th 2012 via Tweet Lanes for Android

@t0mm13b sure, I would prefer this as default behavior for anything that comes from an intent

10:11pm September 28th 2012 via TweetDeck in reply to t0mm13b

RT @raviborgaonkar: here is my quick write up on Android-USSD issue http://t.co/qKXwbqLP

9:55pm September 28th 2012 via Tweet Lanes for Android

@t0mm13b code looks good, but not sure if regexp will match all malicious codes, what if an attacker uses it to dial a premium rate number?

9:43pm September 28th 2012 via TweetDeck in reply to t0mm13b

10 samples of SMSZombie Android SMS Trojan - http://t.co/xmw7TumX

5:35pm September 28th 2012 via TweetDeck

@snowfl0w lol, hope u remember to post the smszombie samples when u have the time :)

12:29pm September 28th 2012 via TweetDeck

RT @carlosacastillo: FinSpy Mobile - Configuration and Insight http://t.co/mxe7hhec - Ruby scripts to get and parse raw configuration files from FinSpy samples

9:34pm September 27th 2012 via TweetDeck

RT @2b_as: Everybody is still saying the #Samsung remote wipe attack used an #USSD code: It did not! Explanation: http://t.co/QVjOmRzh @heisec

3:04pm September 27th 2012 via TweetDeck

Unlocking NFC deadbolts with Androids - http://t.co/LpYbAwGG

2:44pm September 27th 2012 via TweetDeck

Nice article on ad-jacking: "Game Malware Writers Before They Game You" - http://t.co/lcphAKli

2:42pm September 27th 2012 via TweetDeck

RT @raviborgaonkar: There are lots of incorrect reports in the different articles abt TEL issue, I will publish a post about the issue today or tomorrow.

1:07am September 27th 2012 via TweetDeck

RT @xanda: RT @jedisct1: xip.io: wildcard DNS for everyone http://t.co/pHy9nZKs

1:05am September 27th 2012 via TweetDeck

RT @CyanogenMod: USSD-gate Panic! Or remain calm and grab your towel. There are various (and sometimes contradictory) reports going… http://t.co/H9ZQxzL2

11:11pm September 26th 2012 via TweetDeck

RT @insitusec: New permission maps for newer Android versions. Thanks UToronto--Awesome work! http://t.co/R2EB40Fl

11:00pm September 26th 2012 via TweetDeck

RT @ChainfireXDA: Fast AAPT released: http://t.co/Wc7oCHpA . Speed up your Android app builds :)

10:48pm September 26th 2012 via TweetDeck

Google Play services, client library API that offers integration with Google products in Android apps - http://t.co/NYFqdd5a #androiddev

10:46pm September 26th 2012 via TweetDeck

RT @viaforensics: We banged on @raviborgaonkar USSD disclosure and found we can inject via XSS. Have a suggested workaround too. https://t.co/PROzEESy

10:14pm September 26th 2012 via TweetDeck

@sinvitaminas @jbarrio @r0sk @WuShell a mi me ha sonado a esto... http://t.co/RXfNX8SU no se si se adapta a lo q buscas :)

1:21pm September 26th 2012 via TweetDeck in reply to sinvitaminas

RT @julianor: CRIME attack slides https://t.co/Dmi1bjtc comments enabled and welcome #ekoparty2012

10:37am September 26th 2012 via TweetDeck

I said MTAN, meant PAN. Been reading too many EMV stuff and need to sleep. Reading @apuigsech EMV framework now - http://t.co/hu2PLgX8

10:44pm September 25th 2012 via TweetDeck

For the curious, EMV tags: Track 2 Equivalent Data http://t.co/H8uxIf1f & Application Primary Account Number (PAN) http://t.co/81D1k2Jz

10:38pm September 25th 2012 via TweetDeck

and here's another Cardtest (http://t.co/l0NAYZJ9) smali patch to make it work with Visa Electron - http://t.co/2LSO1474

10:34pm September 25th 2012 via TweetDeck

quick smali patch to Cardtest (http://t.co/l0NAYZJ9) android app, to show MTAN & track 2 equivalent data unmasked - http://t.co/pqrKK6l5

10:32pm September 25th 2012 via TweetDeck

@lawwait @dreyercito la noticia ha saltado a los medios a través del tweet q sólo mencionaba el wipe de Samsung y no contrastan nada :(

9:45pm September 25th 2012 via TweetDeck in reply to lawwait

RT @nflnfl: Auto-executing USSD codes is an Android bug that was fixed in Jelly Bean, see last 3 commit: https://t.co/qEGhehnm

9:29pm September 25th 2012 via TweetDeck

RT @collinrm: Quick and dirty "fix" for the USSD attack. The app will intercept all "TEL" URIs. Click TelStop to be secure! http://t.co/9QRw6IZn

9:23pm September 25th 2012 via TweetDeck

RT @0xabad1dea: Surprise (not), I blogged!: Ubuntu Snafu: Privacy Is Hard, Let's Go Shopping http://t.co/stxl55Qr about failure to be private by default

9:23pm September 25th 2012 via TweetDeck

@roman_soft u can try with *#06# that should show the IMEI, no idea about Movistar, sorry.

5:08pm September 25th 2012 via TweetDeck in reply to roman_soft

RT @sarapyin: 'Dirty USSD' Hack Wipes Samsung Phones. Is Yours Vulnerable? http://t.co/cebnQPV5 #ekoparty #android

4:21pm September 25th 2012 via TweetDeck

RT @AndroidPolice: [Video] Most Galaxy S III Devices Are Not Vulnerable To USSD Wiping Exploit: It Was Already Fixed In An Update http://t.co/NX8YWh8h

4:07pm September 25th 2012 via TweetDeck

RT @collinrm: New Mobile Security News, USSD,TEL,NFC: http://t.co/dikjcdEs

3:29pm September 25th 2012 via TweetDeck

RT @Amon_RA: There's a difference between Supplementary Service codes, USSD codes and mobile feature codes... A tech site/blog should know this.

3:26pm September 25th 2012 via TweetDeck

@lawwait en mi Galaxy Nexus pide confirmación para mandar el ussd, no lo ejecuta directamente, pero si, la vuln mola igualmente :)

3:20pm September 25th 2012 via TweetDeck in reply to lawwait

@lawwait si, però no era tan jodido como lo pintaste, sólo afecta a Samsung con touchwiz :P

3:00pm September 25th 2012 via TweetDeck in reply to lawwait

RT @TeamAndIRC: @pof @raviborgaonkar @ekoparty last week's AT&T SGSIII update fixed this issue, the international one has been fixed for some time.

2:57pm September 25th 2012 via TweetDeck

sorry I can't read/reply all mentions, too many of them! the Samsung vuln was disclosed by @raviborgaonkar at @ekoparty http://t.co/li2wPHjj

2:23pm September 25th 2012 via web

RT @auchenberg: @pof I created a small demo page that the video embedded: http://t.co/J3gchy8L

1:47pm September 25th 2012 via TweetDeck

@dmi @manarth @tomscott on stock android yes, but on samsung dialer it triggers code directly see ekoparty video http://t.co/li2wPHjj

11:10am September 25th 2012 via TweetDeck in reply to dmi

@DrPizza Gnex runs stock android, does not have any samsung customizations.... i have no idea about other samsung devices

11:09am September 25th 2012 via TweetDeck in reply to DrPizza

@DrPizza oh, sorry i didn't saw your where replying. The GNex does not have a "hard reset" USSD code, so this doesn't work on it

11:06am September 25th 2012 via TweetDeck in reply to DrPizza

@DrPizza no user interaction needed, see the ekoparty video: http://t.co/li2wPHjj

11:05am September 25th 2012 via TweetDeck in reply to DrPizza

@PaulOBrien yes, you can remotely wipe any friend's Galaxy S3 now, just by sending him a wap push sms :)

10:38am September 25th 2012 via TweetDeck in reply to PaulOBrien

@nibble_ds yes... that's why I hate OEM customizations on top of android ;)

10:31am September 25th 2012 via TweetDeck in reply to nibble_ds

@PaulOBrien just visit the url with the tel: url handler, either from QR, NFC or WAP Push SMS. Ekoparty video: http://t.co/li2wPHjj

10:30am September 25th 2012 via TweetDeck in reply to PaulOBrien

this will hard reset the phone, no user confirmation needed... #samsung #fail

10:23am September 25th 2012 via TweetDeck

the USSD code to factory data reset a Galaxy S3 is *2767*3855# can be triggered from browser like this: <frame src="tel:*2767*3855%23" />

10:22am September 25th 2012 via TweetDeck

btw, what where Samsung engineers smoking when they set a USSD code to do a factory reset?

10:14am September 25th 2012 via TweetDeck

other attack vectors include scanning the url with QR code, but again only devices w/samsung crapware affected. Solution: use stock android

10:11am September 25th 2012 via TweetDeck

My stock JellyBean Galaxy Nexus is not affected, displays the code on dialer, but needs user interaction to actually run it...

10:09am September 25th 2012 via TweetDeck

it's just a wap push sms which opens a website with a frameset tel:// url handler which sends a USSD code to reboot samsung devices

10:07am September 25th 2012 via TweetDeck

Android Dirty use of USSD Codes (Ekoparty 2012) video: http://t.co/li2wPHjj + "tel:" url handling demo: http://t.co/1YvAe0Dc

9:58am September 25th 2012 via TweetDeck

RT @timstrazz: Interesting concept/project Malwarehouse, simple way to store/search #malware http://t.co/2uiEB2zd http://t.co/2nkrGRJH

9:50am September 25th 2012 via TweetDeck

Dr. Android and Mr. Hide: Fine-grained Permissions in Android Applications - [pdf] http://t.co/Xmwa1CUf

9:04am September 25th 2012 via TweetDeck

UltraReset: Bypassing NFC access control with your smartphone - http://t.co/2XWI44Xb

5:22pm September 24th 2012 via TweetDeck

RT @radareorg: Here's the slides of my course on radare http://t.co/3K4YvgDT /by @trufae #radare #course #slides #lacon2k12

10:12am September 23rd 2012 via TweetDeck

raw notes i took during radare2 workshop at #lacon2k12 (in spanish, sorry) - http://t.co/j31XTuv4 /cc @radareorg

3:45pm September 22nd 2012 via TweetDeck

CardTest, Android app to read NFC enabled credit cards - http://t.co/l0NAYZJ9

2:42pm September 22nd 2012 via TweetDeck

RT @mikko: That took long. Just hours after release, @chpwn posts photos of a jailbroken iPhone 5: http://t.co/HqVz4snG #impressive

12:56pm September 22nd 2012 via Tweet Lanes for Android

UltraReset: Bypassing NFC access control with your smartphone - http://t.co/2XWI44Xb

12:53pm September 22nd 2012 via TweetDeck

RT @0xb3nn: Our Ultralight testing app is now in the Play market. This will compare card data (but not reset anything) https://t.co/zcsUa970

12:52pm September 22nd 2012 via Tweet Lanes for Android

@trufae como jode apagar el terminal cuando el jailbreak es tethered x'D #lac0n2k12 #lacon2k12 #meriodeios

12:54pm September 21st 2012 via TweetDeck in reply to trufae

RT @Blackmond_: set of tools to provide monitor mode and raw frame injection for iphone/ipad and bcm4325/4329/4330 chipset devices - https://t.co/lZLBKtuB

8:36am September 21st 2012 via TweetDeck

Radare2 for Android v2.0 available on Google Play - https://t.co/cDjRAy1b

7:18am September 21st 2012 via TweetDeck

Radare2 for Android #lacon2k12 edition just pushed to Google Play, it might take a while to see the update - http://t.co/89wGEt4x

1:19am September 21st 2012 via TweetDeck

RT @cryptax: Android/SMSZombie redirects uninstall attempts to home screen -> good post, @_r04ch_ ! http://t.co/zQoHJ8TC

7:52pm September 20th 2012 via TweetDeck

RT @pleed_: first apk similarity tests. Yet completely unoptimized using hungarian algorithm for object matching @dexlabsorg http://t.co/GoDlAOHD

7:47pm September 20th 2012 via TweetDeck

RT @MindbIowingFact: The robot that "NASA'' sent to Mars has 14 years of battery. They should build smartphones.

2:26am September 20th 2012 via TweetDeck

RT @radareorg: Nightly builds for radare2 on android uploaded. If you are using the development apk you should receive a notification /by @pof

2:15am September 20th 2012 via web

RT @emiliengirault: Androproto.py script used to recover Google Play's .proto https://t.co/GzElasea

10:20pm September 19th 2012 via TweetDeck

RT @emiliengirault: [Blog] Reversing Google Play and Micro-Protobuf applications http://t.co/3LVh3XDH

10:20pm September 19th 2012 via TweetDeck

RT @mwrlabs: We have just pwned the galaxy s3 at mobile #pwn2own through NFC. Brief blog post: http://t.co/3vvMCyn8 #esw12

4:07pm September 19th 2012 via TweetDeck

RT @mwrlabs: @beist @dragosr We exploited a memory corruption to gain code exec and then another weakness to install the trojan with full permissions

4:06pm September 19th 2012 via TweetDeck

RT @mwrlabs: We used Mercury (@droidhg) as a RAT to exfiltrate sms, contacts , pictures and more :) #pwn2own #esw12 , feature will be in upcoming version

4:05pm September 19th 2012 via TweetDeck

RT @IntrepidusGroup: We will be at #EuSecWest on Thurs detailing how an attacker can get free subway rides w/ NFC mobile phones. Example: https://t.co/EMWKT6y3

11:31am September 19th 2012 via Tweet Lanes for Android

RT @radareorg: Looking for a html/js ninja who wants to write a proper UI for r2 embedded webserver for phone/tablet/desktop. RT plz

11:24am September 19th 2012 via web

@radareorg latest commit looking so sexy, scrolling it's a bit meh... http://t.co/qEYqTCCh

2:10am September 19th 2012 via TweetDeck

@radareorg oh! so ugly... i also sent u an email with a bugreport on the webserver a while ago

1:01am September 19th 2012 via TweetDeck in reply to radareorg

@Stericson no crash with version 2.5 :-)

11:55pm September 18th 2012 via TweetDeck

@Stericson added, i hope i used the right gmail address ;-)

11:49pm September 18th 2012 via TweetDeck in reply to Stericson

@thomas_cannon yes, source is still there, and you can checkout that revision (+forks)... but it's weird the removal without notice :/

11:49pm September 18th 2012 via TweetDeck in reply to thomas_cannon

Original WhatsAPI repo 2h ago - "Bad news: Unfortunately, we've been asked to revoke the code, more details later." http://t.co/Lu9D3xHo

10:33pm September 18th 2012 via TweetDeck

@jsegura why? all my vms have ext4 on raid+lvm2, never had a single issue with it :/

8:42pm September 18th 2012 via TweetDeck in reply to jsegura

RT @ihackbanme: Working MonitorMode in Broadcom chips (bcm4329 & bcm4330) http://t.co/ZgjiFMo8 - we will implement it on zANTI soon.

8:40pm September 18th 2012 via TweetDeck

@Stericson was working fine in pre-2.4... but now I have to launch it in background (adding '&' at the end) and do a sleep...

11:05pm September 17th 2012 via TweetDeck

@Stericson is there any way in roottools to launch a program that waits user input?... i'm getting this http://t.co/JU8Ccf7n

11:02pm September 17th 2012 via TweetDeck

Android encryption master key brute force script in python used in @SantokuLinux v0.3 - (GitHub) http://t.co/aL24fTXj

10:08pm September 17th 2012 via TweetDeck

RT @SantokuLinux: HOWTO Brute Force Android Encryption on Santoku Linux: https://t.co/e4AZENDi

9:32pm September 17th 2012 via TweetDeck

RT @TeamAndIRC: Kindle Fire 7 HD root confirmed, Amazon/lab126 major f'd up, failed to patch long patched bug

8:41pm September 17th 2012 via TweetDeck

RT @JoseSelvi: A taste of Mobile Device Management (MDM) Security: http://t.co/OWOiajnm

5:10pm September 17th 2012 via TweetDeck

radare2 installer for android preview APK (for beta-testing): http://t.co/xGYK00eF pls report any bugs :)

4:26pm September 17th 2012 via TweetDeck

@radareorg yes, apk:// only prefixed if the file is apk. Regarding url i'm not capturing them, didn't know that... will check :)

1:17pm September 17th 2012 via TweetDeck in reply to radareorg

@radareorg share any file with radare launcher to open it without typing the path http://t.co/jwhxiERn http://t.co/qJTjSlSg

12:52pm September 17th 2012 via TweetDeck

RT @gN3mes1s: The magic of LD_PRELOAD for Userland Rootkits - http://t.co/U3ykQNf2

7:08am September 17th 2012 via TweetDeck

RT @eromang: New blog post: Zero-Day Season Is Really Not Over Yet http://t.co/U3Bakc0g #zataz #infosec

11:09pm September 16th 2012 via TweetDeck

@ChainfireXDA is your man "@ochsff anyone have some technical background on Odin's .tar.md5 and how to package a zImage to flash with Odin?"

10:05pm September 16th 2012 via TweetDeck

@vext01 @radareorg added a setting to use SDcard, hopefully useful for your N1 - http://t.co/kujk1Elx

9:28pm September 16th 2012 via TweetDeck in reply to vext01

@tripledes @r0sk por lo que leo es sólo para que los OEMs no saquen tablets android con el procesador que usarán las tablets con win8

1:20pm September 16th 2012 via TweetDeck in reply to tripledes

@r0sk ein?!?! fuente de la noticia?

1:15pm September 16th 2012 via TweetDeck in reply to r0sk

@radareorg update settings are working in git version, play store release in #lac0n2k12 next week http://t.co/3MIbNLIJ

12:38am September 16th 2012 via TweetDeck

RT @roman_soft: Libdbus root exploit by @steaIth : http://t.co/b2oSuUEq. Btw this should have been named "7350_dzug.c" (cooler!) ;-)

12:36pm September 15th 2012 via TweetDeck

RT @TeamAndIRC: @PaulOBrien @Bin4ryDigit is it using ro.kernel.qemu to elevate adb? OEMs are starting to set that in default.prop or making adbd ignore it

6:40pm September 14th 2012 via TweetDeck

New root exploit for Android ICS/JB: remount timing issue in "adb restore" service, discovered by @Bin4ryDigit - http://t.co/sL4YLPNi

6:39pm September 14th 2012 via TweetDeck

@trufae a mi em molaria q la tingués el MBA de 11" maxed-out...

4:49pm September 14th 2012 via TweetDeck in reply to trufae

RT @TeamAndIRC: signed boot & recovery images on kindle, but it looks like they didnt patch my unreleased root, and looks like we might have a chance

4:29pm September 14th 2012 via TweetDeck

@0xcharlie wow congrats man! sure you'll help making twitter a better place :)

3:01pm September 14th 2012 via TweetDeck in reply to 0xcharlie

RT @adesnos: Androguard 1.6 http://t.co/SZTTcxul Community + Automatic analysis

10:32am September 14th 2012 via TweetDeck

previous tweet FUD seems to be related to this talk by @raviborgaonkar: "Dirty use of USSD Codes in Cellular Network" - http://t.co/HchHzPww

9:52am September 14th 2012 via TweetDeck

FUD alert: possible 0day to be presented at ekoparty allows remotely permanent bricking of android devices - (spanish) http://t.co/zFgYgzrh

9:44am September 14th 2012 via TweetDeck

@trufae @zlowram @iolandatweets si, son com les del Nexus S, de finals del 2010...

7:46am September 14th 2012 via TweetDeck in reply to trufae

J2ObjC: open source tool from Google that translates Java code to Objective-C for the iOS (iPhone/iPad) platform - http://t.co/P1TPu2e5

12:11am September 14th 2012 via TweetDeck

RT @jaimeblascob: There we go: Tracking down the author of the PlugX RAT http://t.co/YGUDFj7Z

12:09am September 14th 2012 via TweetDeck

@zlowram no crec q apple pose NFC, a no ser q inventen algo per tenir la possibilitat de quedar-se amb un fee de cada pagament...

11:48pm September 13th 2012 via TweetDeck in reply to zlowram

@aramosf pues alguna vez te saca del apuro :)

10:32pm September 13th 2012 via TweetDeck in reply to aramosf

@aramosf ya he dicho q era quick y dirty... pa salir del paso q la web va fatal! :P

10:29pm September 13th 2012 via TweetDeck in reply to aramosf

I've just uploaded a quick-n-dirty simyo .es consumption checker in bash to github - http://t.co/eV4Jwqlo

10:27pm September 13th 2012 via TweetDeck

@jduck1337 @radareorg hahah, I didn't notice that, good point :D should have waited 1 more minute!

9:12pm September 13th 2012 via TweetDeck in reply to jduck1337

RT @MarioVilas: Phonegap application encryption http://t.co/rJVaVkkD

11:52am September 13th 2012 via TweetDeck

@trufae acabo d comitejar el soport "rudimentari" de check for updates al r2-installer, jo faria release per la LaCon... com ho veus?

11:04am September 13th 2012 via TweetDeck

@jbarrio que tal es la cobertura GSM/3G en el norte de la india? es facil conseguir una SIM prepago de allí?

8:31am September 13th 2012 via TweetDeck in reply to jbarrio

Security Testing 4G (LTE) Networks - [pdf] http://t.co/JRuGuKSB

7:48am September 13th 2012 via TweetDeck

RT @madCdan: My next conference at #Droidcon UK : http://t.co/4QgwVVsN I Will introduce the new #AndroVM project

9:47pm September 12th 2012 via Tweet Lanes for Android

RT @duosec: Our stats from X-Ray (http://t.co/vTrBT8H2) indicate that over 50% of Android devices have unpatched vulnerabilities: https://t.co/gehDNFhz

9:45pm September 12th 2012 via Tweet Lanes for Android

RT @viaforensics: HOWTO forensically examine an Android device with AFLogical OSE on @SantokuLinux https://t.co/0TfIA40U

9:22pm September 12th 2012 via Tweet Lanes for Android

RT @saidelike: RT @fredraynal: Emulate a 4G LTE base station: http://t.co/x8KTsZGd > Equivalent of OpenBTS for 4G LTE network. Software available soon.

8:23pm September 12th 2012 via Tweet Lanes for Android

RT @substack: china protip: `ssh -D 8888 somebox` then `chrome --proxy-server=socks5://localhost:8888`

8:21pm September 12th 2012 via Tweet Lanes for Android

@trufae dependrà tb del xip radio q porti l'android que hi ha mes fabricants al ecosistema (qualcomm, infineon...) i del terminal, etc

8:19pm September 12th 2012 via Tweet Lanes for Android in reply to trufae

RT @alexstamos: Congratulations to iOS fans, who can finally pay Apple $500 for a mid-2011 Android phone.

5:57pm September 12th 2012 via TweetDeck

RT @ChainfireXDA: Joking aside, lightning is a reversable connector. I've always wanted to hurt whomever invented USB for only fitting one way.

5:43pm September 12th 2012 via TweetDeck

RT @mikko: The consensus seems to be that the highest pixel-per-inch in any smartphone is in HTC Rezound and Sony Xperia S with 342PPI (4.3" screen).

5:37pm September 12th 2012 via TweetDeck

RT @jr_raphael: "Panorama mode in a phone camera? That's pretty amazing." -The rest of the world in 2011

5:37pm September 12th 2012 via TweetDeck

RT @jbqueru: 4 inch screens are now officially cool. I'm thinking about updating to a Nexus S.

5:33pm September 12th 2012 via TweetDeck

qemu-dbi: QEMU Dynamic Binary Instrumentation, architecture-agnostic API to dynamically instrument guest binary code - http://t.co/u5rA92OC

2:20pm September 12th 2012 via TweetDeck

@Stericson thanks! i came up with a different solution, but will try that later today as it seems much more clean :) cc @lilH3rmit

1:00pm September 12th 2012 via TweetDeck in reply to Stericson

@coolkamio jaja ok, pues con una cocacola :P

11:06pm September 11th 2012 via TweetDeck in reply to coolkamio

@coolkamio un dia con unas cervezas te lo cuento bien, no quiero entrar en debates políticos aquí

11:03pm September 11th 2012 via TweetDeck in reply to coolkamio

@coolkamio @madolche en casa de mis padres se veía sin satélite hasta el año pasado... ya me entiendes :)

10:59pm September 11th 2012 via TweetDeck in reply to coolkamio

@coolkamio @madolche por poner un ejemplo me impiden ver TV3 en mi ciudad natal (Vinaròs)

10:51pm September 11th 2012 via TweetDeck in reply to coolkamio

@coolkamio @Madolche precisamente el 'otro estado democrático' es el que trata de impedirnos tener rasgos propios

10:46pm September 11th 2012 via TweetDeck in reply to coolkamio

@timstrazz thanks for the RT :)

9:02pm September 11th 2012 via TweetDeck

RT @viaforensics: List of new tools targeted for @SantokuLinux Alpha 0.3 at end of week. Please chime in with suggestions. https://t.co/BHstj0u4

6:26pm September 11th 2012 via TweetDeck

RT @0xroot: I wished to know this before start debugging smali like a champion - http://t.co/CgF4wdKM

10:15am September 11th 2012 via TweetDeck

@karimyaghmour from what i understand, SystemServer.init1() calls native method system_init() which calls back to java SystemServer.init2()

2:04am September 11th 2012 via TweetDeck in reply to karimyaghmour

@karimyaghmour true, you're right... system_server (in ps) is app_process spawned by zygote. No idea what /system/bin/system_server is then

1:38am September 11th 2012 via TweetDeck in reply to karimyaghmour

@karimyaghmour is the first java component that runs on boot, takes care of starting all android services. See http://t.co/bm74OcRW

1:13am September 11th 2012 via TweetDeck in reply to karimyaghmour

RT @gN3mes1s: Linux ELF binary debugging and anti-debugging (slides + sources) - http://t.co/JLchOfc0

11:52pm September 10th 2012 via TweetDeck

looks like APKInspektor has been significantly improved in latest version - http://t.co/bR4zfJ30

9:37pm September 10th 2012 via TweetDeck

RT @MarioVilas: Nice classic buffer overflow in FreeRADIUS http://t.co/0y8quRYl

3:43pm September 10th 2012 via TweetDeck

RT @ochsff: Swipe NFC, suddenly GPS tracking over SSL native ARM RAT (5 kB)! :) http://t.co/O3xHgOGL

3:40pm September 10th 2012 via TweetDeck

@0xroot en el advisory de shazam se te ha colado el content provider del post de adobe... com.adobe.reader.fileprovider (copy-paste roolz!)

6:11am September 10th 2012 via TweetDeck in reply to 0xroot

RT @0xroot: New post - Path traversal vulnerability on Shazam (Android) application - http://t.co/gEFLahnn

6:09am September 10th 2012 via TweetDeck

RT @0xroot: New post - Path traversal vulnerability on Adobe reader (Android) application - http://t.co/AcBggnLM

6:09am September 10th 2012 via TweetDeck

RT @0xroot: [Paper] Security issues in the Android cross-layer architecture - http://t.co/siKICkRP

5:59am September 10th 2012 via TweetDeck

@poltarrago vaig a fer-te una mica d'enveja... http://t.co/5l5oTAgN

10:30pm September 8th 2012 via TweetDeck

@htc and make sure to let know your customers how many months the phone will get upgrades before purchasing. This way you'll sell more.

1:28pm September 8th 2012 via TweetDeck

@htc dont force your users to use Sense by putting it on /system, put your apps in /data to allow easy uninstall for those who don't like it

1:26pm September 8th 2012 via TweetDeck

@htc sell your phones with, stock Android images, and put your dialer, launcher, keyboard etc in Google Play as separated apps.

1:24pm September 8th 2012 via TweetDeck

@htc your Sense interface made sense back in WindowsMobile days, as the OS was crap and Sense improved it. Now stop breaking Android with it

1:19pm September 8th 2012 via TweetDeck

@trufae jaja m'ha encantat q poseses el hashtag de #sheeps a este tweet! :-)

11:21am September 8th 2012 via TweetDeck in reply to trufae

@quetzal son bots, hi ha molts q crawlejen tots els links q es posteja a twitter, jo a x90 molts els filtro per useragent...

11:19am September 8th 2012 via TweetDeck in reply to quetzal

RT @mwrlabs: Multiple Samsung Android Vulns http://t.co/dJmDdED3 The kind of vulns you can easily find using mercury

11:09am September 8th 2012 via TweetDeck

RT @snowfl0w: Contagio update = http://t.co/ads9EKoo Million thanks to all who tweeted, and to @SophosLabs, @slashdot, @DanKaps, @sempersecurus for help!

9:49am September 8th 2012 via TweetDeck

.@emiliengirault's googleplay-api is awesome! something that was definitely needed! thanks a million!

6:53pm September 7th 2012 via TweetDeck

Google has acquired VirusTotal ! congrats @bquintero - http://t.co/dFha2WIe

6:12pm September 7th 2012 via TweetDeck

RT @emiliengirault: Just released Google Play Unofficial Python API https://t.co/94adDwEy

6:06pm September 7th 2012 via TweetDeck

RT @nickfx: At last a decent front end for Aircrack-ng!! - https://t.co/kbWqa0wg. There's nothing like having 6 WiFiFu cmd shells open though! #cmdline

6:04pm September 7th 2012 via TweetDeck

@Stericson is there any way to get the command return status (ie: $?) from RootTools.getShell(true).add(command).waitForFinish(); ?

2:10pm September 7th 2012 via TweetDeck

RT @arteam_rce: Probably the best intro to arm asm I've read so far. http://t.co/OHMg8WTV

9:57am September 7th 2012 via TweetDeck

anyone has a good tutorial/example on working with a single android UI thread/class from many Activities? #androiddev

8:48am September 7th 2012 via TweetDeck

moar #radare2 eye candy, now opening classes.dex from phone :D http://t.co/3jpNyQwQ http://t.co/2H3le1zQ

2:00am September 7th 2012 via TweetDeck

New desktop arrangement, thanks to @iolandatweets :) http://t.co/OJEIgBaZ

12:29am September 7th 2012 via TweetDeck

sad news :( Contagio file downloads are not available indefinitely, thanks to Mediafire and LeakID - http://t.co/es1p5jKO

10:40pm September 6th 2012 via TweetDeck

RT @sarapyin: A security vendor playing down Android malware reports? I like. http://t.co/ZgfldM4l

10:31pm September 6th 2012 via Tweet Lanes for Android

RT @shafikyaghmour: This is the best article on inline assembly in C/C++ I have seen hands down: http://t.co/xRIqNXMW if you know of a better one let me know

10:14pm September 6th 2012 via Tweet Lanes for Android

RT @0xroot: Debuggable Apps in Android Market - http://t.co/TZGWb56m

9:58pm September 6th 2012 via Tweet Lanes for Android

@vierito5 aun estoy a tiempo! (23:48) *Felicidades* :)

9:48pm September 6th 2012 via Tweet Lanes for Android in reply to vierito5

I liked a @YouTube video http://t.co/QoPgRc5b The Scene Is Dead - Razor1911 | 64k Revision 2012

6:35pm September 6th 2012 via Google

comprehensive list of intents that can be implemented or called by activities - http://t.co/UFG3acB5 (via @alsutton) #androiddev

4:19pm September 6th 2012 via TweetDeck

feature preview: radare2 built in webserver in a Android webView - http://t.co/xs376pSL

12:01pm September 6th 2012 via TweetDeck

this is how ldpreloadhook helped to fix a bug in radare2 android webserver - http://t.co/qzJkzQqS vs http://t.co/d4KkNNVi

10:26am September 6th 2012 via TweetDeck

initial radare2 built-in webserver tests on Android - http://t.co/8HfHxdKm

9:31am September 6th 2012 via TweetDeck

@matalaz felicidades a los 3! Descansad y cuida mucho a Naiara y al 0day :)

11:32pm September 5th 2012 via Tweet Lanes for Android

RT @radareorg: Just commited an embedded webserver implemented in about 100LOC supporting post payloads. What now? :) #anal #surprise

11:24pm September 5th 2012 via Tweet Lanes for Android

RT @mdowd: Ubuntu on the case in the wake of the AppArmor stuff @djrbliss posted to our blog: https://t.co/WWJGYrXX

11:00pm September 5th 2012 via Tweet Lanes for Android

star Android Issue 37037 if you are really paranoid: Improve encrypted device behavior - http://t.co/F6tJ4A2Z

1:46pm September 5th 2012 via TweetDeck

@timstrazz @ChainfireXDA packed in the header section of another dalvik file...

8:36am September 5th 2012 via TweetDeck in reply to timstrazz

@timstrazz @ChainfireXDA i think combining obfuscated dex + a packed native lib would make it a hard crack-me ;-)

8:26am September 5th 2012 via TweetDeck in reply to timstrazz

@timstrazz @ChainfireXDA but we still havent seen anything too special in android protections yet (do you have any anti-debugging example?)

8:24am September 5th 2012 via TweetDeck in reply to timstrazz

@ChainfireXDA it's commonly used in malware, but also other apps obfuscate things (see http://t.co/stEWkYtp ) /cc @LookoutEng @timstrazz

7:57am September 5th 2012 via TweetDeck in reply to ChainfireXDA

@MordodeMaru el widget se llama "Sound Search"... anyway un reinicio tendria q arreglarlo :P

7:53am September 5th 2012 via TweetDeck in reply to MordodeMaru

@ChainfireXDA IMHO depends on the value of the thing you want to protect, and the num of ppl who wants to "have it" @LookoutEng @timstrazz

7:38am September 5th 2012 via TweetDeck in reply to ChainfireXDA

RT @LookoutEng: .@timstrazz's tech talk on slowing down reversers has been posted: http://t.co/syRg69dh

7:30am September 5th 2012 via Boid for Android

preview of next 'radare installer for Android' version, now with built in shell spawner - http://t.co/79i2pPeY

2:34pm September 4th 2012 via TweetDeck

@ChainfireXDA and I assume those keys are public... if that's used in stock roms, it's a huge security flaw!

7:54am September 4th 2012 via TweetDeck in reply to ChainfireXDA

@ChainfireXDA came across this http://t.co/G5ef1qUD does it mean the stock recovery isn't checking signature? or the priv key got leaked?

7:46am September 4th 2012 via TweetDeck

New version of "radare installer for Android" pushed to Google Play - http://t.co/89wGEt4x http://t.co/jyPDekis

6:24pm September 3rd 2012 via TweetDeck

RT @cryptax: Sometimes the way malware authors make money out of mobile malware isn't obvious. This explains for Android/Fakemart: http://t.co/q79v5E1x

6:21pm September 3rd 2012 via TweetDeck

@vext01 because that would make the APK very big and have to release updated APK for each radare release... it's just a downloader+installer

9:19am September 3rd 2012 via TweetDeck in reply to vext01

@vext01 @radareorg probably it's caused because there's not enough space in /data partition. I'll have to check free space before untar.

8:37am September 3rd 2012 via TweetDeck in reply to vext01

Android Optimizer bug - endless booting: http://t.co/S8iIPJkv

7:34am September 3rd 2012 via TweetDeck

@vext01 @radareorg i'll have a look, was working on my GNex when I tried yesterday. Thanks for reporting it!

7:31am September 3rd 2012 via TweetDeck in reply to vext01

RT @radareorg: Updated android packages for git (mips, arm and x86) check them out with the radare2 installer app from the Play Store (thx @pof)

11:49pm September 2nd 2012 via TweetDeck

@MikeTracking @trufae al aplicar els canvis a producció hi havien preus amb /n/r i el servidor de producció no tenia dos2unix instal·lat

3:27pm September 2nd 2012 via TweetDeck in reply to MikeTracking

@timstrazz @osxreverser too much prior art, they won't accept your pattent... oh wait!

1:41am September 1st 2012 via TweetDeck in reply to timstrazz

@karimyaghmour avast antitheft sends sms when your device is stolen (sim changed)

1:32am September 1st 2012 via TweetDeck in reply to karimyaghmour

@timstrazz only if you catch who the author is! btw, do u see many gpl violations in malware?

1:29am September 1st 2012 via TweetDeck in reply to timstrazz

RT @mncoppola: Releasing Suterusu, a new Linux/Android rootkit. Does all the basics and then some, supports new 3.x kernels. http://t.co/fN1J7XjX

1:16am September 1st 2012 via TweetDeck

@NuShrike yep, i knew those and use them daily, also ctr+r is very handy to search history, but didn't know the ctrl+v one :)

12:34am September 1st 2012 via TweetDeck in reply to NuShrike

@NuShrike oh i see, didn't know the crl-v thingie to enter the control character on the terminal :) thanks!

12:29am September 1st 2012 via TweetDeck in reply to NuShrike

@NuShrike wouldn't that search for a line containing a single M on it? (^ means line starts with)... tr -d '\r' will work better

12:22am September 1st 2012 via TweetDeck in reply to NuShrike