Tweets from March 2013

Android SuperUser (koush) security fix - https://t.co/eLxt6wc7Bk

10:02pm March 31st 2013 via Falcon Pro

RT @sweis: Cache timing attacks on phones: http://t.co/GnqfqouN5B via @sevenps & @tqbf

5:16pm March 31st 2013 via Falcon Pro

@cryptax good luck, curious to see what is it about!

10:02pm March 30th 2013 via Falcon Pro in reply to cryptax

RT @samsa2k8: Leaving to South Corea for codegate finals with int3pids. I hope we have an interesting and peaceful contest :-)

2:30pm March 30th 2013 via Falcon Pro

RT @karimyaghmour: Lots of LaTeX templates: http://t.co/a0H3716ZKM - awesome

10:50pm March 29th 2013 via Falcon Pro

RT @NVISO_BE: [New blog post] We just released ApkScan beta - our malware scanning service for Android applications. http://t.co/XlbhYb1E02

10:26pm March 29th 2013 via Falcon Pro

RT @malditogeek: This is great news, Google Open Patent Non-Assertion Pledge http://t.co/Owsx5buEPf

6:51pm March 28th 2013 via Falcon Pro

RT @viaforensics: Android Forensics Training Presentation from HTCIA NY - Diving into low-level NAND and more: https://t.co/0S3LE9VR2L

4:02pm March 28th 2013 via Falcon Pro

adb shell #protip to adjust terminal size: stty size |sed -e "s/ / cols /g" -e "s/^/busybox stty rows /" thanks @jduck

12:35pm March 28th 2013 via web

RT @ChromiumDev: DevTools: "Copy as Curl" added to network panel to reproduce any network request. http://t.co/T2x7M9xAIf

12:03pm March 28th 2013 via Falcon Pro

RT @droidhg: What's new in #mercury v2.2? Check out what's new: http://t.co/negbJqppmQ

11:56am March 28th 2013 via web

RT @droidhg: Did I hear #mercury v2.2? Why yes! Grab it from http://t.co/eyXxeWHzAU

11:55am March 28th 2013 via Falcon Pro

RT @xdadevelopers: Extract & Repack RUUs with HTC ROM Extractor http://t.co/Wwcj4pTCzu

11:49am March 28th 2013 via Falcon Pro

neat! RT @NicolasFalliere Need some help for the Bluebox Android challenge? Check http://t.co/gvM93vdQui #jeb #android #java #decompiler

7:08pm March 27th 2013 via Falcon Pro

RT @carlosacastillo: API omission renders Android password managers insecure http://t.co/Iwyn9SHM0x

3:21pm March 27th 2013 via Falcon Pro

RT @trufae: Bypassing PHP's mysql_real_escape_string to perform SQL injection attacks. http://t.co/LgXrrK8UA4 /via @48bits

12:33pm March 27th 2013 via Falcon Pro

RT @ecoATM: @dakami Thanks, Dan! We actually do a lot more than just check a drivers license: http://t.co/tKg1M4YVGT

11:24am March 27th 2013 via Falcon Pro

RT @dakami: EcoATM: Pawn shop ATM for electronics. Seemed moral hazard in a box, but checks drivers license! Future! http://t.co/b2sv3Y1uyE

11:24am March 27th 2013 via Falcon Pro

Taming Android One Device at a Time, nice Android devices backend - http://t.co/wmmLtZ0sJj

9:09am March 27th 2013 via Falcon Pro

Cross-referencing stand-alone Dalvik Bytecode - http://t.co/6W5YdyrSuI (@skier_t analysis of @thuxnder crackme, spoiler inside)

8:57am March 27th 2013 via web

RT @GuifreRuiz: on vacations since Friday, wrote "PegasusHPC is a High Performance Crawler" (600 uris/sec) test and give feedback https://t.co/fW5kaoyJKw

5:25pm March 26th 2013 via Falcon Pro

RT @AndroidPolice: Security Flaw Allows Sony Xperia Z Lockscreen Bypass http://t.co/MM0q7uKEpI

10:16am March 26th 2013 via Falcon Pro

RT @Agarri_FR: MongoDB: From JavaScript injection to RCE http://t.co/YrU5Sz7Wh8

8:15am March 26th 2013 via Falcon Pro

RT @thuxnder: my Android crackme challenge is up, including a zip trick. Have fun! #android APK: https://t.co/VhhQFK2bew Blogpost: http://t.co/9C6xHc1bCg

5:38am March 26th 2013 via TweetDeck

RT @JonathanSalwan: Linux runtime unpacker and binary signature http://t.co/pSjLd5fvMj

10:56pm March 25th 2013 via Falcon Pro

RT @NicolasFalliere: Careful with Java decompilers, the output can be misleading, see http://t.co/9NBtIpk9Wj #android #decompiler

6:32pm March 25th 2013 via Falcon Pro

RT @teamcymru: Android Malware Seeds for Sale http://t.co/SP8aCyc2R5

8:47am March 25th 2013 via Falcon Pro

RT @chriseng: SecureRandom() not so secure on Android due to PRNG weaknesses: http://t.co/zeakU5W53q

4:55pm March 24th 2013 via Falcon Pro

@txipi pues yo siempre le he llamado pipe :P

9:07pm March 23rd 2013 via Falcon Pro in reply to txipi

RT @braincode: Oh, yeah, multipath TCP builtin on linux kernel: http://t.co/e1f8YvFXBr, @pof script served me very well anyway ;) http://t.co/rC772pHn5Y

5:33pm March 23rd 2013 via Falcon Pro

RT @hdubli: Samsung responds to BlackBerry CEO's claim that Samsung's smartphone security will never be 'top-notch' http://t.co/mxEDQnyQdN

6:51am March 23rd 2013 via Falcon Pro

RT @yaaang: Terrible. FB patches Dalvik http://t.co/T6zCYcDPXW but now Google has to hack around that for compat http://t.co/kStxMubsw8 /cc @chungwu

6:23am March 23rd 2013 via Falcon Pro

@0xb3nn good luck with your new adventure, whatever it is :)

9:41pm March 22nd 2013 via Falcon Pro in reply to 0xb3nn

RT @PaulOBrien: My Google Wallet patch is now an Xposed mod for ease of install and better app upgrade compatibility. Details - http://t.co/aLYWIfRu6V

3:12pm March 22nd 2013 via Falcon Pro

RT @ClevCode: ARM payload development example :) http://t.co/AZrZDo9O5V … #ARM #Baseband #Samsung_S3

8:14am March 22nd 2013 via Falcon Pro

@jduck1337 well, i could name a few from xda... but certainly not easy to find people with good #WindowsPhone hacking/reversing skills

3:33am March 22nd 2013 via Falcon Pro in reply to jduck1337

Any #WindowsPhone hackers looking for a job? viaForensics is hiring - https://t.co/sSFiXe1YmR

2:00am March 22nd 2013 via Falcon Pro

RT @timstrazz: Got quoted for some NotCompatible research by NBC - they even spelt my name correctly! http://t.co/CQhiTEKZ2A

1:19am March 22nd 2013 via Falcon Pro

RT @radareorg: Ssssh! I have silently released radare2 0.9.4. More details soon…

8:32pm March 21st 2013 via Tweet Button

@radareorg new builds uploaded, now fix the redirects

7:49pm March 21st 2013 via Falcon Pro in reply to radareorg

RT @VBarraquito: New security risk on iOS 6.1.3, another Passcode Vulnerability, easily avoided by disabling the "Voice Dial" option. http://t.co/EhfV31oa0n

4:55am March 21st 2013 via Falcon Pro

@ibelmonte hahaha di.fm + sky.fm rocks! but di is better coz it has #chiptunes

3:17am March 21st 2013 via Falcon Pro in reply to ibelmonte

RT @grsecurity: KASLR: An Exercise in Cargo Cult Security: http://t.co/Xqn6movuL8

1:22am March 21st 2013 via Falcon Pro

@ihackbanme @z4ziggy the unsetenv("LD_PRELOAD") on the constructor was thanks to @trufae, after that the rest was a piece of cake! :)

8:27pm March 20th 2013 via web in reply to trufae

@ihackbanme lol, when is the next one going to be published? :)

7:15pm March 20th 2013 via Falcon Pro in reply to ihackbanme

I liked a @YouTube video from @commercialtvvid http://t.co/t1XCmz8mnd Funny Commercial - Le Trèfle - Emma - (Toilet Paper)

6:32pm March 20th 2013 via Google

@anantshri @IntegoSecurity afaik this is 6.1.2, already fixed in 6.1.3

5:49pm March 20th 2013 via Falcon Pro in reply to anantshri

RT @Jhaddix: Want to see your Android app security bugs? Use http://t.co/C8Ci0lj4kl - Android rules = ON and it's Free! https://t.co/6oQaNVnwYx

5:26pm March 20th 2013 via Falcon Pro

@iolandatweets molt xulo el vídeo, dona ganes de viatjar!

4:58pm March 20th 2013 via Falcon Pro in reply to iolandatweets

@anantshri yeah, last week we had it in meego too (nokia n950 and n9).

11:40am March 20th 2013 via Falcon Pro in reply to anantshri

YASLB: Yet Another Samsung Lockscreen Bypass - http://t.co/hSQMbqZ9Ob

10:32am March 20th 2013 via web

@hdubli a few Samsung specific vulns, that are still unpatched...

9:52am March 20th 2013 via Falcon Pro in reply to hdubli

@timstrazz looks very nice! I still remember the SF 'Anchor Steam' :)

9:48am March 20th 2013 via Falcon Pro in reply to timstrazz

Good intro on Linux System Calls (intel, 32 and 64bit) - http://t.co/KVC9xjN8CL

1:39am March 20th 2013 via Falcon Pro

RT @tmanning: Cansecwest conference pdf archive. http://t.co/M5X9LhFxx0 ht @binjo

1:18am March 20th 2013 via TweetDeck

"it turned out that recording an Android screen video with a good fps rate is more difficult than finding 0-days" <-- LOL!! :)

1:03am March 20th 2013 via Falcon Pro

Owning Samsung phones for fun (...but with no profit :-)) - http://t.co/giDoHj20r8

12:45am March 20th 2013 via Falcon Pro

RT @viaforensics: Using a mobile device as an attack vector - from viaForensics researcher @insitusec - https://t.co/kVURo6HVH3

7:27pm March 19th 2013 via Falcon Pro

RT @lostinsecurity: Google Public DNS Now Supports DNSSEC Validation http://t.co/XwolceNR5g <- nice :)

7:26pm March 19th 2013 via Falcon Pro

Dancing With Dalvik, a crash course in reading and understanding Davlik opcodes - http://t.co/3ZWq9fStKM

2:27am March 19th 2013 via web

RT @timstrazz: Regards to the "PE" file that is an "APK" - isn't a valid file unless the header is ripped off… Was there a dropper? http://t.co/EcHCVnIvVn

12:44am March 19th 2013 via Falcon Pro

RT @timstrazz: Just scored a sweet viaForensics skateboard! Time to teach bebop to ride... http://t.co/cdzri7vSB2

12:41am March 19th 2013 via Falcon Pro

iKAT: Interactive Kiosk Attack Tool updated to v2013 - http://t.co/WcFaqaAhh8

5:17pm March 18th 2013 via web

RT @StackSmashing: My slides to 'Next generation mobile rootkits' are online: http://t.co/wN1AkRmDIs /cc @BlackHatEvents

9:14am March 18th 2013 via web

Let's play Applanting (CSRF & click jacking) - [PDF] https://t.co/dMQC8ilx0B

9:09am March 18th 2013 via web

grsecurity forums: Recent ARM security improvements - http://t.co/BNOvFNIUqO

9:07am March 18th 2013 via Falcon Pro

Assessing BYOD with the smartphone pentest framework - [PDF] https://t.co/TTF9CfFG0x

8:51am March 18th 2013 via web

Practical Attacks Against MDM solutions - [PDF] https://t.co/KFfiA5zufx

8:48am March 18th 2013 via web

"Data-Clone", a new way to attack android apps - http://t.co/GIKRz6OOCH (chinese: http://t.co/RGtZPLGFPe )

8:38am March 18th 2013 via web

RT @mikearpaia: My slides on iOS and Android security from #mdevcon: https://t.co/HcyqvA6AR1

5:23pm March 17th 2013 via TweetDeck

LOL! RT @thomas_cannon Even on random receipts a pattern is emerging... @pof http://t.co/2J3ko7yo95

4:40pm March 16th 2013 via TweetDeck

RT @ChainfireXDA: Some more details on trying to root that SGS4 yesterday: https://t.co/ysiYAIrqq2

12:59pm March 15th 2013 via Falcon Pro

. @jduck1337 wow, congrats! u never cease to amaze me :)

4:43am March 15th 2013 via Falcon Pro in reply to jduck1337

@jduck1337 have you ported the SOCK_DIAG exploit to Android? /cc @ChainfireXDA

3:01am March 15th 2013 via web in reply to jduck1337

Very interesting thread on Qualcomm Snapdragon S4: MSM8960 Info, Architecture and Bootloader(s) - http://t.co/1BqCDwgYim

2:51am March 15th 2013 via web

RT @radareorg: Just uploaded the slides and exercices used in the reversing training at rootedlabs http://t.co/9zJoSS5Kbf #rooted2013 /cc @rootedcon

2:36am March 15th 2013 via Falcon Pro

RT @ChainfireXDA: This SELinux hardened SGS4 is proving a biatch to root. Reboots on su call, denies adb on modifying policies. Will try more later :)

2:18am March 15th 2013 via Falcon Pro

Not only Apple and Samsung fail on this: Bypass Lockscreen on the Nokia N950 - http://t.co/M0QUSGfz2L via @trufae

12:32am March 15th 2013 via Falcon Pro

nice read, "A few android security issues" - http://t.co/MqXWrsjMSc

9:26pm March 14th 2013 via web

@ldelgadoj creo que todavía tardará un poquito O:-) pero será cosa fina cuando llegue ;)

9:04pm March 14th 2013 via Falcon Pro in reply to ldelgadoj

Ad-Hoc (IBSS) mode support for Android 4.2.2 - http://t.co/0xQKYWuxKm

2:15pm March 14th 2013 via web

RT @iamnion: browserless tapjacking the #android home screen to issue e.g. premium rate phone calls from 0-perm app https://t.co/lE0SK08K9C #TROOPERS13

1:46pm March 14th 2013 via Falcon Pro

RT @AndroidPolice: Breaking: Google Has Begun Purging Ad-Blocking Apps From The Play Store http://t.co/rUHvjDZIyo

4:17am March 14th 2013 via Falcon Pro

RT @trufae: adminer.php a single-file phpmyadmin-like with sqlite, pgsql and mysql support http://t.co/CkbUuAgPox

3:58am March 14th 2013 via Falcon Pro

RT @grsecurity: Today's daily reminder that unprivileged user namespaces are safe is brought to you by Stealth. Local root: http://t.co/rEf7J0eyY7

3:50am March 14th 2013 via Falcon Pro

RT @kalilinux: It's done. We are proud and ready to present #KaliLinux http://t.co/UMeqAkUTj2

3:22am March 14th 2013 via Falcon Pro

RT @viaforensics: Exploiting your device - How to get sys_call_table on Android by @0xroot - https://t.co/aTIt1teSU0

3:19am March 14th 2013 via Falcon Pro

RT @googlereader: We're retiring Reader on July 1. We know many of you will be sad to see it go. Thanks for 8 great years! http://t.co/0jtSqBnORp

3:17am March 14th 2013 via Falcon Pro

Inserting keylogger code in Android SwiftKey using apktool - http://t.co/2yRA9Kzh6s via @mikko

11:03am March 12th 2013 via Falcon Pro

RT @Newlog_: Can anyone point me any linux use-after-free exploitation tutorial or "self-explaining" exploit? There is no fucking information...

12:33am March 12th 2013 via Falcon Pro

RT @mikko: Google Play has a problem — and it isn't malware. http://t.co/sf8YIhsHKu from F-Secure Weblog

12:25am March 12th 2013 via Falcon Pro

RT @0xroot: I've uploaded the slides for my talk: "Dude where's my droid?" - http://t.co/jAkC64HvmN

11:27pm March 11th 2013 via Falcon Pro

this is useful (IGLogger & APKsmash): APKTool, make me a logcat sandwich - http://t.co/S60TnSWoad

7:49am March 11th 2013 via Falcon Pro

RT @JamesDeen: You're only paranoid if you're wrong. If you're right then you're super intuitive :-)

1:02pm March 10th 2013 via Falcon Pro

RT @alienvault: Twitter OAuth API Keys Leaked http://t.co/nuRz5Ighsb

11:38am March 9th 2013 via Falcon Pro

The DEFCON 21 Call for Papers is now open - https://t.co/IoYmf1jiLb

4:07pm March 8th 2013 via Falcon Pro

curious post about ps command on Android - http://t.co/hHNbCI1yyf

11:01am March 8th 2013 via Falcon Pro

RT @NVISO_BE: [New blog post] Introducing ApkScan, our Android malware analysis service! http://t.co/VXfAYGhhG0

9:35am March 8th 2013 via Falcon Pro

@z4ziggy @ihackbanme my solution: LD_PRELOAD=hook.so SPYSTR=1 zcrackme.protected pwn code: https://t.co/6bTk5RRvk0

12:57am March 8th 2013 via Falcon Pro in reply to z4ziggy

defeated @ihackbanme crackme, now waiting for the second challenge :)

11:16pm March 7th 2013 via Falcon Pro

@chencho luego lo dejamos igual que estaba... don't worry :)

10:20pm March 7th 2013 via Falcon Pro in reply to chencho

@civantoz jeje... ha sido "sin querer" (evitarlo)

5:52pm March 7th 2013 via Falcon Pro in reply to civantoz

@theindiandragon old Debian, with a crappie kiosk interface

5:50pm March 7th 2013 via Falcon Pro in reply to theindiandragon

RT @Jhaddix: Want to see your Android app security bugs? Use http://t.co/C8Ci0lj4kl - Android rules = on, only will give line/file details on XSS though

12:26pm March 7th 2013 via Falcon Pro

RT @i0n1c: iOS 6 Exploitation 280 Days Later - http://t.co/d3kYpXdDXQ

12:24pm March 7th 2013 via Falcon Pro

BCN-MAD, heading to #RootedCon after a sleepless night... oh well at least the exploit works ;) see you at #rooted2013

6:24am March 7th 2013 via Falcon Pro

RT @mwrlabs: We just demonstrated a Chrome exploit with full sandbox break out at #pwn2own brief blog post here: http://t.co/bdsduCkJ4d

6:11am March 7th 2013 via Falcon Pro

RT @quine: “@thezdi: @Oracle Java falls once more to @jduck1337 #Pwn2Own #CanSecWest” <- congrats, Josh!

6:10am March 7th 2013 via Falcon Pro

RT @carlosacastillo: Mobile Malcoders Pay to (Google) Play http://t.co/J899idbora - Malcoders selling "verified" Play accounts tied to a dedicated server

5:48am March 7th 2013 via Falcon Pro

RT @virustotal: VirusTotal += Android execution reports... http://t.co/bdFZhIFLY1

5:44am March 7th 2013 via Falcon Pro

Introduction to Linux Security Modules (LSM) - http://t.co/7Z6SJyEeSj

4:54am March 7th 2013 via web

RT @thorstenholz: DroidScope (Dynamic Android malware analysis platform) is now available: https://t.co/T3LseHJiEu (paper available at http://t.co/PUJ9nYXmPg)

5:01pm March 6th 2013 via web

RT @trufae: If you have an android phone and want to run ffos apps. Install firefox app, open http://t.co/mIblmZhErG search for an app and click install

2:38am March 6th 2013 via Falcon Pro

Just purchased the "Humble bundle with Android 5": awesome mobile/desktop games, cross-platform and DRM-free! https://t.co/KYNPeH4hGh

11:46pm March 5th 2013 via Tweet Button

@NuShrike @s7ephen heh, good point :) although I enjoyed reading the approach they took to solve the problem

7:26pm March 5th 2013 via Falcon Pro in reply to NuShrike

RT @MarioVilas: /r/rootkit - A new subreddit for technical discussion about rootkit research and development http://t.co/FFYj7VZBKq

12:41pm March 5th 2013 via Falcon Pro

Under the Hood: Dalvik patch for Facebook for Android - https://t.co/0LZVIzA75j (via @s7ephen)

12:30pm March 5th 2013 via web

This Samsung lock screen bypass is a few weeks old, but made into news today again - http://t.co/Ljd3QcXkUy

8:39am March 5th 2013 via Falcon Pro

RT @0xroot: Code protection in Android - Obfuscation techniques http://t.co/Kd8276Qmir via @marcograss

8:19am March 5th 2013 via Falcon Pro

@DannOfThurs no lists support on @tweedleapp yet :( i really need that.

1:15am March 5th 2013 via Falcon Pro in reply to DannOfThurs

@PaulOBrien wish they open sourced it... i'm still searching for the perfect client (mix between TweakDeck & Falcon)

1:06am March 5th 2013 via Falcon Pro in reply to PaulOBrien

RT @PaulOBrien: Twitter officially kills TweetDeck for Android (and a bunch of other platforms). TweakDeck will also die. :-( http://t.co/3sXHzOQLWe

1:04am March 5th 2013 via Falcon Pro

Linaro Connect 2013: Embedded Android #1 - Android Internals - http://t.co/rtFfz1fHxi

11:00pm March 4th 2013 via Falcon Pro

RT @jduck1337: I will be speaking CanSecWest 2013 at 9am PST on Thurday, March 7th on the topic of Android Security Research - Join me =)

10:55pm March 4th 2013 via Falcon Pro

@th3flyboy it doesn't do that unless the manufacturer wants that... my AOSP maguro is both SEAndroid enforced and rooted.

5:55pm March 4th 2013 via Falcon Pro in reply to th3flyboy

Laying a Secure Foundation for Mobile Devices (NDSS'13) - [pdf] http://t.co/5X4ms4n8pr

5:28pm March 4th 2013 via web

Security Enhanced Android: Bringing Flexible MAC to Android (NDSS'13) - [paper] http://t.co/WPXz77ssiP & [slides] http://t.co/B4EHfg2uMs

5:27pm March 4th 2013 via web

@jduck1337 good luck, i'm sure you'll rock! :D

9:16am March 4th 2013 via Falcon Pro in reply to jduck1337

ADEL: Android Data Extractor Lite goes open-source http://t.co/wQfpOLbQT9 via @m_spreitz

11:01am March 2nd 2013 via Falcon Pro

RT @jbqueru: It's always a good day when your work gets reported in the blogosphere as "Achievement Unlocked"

8:54am March 2nd 2013 via FalconPro

RT @AndroidPolice: [Achievement Unlocked] Google: Nexus 4 And Nexus 7 Are The First Ever AOSP Devices That Have 100% Of The... http://t.co/7r4Fu4DA2S

8:14am March 2nd 2013 via FalconPro

RT @AndroidPolice: Google Completes Android 4.2.2 Rollout - Nexus 4 And Nexus 7 3G Now Fully Supported By AOSP http://t.co/LLK0y6pwyZ

11:31pm March 1st 2013 via FalconPro

RT @GadixCRK: Catalog of key Windows kernel data structures http://t.co/C7TW739FZ9

3:21pm March 1st 2013 via FalconPro

RT @viaforensics: Great Catalan dinner tonight with @timstrazz @pof @insitusec @thuxnder @rallat @kstrzemp and @kevinmswartz Time to prep for 9am #rsac talk

7:38am March 1st 2013 via FalconPro

awesome day at #RSAC ending @duosec party with @quine @collinrm @insitusec @0xcharlie @dinodaizovi @viaforensics et al.

2:54am March 1st 2013 via web