Tweets from July 2013

Finally taking the plane to Las Vegas! See y'all there! #defcon

3:51pm July 31st 2013 via Falcon Pro

@cryptax @rallat not sure yet, they still have my luggage. Hopefully it arrives safe and we can drink it to forget the airport nightmare :P

1:43pm July 31st 2013 via Falcon Pro in reply to cryptax

RT @trompi: one of the main problems in Android when it comes to security is fragmentation. And one picture is worth 1k words http://t.co/WasYToxMcI

10:43am July 31st 2013 via Falcon Pro

@Fuzion24 nice one! my script is just a quick hack I had to do to bypass the captive portal in a hotel wifi :)

7:31am July 31st 2013 via Falcon Pro in reply to Fuzion24

@bluejay00 si ens han posat un hotel... arribaré just a temps si no hi ha més sorpreses :P

7:18am July 31st 2013 via Falcon Pro in reply to bluejay00

@Antoniojojojo this doesn't work on n4,it changes the mac but you can't associate to wi-fi networks after

7:15am July 31st 2013 via Falcon Pro in reply to Antoniojojojo

Just published a script to change the wifi MAC address on Nexus4 - https://t.co/vtSB2C8dzJ

12:01am July 31st 2013 via web

RT @theKos: This is an AWESOME post-hack write up. > Canonical Blog - http://t.co/zpovmc8Fqf

11:30pm July 30th 2013 via Falcon Pro

RT @thorsheim: .@insitusec from @viaforensics now speaking at #passwords13 Missing you here @andreybelenko! http://t.co/wkM2qJxXY6

11:27pm July 30th 2013 via Falcon Pro

I'd like to thank @British_Airways for wasting 24h of my time in a hotel near London Heathrow. #DefCon http://t.co/Ujt86ZT7h8

9:42pm July 30th 2013 via web

@rallat arribarem el 31 a les 7:15PM si no hi ha mes sorpreses.

9:39pm July 30th 2013 via web in reply to rallat

@cbruegg yeah, but would have preferred to be in Vegas on time instead of this :(

9:38pm July 30th 2013 via web in reply to cbruegg

@dancasas merci Dan, al final british ens ha posat un hotel i volem demà. Cuida't!

9:38pm July 30th 2013 via web in reply to dancasas

@bluejay00 al final volem demà..... 24h d'espera :(

9:37pm July 30th 2013 via web in reply to bluejay00

@alsutton thanks, they gave us a hotel near airport and seats for the same flight tomorrow, so we're all set. Hopefully no more surprises :)

9:37pm July 30th 2013 via web in reply to alsutton

@darrenmcentee yeah, that's what they did... but I'd have preferred to be in Vegas on time anyways :(

9:34pm July 30th 2013 via web in reply to darrenmcentee

@scottyab haha... we had shitty hotel food near heathrow :/ at least London was sunny today :)

9:34pm July 30th 2013 via web in reply to scottyab

@cryptax yeah, shit happens. Hopefully they sort it out for tomorrow :)

9:33pm July 30th 2013 via web in reply to cryptax

@TeamAndIRC you better wait, i'm just arriving 24h late ;)

9:32pm July 30th 2013 via web in reply to TeamAndIRC

fuck British Airways, overselled connecting flight to Vegas. Now waiting in Heathrow to see if anyone doesn't show up at the gate :(

4:55pm July 30th 2013 via Falcon Pro

Working GameBoy emulator running on Chromecast - http://t.co/ZdSLHYUjzX

2:13am July 30th 2013 via Falcon Pro

RT @Fuzion24: https://t.co/jgV6YcKcpv Implemented @saurik's idea for bug 9695860. It is more reliable and powerful than the OG master keys bug.

12:43am July 30th 2013 via Falcon Pro

@quine @thuxnder @adamely @jduck @TeamAndIRC @skier_t i'm flying tomorrow, see you on Wednesday :)

11:29pm July 29th 2013 via Falcon Pro in reply to quine

RT @jonoberheide: I feel like these stickers will be popular in Vegas... http://t.co/wjDdhU0roo

6:44pm July 29th 2013 via Falcon Pro

RT @trufae: Yay! Just spotted the first malware PoC on the FxOS marketplace exploiting an unknown manifest trust vulnerability! Must investigate!

6:43pm July 29th 2013 via Falcon Pro

RT @PwnieAwards: And the nominees for the 2013 Pwnie Awards are... http://t.co/Y1HI4T7ZwK

6:34pm July 29th 2013 via Falcon Pro

RT @scooterthetroll: If you missed @0xcharlie and @nudehaberdasher on the Today Show, here it is: http://t.co/cYVzqyXTcG

5:09pm July 29th 2013 via web

RT @thegrugq: @0xcharlie @nudehaberdasher good luck guys, void a warranty!

12:29pm July 29th 2013 via Falcon Pro

@segfault oh sorry missed that.... push notifications are working fine for me on 4.3, no issues whatsoever

12:26pm July 29th 2013 via Falcon Pro in reply to segfault

RT @alsutton: Finally got around to making a list of the #AOSP change logs I've put together - http://t.co/YPStUQDhTv

10:28am July 29th 2013 via Falcon Pro

@dukebarman hahah I guess we'll have to do some signing party when the book is out :)

9:45am July 29th 2013 via Falcon Pro in reply to dukebarman

@grsecurity i guess it's just sitting there waiting for a future functionality to come. Push policies through MDM would be nice to have :)

12:01am July 29th 2013 via Falcon Pro in reply to grsecurity

@grsecurity doesnt do anything: permissive by default, all domains set to permissive in /sepolicy, no support for loading additional policy

11:59pm July 28th 2013 via Falcon Pro in reply to grsecurity

RT @grsecurity: I just tried looking up all the recent articles about SELinux on Android 4.3 : none mention it's running in permissive/auditing mode only

11:53pm July 28th 2013 via Falcon Pro

Android requires seccomp if running a 3.5 or greater kernel - https://t.co/jyDLC6wAuI

2:59pm July 28th 2013 via web

RT @gtvhacker: Looking to #root your Google #Chromecast ? Check out our newest blog post on the exploitation process. http://t.co/uE8CcUXepV

1:20pm July 28th 2013 via Falcon Pro

how to use msm acdb audio driver exploit (CVE-2013-2597) - https://t.co/FCiRK9oTZF via @fi01_IS01

1:16pm July 28th 2013 via Falcon Pro

The commit that 'breaks root' in Android 4.3: "Zygote: limit the bounding capability set to CAP_NET_RAW" - https://t.co/IZ9c74db0y

10:56am July 28th 2013 via web

RT @ikoz: @pof similar: http://t.co/lQXxzHcIhQ "android:debuggable & jdb" paragraph, and http://t.co/abIwEjcnAY

9:47am July 28th 2013 via Falcon Pro

RT @karimyaghmour: Chromecast "emulator" in python: https://t.co/fYSbGKbOAf -- apparently based on the the DIAL protocol: http://t.co/w5UBol6Lqv

9:27am July 28th 2013 via Falcon Pro

RT @trufae: Here's a screenshot of my work in progress gameboy emulator based on jsgb for FxOS on Peak. Codename: FireBoy http://t.co/Ggxp1hspBA

1:00am July 28th 2013 via Falcon Pro

make a phone call from command line: am start -n com.android.phone/.OutgoingCallBroadcaster -a android.intent.action.CALL -eu tel tel:123456

12:20am July 28th 2013 via Falcon Pro

JDWP Exploitation: arbitrary java code execution leveraging the Java Debugging Wire Protocol (JDWP) - http://t.co/9RaIOWkkoi

12:14am July 28th 2013 via Falcon Pro

RT @EoinKeary: http://t.co/vgUvVmVawU mobile pin bruteforce via robot hand job

11:35pm July 27th 2013 via Falcon Pro

RT @ChainfireXDA: nosuid on 4.3 isn't the su-killer - https://t.co/5dNW7udKdZ

11:20pm July 27th 2013 via Falcon Pro

RT @ChainfireXDA: Some specifics about the 4.3 SuperSU (ramblings) - https://t.co/oy1ZmYFjHb (for devs and techs; or end-users fancying a read)

11:06pm July 27th 2013 via Falcon Pro

fun game: guess the web browsers - http://t.co/Z1zwRzN7eY

11:05pm July 27th 2013 via Falcon Pro

App Ops Developer FAQ started by @commonsguy after discussion in android-platform - http://t.co/oPjvLcIqIx

6:51pm July 27th 2013 via Tweet Button

@TeamAndIRC bought 2 bottles today, bringing them to Vegas

4:20pm July 27th 2013 via Falcon Pro in reply to TeamAndIRC

RT @HackerNewsOnion: $ git diff + <meta content="width=device-width; initial-scale=1.0" /> $ git commit -am "Mobile ready"

3:54pm July 27th 2013 via Falcon Pro

RT @jduck: Thanks @fi01_IS01 and @hiikezoe - for your Android Rooting Tools! Soft roots and requisite tools for the masses! https://t.co/4FUKNz4nU4

3:52pm July 27th 2013 via Falcon Pro

RT @gtvhacker: The Google #Chromecast is definitely #Android. ro.build.fingerprint=google/anchovy/anchovy:0.7/OPENMASTER/12072:user/test-keys

3:49pm July 27th 2013 via Falcon Pro

@talli_gema i pledged for one, hopefully getting it on may 2014 :)

10:44pm July 26th 2013 via Falcon Pro in reply to talli_gema

The #UbuntuEdge smartphone campaign has already raised +$6.5M! Get yours now and help reach the $32M goal! - http://t.co/oRCQ7Tg0sw

3:27pm July 26th 2013 via web

RT @saurik: A "sequel" to my previous article on Android signature verification bugs: an even stronger exploit than "Master Key". http://t.co/jq3Sl0o73y

1:21pm July 26th 2013 via web

RT @ChainfireXDA: If you believe "nosuid" was the limiting factor for the old su on 4.3, and it works properly in "adb shell", you're going to have a bad time

1:12pm July 26th 2013 via Falcon Pro

BootUnlocker-like solution for Nexus7 - http://t.co/FONtG1gdXi

9:12am July 26th 2013 via Falcon Pro

quickly start AppOps from the shell: adb shell am start -a android.settings.APP_OPS_SETTINGS (via @marcograss)

8:46am July 26th 2013 via web

@alezardstar i was explicitly blocking the camera permission to it, to prove that App Ops works correctly for this permission.

6:35am July 26th 2013 via Falcon Pro in reply to alezardstar

@alezardstar if you use OTA update the fs stays unlabeled. Nothing to worry about if you don't plan to play with SELinux.

6:34am July 26th 2013 via Falcon Pro in reply to alezardstar

RT @Zenofex: Got my #Google #Chromecast in the mail today. MitM the initial setup and startup then cracked it open. Pics: http://t.co/rd9OE8cWq0

11:50pm July 25th 2013 via Falcon Pro

RT @NicolasFalliere: JEB 1.3 is out! nav. bar, library sig&match, perf. boost, API++, and much more! Check out http://t.co/JNzEGoNYzd

11:46pm July 25th 2013 via Falcon Pro

RT @ChainfireXDA: SuperSU v1.43 released (in ZIP only for now, other releases coming up) - https://t.co/mSDk7h3871

11:38pm July 25th 2013 via Falcon Pro

RT @jduck: @ochsff indeed it does not fix sock_diag, broke my exploit tho. Cc @jcase

11:17pm July 25th 2013 via Falcon Pro

RT @TeamAndIRC: @jduck several that i had previously played with were fixed or otherwise mitigated, did not look at kernel

11:12pm July 25th 2013 via Falcon Pro

RT @jduck: @TeamAndIRC you saw alot of bugs fixed? Kernel fixes include sock_diag, perf_events, and acdb

11:12pm July 25th 2013 via Falcon Pro

RT @drogersuk: Mobile related presentations at Blackhat and DEFCON 2013: http://t.co/K6yW7ncMFj #mobile #security #blackhat #DEFCON

10:20pm July 25th 2013 via Falcon Pro

RT @ochsff: Rephrased: The Android 4.3 Nexus 4 kernel still does not patch sock_diag. That's ridiculous.

6:55pm July 25th 2013 via Falcon Pro

@timstrazz @0xroot no idea, the second half sounds good though....

6:40pm July 25th 2013 via Falcon Pro in reply to timstrazz

@NuShrike in my tests it just blocks some permission (eg camera) and doesn't work for others (eg location or record audio). apps don't crash

4:34pm July 25th 2013 via Falcon Pro in reply to NuShrike

ok, App Ops seems to work with the camera at least :/ will need to do more testing later... http://t.co/1iHSA8zsJO

4:16pm July 25th 2013 via Falcon Pro

tried App Ops, doesn't seem to block any permission i've tried. Am I being dumb or it doesn't really work? http://t.co/ca0b4VzpjI

4:09pm July 25th 2013 via Falcon Pro

RT @AndroidPolice: App Ops: Android 4.3's Hidden App Permission Manager, Control Permissions For Individual Apps! http://t.co/6rmIkxSsss

2:21pm July 25th 2013 via web

Mark Shuttleworth Reddit AMA today! Get your Ubuntu Edge questions ready - http://t.co/3rtjtRSm6j

2:20pm July 25th 2013 via web

@anantshri if you do that you break the ota signature ;) but yeah, you can also root and relabel the fs yourself

11:22am July 25th 2013 via Falcon Pro in reply to anantshri

@Joshua_Brindle yeah, but it's a good start, and still can use your sepolicy-inject :)

11:14am July 25th 2013 via Falcon Pro in reply to Joshua_Brindle

@anantshri that's just custom recoveries like twrp and cwm... they be built with SELinux support eventually

11:10am July 25th 2013 via Falcon Pro in reply to anantshri

RT @alsutton: If you were wondering about the Bluebox master key vulnerability, yup, 4.3 has the patch - https://t.co/VTTrfiG5rU

10:48am July 25th 2013 via Falcon Pro

RT @FortiGuardLabs: CryptoGirl's guess on the new #SIM card vulnerability to be revealed at #Blackhat 2013. http://t.co/KBJavnmQVK @BlackHatEvents #security

10:44am July 25th 2013 via web

RT @PaulOBrien: @pof Surely that's no file_contexts and a missing line break!

10:38am July 25th 2013 via web

notice the 'no file_contextsVerifying' warning in the recovery when applying the OTA http://t.co/cSaxIZme3q

10:31am July 25th 2013 via Falcon Pro

if you go from 4.2 to 4.3 by using an OTA zip instead of flashing a full image the filesystem ends up unlabeled :( http://t.co/QIvYJJr4Fr

10:28am July 25th 2013 via web

OTA zip file for Nakasi (Nexus7 2012 wifi) JWR66V from JDQ39 - http://t.co/yraqhwwCTq

10:03am July 25th 2013 via web

RT @trufae: FxOS is now using android 4.3 codebase. That was quick!

9:42am July 25th 2013 via Falcon Pro

@NuShrike that's what @ChainfireXDA does in SuperSU for 4.3 with the su daemon.

9:28am July 25th 2013 via Falcon Pro in reply to NuShrike

@anantshri it is GSam Battery Monitor + GSam icon pack

9:26am July 25th 2013 via Falcon Pro in reply to anantshri

@CliffsEsport haven't tested much yet, but the default policy breaks many 3rd party apps (as expected). Needs some tweaking.

3:44am July 25th 2013 via Falcon Pro in reply to CliffsEsport

made a quick app to toggle SELinux enforcing on Android 4.3 http://t.co/XiyLmH7I87

3:02am July 25th 2013 via Falcon Pro

RT @mwrlabs: Walk-through of our @BSidesLondon Android challenge http://t.co/6ikjcprGN9

2:10am July 25th 2013 via Falcon Pro

If you don't want to flash full system, just sideload the Nexus 4 JWR66V from JDQ39 OTA zip: http://t.co/Q9G0vbrmcq

1:49am July 25th 2013 via web

RT @TeamAndIRC: A very underused attack vector for Android, patching the dalvik cache for privilege escalation https://t.co/7P144NMOon #xdadevcon13

1:35am July 25th 2013 via web

@timstrazz @0xroot will listen tomorrow, too late today (gf sleeping, can't make noise) O_o

1:35am July 25th 2013 via web in reply to timstrazz

As I've been asked this a few times today, here's how to install Android 4.3 on Nexus4 without losing your data - https://t.co/ViaIJFo6ds

1:32am July 25th 2013 via web

So, the nosuid trick in /system only for zygote-spawned processes is done with mount namespaces - https://t.co/neLT5B8RNu

11:08pm July 24th 2013 via web

RT @Fuzion24: Open sourced a small project I wrote awhile back: Android Environment detection. Ideas are from a few white papers https://t.co/GXXhhuDNZA

10:28pm July 24th 2013 via web

@timstrazz poor bebop :( what happened? pic doesn't load

10:08pm July 24th 2013 via Falcon Pro in reply to timstrazz

RT @jbqueru: 2 months of careful preparation, for 2 hours of git push commands... and 2 minutes of glory :)

8:19pm July 24th 2013 via Falcon Pro

Android 4.3 landing on AOSP - https://t.co/kwkhNsZcv5

5:58pm July 24th 2013 via web

Android 4.3 factory images are up! - https://t.co/YkdUrrQhdT

4:49pm July 24th 2013 via web

Differences in android.security API package - https://t.co/Qt8zXECbjP

4:45pm July 24th 2013 via web

Android sandbox reinforced with SELinux, KeyChain enhancements, Keystore Provider, and Restrict Setuid - http://t.co/IWbvIuAMvt

4:38pm July 24th 2013 via web

RT @AndroidDev: Announcing Android 4.3, updated Android Developer tools, and Action Bar in the Support Package: http://t.co/pyAiQ49iYB

4:35pm July 24th 2013 via Falcon Pro

RT @alsutton: #Android 4.2 (API 17) to 4.3 (API 18) API Diffs - https://t.co/lD6jj3zyNh

4:30pm July 24th 2013 via Falcon Pro

put all your devices to charge, now!

4:29pm July 24th 2013 via Falcon Pro

who will be the first bypassing android 4.3 'restricted profile'? i love the smell of the word "restricted" in the morning :P

4:24pm July 24th 2013 via Falcon Pro

4.3 announced finally....

4:21pm July 24th 2013 via Falcon Pro

RT @Curesec: Phishing Google Wallet and Paypal by abusing the whatsapp payment process: https://t.co/8XnRqHWEHV

3:09pm July 24th 2013 via web

RT @saurik: Thanks to @TeamAndIRC and @giantpune, Cydia Impactor can now get root even on recent Android 4.2 devices (one click). http://t.co/872Ahwfofw

12:53pm July 24th 2013 via Falcon Pro

RT @kapitanpetko: Building a wireless Android device using BeagleBone Black http://t.co/1en54BV4Do

12:53pm July 24th 2013 via Falcon Pro

Article with very good insights on the Ubuntu Edge smartphone crowdfunding - http://t.co/Lgul1eMkf9

1:45pm July 23rd 2013 via web

RT @BlackHatEvents: .@ochsff drops 0-Day #BlackHat Briefing: including an Android 4.2.2 generic user-space ASLR bypass and more http://t.co/zvo4j2g1me

12:45pm July 23rd 2013 via Falcon Pro

Help make it happen for 'Ubuntu Edge' http://t.co/BoQ4rMxreR #indiegogo via @indiegogo

11:09am July 23rd 2013 via Tweet Button

Towards a Framework for Android Security Modules: Extending SEAndroid Type Enforcement to Android Middleware [PDF] - http://t.co/Uhyj9lMOnw

10:08am July 23rd 2013 via web

Flexible and Fine-Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies - [PDF] http://t.co/LAuapQ5uLS

10:07am July 23rd 2013 via web

Chiptune + Charity 3!! A pay what you want bundle of #8bit music with support to the Society for Children with Cancer http://t.co/lXOy8ri9VG

7:36am July 23rd 2013 via Tweet Button

RT @lennyzeltser: Android malware that replaces legitimate banking apps with malicious ones: http://t.co/NfawWDuvQa by @carlosacastillo

6:34am July 23rd 2013 via Falcon Pro

I liked a @YouTube video http://t.co/PdSSfhWsq7 2012 Red Hat Summit: SELinux For Mere Mortals

12:15pm July 22nd 2013 via Google

@_metalslug_ we don't know yet, according to wiley's website should be December 2013 - http://t.co/F9canudCKk

11:26am July 22nd 2013 via web in reply to _metalslug_

got a bunch of Android Hacker's Handbook postcards! /cc @jduck @quine @collinrm @s7ephen @ochsff http://t.co/WJqYgFMMxu

10:59am July 22nd 2013 via Falcon Pro

RT @gtvhacker: Our guide to using @saurik's Cydia Impactor to exploit your #GoogleTV device. http://t.co/OCeP6JFUna

7:35am July 22nd 2013 via Falcon Pro

@hubert3 yes, yo can inject the manifest and the classes.dex files, so it can have a totally different name.

6:48am July 22nd 2013 via Falcon Pro in reply to hubert3

RT @iamnion: https://t.co/SrRv4eVCbm lacks 4th defense, not responding with error sms. also solves sms ddos/fraud. some newer basebands dont do this.

10:49pm July 21st 2013 via Falcon Pro

RT @Forbes: SIM cards have finally been hacked, and the flaw could affect millions of phones http://t.co/2pGzOIGkNn

10:49pm July 21st 2013 via Falcon Pro

RT @tkHWANG: Reducing Attack Surfaces for Intra-Application Communication in Android (pdf) http://t.co/EWjOcManpQ by ERIKA CHIN http://t.co/v7NVLB7uSc

10:35pm July 21st 2013 via Falcon Pro

RT @saurik: To users of Android devices looking for a concrete exploit of the new "Master Key" vulnerability, I present Impactor. http://t.co/zEHkwVaK7j

12:57pm July 21st 2013 via web

@oriolrius si, la GS4 porta un emisor d'infrarojos

7:07pm July 20th 2013 via Falcon Pro in reply to oriolrius

A/C automation with Android's monkeyrunner: http://t.co/GUT5PesPE4 via @YouTube

1:37pm July 20th 2013 via Google

RT @timstrazz "FirefoxOS slides I understood! Mainly due to @pof http://t.co/CzsP7l2L3g" -> w00t! say hi :)

2:23am July 20th 2013 via Falcon Pro

RT @AndroidPolice: An Even Newer Android 4.3 Build (JWR66V) Leaked For The Galaxy S4 Google Play Edition http://t.co/FzmeXdXOVW

1:47am July 20th 2013 via Falcon Pro

Implementation and Evaluation of Datagram Transport Layer Security (DTLS) for the Android Operating System - [PDF] http://t.co/PoU3x0itbL

1:28am July 20th 2013 via web

Protecting Android Devices Following BYOD Policy Against Data Security and Privacy Attacks - [PDF] https://t.co/IdlyJ7Zrtf

1:26am July 20th 2013 via web

RT @CyanogenMod: CM + SELinux (This Week In CyanogenMod | CyanogenMod) http://t.co/9nYe8ZyW7f

11:37pm July 19th 2013 via Falcon Pro

AOSP master is almost 1 year ahead of 4.2.2 now. Google, don't delay 4.3 anymore. #KTHXBAI

10:59pm July 19th 2013 via web

@ePandu nope, will check it later, thanks for the pointer :)

6:44pm July 19th 2013 via Falcon Pro in reply to ePandu

Got the IR codes for #Y512F A/C remote controller. Now my A/C turns on automatically when the server temp goes up! :) http://t.co/E3dtRUbPtM

3:49pm July 19th 2013 via web

@KabutorEsDday lo quiero automatizar con monkeyrunner para encenderlo y apagarlo en función del sensor de temperatura del pc :)

1:48pm July 19th 2013 via Falcon Pro in reply to KabutorEsDday

Anyone knows the IR codes for a #Y512F A/C remote controller? Need them to use in this app - https://t.co/Pvam2HNScM

1:03pm July 19th 2013 via web

@ePandu you only need to care about device specific bits to have SEAndroid fully supported on your phone

12:13pm July 19th 2013 via Falcon Pro in reply to ePandu

Thanks to @CM_arcee most of the SE for Android stuff is merged in CyanogenMod mainline - http://t.co/qhz9rky9w8

11:48am July 19th 2013 via web

RT @threatintel: #GoogleGlass Still Vulnerable To WiFi Hijacking Despite QR Photobombing Patch http://t.co/7lLk30E57H #vulnerability

4:55am July 19th 2013 via Falcon Pro

Open source patch for "Bluebox Master Key" and "Chinese Bug 9695860" vulnerabilities using XPosed framework module - http://t.co/NVaXBOZYnU

12:13am July 19th 2013 via Falcon Pro

RT @viaforensics: Relive the excitement of our Corporate Espionage webinar. View it online: https://t.co/fkUPUyYHEs

11:50pm July 18th 2013 via Falcon Pro

@essobi @thegrugq @CM_arcee tomoyo had an old (2009) port for android-x86 see - https://t.co/jAdlAVqyHv & http://t.co/0Bd49Mpux7 i never try

3:16pm July 18th 2013 via web in reply to essobi

@thegrugq @essobi look at the great work @CM_arcee is doing to push SE for Android into CyanogenMod - https://t.co/RlPxAYbAn9

3:05pm July 18th 2013 via web in reply to thegrugq

@thegrugq @essobi still very early stage, policy modifications need to be made for every supported device, but you can DIY on your device

2:59pm July 18th 2013 via web in reply to thegrugq

@essobi @thegrugq join the se 4 android mailing list, fork the bitbucket repos if you want to contribute. Also look at CyanogenMod now

2:44pm July 18th 2013 via Falcon Pro in reply to essobi

@odexcide @thegrugq @essobi Toshiba has 'sealime' a LKM based on some preliminary SELinux port to Android.

2:42pm July 18th 2013 via Falcon Pro in reply to odexcide

@essobi @thegrugq nothing that I am aware of yet, but waiting to see the new mitigations introduced in 4.3 & api level 18

2:11pm July 18th 2013 via Falcon Pro in reply to essobi

@thegrugq @essobi what I will show is mostly implementation issues, trying that vendors don't repeat the same mistakes over and over :)

1:56pm July 18th 2013 via Falcon Pro in reply to thegrugq

@timstrazz we'll make sure you don't run short on drinks that day :)

12:51pm July 18th 2013 via Falcon Pro in reply to timstrazz

RT @shortxstack: aw snap. my defcon 21 app, live https://t.co/oc9ZD264um @_defcon_ #defcon #dc21 <3

11:08am July 18th 2013 via web

RT @welsinga: #Android versus #iOS Security No really, are you surprised!. - http://t.co/nmu3YTtz7H

6:50pm July 17th 2013 via Falcon Pro

@thegrugq @karimyaghmour apparently people now realize that Google can give your unencrypted wi-fi password to the us gov.

6:48pm July 17th 2013 via Falcon Pro in reply to thegrugq

RT @karimyaghmour: Facepalm: RT @newsycombinator: Android saves wifi passwords in plaintext to the cloud https://t.co/3DI4AnlmA1

6:42pm July 17th 2013 via Falcon Pro

RT @Lookout: Check out our new research and a @GoogleGlass case study on how to correctly handle vulns in the connected world: http://t.co/Aj4rpAMfCc

6:26pm July 17th 2013 via Falcon Pro

CVE-2013-2596 (motochopper) exploit for android by @hiikezoe, based on kernelchopper - https://t.co/CwfXKJnmLW

11:57am July 17th 2013 via web

Dear Twitter, is there any reliable site to buy #Taobao items (preferably using paypal) and have them shipped to Spain? #kthxbay

11:49am July 17th 2013 via web

@fugueish @theKos no, I don't think it isn't, was being totally serious sir

4:13am July 17th 2013 via Falcon Pro in reply to fugueish

@theKos i see thanks for clearing up, still pinning would be effective if done in an app that doesn't use the browser for example.

11:49pm July 16th 2013 via Falcon Pro in reply to theKos

@theKos i thought even with that if pinning is used the browser wouldn't establish ssl connection because the server cert is 'hardcoded'

11:44pm July 16th 2013 via Falcon Pro in reply to theKos

@theKos so does that mean burp, owasp zap or mitmproxy are able to bypass pinning if the root cert is trusted?

11:40pm July 16th 2013 via Falcon Pro in reply to theKos

@theKos doesn't make much sense to me, that kind of defeats the purpose of pinning :/

11:35pm July 16th 2013 via Falcon Pro in reply to theKos

RT @lennyzeltser: First look at a Google account expiring after it enabled Inactive Account Manager three months ago: http://t.co/0PS5WnpCaG

11:23pm July 16th 2013 via Falcon Pro

RT @AndroidPolice: [New App] Duo Security Releases ReKey Master Key Vulnerability Patch For Rooted Android Users Still Waiting On... http://t.co/VfAveOsFRw

8:45pm July 16th 2013 via Falcon Pro

RT @m_spreitz: [CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 -- http://t.co/xBybVZzjxT

1:02pm July 16th 2013 via web

RT @0xroot: Paraspace - A tool to inject modifications into an APK https://t.co/dLh2IVDEOx

10:10am July 16th 2013 via Falcon Pro

@ardrigh not standard in 4.2, Samsung put it on the S4.

9:14am July 16th 2013 via Falcon Pro in reply to ardrigh

@ardrigh yes it does, SE for Android patches apply clean on top of AOSP master branch

9:05am July 16th 2013 via Falcon Pro in reply to ardrigh

RT @radareorg: .@endamcgrath @enyojs i'm looking for an enyojs developer to continue the development of http://t.co/dISdkmadzx for money. Anyone?

8:25am July 16th 2013 via Falcon Pro

SELinux might be coming to CyanogenMod :D - http://t.co/gS3UUFYEII

8:07am July 16th 2013 via Falcon Pro

RT @viaforensics: vF Researcher (and one-man Twitter machine) @pof will be presenting "Defeating SEAndroid" @_defcon_ this year. Info: https://t.co/lprVRuLG97

8:40pm July 15th 2013 via Falcon Pro

@rallat jajaja passa'm la llista de la compra #catalanDefcon

5:37pm July 15th 2013 via Falcon Pro in reply to rallat

RT @_defcon_: Get your pen out of that pocket protector and start mapping out your attack plan. The schedule is posted: https://t.co/rak934Sbnk

11:52am July 15th 2013 via Falcon Pro

RT @xdadevelopers: Mini-Guide to Install Curl and OpenSSL on Android http://t.co/2llcsGiKC5

11:51am July 15th 2013 via Falcon Pro

Interview: Steve Kondik and Koushik Dutta on Security in Android (video) - http://t.co/LbLlIj3FPP

12:22am July 15th 2013 via Falcon Pro

RT @quequero: TRracer - commercial spyware samples for Android, Blackberry, SymbOS, iOS: http://t.co/4iqRmQWEf6

9:07pm July 14th 2013 via Falcon Pro

@orb3000 yeah tried that one too... Greenify is a bit different though

9:52pm July 12th 2013 via Falcon Pro in reply to orb3000

tried this 'Greenify' app, first I was skeptical but it works well :/ - https://t.co/wDCCMg7OWX

9:36pm July 12th 2013 via Falcon Pro

RT @CyanogenMod: CM 10.1.2 - Yet another security update Some of you may have noticed some details emerging yesterday about a new… http://t.co/3qDtT6F1T6

9:55am July 12th 2013 via Falcon Pro

Here's the patch in AOSP for the Chinese ZipFile negative extra field length attack (http://t.co/GzSZw5fpvt) - https://t.co/vKkaYSMnnW

5:02pm July 11th 2013 via web

@pfreixes un 2.2.1 te molts fallos: KillingInTheNameOf, psneuter, GingerBreak, zergRush... aquests exploits t'haurien de funcionar.

12:08pm July 11th 2013 via web in reply to pfreixes

RT @TeamAndIRC: New HTC root, 4.0 to 4.2.2. Works on Sense and Google Play edition HTC devices https://t.co/906PlQQ1jC

11:07am July 11th 2013 via Falcon Pro

RT @the_ius: @pof Sadly the (unintended) lack of large file support is a bit of a downer ;)

10:50am July 11th 2013 via Falcon Pro

Oh! just noticed 010Editor 5.0 now has a native Linux version available \o/ - http://t.co/nibEDzWma9

10:26am July 11th 2013 via web

@timstrazz let us know when you find any malware abusing 'master key'

1:07am July 11th 2013 via Falcon Pro in reply to timstrazz

@Fuzion24 good luck with the Chinese translation :)

1:00am July 11th 2013 via Falcon Pro in reply to Fuzion24

@Fuzion24 the 64k restriction is not in the classes.dex you inject but in the one present in the signed APK (i've found 1 for Motorola)

12:51am July 11th 2013 via Falcon Pro in reply to Fuzion24

RT @djrbliss: Loki (Samsung GS4 secure boot bypass) now supports the LG Optimus G Pro, LG Lucid 2, LG Motion, and LG Spirit: https://t.co/qAQLLNnNg2

9:55pm July 10th 2013 via Falcon Pro

it was difficult to find APKs containing a classes.dex signed with a platform key, now go and find those with classes.dex <64Kb

9:27pm July 10th 2013 via web

RT @duosec: Thought one Android APK code signing bypass was bad? How about a second? Check out this post for details: http://t.co/h3UKL5CmDk #infosec

9:19pm July 10th 2013 via web

RT @CyanogenMod: CM 10.1.1 - Security Release (CyanogenMod 10.1.1 Release | CyanogenMod) http://t.co/7t7qVNdg6r

9:00pm July 10th 2013 via Falcon Pro

@pfreixes android 2.2.1 segur que si, és molt antic!

8:29pm July 10th 2013 via Falcon Pro in reply to pfreixes

RT @ochsff: @grsecurity @jduck Yup, note the two RWX _sections_ on that S4 MSM kernel. :) http://t.co/4oEwGNbSqZ

5:47pm July 9th 2013 via Falcon Pro

RT @BlueboxSec: Read about http://t.co/v7uKwvFFrO @BlueboxSec FREE scanner for #android "master key" #vulnerability now available @googleplay...

4:37pm July 9th 2013 via web

@hubert3 yes, you just need to add tampered ones, is not necessary adding them all, but it was easier to write the poc ;)

4:28pm July 9th 2013 via Falcon Pro in reply to hubert3

RT @matalaz: New blog post. "Owning Unix and Windows systems with a (somewhat) limited vulnerability" http://t.co/2nG6w1jQ6C

2:21pm July 9th 2013 via Falcon Pro

@thegrugq @timstrazz @TeamAndIRC lol, and then will post the pictures to instagram :P

2:17pm July 9th 2013 via Falcon Pro in reply to thegrugq

Also I find it sad that the details have been disclosed before the BH talk, but I'm sure Jeff will be able to impress the audience anyway!

9:24am July 9th 2013 via web

to everyone saying I spoiled @BlueboxSec BH's talk, that's not true: details were already public, see https://t.co/x66eQrQkSO

9:23am July 9th 2013 via web

@TheHackersNews @BlueboxSec nope! details about the bug where already public in cyanogenmod's bug report & patch, I just wrote a PoC O:)

9:19am July 9th 2013 via Falcon Pro in reply to TheHackersNews

RT @lostinsecurity: Android sig vuln exploit SEEN IN THE WILD http://t.co/aMltFia7Na /cc @pof :)

8:52am July 9th 2013 via Falcon Pro

RT @jncastellano: Code Released To Exploit Android App Signature Vulnerability - Slashdot - by @pof - http://t.co/cswPLaPL98

8:39am July 9th 2013 via Falcon Pro

RT @TeamAndIRC: Interested in Android Security? Participate, learn or just lurk and wait for free bugs! https://t.co/ciCztMncu6

7:33am July 9th 2013 via web

RT @TeamAndIRC: http://t.co/btiCq3BP8d This post made me love Diane Hackborn, this is about 6 months after a CM dev completely brushed me off on this issue

7:19am July 9th 2013 via web

RT @securityledger: Updated: Exploit Code Released For Android Security Hole https://t.co/axdDz1VjN5 <-- comment from @pof

2:10am July 9th 2013 via Falcon Pro

RT @kapitanpetko: @Joshua_Brindle @pof Same mechanism is used to update certificate blacklists and premium SIM number list in JB 4.1/2.

2:04am July 9th 2013 via Falcon Pro

RT @kutyacica: Two new advisories: one for @djrbliss 's motochopper https://t.co/WwYq2ZkG7t and and unrelated info leak bug https://t.co/vGMZ5HzKrZ

12:03am July 9th 2013 via web

RT @AndroidPolice: Infamous "Master Key" Exploit Was Quietly Patched By Google In February, CyanogenMod Following Suit Today,... http://t.co/k2UKiABd4J

11:59pm July 8th 2013 via Falcon Pro

RT @thomas_cannon: We finally got a SIM to give up a DES MAC. Next we crack DES key to install custom applet & try to root it =) http://t.co/HFMEN3w18h

11:58pm July 8th 2013 via Falcon Pro

RT @adamely: Wow. @BlueboxSec team found a new vuln in another mobile OS today. We still have some we haven't released for non-Android platforms.

11:50pm July 8th 2013 via web

RT @Joshua_Brindle: SE for Android on the Google Play Edition GS4 http://t.co/uC9717da9R

8:56pm July 8th 2013 via TweetDeck

RT @alsutton: Thanks to some links from @pof I've put together the details of what could be Android bug 8219321 (master keys) https://t.co/Nf7HAXJHOd

4:37pm July 8th 2013 via Falcon Pro

Here's a quick PoC exploit for Android bug #8219321: https://t.co/vZRuh5IJVS

10:38am July 8th 2013 via web

Android bug 8219321 (master keys): -details: https://t.co/9LMIWQdcRL -bug report: https://t.co/Vx96kIdurf -patch: http://t.co/sSJrsGzNnx

8:34am July 8th 2013 via web

Looks like this might be a potential patch for Android security bug 8219321 by @BlueboxSec (hint: duplicate entries inside APK)

7:53am July 8th 2013 via web

RT @TeamAndIRC: @pof dear Android news sites: installing new type of su, using an unlocked bootloader != root exploit

8:28pm July 7th 2013 via Falcon Pro

dear Android news sites: root on Android 4.3 w/ a Samsung specific kernel is != than root on Android 4.3 (which requires nothing special).

8:22pm July 7th 2013 via Falcon Pro

RT @0vercl0k: Just noticed that the Opticode (http://t.co/UgwOoDl81C) website is finally alive: http://t.co/7N5TJnRAf0

8:15pm July 7th 2013 via Falcon Pro

@thegrugq @ihackbanme @zImperium doh! i got confused by the BarCon website... date is from 2012: http://t.co/3p6w2btHVH

1:17pm July 7th 2013 via web in reply to thegrugq

RT @SpindleyQ: holy shit @textfiles just added every MAME ROM to the Internet Archive http://t.co/jAB6ienNgE

1:09pm July 7th 2013 via Falcon Pro

@thegrugq @ihackbanme @zImperium would love to be there, but I arrive at Vegas on July 30, too late :(

1:03pm July 7th 2013 via Falcon Pro in reply to thegrugq

@trufae torna a la consulta del antic a dir-li que te'n recordes dels seus familiars...

7:09pm July 6th 2013 via Falcon Pro in reply to trufae

@stanner_austin do you know if there's anything to do this on Linux? tried revskills using wine but the COM port doesn't work :(

4:56am July 6th 2013 via web in reply to stanner_austin

Dexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot [pdf] - http://t.co/poX8kLkPuG

3:20am July 6th 2013 via Falcon Pro

. @satefan @dveditz yes, something like android CTS that ensures that vendors ship devices without vulns would be great!

2:32am July 6th 2013 via Falcon Pro in reply to satefan

RT @0xroot: Firefox OS Security Overview - https://t.co/oFv9A3IPH6

4:38pm July 5th 2013 via Falcon Pro

ZTE Open is also vulnerable to CVE-2013-2094 (perf_event) exploit http://t.co/USEQmrOZOZ

4:02pm July 5th 2013 via web

@Loviniltra Keon is a developer device, and comes rooted by default.

3:45pm July 5th 2013 via web in reply to Loviniltra

@cristiangauma mira't el grafic: https://t.co/fJIUmQ5dGD la part de Gonk es Android, pero han substituit tota la part de zygote/java per b2g

3:44pm July 5th 2013 via web in reply to cristiangauma

ZTE Open #FirefoxOS Phone, root and first impressions - http://t.co/rZaztmtTUT new blog post #pofHQ

2:35pm July 5th 2013 via web

@stanner_austin yes, it does ave FTM mode... not sure how that works. Mine is simlocked.

1:30pm July 5th 2013 via web in reply to stanner_austin

root for #FirefoxOS ZTE Open available here: http://t.co/KERIKHRL9U will publish a blog post later :P

12:17pm July 5th 2013 via web

ClockWorkMod recovery running on Movistar ZTE Open http://t.co/JLEfxBtgng

6:46pm July 4th 2013 via Falcon Pro

@mgesteiro yes, but i went to have lunch with @trufae in between :)

5:01pm July 4th 2013 via web in reply to mgesteiro

@es_Tritt firefoxOS works on top of Android ICS without any java/zygote/dalvik...

4:21pm July 4th 2013 via web in reply to es_Tritt

@collinrm just checked and yes, it's locked to movistar spain :( http://t.co/tKmGhLqwgZ

4:20pm July 4th 2013 via web in reply to collinrm

@kkdeperro m'he patejat mitja barna aquest mati, al final l'he trobat a travessera de gracia 42

3:28pm July 4th 2013 via web in reply to kkdeperro

@msecnet bought it this morning for 69 EUR, with 30 EUR on prepaid minutes (movistar sim card).

3:18pm July 4th 2013 via web in reply to msecnet

@EmanuelJDV34 nope... it's a pretty cheap phone, slow and laggy

3:17pm July 4th 2013 via web in reply to EmanuelJDV34

@kriptus_com es un tlf d gama muy baja, la pantalla es bastante mala, y el SO va lentito, pero por lo q cuesta no se le puede pedir mucho +

3:16pm July 4th 2013 via web in reply to kriptus_com

@dandoonian i'll do a blog post later :)

3:14pm July 4th 2013 via web in reply to dandoonian

@EmanuelJDV34 its android in its guts, but doesn't use java/zygote...

3:01pm July 4th 2013 via Falcon Pro in reply to EmanuelJDV34

ZTE Open successfully rooted! #FirefoxOS http://t.co/NUXTZPF8dw

2:58pm July 4th 2013 via web

new phone to break :) ZTE Open, with #FirefoxOS http://t.co/ciO8WHUyuu

12:17pm July 4th 2013 via Falcon Pro

@movistar_es nada, ya lo conseguí! :P

12:13pm July 4th 2013 via Falcon Pro in reply to pof

@movistar_es el ZTE Open prepago se puede encontrar hoy en alguna tienda de Barcelona? he visitado 9 esta mañana y no lo tienen en ninguna.

11:30am July 4th 2013 via Falcon Pro

RT @cryptax: Good news! My talk at Hactivity has been accepted :) See in October for fun stuff on Dalvik Executables :)

10:09am July 4th 2013 via Falcon Pro

RT @vierito5: First Firefox, now Opera, bad boy! RT @0xroot: Isn't it a wonderful day to go to the Opera and steal your keychain? - http://t.co/Bjc1ZHO1kt

10:03am July 4th 2013 via Falcon Pro

The Nexus 7 lag dilemma, and why there’s no real fix (reddit comments FTW) - http://t.co/tqUqNHj6Po

10:54pm July 3rd 2013 via Falcon Pro

Ubuntu Touch now boots into Ubuntu and virtualizes Android services inside an LXC (LinuX Container) during boot - http://t.co/czF3Eiux00

10:42pm July 3rd 2013 via Falcon Pro

RT @BlueboxSec: @BlueboxSec Uncovers #Android Master Key That Makes 99% of Devices Vulnerable via blog post: http://t.co/lEBq9Vs4MT #vulnerability

4:29pm July 3rd 2013 via Falcon Pro

RT @esizkur: If you are interested in how I managed to get RCE on ChromeOS back then, here's my Postpwnium writeup: http://t.co/86THnM9RcJ

4:17pm July 3rd 2013 via Falcon Pro

RT @ChainfireXDA: First 4.3 root is done. Specifically for the S4 Google Edition leaked firmware - https://t.co/MtMucW61bp

11:56am July 3rd 2013 via Falcon Pro

I liked a @YouTube video from @unownsec http://t.co/OiLLgyTeJe Nokia 1280 DoS Vulnerability

11:48am July 3rd 2013 via Google

RT @_Kimbosch: CHART OF THE DAY: Where Android's Growth Is Now Coming From http://t.co/PW7O9k1mQl via @sai

8:31am July 3rd 2013 via Falcon Pro

RT @CyanogenMod: CM Secure Messaging and TextSecure  "We are partnering with @Moxie from TextSecure to build this solution. He is… http://t.co/gGHmZPCJTL

11:18pm July 2nd 2013 via Falcon Pro

RT @TeamAndIRC: The exploit from geohot for S4 active is not new, its the perf event vuln that was hit https://t.co/O4vh1vXqJj and http://t.co/ewE0xzvBFD

5:45pm July 2nd 2013 via Falcon Pro

RT @PaulOBrien: HTC One S R.I.P. 2012-2013. http://t.co/ByMnGkPsWB

4:11pm July 2nd 2013 via Falcon Pro

RT @ChainfireXDA: Did I mention yet I have root on the S4 "Google Edition" leaked 4.3 ROM ?

4:09pm July 2nd 2013 via Falcon Pro

@StackSmashing too bad i'll miss BH, will you stay in Vegas for Defcon?

12:42pm July 2nd 2013 via Falcon Pro in reply to StackSmashing

@EmanuelJDV34 the CONFIG_SEC_RESTRICT_* in Samsung kernel probably. Exploit might be successful in getting uid 0 exec, but can't setuid()

12:28pm July 2nd 2013 via Falcon Pro in reply to EmanuelJDV34

@StackSmashing @apuigsech because of the 'Exploiting like it's 1999' slide :P

12:25pm July 2nd 2013 via Falcon Pro in reply to StackSmashing

@EmanuelJDV34 yes, but in permissive mode by default :)

11:48am July 2nd 2013 via Falcon Pro in reply to EmanuelJDV34

More HackInParis #HIP13 videos: https://t.co/KyCyAvied2

10:50am July 2nd 2013 via web

I liked a @YouTube video http://t.co/ip8oyi21HU HIP13 : Next generation rootkits dor ARM based devices

10:47am July 2nd 2013 via Google

Next generation rootkits dor ARM based devices (video of trustzone rootkit talk by @StackSmashing) - https://t.co/cithdYLGaU h/t @yanx730

10:45am July 2nd 2013 via web

RT @trufae: Initial working release of libWipe for FirefoxOS! https://t.co/4lhaR5kV9r #antiforensics #firefoxos #wipe #unlink #hooks

10:41am July 2nd 2013 via web

RT @ochsff: Active // Hex-Ray'ed and measly annotated trigger: http://t.co/nPSSOHGJWj

10:38am July 2nd 2013 via web

RT @ochsff: Is it now legitimate to mirror GeoHots Active site and replace the Donate button? #notmyvulnerability

10:36am July 2nd 2013 via web

meh... activeroot doesn't work on the 4.3 leak :( http://t.co/eI59bwZ738

10:35am July 2nd 2013 via web

activeroot: Geohot's root for Galaxy S4 (uses kernel's libperf_event exploit) - http://t.co/iAeDzQMlhG

10:29am July 2nd 2013 via web

RT @m_spreitz: Skype for Android Lockscreen Bypass -- http://t.co/JL3PK6CUoH

8:07am July 2nd 2013 via web

@renaudallard you can make @thegrugq happy if you add tresor/armored (http://t.co/h6njuzjBfU) support to FuguMod. /cc @collinrm @m_spreitz

7:55am July 2nd 2013 via web in reply to thegrugq

RT @jduck: “@newshtwit Motorola is listening. http://t.co/CYWZpGsuru” <- android app sneakiness

7:43am July 2nd 2013 via Falcon Pro

@thegrugq @collinrm i haven't, but I bet @m_spreitz has or can give you some pointers :)

7:41am July 2nd 2013 via Falcon Pro in reply to thegrugq

Building the Android platform security mechanism using TrustZone [PDF] - http://t.co/w3yumel1sw (very quick intro, just 2 pages)

7:36am July 2nd 2013 via web

ARMORED (tresor for ARM/Android), CPU-bound Encryption for Android-driven ARM Devices - http://t.co/h6njuzjBfU (via @collinrm @thegrugq)

7:32am July 2nd 2013 via web

RT @0xroot: Woop! All your Firefox information belong to me. http://t.co/mNyTRiSbmT

6:34am July 2nd 2013 via Falcon Pro

RT @viaforensics: @thomas_cannon does a practical demo of using a mobile device as an espionage tool: https://t.co/BAxPDnc6pV

11:44pm July 1st 2013 via Falcon Pro

RT @iamnion: fingerprinting #GSM phones based on characteristics of their RF hardware http://t.co/hFINhkylaI

11:36pm July 1st 2013 via Falcon Pro

sepolicy-inject by @Joshua_Brindle, injects allow rules inot binary SELinux kernel policies - https://t.co/ortG3F5psY

12:33pm July 1st 2013 via web