Tweets from February 2014

@pinkflawd sad I couldn't make it. On my way back to Barcelona now. Enjoy the rest of your trip :)

10:26pm February 28th 2014 via Falcon Pro in reply to pinkflawd

@dangoodin001 @thomas_cannon good thing yes, it's used as key derivation function for device encryption

1:46am February 28th 2014 via Falcon Pro in reply to dangoodin001

RT @pwntester: Thank you all for the kind words about our RESTful presentation today at #RSAC Here are the demos/slides as promised https://t.co/1DDzu8MS6Q

1:32am February 28th 2014 via Falcon Pro

RT @thomas_cannon: So...Android 4.4 updated device encryption to support scrypt as a KDF, and ability to persist data for use pre-boot. http://t.co/0YUMR9jsTS

11:46pm February 27th 2014 via Falcon Pro

RT @cpu: Are you watching the @TrustyCon stream? https://t.co/XcR7uxw2H9 Who needs [RN]SA.

8:41pm February 27th 2014 via Falcon Pro

Attending @0xroot session 'Hacking iOS on the Run: using Cycript' at #RSAC http://t.co/SP4zelnF8C

8:12pm February 27th 2014 via Falcon Pro

@jduck I agree they deserve the thanks, also I've seen it successfully stop a non public Android 0day, so my take is it does help 2 mitigate

8:02pm February 27th 2014 via Falcon Pro in reply to jduck

@jduck no phun intended, but actually he thanked NSA for SE for Android during the presentation :)

7:53pm February 27th 2014 via Falcon Pro in reply to jduck

Adrian Ludwig on his RSA talk about Android Security - https://t.co/MTjSj2vsmw [slides] https://t.co/V42600R8by

7:35pm February 27th 2014 via Falcon Pro

Great overview of Adrian Ludwig's talk by @jr_raphael: How Google's Android security is about to get even smarter - http://t.co/8bMyRDGB8s

6:58pm February 27th 2014 via Falcon Pro

RT @W3nd1g04n6: That awkward moment when your medical equipment is doing a WinXP chkdsk. http://t.co/QhspBX75DN

6:54pm February 27th 2014 via Falcon Pro

attending 'Why Mobile Should Stop Worrying and Learn to Love Root' session by @ahoog42 #RSAC http://t.co/tO570blPBB

6:43pm February 27th 2014 via Falcon Pro

Attending Practical Attacks Against MDM Solutions (and what you can do about it) by Michael Shaulov @LacoonSecurity http://t.co/IaD1RTSVcC

5:21pm February 27th 2014 via Falcon Pro

RT @ahoog42: Nice write up from @wmaxeddy about @pof #RASC talk on reverse engineering Android apps in @SantokuLinux http://t.co/1WiPnOlFi7

5:15pm February 27th 2014 via Falcon Pro

@t0mm13b no hints on how that will work yet

5:11pm February 27th 2014 via Falcon Pro in reply to t0mm13b

Android Verify Apps, soon with constant on-device monitoring http://t.co/seLIO94ygS

5:01pm February 27th 2014 via Falcon Pro

Android Safety Net, to detect and protect against known and future attacks http://t.co/T5khy354LR

4:59pm February 27th 2014 via Falcon Pro

attending the 'Building a Secure Open Platform' talk by Adrian Ludwig at #RSAC http://t.co/ZvGUg8d5Rq

4:17pm February 27th 2014 via Falcon Pro

RT @gimix3: One of the world's most important events in technology, they still can't handle unicode #mwc14 http://t.co/fwijQ3M4Nl

2:06pm February 27th 2014 via Falcon Pro

RT @jduck: After a week trying, finally got this post on Android #addJSIF security issues posted - http://t.co/U86NRzE1iV cc @nmonkee @todb

1:40pm February 27th 2014 via Falcon Pro

@darrenmcentee @pwntester video will take around 2 weeks, slides I guess will be up later today or tomorrow on RSA website.

7:08pm February 26th 2014 via Falcon Pro in reply to darrenmcentee

Sebastián @0xroot and Andrew @ahoog42 on stage, demoing mobile malware analysis on Santoku Linux #RSAC http://t.co/vuhuWUUicb

6:46pm February 26th 2014 via Falcon Pro

@pwntester too bad I didn't get to meet you. Thanks for attending!

6:24pm February 26th 2014 via Falcon Pro in reply to pwntester

RT @viaforensics: Our very own @pof is on now @RSAConference sharing his "Beginners Guide to Reverse Engineering Android Apps"! #RSAC http://t.co/akZXgSIbzT

6:23pm February 26th 2014 via Falcon Pro

RT @pwntester: @pof rocking the stage at #RSAC - Reverse Engineering Android Apps http://t.co/Uepx0HXiaS

6:22pm February 26th 2014 via Falcon Pro

RT @viaProtect: Today @RSAConference we have our very own @pof speaking at 10 am on "Beginners Guide To Reverse Engineering" in Moscone West 3012 #RSAC

5:54pm February 26th 2014 via Falcon Pro

RT @randomoracle: Funny #Oberthur now pushing PIV on embedded SE, which we had prototyped for Google Wallet a year ago: http://t.co/LOIIL1kmYR #RSAC

5:34pm February 26th 2014 via Falcon Pro

RT @gianlucaSB: Apparently mobile malware is 10 years old today http://t.co/tatHAPKf0g

8:05pm February 25th 2014 via Falcon Pro

RT @viaProtect: If you are @RSAConference stop by the @viaforensics booth #2627 for a demo today! https://t.co/FPoqvvsJYj

7:58pm February 25th 2014 via Falcon Pro

@sarapyin @rallat @0xroot @marcograss it was nice, I'd say very high quality for American food, medium-high for European. Try it! :)

6:56pm February 25th 2014 via Falcon Pro in reply to sarapyin

RT @jduck: video of my @reconmtl talk from last summer is up at http://t.co/shBr5qBC22

5:10pm February 25th 2014 via Falcon Pro

RT @rallat: We are such a good hackers that we have got a reservation for state bird provision @pof @0xroot @marcogras

4:12am February 25th 2014 via Falcon Pro

RT @sha0coder: #python remote overflow PoC http://t.co/ysXqQxAoci with NX bypass

4:54pm February 24th 2014 via Falcon Pro

good morning SF, happy to be here again :D /cc @rallat @timstrazz @thuxnder @javutin http://t.co/55LEXH5vpt

3:41pm February 24th 2014 via Falcon Pro

RT @dimitribest: Backdoor.AndroidOS.Torec.a - 1st #Tor mobile trojan for #Android http://t.co/TO3ynkWSnP http://t.co/OtWNj7bSn2

3:32pm February 24th 2014 via Falcon Pro

Happy 20th anniversary of Super Street Fighter 2X, released Feb 23rd 1994 #SuperTurbo http://t.co/O6nW1FMm3L

11:49am February 23rd 2014 via Falcon Pro

RT @TeamAndIRC: CVE-2014-1600 Vulnerability in Blu/Tinno Android devices allows any user to execute shell commands as root https://t.co/EbWnOrc8A3

2:59am February 23rd 2014 via Falcon Pro

RT @thomas_cannon: TIL: You can easily access people's public SSH keys on GitHub: https://t.co/KoEQ58M1v4<username>/keys

5:14pm February 21st 2014 via Falcon Pro

@4Dgifts @jduck yes @karimyaghmour's book is awesome, highly recommended, won't disappoint you.

5:04pm February 21st 2014 via Falcon Pro in reply to 4Dgifts

awesome night with @viaForensics folks playing old school arcade games :D http://t.co/SpI29TEunb

7:03am February 21st 2014 via Falcon Pro

RT @cryptax: Hey! Have you noticed that openDexFile(byte[] array) no longer exists? (cc: @timstrazz) #Dalvik #Android

2:34pm February 20th 2014 via Falcon Pro

RT @Blackmond_: Simple, portable python credential harvester IRC/HTTP/IMAP/POP/FTP. Give it an interface to listen, or a pcap file - https://t.co/lYHI0YTgph

2:33pm February 20th 2014 via Falcon Pro

Insecure owner/permission changes in Qualcomm Innovation Center init shell scripts (CVE-2013-6124) - https://t.co/wy8PWCKEWL

2:29pm February 20th 2014 via Falcon Pro

RT @timstrazz: New Drive By Download #Android #Malware http://t.co/HBCi8R5jPb < Good find and blog @cryptax

2:17pm February 20th 2014 via Falcon Pro

RT @againsthimself: @agelastic @pof also for document editing and handwriting recognition http://t.co/GG5MJJhBej #bestproductnameever

4:22am February 20th 2014 via Falcon Pro

TIL: about the existence of "Amazon Mechanical Turk" service, found it awesome - https://t.co/3NCW5ujCQv (via @Fuzion24)

11:41pm February 19th 2014 via web

@ebinsugewa db25 to db15 cable, not using the joystick pcb at all. (it's a solderless mod to the joystick)

8:45pm February 19th 2014 via Falcon Pro in reply to ebinsugewa

RT @insitusec: My gist is "published" in @commonsguy's #android Development book, that's a first... :-) http://t.co/GxTV9lVOtK

5:53am February 19th 2014 via Falcon Pro

RT @braincode: I really hope @google #gsoc takes #radare #reveng project initiated by @trufae ! RT @Groove: r2!!! http://t.co/aDGruPV1vv

12:41pm February 18th 2014 via Falcon Pro

RT @grsecurity: A response to the common question: "Which is better, grsecurity or SELinux?" http://t.co/Q7xlKHC4QU

3:25am February 17th 2014 via Falcon Pro

RT @AndroidPolice: Android 4.4.2_r2 (KVT49L) Shows Up In AOSP, Here's The Changelog http://t.co/sVBOdAvvkZ

7:47am February 15th 2014 via Falcon Pro

RT @TeamAndIRC: If your apps use custom permissions, please see this https://t.co/xZajLJ8oZA

7:45am February 15th 2014 via Falcon Pro

RT @jduck: seems 4.1.2 fixed that aosp browser vuln #addjsif introduced in 4.0.1 cve-2013-1939

7:42am February 15th 2014 via Falcon Pro

RT @jduck: BTW if you have some Android devices, particularly those between 3.x and 4.2, please test at http://t.co/x6uv5b2ggx and report results!

7:42am February 15th 2014 via Falcon Pro

RT @trevrosen: Awesome QR-code pwn for Android in @metasploit as of today. Great work @jduck and @joevennix! https://t.co/Xyc9Snx0pi #metasploit

7:38am February 15th 2014 via Falcon Pro

RT @jduck: Android Hacker's Handbook ~ release countdown http://t.co/VnUfGrGNjn Thx @tomneaves @antisnatchor cc @quine @collinrm @pof @s7ephen @ochsff

5:27am February 15th 2014 via Falcon Pro

DroidRay: A Security Evaluation System for Customized Android Firmwares - http://t.co/OdkP52q7jl

9:06pm February 14th 2014 via web

@__subodh @commonsguy thanks for the link, will watch the video tomorrow (night time here now)

11:47pm February 13th 2014 via Falcon Pro in reply to __subodh

RT @__subodh: @commonsguy @pof I also gave a talk about this about how Facebook avoids this attack http://t.co/z27pTlOHNS, about min 10.

11:47pm February 13th 2014 via Falcon Pro

RT @__subodh: @commonsguy @pof I wrote about this a while ago too. Glad to see others are also concerned. https://t.co/PVLyvdGpbS

11:41pm February 13th 2014 via Falcon Pro

RT @hackappcom: We've released new cool feature, meet Android Apps Online Decompiler! Details here: http://t.co/3TrRKU4Ts4 #hackapp #android #decompiler

11:20am February 13th 2014 via web

RT @commonsguy: Vulnerabilities with Custom Permissions: http://t.co/TkWstS2hjq #androiddev

8:46am February 13th 2014 via Falcon Pro

@roman_soft haha:) the CPS2 has a coin meter, and I press a button in the supergun to "insert coin", but u can also connect a real coin slot

12:48am February 12th 2014 via web in reply to roman_soft

This is what you do at home when you want to play Street Fighter on a cabinet, without a cabinet :) #CPS2 #SuperTurbo http://t.co/f1nvKwRNT9

10:07am February 11th 2014 via Falcon Pro

RT @travisgoodspeed: In case you wondered, this is what the inside of a pacemaker looks like. http://t.co/jP0XJXnyIy

7:33am February 11th 2014 via Falcon Pro

RT @AndroidPolice: App Ops Learns A New Trick In Latest CyanogenMod 11 Nightlies http://t.co/4V8TFbc5HN

7:30am February 11th 2014 via Falcon Pro

@Xgamerz ahh, found it: cross up j.hk, f + fp, cr.fp xx fp hadouken

10:36pm February 10th 2014 via web in reply to pof

@Xgamerz how was the crouching combo u teached me before? http://t.co/vBKaovCEG7

9:55pm February 10th 2014 via Falcon Pro

RT @antisnatchor: Got a gift for you, the Table of Content (pre-release) of Browser Hacker's Handbook :D https://t.co/XDtGzC494i Enjoy \m/

7:53am February 10th 2014 via Falcon Pro

RT @CTF365: Intercepter-ng on #Android watch? Priceless. :-) http://t.co/OLjvc1aUNi

2:42am February 10th 2014 via Falcon Pro

Android OEMs exposing touchscreen input files in /dev/input world readable or writeable - http://t.co/ipxtl3MRTs

10:57pm February 9th 2014 via Falcon Pro

@rhcp011235 i looked at the cts tests for vroot a few months ago, not at the exploit itself. why? anything new?

10:02pm February 9th 2014 via Falcon Pro in reply to rhcp011235

bash script to find content provider injections on Android apps using drozer - https://t.co/sd42HiAoWK (via G+)

9:38pm February 9th 2014 via Falcon Pro

RT @JonathanSalwan: Python3.2 - Buffer overflow in socket.recvfrom_into http://t.co/OGyFQ4UC6E -- Poc http://t.co/3AhBUNkK6g

6:06pm February 8th 2014 via Falcon Pro

RT @viaforensics: Reverse Engineering, Pentesting, and Hardening of Android Apps with @marcograss at @Droidconit 2014 - https://t.co/OXOVswjSVD

2:15am February 8th 2014 via Falcon Pro

Bluetooth packet capture on Android 4.4 - https://t.co/U3g593qKrt

2:12am February 8th 2014 via Talon for Android

RT @TeamAndIRC: If you want to learn Android development, @commonsguy and his site are it http://t.co/CNEQbdLeM4

10:24pm February 7th 2014 via Falcon Pro

RT @QuarkSec: Quark Security is excited to announce Quark Security Shield, our new security product for Android! https://t.co/HLk0U9xbMN

10:19pm February 7th 2014 via Falcon Pro

RT @hackerfantastic: The slides from my @mwrlabs talk on 2G GSM attacks & demo of greedyBTS (fake BTS / IMSI catcher appliance) are here https://t.co/9nNkEq

10:18pm February 7th 2014 via Falcon Pro

petition on the White House site to change the American national anthem to Street Fighter II Guile's Theme - http://t.co/WWRr93QCz9 I lol'd

2:35pm February 7th 2014 via web

RT @jduck: Patch to make dealing with "adb shell" a little nicer https://t.co/rw2BBqsncj (Updated: moved to gist and fixed for some devices)

1:26pm February 7th 2014 via Falcon Pro

@Xgamerz should b no prob to run it on a virtualized OS under VMware...

12:52pm February 7th 2014 via Talon for Android in reply to Xgamerz

#SuperTurbo Tournament of Legends II at #Evo2014, this will be awesome - http://t.co/ybobja09Ou

8:07am February 7th 2014 via web

RT @pwntester: Are you using Telegram for its Security, think it twice http://t.co/DDhC83mE8b

6:49pm February 5th 2014 via Falcon Pro

pure awesomeness: Mobile PWN2OWN Autumn 2013 Chrome on Android Exploit Writeup - https://t.co/RWaDKGNXBD

12:53pm February 5th 2014 via web

RT @winocm: A very quick overview of TrustZone. http://t.co/2TEYoypwdi

9:46am February 5th 2014 via web

RT @bsmuir: Latest #Firefox release lets you deobfuscate javascript in the debugger; great for #malware analysis. #Infosec #DFIR http://t.co/FPY73lHpMO

8:54am February 5th 2014 via Falcon Pro

@jduck timeline says 2014-12, should be 2013 ;)

8:09pm February 4th 2014 via web in reply to jduck

RT @jduck: Just released the advisory for two Android SDK security issues I found - http://t.co/1o0tWJ113X

8:07pm February 4th 2014 via web

RT @0xroot: Street Fighter 2 - An oral history - http://t.co/wXrYUjEVr3

6:00pm February 4th 2014 via Falcon Pro

@albertrafols @benjami @isoccat estic d'acord, en un món ideal totes aquestes plataformes tancades haurien de tenir un transport jabber :)

10:10am February 4th 2014 via Falcon Pro in reply to albertrafols

@albertrafols (2/2) sigui útil. jo sería més partidari d'algo tipus OTR sobre plataformes existents tipus WhatsApp o Google Hangout.

9:40am February 4th 2014 via Falcon Pro in reply to albertrafols

@albertrafols el conec, però no l'he provat encara. De tota manera em sembla una bona iniciativa, tot i q falta base d'usuaris x a q (1/2)

9:38am February 4th 2014 via Falcon Pro in reply to albertrafols

RT @jduck: I put together a first pass at the http://t.co/gWlBgztlCu site today. will post an advisory there tomorrow. join us via pull request!

9:32am February 4th 2014 via Falcon Pro

RT @timstrazz: Exploring GSM Vulnerabilities to Assess Mobile Users' Location http://t.co/24jBWWY3wj

9:30am February 4th 2014 via Falcon Pro

RT @preinheimer: Reporting a security vulnerability to tier one tech support is like warning someone that their house is on fire, by telling their cat.

9:29am February 4th 2014 via Falcon Pro

RT @googledevs: The Google Cast SDK is now available. Start developing Chromecast-enabled Android, iOS, & web apps today: http://t.co/6jS9qvXbFo #chromecast

9:26am February 4th 2014 via Falcon Pro

RT @ChainfireXDA: Pry-Fi released (root) - PoC Wi-Fi-tracking-countering tool - https://t.co/2q10Ptn7Bk

9:15am February 4th 2014 via Falcon Pro

My Japanese CPS2 board has arrived! Super Street Fighter 2X, Grand Master Challenge #ssf2t #ssf2x #SuperTurbo http://t.co/8gPLuVvfpU

9:51am February 3rd 2014 via Falcon Pro