Tweets from February 2016

RT @NowSecureMobile: Day 4 at #MWC16. The NowSecure Team had a great time talking about our #MobileSecurity platform this week https://t.co/9PXyzIBlRy

12:12pm February 25th 2016 via FalconPro3

RT @Joshua_Brindle: can someone grab /sepolicy and /seapp_contexts off of a modern LG device for me? Thanks.

9:30am February 25th 2016 via FalconPro3

RT @Enno_Insinuator: Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems https://t.co/Q1pt05xVEr https://t.co/VczdmzAeWZ

9:25am February 25th 2016 via FalconPro3

RT @claud_xiao: Highly recommend "Android Application Secure Design/Secure Coding Guidebook" by @jssec_org to Android developers: https://t.co/c3oj5RQB7z

9:03am February 25th 2016 via FalconPro3

@TheJoseCanUC @MadCatz original buttons were soldered, I had to put the quick disconnects myself /cc @Rio_Brando_ https://t.co/lIBWNDqsWz

6:59pm February 24th 2016 via Twitter for Android in reply to TheJoseCanUC

@yojjiQL hahaha i just plan to use it when traveling :)

1:09pm February 24th 2016 via FalconPro3 in reply to yojjiQL

@DavidJaumandreu haven't use the hori mini sorry. The mod is easy, only downside is that original buttons are soldered to the wires

12:29pm February 24th 2016 via FalconPro3 in reply to DavidJaumandreu

My new (travel) @MadCatz Fightstick Alpha moded with silent Sanwa buttons and silent Sanwa stick #fightstickfriday https://t.co/nCK5UpMqil

12:06pm February 24th 2016 via Twitter for Android

RT @NowSecureMobile: Day 2 of #MWC16 is underway. We're talking about #MobileSecurity & doing demos at booth 5i31 https://t.co/Ixi035f105 https://t.co/KoCkr

7:14am February 24th 2016 via FalconPro3

RT @caleb_fenton: How does Dalvik handle 'this' registers? - https://t.co/JrS5l3Xp2d

10:17pm February 22nd 2016 via FalconPro3

RT @NowSecureMobile: The NowSecure Team is at #MWC16. Join us at booth 5i31 to chat the latest in #MobileSecurity. https://t.co/io4Q3MCvPG

10:14pm February 22nd 2016 via FalconPro3

@ATsitas sorry this is from 2007, I haven't touched a Windows Mobile device in years now. Check the tread to see if you find any hint there.

10:35pm February 21st 2016 via FalconPro3 in reply to ATsitas

@ATsitas lol that's an old relic, you'll probably need to CID unlock it. I don't have kaiser anymore, but everything u need should b in xda

10:08pm February 21st 2016 via FalconPro3 in reply to ATsitas

RT @tiraniddo: A "documentation" bug in SElinux which leads to incorrect security context in Android https://t.co/VNlK9GcYnx Fortunately, non-exploitable.

4:26am February 21st 2016 via FalconPro3

RT @oldfresher: Very glad to have this opportunity, I'll disclose the full exploit after the conference https://t.co/iT6Djj7Du0

4:08am February 21st 2016 via FalconPro3

RT @trufae: fsmon: FileSystem Monitor tool for iOS and Android. Another opensource contribution from me at @NowSecureMobile https://t.co/85EyjdnsFg

3:59am February 21st 2016 via FalconPro3

@jduck will you be around during #MWC16? we must definitely have some beers together! /cc @trufae @0xroot @revskills https://t.co/q4cjRLEseU

3:54am February 21st 2016 via FalconPro3

RT @CopperheadSec: OTA updates come with an update-script for applying the update and update-binary is an interpreter for the scripting language (Edify).

6:48am February 20th 2016 via FalconPro3

RT @caleb_fenton: What happens when a DEX includes a framework class? https://t.co/a3wtzMCqph

6:46am February 20th 2016 via FalconPro3

RT @firewaterdevs: 80 days-no patch for awful Nexus 6 TZ bug;its a one byte patch. projectzero speeds must not apply to google @Moto_USA @googlenexus @jcase

6:37am February 20th 2016 via FalconPro3

RT @cryptax: Other #Androguard tip: searching for 'http' (or else) in those strings? Do: l = d.get_strings() filter(lambda x:'http' in x, l) #python :)

6:30am February 20th 2016 via FalconPro3

RT @ikoz: My write-up on the new Network Security Policy configuration options that Android apps will soon be able to use: https://t.co/XBORsG2R07

6:22am February 20th 2016 via FalconPro3

@Kalzakath1 @FightCade @fasebonus sure, feel free to email me at pau@eslack dot org (en inglés, o en castellano si prefieres).

5:48pm February 18th 2016 via FalconPro3 in reply to Kalzakath1

RT @4Dgifts: We just published Marvin: An OSS static+dynamic code analysis system that finds bugs in Android apps, BSD license: https://t.co/Pu6rdhIe9J

11:20am February 18th 2016 via Twitter Web Client

RT @angealbertini: Reversing the Nintendo 64 CIC by @mpeg4codec, @fpga_nugga, John McMaster https://t.co/w7BacTPvgA

1:32pm February 17th 2016 via FalconPro3

RT @djrbliss: Hilariously, the Android Broadcom wifi driver fix adds another bug. What if subelt_len is 0? https://t.co/F4Pao7Ub93

4:18pm February 11th 2016 via Twitter Web Client

@ikoz haven't tried it yet, just saw the new commits from yesterday and figured it out.

11:14pm February 10th 2016 via Twitter Web Client in reply to ikoz

git version of NoDeviceCheck Xposed module recently updated to effectively log and bypass SafetyNet checks - https://t.co/tkWtH3ZqOS

10:51pm February 10th 2016 via Twitter Web Client

RT @laginimaineb: @laginimaineb Also - as always, the full source code is included. You can check it out here: https://t.co/LgPQcXnoFo

7:31pm February 10th 2016 via Twitter for Android

RT @laginimaineb: Just published a new blog post about unlocking the Motorola bootloader from the TrustZone kernel: https://t.co/cfYyqIBTtt. Happy unlocking!

7:31pm February 10th 2016 via Twitter for Android

RT @timstrazz: Maybe I'm confused, but how is "redex" any different from proguard? https://t.co/hnRCNdTUju

5:37pm February 10th 2016 via FalconPro3

RT @collinrm: Mobile Security News Update February 2016 https://t.co/qzEVn95ms7 Checkout mobile PWN0RAMA!

5:35pm February 10th 2016 via FalconPro3

RT @4Dgifts: Diff with fix to buffer overflow in Android's Broadcom wifi driver https://t.co/oroyYAnxzh Anybody triggered this already?

5:18pm February 10th 2016 via FalconPro3

RT @CopperheadSec: The proprietary code for updating the bootloader via over-the-air updates on the Nexus 5X is statically linked into the update-binary file.

5:11pm February 10th 2016 via FalconPro3

RT @collinrm: Blogpost: CVE-2016-0728 vs Android https://t.co/HTEKzdScuD Why most Android devices are not affected #Android #security

7:56pm February 6th 2016 via FalconPro3

RT @dinodaizovi: .@COSEINC's PWN0RAMA (https://t.co/Ld0dNi8qyE) prize amounts give rough estimates on how hard each target and link in the exploit chain is.

5:53pm February 6th 2016 via FalconPro3

RT @pattheflip: Tomorrow is the 25th anniversary of SF2, and @gamasutra asked a whole bunch of jerks about its legacy: https://t.co/0rrcrMhcuQ

9:42pm February 5th 2016 via FalconPro3

Link Bubble last update adds https everywhere, do not track and a built-in ad blocker 🤘 https://t.co/hhDUQrhgjQ

8:15pm February 5th 2016 via FalconPro3

RT @CopperheadSec: These uid/gid pairs imply that Google is splitting up mediaserver: https://t.co/nzmuWQ7iCM https://t.co/ZHt8yHYYAM https://t.co/2zZ9I9YFCg.

8:10pm February 5th 2016 via FalconPro3

RT @NowSecureMobile: Are you going to #MWC16? Connect with us at Hall 5, Stand 5I31 or fill out the form here: https://t.co/hbn3N5lHmV https://t.co/KE8VtbzgsN

8:10pm February 5th 2016 via FalconPro3

RT @CopperheadSec: Android is adopting tlsdate for secure time synchronization: https://t.co/gX7lgcHYyh. It's possible that it will be part of 7.0. @ioerror

8:07pm February 5th 2016 via FalconPro3

RT @Fuzion24: interesting : dm-verity on Android devices with an unlocked bootloader just shows a warning (quickly) and continues to boot anyways.

8:05pm February 5th 2016 via FalconPro3

RT @capstone_engine: w0w, Samsung just released ADBI, a new Capstone-based Dynamic Binary Instrumentation tool for Android! https://t.co/uroyxEZ3Gw

12:00pm February 4th 2016 via Twitter Web Client

RT @rotlogix: If you're using FLAG_GRANT_WRITE_URI_PERMISSION on a content provider with a path traversal bug #BadTimes

8:11am February 3rd 2016 via Twitter Web Client

RT @ProjectHoneynet: ARTDroid: an easy-to-use framework for hooking under ART https://t.co/41rq4uiXUf by Cong Zheng and #GSoC2015 student @vaio_co

11:33pm February 2nd 2016 via FalconPro3

RT @esizkur: Here are the goods on the Android WiFi kernel RCEs (CVE-2016-0801/0802), from the msm.git: https://t.co/CoHPCNEb92 (/cc @newshtwit)

9:46pm February 2nd 2016 via FalconPro3

RT @jduck: Just posted the Nexus OTA Update URLs for the February 2016 security updates here: https://t.co/04ZnuvzDmF

9:40pm February 2nd 2016 via FalconPro3

RT @climagic: longcmd ; [Ctrl-Z] ; bg ; disown ; screen ; reptyr $( pidof longcmd ) # Suspend and reattach a process to screen.

9:48am February 2nd 2016 via FalconPro3

RT @JRRaphael: Bad USB-C accessories are no joke, folks: https://t.co/ztLQi2BnBm

9:46am February 2nd 2016 via FalconPro3

RT @ChainfireXDA: FlashFire updated to v0.26 - brings Marshmallow support. Can flash your monthly Nexus OTA and keep root - https://t.co/k95pQOhKrK

9:42am February 2nd 2016 via FalconPro3

RT @Fuzion24: Android Security Bulletin February 2016: https://t.co/3U3P2Ahpcd

7:52pm February 1st 2016 via FalconPro3

RT @Fuzion24: POC for remote code execution of TalkingTom by abusing zip files and the multidex lib is now opensource: https://t.co/1aQRSYt39Q

6:02pm February 1st 2016 via FalconPro3

RT @anestisb: Spent some time automating new Nexus vendor blobs nightmare when building under AOSP (no src tree hacks required) | https://t.co/LXJ7Ax6Pys

1:51pm February 1st 2016 via FalconPro3

RT @NCCGroupInfosec: NCC Group Paper: A few notes on usefully exploiting libstagefright on Android 5.x - https://t.co/KGqyH3sxHi wrk by @FidgetingBits

12:07pm February 1st 2016 via FalconPro3

RT @FidgetingBits: Posted about a few tricks I used while building an improved stagefright exploit on Android 5.x: https://t.co/YtHIvbzYgp

12:07pm February 1st 2016 via FalconPro3

RT @Morpheus______: Dextra for #OAT/#ART/#DEX reversing: now with better disasm,bug fixes. https://t.co/6KascSR6Zo . #Android #Internals Volume 2 coming soon!

10:37am February 1st 2016 via FalconPro3

Newest SafetyNet check detects System-less root - https://t.co/2GGzn14wxX

8:58am February 1st 2016 via Twitter Web Client

@thegrugq @jcase @timstrazz check the BootUnlocker source for oneplus for details: https://t.co/fVDrUho0sx

7:43am February 1st 2016 via FalconPro3 in reply to thegrugq

@thegrugq @jcase @timstrazz if it's rooted you can use BootUnlocker

7:39am February 1st 2016 via FalconPro3 in reply to thegrugq