René Mayrhofer @rene_mobile@mastodon.technology
- Homepage
- https://www.mayrhofer.eu.org
- University
- https://jku.at/ins
Prof. for networks and security @jkulinz/@insjku + dabbling in Android platform security @Google. This account will mostly carry IT security stuff, occasionally politics and other comedy.
Statements are only my own opinion, not my employer's.
Joined Feb 2019
RT @BugsChromium
Security: ChromeOS root privilege escalation and android-root persistence (reward: $45000) https://crbug.com/1166932
RT @reyammer
📢 THE TIME HAS COME📢
Today I make public ALL *recordings* and updated slides (+ FAQ) for my mobile security class, MOBISEC 2020!
Everything is available, for free, at: https://mobisec.reyammer.io/slides!
Few words about this release in a short thread 👇
This was quite a journey that took multiple rounds of reviews, but the manuscript improved with every iteration. I am tempted to write a more detailed report of the whole process as encouragement to junior researchers not to give up in the face of rejection notices.
Nearly 3 years after starting work on it, our (@ChadBrubaker__ @jeffvanderstoep) paper "The Android Platform Security Model" is now published in ACM Transactions on Privacy and Security (fully open access): https://dl.acm.org/doi/10.1145/3448609 covers versions up to Android 11.
RT @matthew_d_green
I want to stress that once these content scanning systems are in place (for child abuse imagery) their usage will expand. They will be retasked by governments all over the world to scan for speech we consider “protected”. This is the infrastructure of authoritarianism. 8/
RT @hyperelliptic
If want to brush up on some crypto & attacks here is my YouTube channel for "Introduction to Cryptology" https://www.youtube.com/channel/UC6crzceuaPCsST472Z_hT3Q The course page is https://www.hyperelliptic.org/tanja/teaching/CS20/
Also check out our offers @TUeindhoven for cyber security with the IST master track https://IST.win.tue.nl
RT @ArminWolf
„Das Ansinnen, an der Wahrheitspflicht zu rütteln, ist meines Erachtens rein parteipolitisch motiviert und ein frontaler Angriff auf die Demokratie.“ https://www.derstandard.at/story/2000126523903/strafrechtsexpertin-abschaffung-der-wahrheitspflicht-waere-frontaler-angriff-auf-demokratie
RT @RickRabiser
Hiring/please RT: The @jkulinz /@Dynatrace Co-Innovation Lab at the LIT Open Innovation Center CPS Lab officially started (Details/Press: https://www.jku.at/en/news-events/news/detail/news/the-jku-and-dynatrace-aim-to-turn-austria-into-a-digitization-hotspot/) and we are searching for post-docs (https://www.jku.at/fileadmin/gruppen/80/Stellenausschreibungen_E/4496_Homepage_E_14.04.2021.pdf). @AndreasHametner @Pummex4 @LindingerCh @AloisReitbauer
RT @lucawilkeUzL
I am very happy to finally lift the curtain on our paper "undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation" that will appear at @wootsecurity.
Thanks @JanWichelmann, Florian Sieck and @tomcrypt for the great collaboration.
https://uzl-its.github.io/undeserved-trust/
We are growing our research project team on private digital identity (https://digidow.eu). If you are interested in a PhD research position (https://www.jku.at/fileadmin/gruppen/80/Stellenausschreibungen_E/4517_Homepage_E_05.05.2021.pdf) or part-time Master's thesis work (https://www.jku.at/fileadmin/gruppen/80/Stellenausschreibungen_E/4518_Homepage_E_05.05.2021.pdf), please apply until May 30.
RT @vanhoefm
Intel patched these vulnerabilities in the Management Engine as well.
It's still crazy to me how there's a whole OS that's hidden in the lower layers of your CPU... and that this OS supports Wi-Fi. https://twitter.com/vanhoefm/status/1392182736673075200
RT @torproject
Over the past several years, our Network Health team has built tools to diagnose and reject bad relays. As a result, we have rejected many malicious nodes, and we have started documenting them in monthly reports: https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Rejected-fingerprints-found-in-attacks
RT @evacide
If you opt out of having your WhatsApp share data with Facebook, Facebook won't deactivate your account, but they will make WhatsApp largely unusable for you.
RT @vanhoefm
I found some design and implementation flaws in Wi-Fi again. All Wi-Fi devices are affected. It was a long ~9 months embargo, over this time a lot of info has been collected and that info now available at http://fragattacks.com
RT @jeffvanderstoep
"As with any large project, introducing a new language requires careful consideration. ... This post discusses some of the key design considerations and resulting decisions we made in integrating Rust support into Android’s build system."
https://security.googleblog.com/2021/05/integrating-rust-into-android-open.html
RT @koush
Difficult to quantify what an ecological disaster Bitcoin is, but this comes close.
René Mayrhofer
boosted
RT @sweis
Nice illustrations of hash collisions by @corkami / @angealbertini: https://github.com/corkami/collisions
RT @GretaThunberg
”Don’t let the perfect be the enemy of the good.”
Well, I don’t know about you but I don’t consider ”climate targets” putting us on track for 2,4°C and current policies indicating we’re headed for 2,9°C (excluding most tipping points, feedback-loops etc) to be ”good”.
#MindTheGap
RT @josephfcox
The CIA conducted a supply chain compromise of a phone used by an associate of Soleimani. Got tip Soleimani courier was buying fresh phones from a specific market; got spyware onto phones, one of which ended up in the same room as Soleimani https://news.yahoo.com/conspiracy-is-hard-inside-the-trump-administrations-secret-plan-to-kill-qassem-soleimani-090058817.html
- Homepage
- https://www.mayrhofer.eu.org
- University
- https://jku.at/ins
Prof. for networks and security @jkulinz/@insjku + dabbling in Android platform security @Google. This account will mostly carry IT security stuff, occasionally politics and other comedy.
Statements are only my own opinion, not my employer's.
Joined Feb 2019
