René Mayrhofer @rene_mobile@mastodon.technology

RT @acm_wisec
[CFP] ACM WiSec 2022 (San-Antonio) calls for full paper submissions that can be up to 10 pages excluding the bibliography and well-marked appendices. ACM WiSec also encourages the submission of short papers with a length of up to 6 pages. More details at https://wisec2022.cs.utsa.edu/call-for-papers/

RT @ProjectZeroBugs
Android: vold's incremental-fs APIs trust paths from system_server for mounting https://bugs.chromium.org/p/project-zero/issues/detail?id=2221

RT @DaveKSecure
Excited about our digital car key launch for Android! Complex automotive ecosystem to manage, but a great start!
Digital car keys arrive on Pixel 6 and Samsung Galaxy S21 https://www.engadget.com/android-12-digital-car-keys-assistant-widgets-photos-youtube-music-170006763.html via @engadget

RT @cyb3rops
The problem in IT security is that fascinating things are often unnecessary while boring things are usually essential.

We focus too much on the fancy stuff and can't get the fundamental things right.

RT @taviso
This is a major memory corruption flaw in NSS, almost any use of NSS is affected. The Mozilla advisory is here https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/ https://twitter.com/ProjectZeroBugs/status/1466080877729894402

RT @SECUSOResearch
It's research time ⏰ Prof. René Mayrhofer, @rene_mobile from @insjku @jkulinz will share his thoughts on "Distributed digital ID in the cloud" in this week's #SECUSO #researchseminar. For more information see: http://secuso.aifb.kit.edu/73.php

RT @apod
A Blue Banded Blood Moon: https://apod.nasa.gov/apod/ap211201.html by Angel Yu

RT @AndreaBarisani
We have added a GoTEE example which boots Linux in TrustZone Normal World.

It is now dead easy to implement TEEs using TrustZone on the USB armory Mk II.

No C required ;)

RT @hackerfantastic
Here's the document outlining which instant messenger applications can be recovered by US LE.

RT @ShaneHuntley
Over 20 years ago I plotted the increasing number of port scans each month hitting the Australian Defence firewall to make arguments for increase funding.

I still seem to be getting asked for similar meaningless numbers for similar purposes.

Prettier graphs though.

RT @MIT_CSAIL
RT if you were part of that tiny 1993 bar.

(via @markrendle)

RT @liamosaur
I dunno who needs to hear this, but:
NIST👊Special👊Publication👊800👊dash👊6👊3👊B👊has👊 recommended👊against👊enforcing👊password👊rotation👊since👊2016👊 https://twitter.com/ElleArmageddon/status/1275504161795133440

RT @Pinboard
I'm a tech guy and I can say with confidence I've lost every private key I've ever held within three years or so. Excited to see this important technology go mainstream with no recourse and tied to real assets. Please share your own stories in the comments! https://twitter.com/BrantlyMillegan/status/1389270115884097536

RT @kclemson
OMG this may the most glorious geek meme I’ve ever seen

RT @sweis

RT @jeffvanderstoep
Important point about MTE:
Yes, 4 bits of entropy is low and will allow bypasses due to luck and/or retries. However, a smart allocator can proactively arrange the heap such that allocations are always surrounded by mismatched tags. We do that on Android:
https://cs.android.com/android/platform/superproject/+/master:bionic/libc/platform/bionic/mte.h;l=36;bpv=1;bpt=1?q=scudo%20mte&ss=android%2Fplatform%2Fsuperproject https://twitter.com/DanielMicay/status/1463617727231320069