Mechanical keys were never secure. But RFID electronic key is not secure either. Cars should not have a physical key at all. All modern cars should only have a cryptographically secure keyfob backed by Distance Bounding Protocol and a monotonic clock inside.
Mechanical keys were never secure. But RFID electronic key is not secure either. Cars should not have a physical key at all. All modern cars should only have a cryptographically secure keyfob backed by Distance Bounding Protocol and a monotonic clock inside.
Secure boot bypass on Samsung Galaxy A series. Secure boot chain is executed before Android Verified Boot verifies vbmeta. You can achieve root and can also flash custom images without unlocking the bootloader and it will still pass Play Integrity hardware backed attestation.
Secure boot bypass on Samsung Galaxy A series. Secure boot chain is executed before Android Verified Boot verifies vbmeta. You can achieve root and can also flash custom images without unlocking the bootloader and it will still pass Play Integrity hardware backed attestation.
Still looking for those elusive data encryption keys on your Samsung A* series phone?
Don't worry! Join security researchers @max_r_b and @DamianoMelotti today at 5pm at @offensive_con to learn how to break Secure Boot and tamper with your phone enough to get those pesky keys.
Plans to literally "hack the planet" foiled due to 500ms of latency that Andres instinctually investigated.
The latency was due how the malicious code parsed symbol tables in memory.
openwall.com/lists/oss-secu…
@co_apprentice@warraagal Measured boot already exist in Android, in uh 14-launched SoC? But it doesn't allow using it for encryption, it's here only to enforce Google monopoly, just a more secure key attestation. Using it to derive an encryption key isn't done by google and they have no plan for it \
33 Followers 565 Following🛡️ Black Hat Defense | Free Penetration Test | Your Asset
💻 Specializing in cybersecurity solutions to outsmart black hat hackers.
332 Followers 1K Following#ResilientTruth, SEO Expert (began '95), CRO, Blockchain. Crypto. Eschatological Tech. Christian Narrow AI. Fork the Internet! GOD ROCKS! All else 2nd! Truth!
980 Followers 4K FollowingConference on composable software supply chain integrity and hardware-assisted platform security, with OpenEmbedded, OpenXT and other ecosystems
44K Followers 2K FollowingHelping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!
713 Followers 98 FollowingBarcelona -- LA -- NYC. Enjoying life, tweeting about music, and working as a geek in cellular and firmware security. Tweets my own
983 Followers 980 FollowingSecurity, privacy, cellular, CTFs; living in clouds; night-owl; PostDoc @CISPA; former UCI, SBA, TU Wien, iSeclab. My own opinions. May contain sarcasm.
49K Followers 73 FollowingCrackWatch's Twitter run by @EssenseOfMagic & co. Support in DMs/ Only official account of the CrackWatch subreddit. #crackwatch #denuvo
1.2M Followers 0 FollowingEmpowering users to create a better-informed world.
We're open source and data is publicly available: https://t.co/Te3IjR10Ix
Q? Reply/DM
3K Followers 511 FollowingAnalyst and Qc/MTK/Exynos/Unisoc/Kirin chipset pwner (aka RevSkills). Reverse Engineer/Coder/Maker. 3D Print and SDR enthusiast. New Technology. Bot-Hater.
20K Followers 271 FollowingOffensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
48K Followers 452 FollowingSecurity researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
4K Followers 199 FollowingLong time listener, infrequent tweeter. Head of Project Zero @Google. Views are my own.
Still reading: "Brown Bear, Brown Bear, What Do You See?"
1K Followers 769 FollowingA random person on the internet interested in InfoSec and NatSec.
Tweets are my own and do not reflect my employers views.
Engagement is not endorsement.
1K Followers 392 Following@Google Security/Privacy - @Android, @GooglePlay, @madebygoogle, team ASAP and team DSAP | Opinions my own | linkedin davekleidermacher, @[email protected]