Monthly Archives: August 2011
Skype 5.5 and New Hidden Emoticons
WARNING: This post is humorous (and not very technical) in nature. Please don’t take anything that follows seriously. With that warning out of the way, we all know that Emoticons are a very serious topic. When Skype updates their emoticon set the Internet takes notice. When Skype announced new emoticons, they included a bit about [...]
Setting up a persistent trusted CA in an Android emulator
Setting up a persistent trusted CA in the Android emulator is a common problem, encountered any time we assess an application within an emulator, that use SSL properly. The goal is to man-in-the-middle (MITM) traffic from an application running in the Android emulator. In order to successfully MITM traffic, the Certificate Authority (CA) of the [...]
Dropbox for Android Vulnerability Breakdown
Dropbox vulnerabilities are back and they’re mobile. This week Tyrone Erasmus released a vulnerability in the Android Dropbox client that allows other apps to access its content database allowing attackers to upload your files to the public. I wanted to break down this vulnerability because the lessons learned aren’t that Dropbox is vulnerable, it’s that [...]
BlackHat 2011 and Defcon 19 Summary: MXS9000 Style
We’re all getting back from BlackHat and Defcon now, despite some weather delays and red-eyes, I think everyone had a blast again this year. First off, a big thanks to the Rio for hosting DC and putting up with some shenanigans: there were rumors of rogue cell towers, some definitely unsafe wifi, and elevators mysteriously ended [...]
Strengths and Weaknesses in Apple’s MDM System
Yesterday, for the first time, I headlined a talk at a major security conference. It was quite the experience, and not nearly as nerve-wracking as I might’ve expected. Actually, it was pretty easy — I took the approach that “this is some cool stuff I found, let me tell you about it” and kept a [...]
