Chad Brubaker

@ChadBrubaker5

Android Platform Security . All opinions are my own and terrible.

Vrijeme pridruživanja: ožujak 2018.

Tweetovi

Blokirali ste korisnika/cu @ChadBrubaker5

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ChadBrubaker5

  1. 24. sij

    Highly privileged components that can introspect everything and will definitely only be used for good was naive and a deeply limiting mistake the first time around. Let's not repeat that.

    Poništi
  2. 16. sij

    🤔 this https site seems modified I just can't put my finger on it. Redirecting to rickroll is fun, but I've always loved replacing all the images with the smiley more.

    Poništi
  3. 16. sij

    And a MiTM test for cve-2020-0601 is added to nogotofail, in case you wanted a black box network testing tool it's over on github

    Poništi
  4. proslijedio/la je Tweet
    24. pro 2019.

    We talk about how security and privacy folks need to know how to say yes and how to say no, that if you say no all the time, folks don't listen. We also need to talk about how S&P need to have the power to say no when needed. Because otherwise... approval is the only option.

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    20. pro 2019.
    Poništi
  6. 12. pro 2019.
    Poništi
  7. proslijedio/la je Tweet

    I'm hiring Android Platform Security Product Managers. Plural. I'm especially interested in candidates with a wide range of backgrounds. 1/8

    Prikaži ovu nit
    Poništi
  8. 4. pro 2019.

    . and I with a happy "an update on" secure connection adoption on Android! I've been working on this since I was MiTMing all the things with nogotofail back in 2014, and it's pretty awesome to see how far it's all come

    Poništi
  9. proslijedio/la je Tweet
    23. stu 2019.

    Amazing compendium of failures of "provable security": . I saw a preprint months ago and the shock value of the huge lists still hasn't worn off. I think (and hope) this will put an end to the delusion that provable-security failures are isolated mistakes.

    Poništi
  10. 8. stu 2019.
    Poništi
  11. 6. stu 2019.

    Great article. Hopefully someday this won't be shocking to anyone.

    Poništi
  12. proslijedio/la je Tweet
    30. lis 2019.

    Hey current students, interested in a Security Engineer internship with Google? The application deadline closes TOMORROW, Oct 31 for CA and WA roles. Apply! Interested in a SE internship in Zurich? Deadline FRIDAY, Nov 1!

    Poništi
  13. proslijedio/la je Tweet
    30. lis 2019.

    Google Online Security Blog: Protecting against code reuse in the Linux kernel with Shadow Call Stack via

    Poništi
  14. proslijedio/la je Tweet
    10. lis 2019.

    Ever wondered how Google reverse engineers look at Android apps? Come see my talk at the Summit on the review process and common issues that we see!

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    8. lis 2019.

    I spent all day every day as a full time part of a bunch of (startup) security teams. My message to you: competent security teams do not need you to sacrifice your network privacy.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    2. lis 2019.

    and of course, because Google, here's an ad: if you want to work on similar problems, please send me your resume at thaidn@google.com

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    25. ruj 2019.

    It seems like all security people know each other, because they do. When you lie to us, or say different things to different people, we know.

    Poništi
  18. proslijedio/la je Tweet
    12. ruj 2019.

    Maybe we shouldn’t make standardized APIs for early-generation research technologies.

    Poništi
  19. proslijedio/la je Tweet

    DNS-over-HTTPS will be rolled out by default in Firefox for U.S. users starting at the end of September 2019. Firefox will default to using Cloudflare's 1.1.1.1 at first, but that may change if other resolvers adopt a comparably strong privacy policy.

    Poništi
  20. proslijedio/la je Tweet

    Since I'm not good at subtweeting, let me say this: The current attempts to use "AI" to make a lie detector are part and parcel with all the previous attempts, and have as little validity as the previous ones. This whole endeavor is insane.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·