Collin MullinerVerified account

@collinrm

Engineer | Security Researcher | Recovering Academic

Brooklyn, NY
mulliner.org/collin/
Joined November 2007
255 Photos and videos Photos and videos

Tweets

You blocked @collinrm

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @collinrm

  1. Pinned Tweet
    Jun 22

    Uploaded slides for my RE-Canary talks was submitted to black hat but got rejected so here it is (for free)

    7 replies 71 retweets 105 likes
    Undo
  2. Retweeted
    17 hours ago

    OK, folks, I hear that John McAfee claims to have invented cyber security. (I don't know; he has blocked me.) Gather 'round the fire, kids, for a short story, because I was around at the time.

    81 replies 1,513 retweets 3,091 likes
    Show this thread
    Show this thread
    Undo
  3. Retweeted
    Sep 1

    PSA: Stop telling me XYZ SafetyNet app doesn't pass SafetyNet. Many apps are still using the old API which Google recently banned. Why can't you just trust the SN check in Magisk Manager? Or do you really think that button is just a decoration?

    28 replies 42 retweets 415 likes
    Undo
  4. Retweeted
    Aug 31

    Interesting forensic investigation of Apple Pay. TL;DR: Apple doesn’t collect or back up transaction data to iCloud, and it can only be obtained by imaging the device. Also, this quote makes me happy.

    12 replies 273 retweets 484 likes
    Show this thread
    Show this thread
    Undo
  5. Retweeted
    Aug 28

    Every good person I know has imposter syndrome and every bad person I know takes credit for everything.

    135 replies 3,853 retweets 20,431 likes
    Undo
  6. Retweeted
    Aug 30

    Google (finally) announces/releases Tink, a user-proof encryption library, their answer to Nacl/sodium. The interfaces are in some ways _better_ than Nacl’s.

    3 replies 84 retweets 152 likes
    Show this thread
    Show this thread
    Undo
  7. Retweeted
    Aug 30

    Inside Android's SafetyNet Attestation, by

    1 reply 2 retweets 3 likes
    Undo
  8. Retweeted
    Aug 30

    Strobfus: Obfuscate Strings Within Your Go Binaries - (Essentially security through obscurity, but possibly useful to hide less dangerous data.)

    1 reply 22 retweets 54 likes
    Undo
  9. Retweeted
    Aug 28

    This 👇🏻

    Ignorance of insecurity does not get you security. We need to examine voting machines, SCADA systems, IOT and other important items in our lives. The investigation of these devices by the hacker community is a service, not a threat.
    1 reply 6 retweets 10 likes
    Undo
  10. Retweeted
    Aug 27

    someone pls give this girl a job, thx

    This Tweet is unavailable.
    3 retweets 6 likes
    Undo
  11. Retweeted
    Aug 27

    The Android NDK is doing something that is extremely rare for software -- it is actually getting smaller with each release! Culling architectures and unifying all the headers has been nice. 635MB for tools is still large, but it was over 1GB in r10e.

    22 replies 99 retweets 710 likes
    Undo
  12. Retweeted
    Aug 27

    At the Linux Security Summit, the Microsoft speaker is praising the quality of the Linux code and community, while presenting on a Macbook. Can the whole world hug now?

    6 replies 31 retweets 119 likes
    Undo
  13. Retweeted
    Aug 27
    Replying to

    Here are my slides from "Making C Less Dangerous [for the Linux kernel]"

    2 replies 60 retweets 94 likes
    Undo
  14. Retweeted
    Aug 27

    Watch take a deep dive into Android's SafetyNet

    2 retweets 3 likes
    Undo
  15. Retweeted
    Aug 27

    Tabacco companies ran massive underground social media campaigns through "influencers" and "bloggers"

    1 reply 3 retweets 7 likes
    Undo
  16. Aug 25

    Like!

    3 retweets 15 likes
    Undo
  17. Retweeted
    Aug 24

    Worth of a Hollywood summer release.

    14 retweets 32 likes
    Undo
  18. Aug 24

    Super interesting work on AT command interface that is exposed via USB on many Android devices.

    Great work by my students and and collaborator . More info at where you can find a searchable database of AT commands, firmware extraction tools for over a dozen phone vendors, and our paper.
    Show this thread
    1 reply 8 retweets 14 likes
    Undo
  19. Retweeted
    Aug 23

    Hiring a bunch of researchers in Austin 😈 Hit me up via DM if you’re in the market!

    3 replies 36 retweets 37 likes
    Show this thread
    Show this thread
    Undo
  20. Retweeted
    Aug 23

    No, an is not really a ZIP any longer... cf + parser for APK Sig v2

    3 replies 77 retweets 80 likes
    Undo
  21. Retweeted
    Aug 22

    Millionaire hustlers should be far more scared that they will be prosecuted if they blatantly lie to banks and the IRS in order to get and keep money illegally. There should be indictments and convictions constantly, not only in extreme cases.

    76 replies 792 retweets 4,088 likes
    Undo

@collinrm hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·