1. I'm tweeting a lot these last days, let make a quick recap
-
-
3.
@OnePlus removed the#angela backdoor I found last November from his productshttps://twitter.com/fs0c131y/status/949350092489838592 …Show this thread -
4. I published the decompiled source code of the
#DPRK's RedFlag#android app. https://twitter.com/fs0c131y/status/949669640447451136 …https://twitter.com/fs0c131y/status/949404993173454849 …Show this thread -
5. I found hundreds of infected
#android apps with a#Coinhive miner: http://cdn.androidapk.world/downloads . The site is still up. https://twitter.com/fs0c131y/status/949781296187871232 …This Tweet is unavailable.Show this thread -
6.
@makemytrip is tracking his users without their consent. 8 days after this tweet, they didn't make a public statement or contact me.https://twitter.com/fs0c131y/status/950801774776082432 …
Show this thread -
7. The password of local database in the official
#Aadhaar#android app is always the same. 7 days after,@UIDAI didn't make a public statement or contact me. https://twitter.com/fs0c131y/status/951154909189230593 …https://twitter.com/fs0c131y/status/952643583298777088 …
1:09Show this thread -
8.
@UIDAI don't know how to sign an app correctly. They didn't make a public statement or contact me.https://twitter.com/fs0c131y/status/951786093074100225 …
Show this thread -
9. I found 2 "test apps" on the official
@UIDAI#playstore account. They didn't contact me but removed the apps few minutes after my tweets.https://twitter.com/fs0c131y/status/952574247594901509 …
Show this thread -
10. Found 2 ways to bypass the password protection in the official
#Aadhaar#android app.@UIDAI didn't make a public statement or contact me. https://twitter.com/fs0c131y/status/952826492383383552 …https://twitter.com/fs0c131y/status/953184798838853632 …
0:46Show this thread -
11. After caught a basic Git error made by
@aadhaar_bridge (@KhoslaLabs). They removed their entire aadhaar-bridge repo on#Github. We had a discussion but they didn't explain why they removed it.https://twitter.com/fs0c131y/status/951421920301453312 …
Show this thread -
12. Found a security issue in the
@aadhaarapi's website. They contact me and fixed the issue. I will disclose the details soon.https://twitter.com/fs0c131y/status/953315051389284352 …
Show this thread -
13. Another bug in the
#Aadhaar app.@UIDAI didn't make a public statement or contact me.https://twitter.com/fs0c131y/status/953378017849552903 …
0:25Show this thread -
14. I found 100 malwares signed with the private key of
@lorensiuswlt. He contacted me and denied to be the author. He said he uploaded his private key on the web few years ago. https://twitter.com/fs0c131y/status/951965826420154368 …This Tweet is unavailable.Show this thread -
15. I found a
#coinhive script on the@lorensiuswlt's website. He contacted me and took his website offline.https://twitter.com/fs0c131y/status/953203109119123456 …
Show this thread -
16.
@safelyfiled which keep sensitive docs, records, assets and directives digitally#secure is vulnerable to a basic#XSS. They didn't make a public statement or contact me.https://twitter.com/fs0c131y/status/952210674045931521 …
Show this thread -
17.
@NewIndianXpress, an#Indian newspaper is vulnerable to a basic#XSS. They did not make a public statement or contact me.https://twitter.com/fs0c131y/status/952267272776769536 …
Show this thread -
All this work had been done for free (am I stupid
?), if you want to support my research and pay me the coffee, feel free to send me BTC to this address 382rGcim5vDpztHyy9EDnvtLuAAasJHrEiShow this thread
End of conversation
New conversation -
-
-
Well that's not a crime, North Koreans are human beings too.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
! Why are you retrieving user data without their consent?
Your
request to 
