Rene Mayrhofer

@rene_mobile

Prof. for networks and security / + dabbling in Android platform security Statements are only my own opinion, not my employer's.

Vrijeme pridruživanja: ožujak 2010.

Tweetovi

Blokirali ste korisnika/cu @rene_mobile

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @rene_mobile

  1. Prikvačeni tweet
    12. pro 2019.

    We have up to 6 open positions at for PhD and Master students on multiple aspects of digital identity infrastructures, from secure and validated code through distributed systems protocols to cryptography and usability. If you want to work on the future of eID, DM me!

    Prikaži ovu nit
    Poništi
  2. Don't blame the developer who implemented it. From a security point of view, it's obviously wrong, but I can easily come up with reasons why it went that way. We all need to do a better job educating devs on key handling. I'll use that example in next year's security intro class.

    Poništi
  3. proslijedio/la je Tweet
    prije 19 sati

    Periodic Reminder: When debugging, you must first accept that something you believe is true is not true. If everything you believed about this system were true, it would work. It doesn't, so you're wrong about something. This is a surprisingly common stumbling block for devs.

    Poništi
  4. proslijedio/la je Tweet

    Great advice on how to become a better scientist, from , the president of . "Take an aisle seat," meaning, sit near people who disagree with you on a specific issue, so you can make each other smarter.

    Poništi
  5. proslijedio/la je Tweet
    prije 12 sati

    Don’t be afraid to get rejected. In 2013 my car hacking talk with got rejected because it wasn’t novel research. ¯\_(ツ)_/¯ We ended up presenting it on instead.

    Poništi
  6. proslijedio/la je Tweet
    2. velj

    It's the year 2020, and we're still finding buffer overflows in programs written in C. Fortunately, those programs are only esoteric, rarely installed programs like... <checks notes> sudo.

    Poništi
  7. proslijedio/la je Tweet
    2. velj

    Out today, my Security Engineering book chapter 12 tells the story of the last decade's frauds against card payments and online banking, and how the defences have adapted:

    Poništi
  8. proslijedio/la je Tweet
    31. sij

    I would like to thank the State of Kentucky for this video on behalf of everybody keynoting an infosec conference this decade.

    Poništi
  9. proslijedio/la je Tweet
    29. sij

    Posted without comment

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    31. sij

    I retweeted this post yesterday, but I urge people who care about encryption online to read it, because this legislation should scare you. I am going to follow with a (much less thorough and accurate) summary thread below.

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    30. sij

    One of the most valuable engineering lessons I ever had was building systems to train HIV aid workers in remote regions of developing counties. When we talk about empathy in security, it doesn't mean pity or charity. It means saying “I understand your contraints and can help.”

    Poništi
  12. 30. sij

    I keep watching MLS standards efforts closely - this is still one of the most interesting developments in the messaging space in the last 10 years or so. Not perfect, but it's possible that this will become the best compromise we have right now.

    Poništi
  13. proslijedio/la je Tweet
    30. sij

    The biggest data breaches in recent years visualized. Including an convenient download as CSV file, in case you want to play around with the data. via

    Poništi
  14. proslijedio/la je Tweet
    30. sij

    Say hello to OpenSK: a fully open-source security key implementation -

    Poništi
  15. proslijedio/la je Tweet
    30. sij

    Google OpenSK is an open-source security key that supports FIDO and U2F:

    Poništi
  16. proslijedio/la je Tweet
    29. sij

    Any advisory that contains the line “to overcome this limitation we drew inspiration from the Morris worm” in 2020 is pure gold. Team Qualys continues their retro onslaught vs OpenBSD.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet

    🔦 Flash an AOSP build without having to build and flash manually! You can now do so directly from the browser with the newly released Android Flash Tool. Check out Android Flash Tool → Read the post ↓

    Poništi
  18. proslijedio/la je Tweet
    28. sij

    Some things make more sense when one realizes that there are at least 5 distinct security communities: Security product people (people that view security as something that can be added by buying/selling products), Security Infrastructure people (people that view security as ...

    Prikaži ovu nit
    Poništi
  19. 28. sij

    The new 19.07 is great! Enabling option flow_offloading '1' in firewall defaults increases routed bandwidth from 190 to 744 Mbps on an old RB2011. And IPv6 relay works nicely with odhcpd, all out of the box, no patching. CC

    Poništi
  20. proslijedio/la je Tweet

    quotes: “We’ve been good at persuading folks to not roll their own crypto, but we have been really bad at persuading cryptographers to not roll out their own UI/UX. We’re sorry.”

    Poništi
  21. 28. sij

    Kryptographie ist nicht nur am eines der wenigen technischen Instrumente, das wirklich funktioniert. Wir dürfen sie nicht durch bewusste Backdoors kaputt machen. Wenn noch nicht erledigt, aktiviert heute Verschlüsselung auf Endgeräten wie Laptops und Smartphones.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·