@linuxct@androiddev.social
@linuxct@androiddev.social avatar

linuxct

@linuxct@androiddev.social

Trying to find and do things that make the world a better place

This profile is from a federated server and may be incomplete. Browse more on the original instance.

arstechnica, to random
@arstechnica@mastodon.social avatar

Pokémon Go players are altering public map data to catch rare Pokémon

TPM 2.0 requirement apparently won't be enforced on Windows 10 systems.

https://arstechnica.com/gaming/2024/05/pokemon-go-players-are-altering-public-map-data-to-catch-rare-pokemon/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

linuxct,
@linuxct@androiddev.social avatar

@kolya @arstechnica Seems like a mistake, the article does not mention anything about desktop TPMs otherwise

ryne, to random
@ryne@androiddev.social avatar

The Rabbit R1 really is just a cute little orange paperweight. Commands are laggy, advertised features aren't ready yet. In terms of "things it can do" there really aren't many, short of frustrating you when you ask it to do things.

The camera (the rotating post on mine is crooked, wat) doesn't even work yet. What purpose does this object achieve? I can't even get it to perform any task short of answering questions any LLM can.

This thing is dumb.

linuxct,
@linuxct@androiddev.social avatar

@ryne Wait, not even Vision works? For real? They demoed that during the live event a few days ago and it was functional ._.

linuxct,
@linuxct@androiddev.social avatar

@ryne Uhm strange. They issued an OTA just minutes ago so try installing that one. If not it may be something broken in your unit? Really strange

linuxct,
@linuxct@androiddev.social avatar

@ryne from decompiling the leaked launcher APK I know there is a dedicated, separate APK that handles OTAs, but how that works is a mystery as I think no one has it, yet. Maybe restarting the device is enough to trigger them

9to5google, to random
@9to5google@mastodon.online avatar

Here’s how Google patched the account security loophole on Google TV and Android TV https://9to5google.com/2024/04/26/google-android-tv-account-security-loophole-fix/?utm_source=dlvr.it&utm_medium=mastodon

linuxct,
@linuxct@androiddev.social avatar

@9to5google You all understand this does not fix the underlying issue? The real problem is not sideloading Chrome and accessing mail.google.com from there, the real problem is sideloading the Gmail APK and being able to access the mails like so. And that is working as intended and cannot be broadly patched unless the Android framework itself is updated, because that's what Accounts sync and GMS are built exactly for.

linuxct,
@linuxct@androiddev.social avatar

@9to5google And when I say Gmail APK, it could very well be Google Contacts as well, and access the Google Account's contacts, or Chrome's shared history from within Google Chrome itself.

arstechnica, to random
@arstechnica@mastodon.social avatar

Google says it’s fixing a nasty Android TV account security loophole

Should sideloading Chrome on an old smart TV really compromise your entire account?

https://arstechnica.com/gadgets/2024/04/google-says-its-fixing-a-nasty-android-tv-account-security-loophole/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

linuxct,
@linuxct@androiddev.social avatar

@arstechnica It's Android, thus, works as designed. The only thing they did was install apps which were supported by the underlying platform and correctly made use of the APIs to retrieve user data, just like in a phone this would have been possible. I fail to understand how this is a security concern. Do not login to your Google account if the TV is not yours, period.

linuxct, to random
@linuxct@androiddev.social avatar

Waiting for someone with an early unit to dump the Rabbit R1 OS like crazy right now

linuxct,
@linuxct@androiddev.social avatar

Trivia: Did you know It Just Runs Android? TM

linuxct,
@linuxct@androiddev.social avatar

@ryne It may be a bit trickier as I have seen most interfaces are locked down. I expect some eMMC/UFS desoldering (or otherwise, butchering of the device) may be involved to get it out for the first time before we can hook to the OTA server and pull it from there ;)

linuxct,
@linuxct@androiddev.social avatar

@ryne I also have one coming my way but it will take months to arrive, so until then I will keep an eye for more security researchers getting their hands on it 👀

linuxct,
@linuxct@androiddev.social avatar

So I got bored, started poking the API and welp, I guess I now registered a Rabbit R1 in the rabbit hole?

This is as much as you will see day 1 btw

image/png
image/png
image/png

linuxct,
@linuxct@androiddev.social avatar

Oh wow, now this is sketchy. The login onto Spotify is performed on a remote machine via... VNC? What the...?

If I place the cursor outside of the Spotify login page, I can see Xorg's default X logo. And the page stutters upon scrolling. Why do they do that instead of normal API tokens? Is this remote machine going to store my browser session for the LAM's scrapping purposes?

video/mp4

linuxct,
@linuxct@androiddev.social avatar

By the way I was super late to the party and this was known since a few days ago. Check rabbit's bird site account for the details per their CTO. Someone before me saw this very thing and started a defamation campaign against rabbit, stating LAM was all just a Microsoft Playwright automation script. But it has been proven wrong already as the VNC'd machines had some source code which demonstrated they were only capable of account management and logging credentials for future use, not automation

linuxct, to random
@linuxct@androiddev.social avatar

Are you seriously telling me this is how you are supposed to launch an activity from a tile in WearOS using AndroidX's Protolayouts?

If I have to type Builder().build() a single time more I am going to give up and delete the entire project

linuxct,
@linuxct@androiddev.social avatar

At least it works! A button appears and clicking it opens an activity, awesome. Now time to implement the rest 😅

linuxct, to random
@linuxct@androiddev.social avatar

This week I presented for the first time my new iOS penetration testing workshop, and it was a huge success!! Really excited to deep dive into mobile OS' other than Android more often 🥳

linuxct,
@linuxct@androiddev.social avatar

I feel that the most challenging part was covering the less well-documented, closed source aspects of the OS, such as how binaries are signed by Xcode, how can they be resigned/tampered, entitlements, etc. But overall, I am quite satisfied with the summary I could give on these :D

linuxct, to random
@linuxct@androiddev.social avatar

@rileytestut Hey there, there's something I never fully understood from AltStore signing process and I was wondering something.

From what I understand, IPA files contain an embedded signing certificate that originates from the developer's signing profile. When an app is deployed, a signing profile is used, which contains a signing certificate, which must match the one in the IPA.

How does AltStore bypass this using the user's Apple ID? Replacing the IPA's signing certificate to the user's?

Techaltar, (edited ) to random
@Techaltar@mas.to avatar

Out of curiosity, do you still use Skype?

linuxct,
@linuxct@androiddev.social avatar

@Techaltar Well, if you consider Teams to be Skype (just like the tech underneath it), then yes :)

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

deleted_by_author

    •
    linuxct,
    @linuxct@androiddev.social avatar

    @GossiTheDog How is that related to DevOps though? Secure development lifecycle is the responsibility of the developer who decides to integrate the 3rd party component, not the team who makes it scale up. Or am I missing something?!

    linuxct,
    @linuxct@androiddev.social avatar

    @GossiTheDog Still, isn't the vulnerability introduced by using a 3rd party component on the source level? My understanding is that the choice of these are up to software developers, and not DevOps...

    iangclifton, to random

    Javascript is amazing

    linuxct,
    @linuxct@androiddev.social avatar

    @iangclifton Even worse is being able to deduce what the checkbox is for despite the error

    MishaalRahman, to random
    @MishaalRahman@androiddev.social avatar

    It turns out if you boot a GSI (Generic System Image) on a Galaxy S24 that Android Virtualization Framework (AVF) works!

    Here's an Alpine Linux 5.17 image booting up on a Galaxy S24. This S24 is a European model with the Exynos chipset, running Linux 6.1.

    On devices that support AVF, you need root access to be able to access the crosvm binary, but you could still have some fun with this.

    Waiting for someone to figure out how to get Windows on ARM booting on their phone using AVF😁

    linuxct,
    @linuxct@androiddev.social avatar

    @MishaalRahman @kdrag0n maybe?

    cryptax, to android
    @cryptax@mastodon.social avatar

    Interesting. This is how an Android/MoneyMonger detects if ADB is enabled or not: it looks for development settings. This is not a new technique, but I rarely see it in malware.

    linuxct,
    @linuxct@androiddev.social avatar

    @cryptax What do you usually see? I have seen this one commonly used in non-malware apps, so I am curious as to how much they can try to hide they are checking for development options being enabled!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Leos
  • tsrsr
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • hgfsjryuu7
  • Youngstown
  • InstantRegret
  • slotface
  • khanakhh
  • rosin
  • ngwrru68w68
  • kavyap
  • PowerRangers
  • tester
  • tacticalgear
  • cubers
  • everett
  • vwfavf
  • ethstaker
  • osvaldo12
  • Durango
  • mdbf
  • cisconetworking
  • modclub
  • GTA5RPClips
  • normalnudes
  • anitta
  • All magazines
    •