Samsung Security Tech Forum 2021

Shared subjects include; Security engineering and machine learning, Telephony gone the way of the internet?: Combating threats targeting voice communication, Challenges in automated vulnerability discovery through Fuzzing among others.

Wireless network technologies have opened doors to remote attacks that can harm users without them realizing it. The hardware for wireless connection of the devices are extremely complex, so it is not uncommon for failures to be found and quickly corrected by manufacturers. A Belgian security researcher details the security flaws of the Wi-Fi standard he found on routers and other devices on his blog. According to him, the bugs leave smartphones, notebooks and other devices equipped with technology susceptible to...

Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits

The release of a research paper and its aftermath has cause a stir in the linux kennel developer circles with ban being tooled as a redress action. Greg Kroah-Hartman has banned the University of Minnesota from contributing to the Linux Kernel and gone to a great deal of effort to revert and re-evaluate 190 patches that had come from the same University. Is this an overreaction or is it the one and only possible response?...

Pale Moon goes to v28.10.0

Pale Moon Browser has received updated fixes to to its last known version from May v28.9.3 (2020-05-08). Below are details of the the new update. v28.10.0 (2020-06-05) This is a development, bug fix and security update. Changes/fixes: Implemented URLSearchParams‘ sort() function Implemented ES2020 globalThis for web compatibility Improved our WebM media parser to be more tolerant to different encoding styles. Improved our MP3 media parser to be more tolerant to different encoding styles and particularly...

Android breach project

An open source research tool and application that looks into the circumstances in which Android’s permission model can be compromised to harm user privacy. Note that we are not talking of exploits here, but normal usage of Android’s APIs which can be manipulated in ways that can expose the phone user’s privacy. For example. one issue is that apps can monitor the phone’s screen state, which of course has legitimate uses. but can also be...