Featured Articles

Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
Crowdfunding on Crowd Supply (Review of my experience)
Detecting (Malicious) Unicode in GitHub PRs
Hardening Guide for phpList
WordPress Multisite on the Darknet (Mercator .onion alias)
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
Introducing BusKill: A Kill Cord for your Laptop
previous arrow
next arrow

Auditing Android Security (Investigating Unauthorized Screenshots)

By Michael Altfield, on November 9th, 2018

About six months ago, I discovered something on my smartphone that horrified me: I went to undelete a file in DiskDigger, and I stumbled upon a plethora of unexpected jpegs: screenshots of my activity. Screenshots that I didn’t take. Screenshots of my conversations. Screenshots of my GPS position. And screenshots of my bitcoin wallet.

I was perplexed. I was astonished. And, to be honest, I was scared. How did this happen? Was it a vulnerability shipped with LineageOS? Could it be some malicious binary embedded into AOSP? Or is it some exploit in one of those damned closed-source apps that I was forced to install through social pressure (*cough* whatsapp)?

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Auditing Android Security (Investigating Unauthorized Screenshots)

11 comments  

Enabling SELinux strict on RHEL5

By Michael Altfield, on July 6th, 2009

I’ve been playing around with SELinux at work recently. Not surprisingly, I was struggling to get SELINUXTYPE=strict to work properly. Unfortunately, all “google results for ‘enabling selinux strict’ would return were dead ends. People would enable selinux strict, kernel panic, and ‘fix’ it by disabling selinux.

Well, a co-worker of mine *was* able to successfully enable selinux’s strict policy on RHEL5 (CentOS 5). He gave me this guide to post to the world for others to see how (thanks Mykola):

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Enabling SELinux strict on RHEL5

2 comments