About six months ago, I discovered something on my smartphone that horrified me: I went to undelete a file in DiskDigger, and I stumbled upon a plethora of unexpected jpegs: screenshots of my activity. Screenshots that I didn’t take. Screenshots of my conversations. Screenshots of my GPS position. And screenshots of my bitcoin wallet.
I was perplexed. I was astonished. And, to be honest, I was scared. How did this happen? Was it a vulnerability shipped with LineageOS? Could it be some malicious binary embedded into AOSP? Or is it some exploit in one of those damned closed-source apps that I was forced to install through social pressure (*cough* whatsapp)?
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
I’ve been playing around with SELinux at work recently. Not surprisingly, I was struggling to get SELINUXTYPE=strict to work properly. Unfortunately, all “google results for ‘enabling selinux strict’ would return were dead ends. People would enable selinux strict, kernel panic, and ‘fix’ it by disabling selinux.
Well, a co-worker of mine *was* able to successfully enable selinux’s strict policy on RHEL5 (CentOS 5). He gave me this guide to post to the world for others to see how (thanks Mykola):
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
