|
Sami Tolvanen
@
samitolvanen
Mountain View, CA
|
|
Android Security at Google
|
|
|
72
Tweetovi
|
125
Pratim
|
278
Osobe koje vas prate
|
| Tweetovi |
|
Sami Tolvanen
@samitolvanen
|
13. pro |
|
Looks like bugs.llvm.org/show_bug.cgi?i…. Try with a ToT LLVM.
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
30. lis |
|
Google Online Security Blog: Protecting against code reuse in the Linux kernel with Shadow Call Stack security.googleblog.com/2019/10/protec… via @google
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
11. lis 2018. |
|
To fix the function type mismatch between fuse_readpages_fill and the function pointer used to call it. Using struct file * is not really ideal here, but most of the callbacks use this type, so it was easier to change the few instances that didn't.
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
ZDNet
@ZDNet
|
10. lis 2018. |
|
Google's Pixel 3 is the first Android device to ship with new CFI kernel protections zd.net/2EbUJmd by @campuscodi
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
10. lis 2018. |
|
Android Developers Blog:Control Flow Integrity in the Android kernel android-developers.googleblog.com/2018/10/contro… via @google
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
18. ruj 2018. |
|
Yes, sounds about right. Then again, if you can modify these pointers, or the shadow, you should also be able to find much more interesting things to change in the kernel memory.
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
Jeff Vander Stoep
@jeffvanderstoep
|
27. kol 2018. |
|
Android kernel security at #LinuxSecuritySummit. I discuss attack surface reduction and @samitolvanen introduces Clang CFI in the kernel. events.linuxfoundation.org/wp-content/upl…
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
27. kol 2018. |
|
You can find the slides here: events.linuxfoundation.org/wp-content/upl…
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
Jeff Vander Stoep
@jeffvanderstoep
|
27. lip 2018. |
|
Some of the compiler-based security mitigations we've added in Android P android-developers.googleblog.com/2018/06/compil…
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
25. velj 2018. |
|
Clang LTO already works, there are just no guarantees the compiler won't break something in future. Here's a CFI patch set for 4.9: android-review.googlesource.com/q/topic:androi…
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
ZDNet
@ZDNet
|
31. kol 2017. |
|
Android Oreo: Google adds in more Linux kernel security features zd.net/2iKREPg by @LiamT
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
30. kol 2017. |
|
Android Developers Blog: Hardening the Kernel in Android Oreo android-developers.googleblog.com/2017/08/harden… via @google
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
28. tra 2017. |
|
Have you seen the return CFI proposal from @kayseesee et al.? clang.llvm.org/docs/ControlFl…
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
3. tra 2017. |
|
Pixels have both features enabled in O DP1: android.googlesource.com/kernel/msm/+/a…
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
27. ožu 2017. |
|
What signs did you expect to see? These features are not really user visible under normal circumstances.
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
Google
@Google
|
22. ožu 2017. |
|
See how we protect more than 1.4 billion Android users and their data in our Android Security 2016 Year in Review → goo.gl/VrzKNN pic.twitter.com/1dsmsuQtte
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
2. stu 2016. |
|
What happens when venture capitalists are left in charge? Nice investigative journalism by @sveckert et al. twitter.com/NDRnetzwelt/st…
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
Android Police
@AndroidPolice
|
20. srp 2016. |
|
Verified boot in Android 7.0 won't let your phone boot if the software is corrupt androidpolice.com/2016/07/20/ver… pic.twitter.com/H9a385DIcw
|
||
|
|
||
| Sami Tolvanen proslijedio/la je tweet | ||
|
Engadget
@engadget
|
19. srp 2016. |
|
Android Nougat won't boot your phone if its software is corrupt engt.co/29Tik6K pic.twitter.com/3kmxTURTDq
|
||
|
|
||
|
Sami Tolvanen
@samitolvanen
|
19. srp 2016. |
|
Pretty sure. I wrote that.
|
||
|
|
||