Selected Posts
Following is a list of selected posts, all posts can be seen here
- Android Security related tools
May 18, 2013
A lot of work is happening in academia and industry on tools to perform dynamic analysis, static analysis and reverse engineering of android apps. Following is a collection of few tools that I am aware of. Online Analyzers AMAT http://dunkelheit.com.br/amat/analysis/index_en.php Anadroid http://pegasus.cs.utah.edu:8080/ - static analysis AndroTotal http://andrototal.org/ - AV scanning Comdroid http://www.comdroid.org/ CopperDroid http://copperdroid.isg.rhul.ac.uk/copperdroid Dexter https://dexter.bluebox.com/ - static analysis Mobile-Sandbox23 http://mobile-sandbox.com MarvinSafe http://marvinsafe.com/ (not working since acquisition by Veracode) Sandroid http://sanddroid.xjtu.edu.cn/ Stowaway http://www.android-permissions.org/ Static Analysis Tools APKInspector https://github.com/honeynet/apkinspector/ ApkAnalyser https://github.com/sonyxperiadev/ApkAnalyser Smali CFG generator http://code.google.com/p/smali-cfgs/ Androwarn ... - Book Review: The Tangled web
August 25, 2012
Just completed reading “The Tangled web: A guide to securing modern applications” by Michael Zalewski. The book is surprisingly small given the amount of information it covers about interaction of web browsers, web sites and client-side web technologies. The book starts with the discussion of what a valid URL could look like (http://yahoo.com:80@google.com/microsoft.com – think which site ... - Book Summary: In the Plex by Steven Levy
June 3, 2012
An amazing book which describes Google’s journey right from its beginning in the Stanford dorm. The author interviewed several top echelons of Google and presented several interesting insider anecdotes and stories of Google. The book provides details of major projects like GMail, Google Desktop, Google News and Google Toolbar, Google Books and (failure of) Orkut. It also ... - Towards a broken future of Internet
December 24, 2011
Internet, which initially started as a DARPA experiment is under the indirect control of USA government through ICANN despite several objections from Europe as well as IBSA. This worked when most users were from the western world with notable exception of China and few minor quirks. But in past few decades, not only the governments around the world ... - A fundamental problem with Aakash (Indian Government tablet initiative)
December 10, 2011
This blog post is not about how good/bad the product technically is or how indigenous it is, its about a fundamental problem with tablets. It amazes me to see that even a journalist like T. Friedman missed it. Anyone who had ever used a tablet(even the best ones) will tell you that current-generation tablets are for consumption and not content generation. A ... - Random thoughts: goals and company types in tech world
August 26, 2011
Start-up One goal May have multiple products but all products aimed at a single goal. All teams are working towards the same goal. Diversified Multiple similar goals Have several products (or several part of single product) aimed towards different goals. Teams gain by helping each other. The goals to some extent are complementary but (naturally with time) diverges away from each other. The tipping ... - How do you store my password?
May 15, 2011
As world moves towards cloud based storage (and computing), the task of storing our data on a PC hard disk is being replaced with cloud based storage providers. This includes our emails, social data, professional data and financial data. Accessing this data requires authentication, despite its various limitations, username and password are still the standard ... - Preliminary analysis of Facebook clickjacking (aprilfoolsprank)
April 4, 2011
If you have been already a victim of this, then change your password and unlike the page as soon as possible. A malicious app called “aprilfoolsprank” which likes a page on user’s behalf and tries to phish user into disclosing his/her facebook login and password is taking its toll on facebook users. What appears: The app displays a ... - EA Sports vs Zynga : the battle for games in smartphone era
March 21, 2011
Zynga’s market valuation has surpassed EA Sports market evaluation. Even though EA Sports is trying hands in social and acquired Playfish, their main source of revenue is still video games. Though, the current user base of EA Sports (35 million) does not look impressive compared to Zynga’s (258 million) but a viral game from Playfish can always turn the ... - FOSS (Free and Open Source Code) Licensing FAQ
January 23, 2011
There are two choices while writing on this topic, to write a detailed (and accurate) or to write a concise (but avoid all details) post, I preferred latter and have added appropriate links to dig further. To whom is this meant for? Anyone who (wish to) use free and/or open-source code as a building block for ...
Nice look and feel…and nice to see you posting regularly…I need some inspiration to do the same man.