AltSci Blog

Android runs on Java amongst other things.

Android's use of Java is special in several ways. The Android API differs greatly from other standard Java J2SE and J2ME APIs. Secondly, the use of the Dalvik VM means that Android packages cannot just be run under desktop operating systems such as Linux, Windows, or Mac OSX. This may seem counter-intuitive because Android is built on Linux. The difference between the Android OS and the Linux OS is significant and not easily fixed.

Android malware is on the rise. There are two reverse-engineering articles under Malware.

Quequero recently reverse-engineered RootSmart Android Malware which explains a facet of Android malware.

Dinesh Shetty walks through reverse-engineering a piece of Android malware in Demystifying Android Malware.

Please check out the reverse-engineering tag.

JD-GUI is the best decompiler. It's easy to use and works well.

JAD Java Decompiler is no longer under development.

Jan 23, 2012

Some things require no explanation. Some things do. Today isn't the day for a cryptic blog post, so I'll get right to it. AltSci's SSH shell service is unavailable to most users due to an unpatched Local Root Vulnerability in the Linux Kernel. I tested it on my machine at home and it works. That will teach me to upgrade my kernel regularly. =[ The explanation of the vulnerability is incredibly good and the timing could not be much better. If you have a shell that has a new kernel, you should know about this.

I've been working diligently on a SIP softphone, BikeIM. The simplest explanation is that it is a competitor to Skype. Skype has several features that version 1.0 of BikeIM will not: a GUI, video support, a directory, SkypeIn, and SkypeOut. So without all these killer features, how do I expect to compete? Linphone, Ekiga, and Jitsi are Open Source competitors to Skype that have most or all of the features that Skype does. Many people use these tools in place of Skype. My reason for writing my own is to be able to trust the code. Instead of writing my own softphone, I could pen test or code review one or all the open source softphones, but when I found bugs, I would go through the process of writing it up, getting the developers to patch, and getting people to upgrade. That process is not as difficult as writing software, but the end result is a handful of CVEs at best. The reward for reviewing and testing open source software is good software for everyone. The reward for writing good open source software is good software for everyone. When I started writing code in July 2011, I evaluated Linphone, Pidgin, and Ekiga. Linphone and Pidgin didn't work for me, and Ekiga had issues that I could not accept (despite working quite well). It's possible that Linphone has improved, but I do not think that Pidgin or Ekiga have changed. VoIP is a strange example of Open Source innovation: multiple well-designed systems all using open protocols but with reliability that is suspect in my opinion. Asterisk is a perfect example of how an Open Source project can grow too quickly for its own good. Asterisk has had so many vulnerabilities in the past 6 years that they have become famous for their flaws. The problem with Asterisk is that the code base is increasing in size by implementing unnecessary features without proper code review and testing. This is a recipe for disaster and the size of their project should daunt even their most staunch supporters. But Open Source is not alone, closed source VoIP software works, but all have serious reliability issues. If you've ever had the stuttering effect on Skype, you know what I mean. Not only will BikeIM be reliable and Open Source, it will grow as times goes on. I plan to use it in place of a home phone and will leave it on all my systems. Version 2.0 should have a GUI for those who prefer. I hope that my work will inspire Open Source VoIP projects to increase their testing to ensure reliability and quality. Even if they can't afford professional security experts, they can appeal for help. Since my project will also be Open Source, they will have the choice of copying any improvements I make and visa-versa. That's just how we roll.