Olivia
Online
Svante Schubert
@svanteschubert
Berlin, Germany
Joined April 2009
168 Following
53 Followers
40 Posts
Hacking the #EU #AgeVerification app in under 2 minutes.
During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory.
1. It shouldn't be encrypted at all - that's a really poor design.
2. It's not cryptographically tied to the vault which contains the identity data.
So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app.
After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid.
Other issues:
1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying.
2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step.
Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.
New paper in Science today on playing the classic negotiation game "Diplomacy" at a human level, by connecting language models with strategic reasoning! Our agent engages in intense and lengthy dialogues to persuade other players to follow its plans. This was really hard! 1/5
@apelekies & ich werden morgen je ein Webinar für die @ZUGFeRD community geben, s. https://t.co/0IRDiHNa4E #erechnung #xrechnung #einvoicing
We finally did two ODF Toolkit releases in a row: https://t.co/q2aM9YsSKG Feels like x-mas! :-)
Who to follow
Decentr // Privacy‑first tech company
@DecentrNet
Decentr’s mission is to safeguard personal identity while delivering a sleek, user‑centric experience.
Florian Effenberger
@floeff
Advocate for #OpenSource & #FreeSoftware | Co-Founder & ED @tdforg (#LibreOffice) | Talks, writing & insights on openness, governance, community & leadership
Collabora Online & Office 
@CollaboraOffice
Collaborative open-source document editing. Controlled by you.
Integrate Collabora Online into your existing platform or access via one of our global partners.
@_MG_ Impressive work with Razor! Aside: What was the song you played in the video? Can't find it with Shazam?
The ODF TC recently updated our charter (guaranteeing releases - heartbeat), has four editors, two chairs and started some GitHub repo for release automation! I see into a bright ODF future! ☀️ #ODF13 (part 2/2)
As current OASIS ODF co-chair, it is my very pleasure to announce the ODF 1.3 release after 9 years! #ODF13 🙌(part 1/2)
@fred_blachetta @rafbuff @cio_bund @CIONRW Good progress: https://t.co/tFJLrY7x5i
On the other hand, there seems to be still some misunderstanding in some basic concepts of open-source:"In späteren Ausbaustufen soll die Open Source-Plattform – soweit möglich – auch Akteuren der Öffentlichkeit zugänglich gemacht werden"🤔
Twittert für die Vögel! Nach der Tegel-Schließung bedrohen Bauprojekte die Naturoase neben dem Rollfeld: https://t.co/q7X7BLUOWM
@xmlprague @jirkakosek Shared on XML++ based on my experience with XML in the past twenty years. Enjoy being here, will return ✌️
TIL: Platzhirsche
Germany's CDU: public money, public code, and also ask for a public repository to openly share components
Zero cost for software licences breaks UK procurement spreadsheets
https://t.co/82rR6ObzPT | OSOR
Interesting, I am curious about a prototype of such an open federated system!👍
“Banks cannot disrupt themselves, they needed startups to invent #FinTech. It will be the same with government. We need open federated systems to bring innovation to public services” - @rafbuff from @openxchange at #GovTechSummit
Time to get rid of the shackle of (electronic) paper for standard & research papers. Transportation of innovation requires new views & tools. A good start: https://t.co/JUDowSSLRe @Joinup_eu @worrydream
Audience quote: "Often OpenSource developers can hardly make a living, while companies do not know how to spend money on opensource." #OpenSourcePoweringDigitalEurope @Joinup_eu
Scary Google picture translation at a lonely path in the woods close to Kyoto, Japan..
@jdeisenberg I am reminded of a song called María from Ricky Martin, which fits to this commercial, not alone by being cheesy 😁
Preisrätsel: Was ist kostengünstig, hat eine Reichweite von 65km, fliegt fast lautlos 130km/h und zerstört sich mit 3kg bei Aufprall?
https://t.co/xJJG9Yy8e3 https://t.co/9aaT4q5yUd
@quasimondo This might be interesting to you: https://t.co/PbdNHFxOc6 and https://t.co/puFPzPzcN7 (Achtung: 1 Deadline tomorrow, the other March 11th))
@EilersBernd Yes, syntax of the data is irrelevant. We agree (in general) what can be added to an office document (e.g. text, paragraphs, tables, images and their formatting). Still we have not defined user changes on these semantic entities across office applications to enable collaboration!
Perhaps in the end, there will be #interoperability for #office #collaboration! https://t.co/nlX3ZADQT4 🥰
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers