René Mayrhofer
René Mayrhofer
Home
Publications
Presentations
Posts
Courses
Projects archive
Contact
Light
Dark
Automatic
Security
Secure Messaging (and attacks against it)
Secure messaging apps are one of the most-used app categories on current mobile devices, and a significant subset of human …
2024-08-29 20:00 — 21:20
Schloss Ottenschlag (AT)
René Mayrhofer
Slides
Video
Android private space: How to install apps from other sources
Quick steps to install apps from non-Google-Play sources in Android Private Space (introduced with Android 15)
René Mayrhofer
Last updated on 2024-08-03
2 min read
Password managers: KeepassXC and Vaultwarden
Use a password manager. But which one?
Last updated on 2024-12-02
11 min read
The Android Platform Security Model
Android is the most widely deployed end-user focused operating system. With its growing set of use cases encompassing communication, …
René Mayrhofer
,
Jeffrey Vander Stoep
,
Chad Brubaker
,
Nick Kralevich
PDF
Cite
DOI
URL
Android security trade-offs 2: Lock states
Android has different types of lock states. This post summarizes what they are, what their purpose is, and how the interact.
René Mayrhofer
Last updated on 2023-05-16
12 min read
Digitale Identitäten und Authentifizierung
Die aktuelle Situation fordert Unternehmen nicht nur in der Organisation Ihres Kerngeschäfts, sondern auch bei der Sicherheit der …
2020-10-20 09:00 — 09:45
virtual (Linz, AT)
René Mayrhofer
Slides
Video
Android-Device-Security.org: Towards a Transparent Database of Android Device Security Attributes
2020-07-06 14:15 — 15:00
virtual (Linz, AT)
Daniel R. Thomas
,
Alastair R. Beresford
,
René Mayrhofer
Slides
Video
Disclosing Proof-of-Concept (PoC) exploits for vulnerabilities: A defender's point of view
Responsible/coordinated/timed disclosure is continuously a topic of heated debate, even more so when PoC (proof of concept) exploit code is included in the release. This post gives arguments in favor of full PoC disclosure from a defender’s point of view.
René Mayrhofer
Last updated on 2019-11-29
5 min read
Android security trade-offs 1: Root access
Android security trade-offs: Rooting “Rooting” has been part of the Android ecosystem pretty much since its creation. Within the context of this blog post, I define rooting as a method to disable standard sandboxing mechanisms for particular processes, which is a superset of Nick Kralevich’s earlier definition because many posts mix up the intentional, user-driven root access with exploitation of vulnerabilities.
René Mayrhofer
Last updated on 2023-05-16
7 min read
Android security trade-offs 0: Ecosystem complexity
Android security trade-offs The Android ecosystem is highly diverse, complex, and has many different stakeholders typically not visible in the limelight. Consequently, making decisions about features in the platform itself — what we call AOSP (Android Open Source Project) — is hard, and often in surprising ways.
René Mayrhofer
Last updated on 2023-05-16
6 min read
Cite
×