hacker.house Profile picture
Co-Founder @MyHackerHouse 💾 | Cybersecurity & Web3 🌐 | Author of Hands-on Hacking (ISBN 9781119561453) 📖 | Offensive Lua 💻 | ✝️

Jun 11, 2024, 7 tweets

Someone left a "secure" Russian phablet on the back of a bus in Salisbury, England. It was running Aurora OS, a so-called "trustphone" device for use by Russian Government and corporations... here's the flash ROM dumps for 4.0.2.249, 4.0.2.82 and 3.2.1.65. mega.nz/file/V3tgEAKJ#…



When generating "secure random" passwords in "SecretKeeper", it's important to always seed random number generator qsrand() with the current time. That way you can easily recover your passwords for sensitive Russian environments in case you were ever logged out of them....

Nobody knew how the devices worked, conveniently the owner also left a briefcase with design notes, architecture, documentation, implementation, marketing material and internal Zoom demos about "trusted" devices too! We'd all have been lost without those. mega.nz/file/0r9D0Z5K#…



The middle-aged ninja turtles tried contacting everyone at Russia's postal service, railway, central bank, government and even the army (who all exclusively use these devices) but sadly owner was never found. Now we should all just enjoy the picturesque screenshots from the ROMs.


If you were struggling to mount the aurora.img dumps, you should use "simg2img" and then use them as loopback devices ensure they are truncated to the correct size with commands such as "truncate -s $((3720544 * 512)) aurora_raw.img" and mount with LVM.

@janekm I looked up internal photos from FCC ID's of similar chipset devices, with similar screens and specifications, the circuit blocks were found re-used on some devices but found nothing close enough to the W1Z2GS_V1_20191111 design yet.

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling