Share this page!

Matthew Green Profile picture
Twitter logo
20 Feb, 6 tweets, 2 min read
The new MacOS malware sounds unpleasant. arstechnica.com/information-te…
2013: It’s probably the NSA.

2021: It’s probably cryptocurrency thieves.
Also gagghgg I hate this. I mean: good. But gagh.
The RedCanary report is very good. redcanary.com/blog/clipping-…
Here’s some of the meat of the detection section. There’s more below it.
I’m afraid to look for malware on my Mac because I’ll probably find it all. Too much promiscuous LaTeX installation.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Matthew Green

Matthew Green Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @matthew_d_green

Matthew Green Profile picture
20 Feb
Not to criticize good lists like these (go Apple!) but goddamn it we invented computers precisely to automate tasks like this.

Why isn’t each of these a button in the iPhone UI?
Ok so let’s try these checklists out and see what it’s like to lock a phone down. I assume I’m concerned about someone else accessing my iCloud account as well as apps being evil.

Here’s step 1.
Ok this works pretty well, but it gives me the following confusing exception.
Read 26 tweets
Matthew Green Profile picture
4 Feb
How it started: How it’s going:
This is probably old enough that it doesn’t ring a lot of bells for people, so here: blog.cryptographyengineering.com/2017/12/19/the…
I was trying to be really low-key on this one, so let me make it really blunt. There is every reason to believe the NSA tried to subvert commercial cryptography in the 2000s, and now one of the architects of that work runs applied crypto at Amazon.
Read 7 tweets
Matthew Green Profile picture
29 Jan
I couldn’t tweet a better description than the headline for this piece: After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case. cyberscoop.com/nsa-juniper-ba…
For those who haven’t heard this story, the context here is back in 2015 hackers broke into the source code repository of Juniper’s NetScreen firewalls and introduced serious vulnerabilities. 1/
Everyone has heard of the SolarWinds supply chain attack, but almost nobody outside our little community remembers Juniper. We don’t even know who the ultimate victim was. And there’s a reason for that. 2/
Read 12 tweets
Matthew Green Profile picture
12 Jan
If you were planning on joining Signal and didn’t want it to look too shifty, this is the week.
Not gonna lie, when my neighbors showed up on Signal a year ago I just assumed they were spies.
Or this.
Read 6 tweets
Matthew Green Profile picture
23 Dec 20
My students @maxzks and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption”. 1/
This was prompted by a claim from someone knowledgeable, who claimed that forensics companies no longer had the ability to break the Apple Secure Enclave Processor, which would make it very hard to crack the password of a locked, recent iPhone. 2/
We wrote an enormous report about what we found, which we’ll release after the holidays. The TL;DR is kind of depressing:

Authorities don’t need to break phone encryption in most cases, because modern phone encryption sort of sucks. 3/
Read 26 tweets
Matthew Green Profile picture
20 Dec 20
Stories like this remind me that people in the Infosec community routinely make and sell exploits to these nations. citizenlab.ca/2020/12/the-gr…
I’m honestly curious how conscientious security researchers justify selling these tools, knowing how likely it is that they’ll be used for applications like this one.
One of the interesting things about this story is how difficult it must be to instrument iOS devices to catch these 0-click exploits in action. Partly because Apple makes it difficult. Image
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @matthew_d_green has new unrolls!

Check out other threads from @matthew_d_green!

Read all threads by @matthew_d_green