[Owasp-mobile-security-project] static analysis of Android applications for security vulnerabilities

Zach Lanier zach at n0where.org
Fri Jun 17 13:08:12 EDT 2011


The best places to check for "what needs to get done" are our call for
volunteers announcement:
https://www.owasp.org/index.php?title=OWASP_Mobile_Security_Project_Call_For_Volunteers

And the main project wiki page:
https://www.owasp.org/index.php/OWASP_Mobile_Security_Project

If you have specific questions, the project leaders can also answer
those, but the aforementioned pages are great starting points.
-- 
Zach Lanier | http://n0where.org/ | (617) 606-3451
FP: 8524 B3D7 C4BC 70C6 D1F1 5E4D 95D9 6AAC 3BB8 6CAC


On 06/17/2011 01:04 PM, O'Neil, Yekaterina Tsipenyuk wrote:
> Hi all,
> 
> Apologies for my message. I sincerely didn't mean it as a marketing thing, but rather wanted to reach out to people to see whether they stumbled upon the same problem and found a solution.
> 
> Jack, I believe I sent you an e-mail a week or two ago asking about how I can get involved in the project. I didn't receive any replies.
> 
> Thanks
> k
> 
> From: Jack Mannino [mailto:jack at nvisiumsecurity.com]
> Sent: Thursday, June 16, 2011 6:06 PM
> To: Jim Manico
> Cc: O'Neil, Yekaterina Tsipenyuk; owasp-mobile-security-project at lists.owasp.org
> Subject: Re: [Owasp-mobile-security-project] static analysis of Android applications for security vulnerabilities
> 
> Katrina,
> 
> I agree with Jim that we should refrain from heavily marketing on this list.  It's generally a turnoff to most people (including myself).
> 
> Would you or the Fortify team be interested in contributing some of your knowledge to create a few Android cheat sheets, providing feedback on the current Top 10 Risks and Controls, or taking the lead on any other vendor-neutral initiatives within the mobile security project?
> On Thu, Jun 16, 2011 at 8:30 PM, Jim Manico <jim.manico at owasp.org<mailto:jim.manico at owasp.org>> wrote:
> This is not the right place to market your crap. If you want to help with the project, then talk to Jack but please send your marketing stuff and vendor-centric links elsewhere.
> 
> Grrrr
> 
> - Jim
> 
> 
> Hi all,
> 
> My name is Katrina, and I am a member of Security Research Group at Fortify, an HP Company. Recently, we re-visited our support for the Android platform. I have a short blog post that describes the details: http://blog.fortify.com/blog/2011/06/14/Tackling-Android-Inter-Process-Communication-and-Permissions.
> 
> Any feedback is welcome.
> 
> Thanks,
> Katrina
> 
> 
> 
> _______________________________________________
> 
> Owasp-mobile-security-project mailing list
> 
> Owasp-mobile-security-project at lists.owasp.org<mailto:Owasp-mobile-security-project at lists.owasp.org>
> 
> https://lists.owasp.org/mailman/listinfo/owasp-mobile-security-project
> 
> 
> _______________________________________________
> Owasp-mobile-security-project mailing list
> Owasp-mobile-security-project at lists.owasp.org<mailto:Owasp-mobile-security-project at lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-mobile-security-project
> 
> 
> 
> --
> Jack Mannino
> 
> 
> 
> 
> _______________________________________________
> Owasp-mobile-security-project mailing list
> Owasp-mobile-security-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-mobile-security-project



More information about the Owasp-mobile-security-project mailing list