Security Projects

App Profiles: Understand the Permissions Requested by Android Apps

Have you ever wondered what the apps on your Android device are doing with all those permissions they ask for? App Profiles seeks to help you better understand the privacy and security implications of the software you install in order to allow you to make informed decisions about your privacy.

Off-Path TCP Sequence Number Inference Attack, enabled by Sequence-Number-Checking Firewall Middleboxes

Simply put, it is a type of stateful firewalls that tracks the state of TCP connections and drop packets that do not match the current state. One specific state that it checks is the TCP sequence number state. Specifically, the firewall only allows packets with legitimate sequence numbers (or rather a range of valid sequence numbers) to go through. A picture of the design is shown below -- the firewall middlebox initializes the valid sequence number window (X-WIN, X+WIN) and (Y-WIN, Y+WIN) upon seeing the TCP SYN and SYN-ACK packets. Later packets in the session have to have sequence numbers within the range in order to be considered valid.