1 page.title=Android Security Acknowledgements 2 @jd:body 3 4 <!-- 5 Copyright 2014 The Android Open Source Project 6 7 Licensed under the Apache License, Version 2.0 (the "License"); 8 you may not use this file except in compliance with the License. 9 You may obtain a copy of the License at 10 11 http://www.apache.org/licenses/LICENSE-2.0 12 13 Unless required by applicable law or agreed to in writing, software 14 distributed under the License is distributed on an "AS IS" BASIS, 15 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 See the License for the specific language governing permissions and 17 limitations under the License. 18 --> 19 20 <p>The Android Security Team would like to thank the following people and 21 parties for helping to improve Android security. They have done this either by 22 finding and responsibly reporting security vulnerabilities to <a 23 href="mailto:security (a] android.com">security (a] android.com</a> or by committing code 24 that has a positive impact on Android security, including code that qualifies 25 for the <a href="https://www.google.com/about/appsecurity/patch-rewards/">Patch 26 Rewards</a> program.</p> 27 28 <h2>2014</h2> 29 30 <div style="LINE-HEIGHT:25px;"> 31 <p>Jeff Forristal of <a href="http://www.bluebox.com/blog/">Bluebox 32 Security</a></p> 33 34 <p>Aaron Mangel of <a href="https://banno.com/">Banno</a> (<a 35 href="mailto:amangel (a] gmail.com">amangel (a] gmail.com</a>)</p> 36 37 <p><a href="http://www.linkedin.com/in/tonytrummer/">Tony Trummer</a> of <a 38 href="http://www.themeninthemiddle.com">The Men in the Middle</a> <br>(<a 39 href="https://twitter.com/SecBro1">@SecBro1</a>)</p> 40 41 <p><a href="http://www.samsung.com">Samsung Mobile</a></p> 42 43 <p>Henry Hoggard of <a href="https://labs.mwrinfosecurity.com/">MWR Labs</a> (<a 44 href="https://twitter.com/henryhoggard">@HenryHoggard</a>)</p> 45 46 <p><a href="http://www.androbugs.com">Yu-Cheng Lin </a> (<a 47 href="https://twitter.com/AndroBugs">@AndroBugs</a>)</p> 48 49 <p><a 50 href="http://www.ec-spride.tu-darmstadt.de/en/research-groups/secure-software-engineering-group/staff/siegfried-rasthofer/">Siegfried 51 Rasthofer</a> of <a href="http://sseblog.ec-spride.de/">Secure Software 52 Engineering Group</a>, EC SPRIDE Technische Universitt Darmstadt (<a 53 href="mailto:siegfried.rasthofer (a] gmail.com">siegfried.rasthofer (a] gmail.com</a>)</p> 54 55 <p>Steven Arzt of <a href="http://sseblog.ec-spride.de/">Secure Software 56 Engineering Group</a>, EC SPRIDE Technische Universitt Darmstadt (<a 57 href="mailto:Steven.Arzt (a] ec-spride.de">Steven.Arzt (a] ec-spride.de</a>)</p> 58 59 <p><a href="http://blog.redfern.me/">Joseph Redfern</a> of <a 60 href="https://labs.mwrinfosecurity.com/">MWR Labs</a> <br>(<a 61 href="https://twitter.com/JosephRedfern">@JosephRedfern</a>)</p> 62 63 <p><a href="https://plus.google.com/u/0/109528607786970714118">Valera 64 Neronov</a></p> 65 66 <p><a href="https://github.com/michalbednarski">Micha Bednarski</a></p> 67 68 <p><a href="http://www.linkedin.com/in/luander">Luander Michel Ribeiro</a> (<a 69 href="https://twitter.com/luanderock">@luanderock</a>)</p> 70 71 <p>Stephan Huber of Testlab Mobile Security, <a 72 href="https://www.sit.fraunhofer.de/">Fraunhofer SIT</a> (<a 73 href="mailto:Stephan.Huber (a] sit.fraunhofer.de">Stephan.Huber (a] sit.fraunhofer.de</a>) 74 </p> 75 76 <p><a href="http://www.corkami.com">Ange Albertini</a> (<a 77 href="https://twitter.com/angealbertini">@angealbertini</a>)</p> 78 79 <p><a href="https://www.linkedin.com/in/tdalvi">Tushar Dalvi</a> (<a 80 href="https://twitter.com/tushardalvi">@tushardalvi</a>)</p> 81 82 <p>Axelle Apvrille of Fortinet, FortiGuards Labs</p> 83 84 <p>Tongxin Li of Peking University (<a 85 href="mailto:litongxin1991 (a] gmail.com">litongxin1991 (a] gmail.com</a>)</p> 86 87 <p><a href="https://www.facebook.com/zhou.xiaoyong">Xiaoyong Zhou</a> of <a 88 href="http://www.cs.indiana.edu/~zhou/">Indiana University Bloomington</a> <br>(<a 89 href="https://twitter.com/xzhou">@xzhou</a>, <a 90 href="mailto:zhou.xiaoyong (a] gmail.com">zhou.xiaoyong (a] gmail.com</a>)</p> 91 92 <p><a href="http://homes.soic.indiana.edu/luyixing">Luyi Xing</a> of Indiana 93 University Bloomington (<a 94 href="mailto:xingluyi (a] gmail.com">xingluyi (a] gmail.com</a>)</p> 95 96 <p>Yeonjoon Lee of Indiana University Bloomington (<a 97 href="mailto:luc2yj (a] gmail.com">luc2yj (a] gmail.com</a>)</p> 98 99 <p><a href="http://www.informatics.indiana.edu/xw7/">Xiaofeng Wang</a> of 100 Indiana University Bloomington (<a 101 href="mailto:xw7 (a] indiana.edu">xw7 (a] indiana.edu</a>)</p> 102 103 <p>Xinhui Han of Peking University (<a 104 href="mailto:hanxinhui (a] pku.edu.cn">hanxinhui (a] pku.edu.cn</a>)</p> 105 106 <p><a href="http://thejh.net/">Jann Horn</a> <a href="https://android-review.googlesource.com/#/c/98197/"> 107 <img style="vertical-align:middle;" src="images/tiny-robot.png" 108 alt="Green Droid Patch Symbol" 109 title="This person contributed code that improved Android security"> 110 </a></p> 111 112 <p>Robert Craig of <a href="https://www.nsa.gov/research/ia_research/"> 113 Trusted Systems Research Group</a>, US National Security Agency 114 <a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged"> 115 <img style="vertical-align:middle" src="images/tiny-robot.png" alt="Patch Symbol" 116 title="This person contributed code that improved Android security"></a></p> 117 118 <p>Stephen Smalley of <a href="https://www.nsa.gov/research/ia_research/"> 119 Trusted Systems Research Group</a>, US National Security Agency 120 <a href= 121 "https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged"> 122 <img style="vertical-align:middle" src="images/tiny-robot.png" 123 alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p> 124 125 <p><a href="http://www.linkedin.com/in/billcroberts"> 126 William Roberts</a> (<a href="mailto:bill.c.roberts (a] gmail.com">bill.c.roberts (a] gmail.com</a>) 127 <a href= 128 "https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged"> 129 <img style="vertical-align:middle" src="images/tiny-robot.png" 130 alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p> 131 132 <p>Scotty Bauer of University of Utah (<a href="mailto:sbauer (a] eng.utah.edu">sbauer (a] eng.utah.edu</a>)</p> 133 134 <p><a href="http://www.cs.utah.edu/~rsas/">Raimondas Sasnauskas</a> of University of Utah</p> 135 136 <p><a href="http://www.subodh.io">Subodh Iyengar</a> of <a href="https://www.facebook.com">Facebook</a></p> 137 138 <p><a href="http://www.shackleton.io/">Will Shackleton</a> of <a href="https://www.facebook.com">Facebook</a></p> 139 140 <p>Kunal Patel of <a href="https://www.samsungknox.com/">Samsung KNOX Security Team</a> (<a href="mailto:kunal.patel1 (a] samsung.com">kunal.patel1 (a] samsung.com</a>)</p> 141 142 <p>Sebastian Brenza</p> 143 144 <p>Wang Tao of <a href="http://sec.baidu.com">Baidu AdLab</a> (<a href="mailto:wintao (a] gmail.com">wintao (a] gmail.com</a>)</p> 145 146 <p><a href="http://www.linkedin.com/in/danamodio">Dan Amodio</a> of <a href="https://www.aspectsecurity.com/">Aspect Security</a> (<a href="https://twitter.com/DanAmodio">@DanAmodio</a>)</p> 147 148 <p><a href="http://davidmurdoch.com">David Murdoch</a></p> 149 150 <p>Alexandru Gheorghita</p> 151 152 <p>Mathew Solnik (<a href="https://twitter.com/msolnik">@msolnik</a>)</p> 153 154 <p>Marc Blanchou (<a href="https://twitter.com/marcblanchou">@marcblanchou</a>)</p> 155 156 </div> 157 158 <h2>2013</h2> 159 160 <div style="LINE-HEIGHT:25px;"> 161 162 <p>Jon Sawyer of <a href="http://appliedcybersecurity.com/">Applied Cybersecurity LLC 163 </a> (<a href="mailto:jon (a] cunninglogic.com">jon (a] cunninglogic.com</a>)</p> 164 165 <p>Joshua J. Drake of <a href="http://www.accuvant.com/">Accuvant LABS 166 </a> (<a href="https://twitter.com/jduck">@jduck</a>) 167 <a href="https://android-review.googlesource.com/#/q/change:72228+OR+change:72229"> 168 <img style="vertical-align:middle" src="images/patchreward.png" 169 alt="Patch Rewards Symbol" title="This person qualified for the Patch Rewards program!"></a></p> 170 171 <p>Ruben Santamarta of IOActive 172 (<a href="https://twitter.com/reversemode">@reversemode</a>)</p> 173 174 <p>Lucas Yang (amadoh4ck) of 175 <a href="http://raonsecurity.com/">RaonSecurity</a> 176 (<a href="mailto:amadoh4ck (a] gmail.com">amadoh4ck (a] gmail.com</a>)</p> 177 178 <p><a href="https://tsarstva.bg/sh/">Ivaylo Marinkov</a> 179 of <a href="http://www.ecommera.com/">eCommera</a> <br> 180 (<a href="mailto:ivo (a] tsarstva.bg">ivo (a] tsarstva.bg</a>)</p> 181 182 <p><a href="http://roeehay.blogspot.com/">Roee Hay</a> 183 <br>(<a href="https://twitter.com/roeehay">@roeehay</a>, 184 <a href="mailto:roeehay (a] gmail.com">roeehay (a] gmail.com</a>)</p> 185 186 <p>Qualcomm Product Security Initiative</p> 187 188 <p><a href="https://lacklustre.net/">Mike Ryan</a> of 189 <a href="https://isecpartners.com/">iSEC Partners</a> 190 <br>(<a href="https://twitter.com/mpeg4codec">@mpeg4codec</a>, 191 <a href="mailto:mikeryan (a] isecpartners.com">mikeryan (a] isecpartners.com 192 </a>)</p> 193 194 <p><a href="http://cryptoonline.com/">Muhammad Naveed</a> 195 of <a href="http://illinois.edu/">University of Illinois 196 at Urbana-Champaign</a> 197 <br>(<a href="mailto:naveed2 (a] illinois.edu">naveed2 (a] illinois.edu</a>)</p> 198 199 <p>Robert Craig of <a href="https://www.nsa.gov/research/ia_research/"> 200 Trusted Systems Research Group</a>, US National Security Agency 201 <a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged"> 202 <img style="vertical-align:middle" src="images/tiny-robot.png" alt="Patch Symbol" 203 title="This person contributed code that improved Android security"></a></p> 204 205 <p>Stephen Smalley of <a href="https://www.nsa.gov/research/ia_research/"> 206 Trusted Systems Research Group</a>, US National Security Agency 207 <a href= 208 "https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged"> 209 <img style="vertical-align:middle" src="images/tiny-robot.png" 210 alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p> 211 212 <p><a href="http://www.linkedin.com/in/billcroberts"> 213 William Roberts</a> (<a href="mailto:bill.c.roberts (a] gmail.com">bill.c.roberts (a] gmail.com</a>) 214 <a href= 215 "https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged"> 216 <img style="vertical-align:middle" src="images/tiny-robot.png" 217 alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p> 218 219 <p><a href="http://roeehay.blogspot.com/">Roee Hay</a> 220 <br>(<a href="https://twitter.com/roeehay">@roeehay</a>, 221 <a href="mailto:roeehay (a] gmail.com">roeehay (a] gmail.com</a>)</p> 222 223 </div> 224 <h2>2012</h2> 225 226 <div style="LINE-HEIGHT:25px;"> 227 228 <p>Robert Craig of <a href="https://www.nsa.gov/research/ia_research/"> 229 Trusted Systems Research Group</a>, US National Security Agency 230 <a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged"> 231 <img style="vertical-align:middle" src="images/tiny-robot.png" alt="Patch Symbol" 232 title="This person contributed code that improved Android security"></a></p> 233 234 <p>Stephen Smalley of <a href="https://www.nsa.gov/research/ia_research/"> 235 Trusted Systems Research Group</a>, US National Security Agency 236 <a href= 237 "https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged"> 238 <img style="vertical-align:middle" src="images/tiny-robot.png" 239 alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p> 240 241 <p><a href="http://www.linkedin.com/in/billcroberts"> 242 William Roberts</a> (<a href="mailto:bill.c.roberts (a] gmail.com">bill.c.roberts (a] gmail.com</a>) 243 <a href= 244 "https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged"> 245 <img style="vertical-align:middle" src="images/tiny-robot.png" 246 alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p> 247 248 <p><a href="http://thejh.net/">Jann Horn</a></p> 249 250 <p><a href="http://web.ict.kth.se/~rbbo/ussdvul.html">Ravishankar 251 Borgaonkar</a> of TU Berlin 252 (<a href="https://twitter.com/raviborgaonkar">@raviborgaonkar</a>)</p> 253 254 <p><a href="http://roeehay.blogspot.com/">Roee Hay</a> 255 <br>(<a href="https://twitter.com/roeehay">@roeehay</a>, 256 <a href="mailto:roeehay (a] gmail.com">roeehay (a] gmail.com</a>)</p> 257 258 </div> 259 260 <h2>2011</h2> 261 262 <div style="LINE-HEIGHT:25px;"> 263 264 <p>Collin Mulliner of <a href="http://www.mulliner.org/collin/academic">MUlliNER.ORG</a> (<a href="https://twitter.com/collinrm">@collinrm</a>)</p> 265 266 </div> 267 268 <h2>2009</h2> 269 270 <div style="LINE-HEIGHT:25px;"> 271 272 <p>Collin Mulliner of <a href="http://www.mulliner.org/collin/academic">MUlliNER.ORG</a> (<a href="https://twitter.com/collinrm">@collinrm</a>)</p> 273 274 <p>Charlie Miller (<a href="https://twitter.com/0xcharlie">@0xcharlie</a>)</p> 275 276 </div> 277 278 <br> 279 <p><small>If you have reported a vulnerability prior to 2014 and want to be 280 included on this list, or to report a vulnerability in Android, contact <a href="mailto:security (a] android.com">security (a] android.com</a></small></p> 281
