We are currently focusing on the Android/Linux platform and interested in exploring systematic ways to discover vulnerabilities in Android-based mobile devices and propose related solutions. We have so far discovered several serious issues in the common AOSP code (from Google), vanilla Linux kernel, vendor customization or extensions (from Samsung, Qualcomm, and MediaTek etc.), as well as third-party mobile apps that might affect users at a large scale. We are committed to reporting our discoveries to affected vendors and closely collaborating with them for timely fixes.