#development

Or libhooker whatever

Coretrust bypasses are stupid!!

i agree

is there a framework kinda thing for me to make a custom CC module?

is there an open source example?

wait what is CCSupport

balls

@grave sparrow so basically I shouldn't use CCSupport?

nah i would

its way easier

and stable

oh aight

bruj momento

i will, king

thank you

👑 for you

BigCock

hype

I actually love you

🚫 hetero

iocock

NSCock

CFCock

Does it make sense that a tweak targetting an AppStore app process can't read at /var/mobile/Documents/SomeFolder but unc0ver and checkra1n can? different sandbox patches?

UICock

fat'

So Odyssey is trash

Yes

I just confirmed with isReadableFileAtPath

LOModule.h

#import <ControlCenterUIKit/CCUIToggleModule.h>

@interface LOModule : CCUIToggleModule
- (UIImage *)iconGlyph;
@property (nonatomic, assign, getter=isSelected) BOOL selected;
@end

Pls

But on Odyssey it can't read that path

lol

so odyssey is bad

Yeah

which path are u trying to read

Also why change the path of tweak injection?

I prefer the Iliad

cuz coolstar hates established things

so they want to be different in every little petty ass fucking thing

Or

Because /Library/MobileSubstrate is a stupid fucking location for dynamic libraries

Yeah, for backward compatibility he should've left it like that

It is left like that and is backwards compatible

Are you high?

Well he symlinked everything

yes

Yeah thats called compatibility

I think its compatible still

You acting like a whole fucking fool

how much does

(nonatomic, assign, getter=isSelected)

matter?

I never put it in my @propertys when interfacing some existing class

u don't have to put any of those

does it do anything

also that getter name is default anyways

wait no

Assign vs strong makes a difference

its

selected

selected

setSelected

noob

but when I'm interfacing shit?

if u don't specify the default is strong

setSelected:

i think

weak

yeah

LMAO im fucking WEAKKKKK

like my properties

if ur doing a bool

jajaja!

u could just do

@property BOOL selected;

@synthesize

no

works for me on theos

Assign is the default

that's the compiler

i don't think assign is the default either

cuz i do

@"anyone use extra semi-colons ever for fun?";;;

@property UIView *potatoView;

and this works fine

no

It’s easier to default to assign for primitive types as well as objects than change the default per type

they're empty lines

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

ive never used nonatomic or assign/strong in the past 4 months now

Not even

yes even

ignored by compiler

They’re considered empty statements

Not the same

Doesnt @synthesize generate a getter/setter?

the same when I compile, right?

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

Yes, but if you have an error after that train of ; the source line isn’t modified

put this in every file

anyone know how to extract the checkra1n ramdisk

instead of having blank lines

Good god people, read the documentation

just fill them with semicolons

define documentation

i read documentation after i encounter errors /s

You don’t even need to synthesize since 2016 at least

//:

it's a face

and compilable

2015

"read the documentation people"

/s im kidding plese don't hurt me

at least

!e

how

at least means at the least

oh wait

my brain is broken

can we get an objc and swift bot here?

@restive ether

hello

@restive ether

can we get an objc and swift bot here?

Hi

armv7 bot please

you’re asking the wrong person

who is the right one

Sometimes

ask the jewish guy

what is this prime simpage

"your a python god"

who is the jewish guy

Just ask the damn question

aaron

and I am python god

the <@&558709886397972481>

<@&558709886397972481>

@shut stag

can we get an objc and swift bot here?

No

what is the point of said bot anyways

#CamerenForOwner

to harass shit devs

i’d happily pass even if that was a thing

Depending on what you’re doing, you don’t even need to do either

oh then it would be harassing you guys all day

ha gotcha

bitchass

https://open.spotify.com/track/4ePP9So5xRzspjLFVVbj90?si=empXq1zLTPqzM8Ql_llTBQ

fuck the UDID for being a piece of shit

with calls the __enter__ method when entering and the __exit__ method when exiting the with block

Which usually means close() at exit

smart people python.

for _io.TextIOWrapper, yes

i'm over here in my corner only doing machine learning from school

#CameronForOwner

no

@grave sparrow If you’re reading a file’s contents, pathlib.Path(“file”).read_text() gives you the contents

fuck you

pathlib

🤮

jk jk

but kinda 🤮

stop leaving and coming back it makes me need to do work

I don’t think there’s ever a “best way”

I wouldn't say it's most pythonic

why do you have to do work?

It’s a nice addition in 3.7

oh

because then i have to be nice

and press edit roles

smh

cause dev role

iPhone:~ mobile% sudo cat /dev/md0
cat: /dev/md0: Resource busy

literal hell

why do people still use python 2

They are?

I’m doing 3.7+

cause pongo scripts dont work with python 3.9

okay but use python 3.8

why 2.7

cant

i don't understand

distro doesnt allow multiple python installs

Use pyenv

L

^^

and i dont want to compile python3.8

personally i use conda

but that's cuz it has the windows GUI for installing keras and shit

anyone know how to cat a busy fs

I’m not doing any ML but I need 2.7, 3.6, 3.7, 3.8

exec("text=__import__(\"pathlib\").Path(\"file\").read_text();");

this is the most pythonic way

@half walrus 🤔 https://twitter.com/zacbowden/status/1345514848193556481

Until we can get rid of the py2 codebases

yeah i need 3.6 and 3.8 cuz keras only works on 3.6 half the time

Replace \” for '

no

I hate single quotes

Yikes

L

i hate keras

but its easy

and its what school is doing so i gotta do it

I despise single-quote pythoners

Do you know what “black” is?

wtf is wrong with u

double quotes people suck

what

leave

Search pypi black

the only time u use double quotes is in conversation or if the lang forces u

PEP8 wants to have a word with you

dont run sudo umount -f /dev/md0

ok

do it again

But_why.gif

how’d you find my bash scripts

replace exec( with python -c “

@restive ether im gonna stop leaving and rejoin to save you same time 😗

thank you fake cam

fake cam

real Cam

cameron is fake

i used a 300 character one line 3 lambda method to test if a device was on the network

no way PEP8 says to use single quotes

cameren is real

i’m not

Pep8 saw that line of code and cried

i’m just a figment of your imagination

pep8 momeny

I wish i was a figment

not of any imagination though

just a figment

subsb=($(python3 -c "print('${project_dirs}' if ('${project_dirs}'.count('.')<2) else '${project_names}')"))

this literally your code lmao

Use " as default, ' when it can be replaced for " and not change the meaning

or better yet, a pigment, maybe a meat crayon

the real question

disgusting

why waste more effort pressing the shfit key

shift key

just to use double quotes

imagine not having double quotes bound to your space bar

I see now that discord ate my \

\"

_ _

Use " as default, ' when it can be replaced for \" and not change the meaning

wtf space bar?

weirdo

not actually

why can I delete anyone's messages here

So you can do '"' instead of "\""

I would literally do

"\""

stop

Yeah, well, using isort, autoflake and black makes it so there’s less fights about style

not to be racist

but fuck black

So you focus on the logic

the reason I don't like single quotes is twofold

1. they look dumb

nah that’s tame

If you don’t want to use it, that’s fine. You do you

that’s one of the worse ones but

2. single quotes denote characters in other languages

that line was easier to write than writing it in bash

single quotes > double quotes

that's all lines

end of discussion

leave

u leave

no

require a long ass if-else and some wacky string crap to get it to parse strings properly

No quotes > any quotes

bash string handling is, barely existent

Just use string module

string.punctuation[1] to be more specific

true

Then build an assignment expression that you then eval to get strings without using quotes

Not 2 because goto:fail

what channel is it

ohh

Might also depend on how complex is the condition and the function

If it were more lines of code instead of a function call, it might be different to do code in the branch or not

im so tired i should probably sleep but i have to stay up to write shitcode

Again, no “best way”

id rather exit if a certain condition isnt met than indent further in an if

3:41 beaches

i would never exit

i would only check if the condition is satisfied

not if it fails

unless its something stupid like iokit

Just while (1); ?

lol

I mostly do early exit on errors

thanks samsung memory easy 14% memory OC

@glacial matrix

exec("print(%s\\%s%s)" % tuple(__import__("string").punctuation[1] for _ in range(3)))

There’s 4 quotes, but I can’t think of how not to

idk if it's possible

Maybe via ordinal to string calls and concatenations

@glacial matrix do you know Hello World in python?

print("".join(map(chr, map(int, ["᠑᠐᠔", "᠑᠐᠑", "᠑᠐᠘", "᠑᠐᠘", "᠑᠑᠑", "᠓᠒", "᠑᠑᠙", "᠑᠑᠑", "᠑᠑᠔", "᠑᠐᠘", "᠑᠐᠐"]))))

How to obfuscator my theos tool and tweak? I just try llvm but version 4.0 not work on new mac os

def H():
  def e():
    def l():
      def l():
        def o():
          n = o.__qualname__
          s = n.split(".")
          return "".join(_ for _ in s if "<" not in _)
        return o()
      return l()
    return l()
  return e()

def W():
  def o():
    def r():
      def l():
        def d():
          n = d.__qualname__
          s = n.split(".")
          return "".join(_ for _ in s if "<" not in _)
        return d()
      return l()
    return r()
  return o()

print(H(), W())

@restive ether give advanced dev

null does that btw

and uh

you know

...

you kinda uhhh

yeah

did that thing

loss

wait, what did i do?

i am that

same

unironically tho

you’re an insane pissweeb

@tepid olive bro idek how you have regular dev

neither do I

he made that one tweak

the notch one

and that was good enough

ah i see

forgot about that

even though it barely worked

how do I get verified role

rightfully so

I am verified Female Expert

be important

✅

u get good

ok

then u get verified

done

I am important

you’re the least important one here

i literally took that tweak down from bigboss

@restive ether verify or ban

oh did you

lmao

im so important even @tepid olive loves me

/repo yulky

cam take his dev away

the tweak is gone

its still on my repo

tweak to make me stfu

[[pissweeb]]

@restive ether, Couldn't find anything matching that search query!

plz

where is it

[[stfu]]

more importantly, how does @restive ether have dev role?

my name is in a depiction

that’s the only reason

@vivid dew, Couldn't find anything matching that search query!

prob gave it to themselves

i didn’t actually

a pedophile did

....

does @restive ether program

i do

tweaks

i’m an advanced java dev

i do java assembly

assemble this

public static void main java fucking sucks

pissweeb java

please stop stealing pwn’s tactic of copy paste

bro

it’s not healthy

Java is so bad

public static void main kms

class H{public static void main(String[]a){System.out.print("Hello, World!");}}

this man listening to My Name Is by Eminem

true

@grave sparrow Warning Sign makes me

Female ExpertToday at 12:01 AM
class H{public static void main(String[]a){System.out.print("Hello, World!");}}
Coldplay Captain IncorporatedToday at 12:02 AM
whatever
HaydenToday at 12:02 AM
this man listening to My Name Is by Eminem
Coldplay Captain IncorporatedToday at 12:02 AM
i have The Scientist
HaydenToday at 12:02 AM
true
Coldplay Captain IncorporatedToday at 12:02 AM
nobody said it was easy
HaydenToday at 12:03 AM
@Coldplay Captain Incorporated Warning Sign makes me

Coldplay Captain IncorporatedToday at 12:03 AM
fr

the guy i’m doing a contract for liked my IG post

nooooot sure how i feel about that one

holy shit what a mood

I love the way he speaks

there’s a sub comment of that where he uses no less than about 3 colons in one sentence

inside a parenthetical

wasn’t even joking

I consider it art

True

Thats a pretty smooth cheese grate

https://twitter.com/hakann_27/status/1345677624090255362?s=21

maybe a compliment? lmao

creepy

is this a weird thing to say i seriously can’t tell

i would say its borderline

https://twitter.com/_kritanta/status/1345676688953323520?s=21 in response to this

that’s not the opener i’d go with anyways but i mean

he's gotta see if its legal to give his opener

given half of the devs in the community are highschoolers i also get the sentiment of not wanting to hit on someone that ends up being 15 lol

very true lol

so anyways

asl

could anyone help me with dumping headers for a decrypted ipa? i decryped the ipa using bfdecrypt and tried to dump headers using class-dump-ipa and it threw an error

glhf

[-] Unzipping IPA @ decrypted-app.ipa
[+] Finished extracting.
[-] Dumping main executable: AppName
021-01-03 02:19:37.517 class-dump[10799:66912] Unknown load command: 0x00000032
2021-01-03 02:19:37.529 class-dump[10799:66912] Warning: This file does not contain any Objective-C runtime information.
[-] Dumping framework: SwiftyJSON
[-] Dumping framework: FBSDKLoginKit
[-] Dumping framework: Kingfisher
2021-01-03 02:19:37.642 class-dump[10804:66931] *** Assertion failure in -[CDObjectiveC2Processor loadIvarsAtAddress:], /Volumes/Lion/Users/nygard/Source/git/me/Tools/class-dump/Source/CDObjectiveC2Processor.m:411
2021-01-03 02:19:37.643 class-dump[10804:66931] *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Invalid parameter not satisfying: [cursor offset] != 0'```

is it creepy to follow someone on twitter after they like your github repo

depends idk

i don’t pay attention to who follows me

i know i can use flex but i really want to dive in more to fully understand the application and how its running

tbh flex is better for that than headers

yea but certain things i can't really see

you can’t run a .h file to see what code does

yea but i can understand it hopefully

i’d say IDA > lldb > flex > headers, when it comes to REing an app

//     
//     "max_age" = 99;
//     "min_age" = 18;
//     queue = purchase;
//     "queue_id" = "0bad8c7c-ddf9-47cf-9e64-3217b76d1a2f";
//     "queue_name" = Purchase;
//     "return_code" = 0;
//     "temp_id" = 1519843961;
//     ts = "2021-01-03T09:43:26.073Z";
//     type = "purchase_queue";
//     video = 0;
// }; userInfo = {
//     "is_batch" = 0;
// }}```

see things like this

my opinion: hopper > headers > frida-trace > cycript

ill try ida

now

i never used it before so lets see.

if you dont know how to dump heeaders IDA is not going to be useful

i'd do the headers

i know how to dump them. its just not working

not sure what class-dump-ipa is, but the normal class-dump shold work on decrypted bins

if IDA had a header-browser implementation of browsing an objc codebase

dear god

ida is too slow

someone please make that

i’d buy it again

compared to

literally every other disassembler

i usually jump to hopper

i can’t benchmark it against hopper because hopper crashes

i have a decryped ipa. i can't class-dump that right?

i have to decompress it?

unzip it and class-dump the bins inside

just put its bin in ida and re

but when it doesn’t, IDA 7.5 on macos still runs much faster than Hopper/ghidra in my experience

if ur using the 7.0 old ass pirated version yeah it’s slow as balls

definitely not my experience. in fact, ill use Hopper to check a bin out while IDA spends 10m loading the same bin

i have a legit ida license

rare

through work (im a mobile sec researcher)

2021-01-03 02:37:30.197 class-dump[10879:74465] Unknown load command: 0x00000032
2021-01-03 02:37:30.208 class-dump[10879:74465] Warning: This file does not contain any Objective-C runtime information.
dopeboy@Dopeboy#1360 Payload % ```

my company paid for mine

but it’s a single member llc

they wont even sell to individuals

what exactly is your goal @burnt niche

they do now

oh yeah with the home one, true

however i went through my LLC anyways

i think it sucks tho

you can buy a named license as an individual now

no arm64

it supports arm64 disassembly

i just want to explore the headers for that app. @tardy narwhal

did you finish your calculator

they’re beta testing a cloud decompiler as well for them

i also have a Home license

for some reason

i have a named + hexrays, need to update it though

haven’t tried out the decomp yet bc i lost the license key

yes i did. i finished it and fixed all of the bugs i had. i have been working on that all week.

but I think hopper is abetter value - havent had the crashes you have

nice. did you upload to git or anywhere

ida is slow even on my crazy specced hackintosh

my use cases for stuff usually tend to be different enough that i’m breaking normally functional programs

i haven't actually yet. i've been planning to learn how git works and the usage

and i’ve used IDA exclusively for long enough i probably don’t realise how slow it is compared to others

because i haven't ever had experience with it before

well learn version control upnext instead of messing with dumping xyz

Hopper’s decompilation is so bad, however, it’s not worth even using my license for it

at work we have a python arm64 analysis engine that outperforms ida's analysis

and push your sources to github for a sweeter resume

hopper can make some shit decompilation, agreed

but capstone for disassebly so w/e

i think the reason i use IDA isn’t the analysis, definitely not speed, just consistency and a large toolkit with pretty good UX

hey whatever works

alright man, after i add a log history view to it, i will definitely add it to github

photoshop of disassemblers, even down to to the absurd pricing model lol

wdym, CC is just ~$60/month

which is fairly cheap for the entire CC suite

ever tried cancelling a CC subscription

i put auto-crash reporting in a tweak, but I didn't anticipate how many other tweaks would show up in a callstack alongside my stuff. im getting all kinds of crashes from other ppls shitty code

has anyone else tried crash reporting

No because my employees need it lmao, long-term it’s cheaper than buying one-time for us ig

labelling it as $60/mo isn’t correct, all of their subscriptions are actually annual

if you attempt to cancel it before the year you agreed to in the fine print it’ll cost you more than keeping the subscription for the rest of the year

was the situation i was in when I needed it for a month back in HS

i pay bc i like owning my software legit, but can’t blame anyone for not doing so

at least IDA is up front about ripping you off

Well it’s billed monthly which makes it a monthly subscription unless you go for the non-annual contract which is roughly ~$90/month

the 1-year subscription variants costs ~$50/month

yeah still, “billed monthly (annual)” with no mention of cancellation fees except in fine print feels kinda wrong

That’s why they make you read the TOS before confirming usually, anyone not reading and blindly clicking ok on that “i have read” -checkbox is at fault

like yeah I get you reading five billion pages isn’t fun but why agree to something you wouldn’t know the details of

https://darkpatterns.org/

legally adobe is perfectly in the clear

doesn’t make it right

This is the one thing I love about Germans, they’re so savvy about their privacy most read the TOS beforehand lmao

that’s a weird national identity

hahah. that's amazing

but over here in the US i mean

just my perception of them from being here 20 years

NSA has all of our info already lol

least adobe isn’t gonna kick in my door

@lime pivot phillip made it and its bad ass. will be open sourced soon

and i typically assume websites aren’t extorting me in their TOS/PP anyways

hope you didn't notice the part of the chariz tos where it says you surrender ownership of your firstborn child

usually have a lot better things to do than read a 90 page depressing document detailing who they’re selling data to

@lime pivot we're also hiring, if you decide you wanna join another company sometime 👀

I did just quit my current job 👀

but I think I need a year to work out where tf I am in life + finish uni

🎉 🎉 🎉

yeah for sure, enjoy the time off!

might take you up on the offer one day

wait, how old are you kirb

but keep it in mind 😉 the team is basically uro, phil, and myself

22

love 2021 so far

ah, also made in ‘98?

it’s like new years resolutions but people are actually doing em

i was made in 98

made in china actually

(designed in australia)

goddamnit😂

kirb exposed

nsfw

mfg. by slave labour

god dammit

I mean

weighing down your mom for 9 months could be a form of slave labour

wow that can really be misinterpreted

i was gonna say mfg by child slave labour but i feel like that could be taken very wrongly

😬

thanks tim apple

fortunately the factory workers were grown adults at the time

at the time
implying they can suddenly become children in future

I can confirm Benjamin Button is not my parent

i have met many adults who definitely qualify as children

kirb ahead of the curve again implying age is relative

we’re all actually children™️

i dont like where this is going

age is actually -webkit-sticky

age is just an unsigned int

i wish it would be an unsigned char so we can just overflow back to zero quicker

feel young again

reincarnation moment

man people need to slow down with all the genders though

what happens if we hit intmax

the old system was hard coded for 32 bit processors, it’ll roll over

and then we won’t have any genders at all

I like to believe, as average life expectancy has been steadily increasing over the past 1000 years, we'll eventually hit an overflow in the universe where someone decided a short was enough

just need a few thousand more years to test that theory

this is my kind of existential crisis

i wonder if we’ll ever see age reversal in our lifetime

well technically you grow up learning just to work to later retire doing things you like preferably, which in itself is a kind of age reversal

@lime pivot what projects are you working on post-job

man you’ve got me in the mood for exurb1a now

chariz!!

i love when algorithms work

interesting stuff ahem eta #son

does chariz delvier tweak analytics to devs

idk how they would aside from download rate

I spent about 4 straight months working on a project for work that sorta broke me, so just working on it again in the past 2 weeks has felt really rewarding

kind of up to devs to do that and that’d require your own analytics server which is far more work than analytics on 500-20000 users is worth to most people

4 months of grind is not good for your mental health for the love of all that is good if someone tells you to do impossible amounts of work in a short timeframe just quit

stuff apple appstore does - download rate with device/os breakdown, crashes

analytics is always useful no matter userbase

i don’t think repos can access info that specific (or store it probably without modifying privacy policy)

yeah you can learn a lot just by download stats, but never really explored analytics beyond that

OS version and udid i think

and that’s not a useful statistic really

i would exclude udid to avoid having to tweak privacy policy - not included in crash reports anyways

given tweaks are typically rereleased as a separate project with iOS updates

I half think "analytics == bad" is dumb and half think it's fully warranted for how intrusive the big and co are across a scary number of apps

crash reports would require a proprietary chariz daemon on your device

or just grabbing crash reports from the file system every once in a while

analytics are great, providing useful ones to jailbreak devs is the challenge

think I mentioned an idea I had to you a few weeks back @robust radish

btw do i know you by any other names @robust radish

im ethan arbuckle - @steel depot on slack

er, @ ethan

it's not automated but crashreporter had a pretty much unknown and unused feature (like all great things in this community) where crashes could be uploaded to an http form

which could then be used a lot like the usual crash reporting solutions where they aggregate similar stack traces and tell you how many users had that crash, etc

it depends on users going and invoking it though, and users are flakey

that in itself is a very powerful thing, just feeling like you have oversight over when your code goes oopsie

the crash reports i receive from users are just straight up useless when i do get them via email from whatever is sending that

any aversions to scraping reports from the fs?

“analytics” for me is checking my twitter feed

it's also why I know Apple's crash reporting may as well not exist, the number I see in Xcode Organiser is about 1/50th of the crashes we have on Crashlytics

I reckon that could be totally fine if it's only crashes where installed chariz packages are a suspect

ive had a "Scraping" solution live for about 24h, and ive recieevd ~45 very useful crash reports (all for other tweaks though)

yeah that’s another thing lol

but some sort of community-wide crash report aggregator would be very interesting indeed

how do you determine culprit

usually isn’t correct on my stuff

Cr4shed and CrashReporter do a good job, but its hard to determine when the crashlog is unsymbolicated

example: https://ghostbin.co/paste/hz98f

honestly never is correct except when it's an objc/swift/c++ exception directly caused by my code lmao

theres 3 tweaks in the crashed thread callstack

HomePlus crashes that happen on the initial warmup of the icon model will always report as a snowboard crash

yeah snowboard is one of the tweaks in stack

but the latest tweak is usually the culprint

that is, the topmost frame

Could be helpful just to send it to all devs

heh, a few times I've very carefully architected code because I expected lots of false-positive crash report emails for other people's bugs

(the example is one of the auto-reported crash logs I got)

i always carefully plan for everything except the actual issues that come up

if you're auto ingesting the false positives isnt a big deal - can be cleaned up with a script later

I get enough of those under Cephei where we just say "we'll look into it" and I promptly trash the email

less of those lately, I think cr4shed doesn't list any except the primary culprit (closer to the top of the stack?)

yeah cr4shed does a good job

a tweak analytics aggregator sounds like a very interesting project though

very interesting

and would lead to improved tweaks

wonder if it could be done in an open-source way

I have a feeling users would trust it with Chariz's name on it

everything should be open source

the question is how to do it very anonymously, and yes, should be open source

something depersonalised to the point of the analytics platform being completely open to everyone

can likely feed crashes into self-hosted Sentry in fact

if you only collect crash logs, device model, and OS version - it is anon

I wonder if it'll understand pre-symbolicated crash reports

sentry probably collects more info

symbolicate them on device with my technique https://github.com/EthanArbuckle/carplay-cast/blob/master/src/crash_reporting/reporting.mm#L136

oh I just mean feeding into Sentry as backend, not using their iOS SDK

ah

anyways, i think the tweak analytics would be really neat

AAAAAAAAAAAAAAAAAA

a

I’m still queue place 848

What the fuck has happened

best case, you end up with two computer go brrr cards?!

lol

Something has fucked up somewhere on their system and I’m not sure where

I have a thought of how crash reporting can be done "securely", if I get the dev to opt into crashes that appear to be related to their packages

but thinking of the privacy policy/tos I'd need for that ugh

why would you need anything if no user or device specific data is collected? address in a callstack dont qualify

probably could bastardise a git server for devices submitting analytics

if GDPR/CCPA aren't too harsh I can just explain it in a few sentences, worst case, discard reports coming from EU/California IPs?! lmao that sounds terrible

oh I'm just being worried that it "maybe" could leak something specific

^

like it is still coming from your phone in the end, so I have a rough location, through subpoenas that could become a list of a few potential people in a specific area

…of course I would be discarding IPs, not even logging in standard server logs

its good to be caution but as long as you dont go anything liike collection udid or associating the logs with a user account, its good

I can of course also do the differential privacy thing and at random send only some or no crash reports

oh yeah I have zero reason to collect IP or udid for legitimate reasons (aggregating crashes), maybe at worst use a hash of a few things including a client-generated uuid that rolls over every 12 hrs just so the same crash coming in multiple times from one person is ignored, or something like that

important to consider the irrelevance of most of the people who’re actually concerned about the non-issue of anonymity there

you could offload yourself of the data collection responsibilies by allowing repo maitainers to specify an endpoint in which Chariz will send crash reports, if devs choose to

and you store nothing

just make it opt-in and call it a day

opt-in should be fine actually

bc the only time i ever enable crash reporting is when it’s off by default

I'm thinking too much of it being opt-out because I'm an evil megacorp I guess

as in “this company clearly respects user privacy enough to not even send anonymous crash data without consent, i trust them”

true

how dare you make the user decide whether they want to be tracked! they should have to be aware that tracking is a thing, that they can opt-out of it, and they should have to follow all our specific instructions to enable the opt-out cookie and pray it always works!

not gonna read their cookie cutter 90 page privacy policy, means literally nothing

they don’t even hold up in court

libsymbolicate produces a better result over ios' coresymbolication, its just kind of heavy

and slow

alternatively

offer a standalone library+daemon that does nothing by default

sounds more intrusive, and would likely conflict with crashreporters

allow developers to utilise it alongside your crash reporting server

that’re on the chariz platform

that’s an interesting idea

why have a daemon for something that can be done in an arbitrary process after-the-crash?

that wasn’t the point of that statement

i’m not familiar with the best architecture for crash reporting

just as an idea

which i think actually just parroted what you said earlier that i missed

CharizKit.framework ✨

devs may not want to implement it though. It'd be easy to provide a google cloud function template for storing logs in a google storage bucket

all cool ideas that we’ll probably never get around to doing

i lost my sad cat emoji i’m stuck with a cowboy now

i’m uncomfortable

i did all of this this week - chariz should copy/paste

ah neat

well I did make the conscious decision to work for myself this year

that is excellent

so it's in the realm of possibilities

you shouold make a patreon

@ me when u do i’ll go sub

my patreon is chariz seller fees 🥵

same

yeah but it would be fairly simple whipping up a template server for devs to just run as endpoint to collect crashlogs securely

https://github.com/EthanArbuckle/carplay-cast/blob/master/crash_reporting_cloud_function/main.py

lord it’s 5:30 AM

https://patreon.com/hbang I think it's still up lmao

nope it's gone

hosting that wouldn’t even be 5/month

its free under 2 million requests a month

do i sleep

not that I'm aware of

oh damn that’s actually cool

i don’t wanna waste a whole saturday sleeping during daylight hours

I left it up for like 2 years and watched people very slowly figure out it was dead and cancel

but is it worth it if i’m missing an entire night of sleep + some change

i tried to donate to you a long time ago and eveyrthing 404'd @lime pivot

i think i found some paypal though

hah really

you’re a python wizard like uro I see, my code will get roasted once I publish oh lord

https://hbang.ws/donate I forgot this still works

every time you write bad code just leave a comment with a link to my github

in Modern Times it goes to paypal.me, in The Bad Old Days it was that shitty html form with a public key field they made you do

my username alone will provide the contrast needed to make your code look good by comparison

Lmao I fear that I’m not using best/ good practices most of the time because I follow DRY a bit too hard to make code shorter

but so far writing a repository in python has been nothing short of a blast

same but

as long as you combine that with good use of classes

having worked in a fairly big codebase for the past 2.5 years I think I got a good knack for good MVC code

this is what i sent it to i think

like

DragonGen was unreadable after the rewrite that was extremely DRY

especially maneuvering between all the old objc code that very much failed to understand MVC or delegates or the responder chain

but i moved it to classes and a few separate files and it’s very very easy to work on now

that’s a lie

it’s easier

some smartass decided the UITabBarController delegate should be the currently selected tab view controller

finally got to get rid of that terrible code

love to see it

I did not ask for this

lol still can’t understand how old h+ layout code was so

why are PayPal a bad company

firefox

I see hayden has been converting people

https://github.com/KritantaDev/HomePlusPro/blob/master/Hooks/ios13/MainLayout.xm#L120 deadass

the only time in my life I wasn't using firefox was in the Bad Old Days of IE6 and the Also Bad Old Days when mozilla forgot their browser exists for like 4-5 years

this is the only line required in this ~400 line file of hooks

I had a friend who bought a Firefox Phone like not even a month before they announced the project was discontinued

that was great

the rest of the logic can be recreated with a 10 line function in a .m Manager class

and doing that solved like 90% of my bugs

ouch

lol

damn

sounds a lot like the code in my job's codebase…

have to do some weird shit with appLibrary though in terms of iOS 14 stuff

so the file will grow once again

didn't have time to fully rewrite a creaky old view controller, but I did remove like 90% of the lines in it

fbsapplicationlibrary?

this is

an sbfolder

that contains an abu on list

SBICONLIST

split up into a few separate files pls 💚

that contains SBFolders

that contain more SBIconLists

I hate files over ~350 lines

i like 1 file per hooked process

(he says, working on a chariz file of 514 lines)

i’ve started putting each class i hook in a separate file

but only call %orig once!

a la how interfaces work

@gaunt mesa you're gonna love refactoring my shitty code from 2016-2018 😁

just SBIconListView.xm kinda thing

inspired by velox

which was a one file tweak :)

with no indents :))

hahah

ok not so hahah

oh no

nononon

was that phillips version or a different one?

it was at a point where

apparently Daniel had zero to do with Velox 2

you have to respect the person for managing to get that far on something when you see their code

he's not sure how he even got authorisation to use the name 😬

i ditched logos just to make working on the project possible

haaah really

bc the .xm was one file but everything else was just a huge mess

.xmi sorta helps but I really really despise it

300+ compile jobs according to ninja on a clean build

and if I had a chance to break features I hate maintaining I would gladly break that

probably the project you can thank for me continuing to work on dragon

as build time with theos was upwards of 3 minutes

was that startup time (my fault) or is make just plain and simple dog shit?

think we talked about it a long time ago

it was with make 4 so

i spent an hour this week trying to get theos to let me put the control file in a subdirectory without luck. makefile syntax is annoying

I mean make is dog shit but was that the perf problem

i think theos just isn’t designed to scale to such a massive, poorly designed project

ugh, I haven't touched packaging stuff in years I think

I don't like it at all

it takes dragon 7 seconds to clean build

which on the machine that benched that time is a long time compared to any other tweak dylib

legitimately longest build time, H+ has 142 jobs on a clean build and the main dylib never takes more than 5s

at one point I wanted to use dpkg's super cool control parser with ${SUBSTITUTIONS}, never finished that

it's probably like 20 commits down in my git stash from 3 computers ago

that packaging code was very frustrating to mess with

realised that control files are yaml

i am about to ask a really stupid question rn so be prepared

immediately abstracted them out

how… how tf did you get a 3 min build down to 7 secs

man

yaml-ish - i dont think they can have indents

ninja

• not having to deal with all of the scripting crap in his makefile

so there is a method called -(void)queueReceived:(id)arg1 and i nslogged it NSLogify queue recieved called NSConcreteNotification 0x281081980 {name = QueueReceivedOverSocket; object = { queue = random; "queue_id" = "737ee8b3-0ef5-43af-933a-b605ec9c046b"; "queue_name" = ""; tags = ( "" ); "temp_id" = "<null>"; ts = "2021-01-03T11:49:49.930Z"; type = queue; }; userInfo = { "is_batch" = 0; }} is there anyway i can use change the information inside this when its called?

velox was an extreme and i’ve never seen theos choke on a project like that before

so he probably either found an edge case or did something very bad in the makefile

all I know is nowadays having more free time, there's a ton of candidates for components to rewrite in a native language (which one? who knows!) or more likely python

hasnt uro been doing that for a while

in python

python/bash should be the only considerations imo

which is also a good reason to start an OnlyCode GitHub Sponsors

no other interpretered languages have the same level of adoption

python theos + native logos ?

probably c

no

a project that does nothing but parse strings, in C

native logos would be badass but, I always think of super cool ideas and then reconsider that dumb line-by-line regex parsing perl logos has been fine with no major complaints

reuse llvm's parser/tokenizer

fork llvm

just an occasional "I wish it did this" that can be worked around

i’ve been saying this for ages lol

not literaly string parsing, thats not how you parse code

https://iphonedevwiki.net/index.php/Clang-logos

eswick went there 😛

hahaha

yep, it’s in my forks

outdated though, but good for reference

that’s exactly how it should be done

official fork of apple’s llvm project

add support for logos directives

his opinion was that it works but it's a pain in the ass and didn't seem worth the trouble of digging through an ever-changing clang codebase for

shoutout eswick

add support to clangd

clangd support would be extremely cool

loll good times

an official fork of the apple toolchain also solves the new ABI issue 😛

truuueeeee

maybe it's time to just do it

if theos uses a custom built in toolchain it’s automatically no longer an issue

toolchain maintainership has changed hands so many times it's amazing

it’s been something i’ve been working on for dragon and why i looked at that beefy VM in the first place

who else besides dustin uro and you?

should just bring it into the theos org as A Thing it does as a duty of keeping the whole show running

nah dustin never did I don't think

ah

last I talked to dustin he also threatened to sue me

could delegate it to procursus

lmao

whoever did the toolchain in the super early days --> saurik --> ininjas --> coolstar --> kabir (hosted by karen for some reason) --> bingner

as procursus (currently) is an actively maintained org with the selling point of keeping things up to date

I'm not aware of how this one happened lmao

he doesnt like the ghostbin situation

his angle was the logos but theyre not actually trademarked so

doesn't like you running an instance his project on the same domain with one less letter?

he gives everyone who emails him about pastes my personal email address 🙄

I mean seems a little unnecessary to threaten legal action over an open source project you were just too busy to run

…

that does sound like a thing he would do

gh never sued me for krithub

a formidable competitor till i lost the VPS and all code hosted on it on accident

rip Obamium the tweak

you wouldnt believe the traffic a paste site gets

I don’t think karen hosted my toolchain but that could be me getting confused

did this happen to be that leaked GitHub source

no it was a gitea instance

i just memed with the site name

it was right there how could i not

may have actually been coolstar's toolchain, round 2

also the swift toolchain angle’s a fun story in itself too

jesus

yeah that’s possibly it

monetise that

those numbers are insane

consolidating swift in with The Official Theos-Blessed Toolchain® would also be extremely useful

how does pastebin’s website still look like garbage

if they’re getting that much traffic

and running ads

can’t imagine getting sam to agree to that lmao

because the like 6 ads per page bring in enough money to not give two fucks about the site or what happens on it

well… if anyone wants to inhibit progress for silly reasons they can be left behind is all I can say

i mean the toolchain even currently that theos promotes shouldn’t be maintained by a single person

in this community of all places

also I’ve been meaning to check out procursus’ swift toolchain at some point to officially sanction it for use with theos

sanction sounds so much more interesting than it should be lol

even ch1 has a massive decentralised team and still gets slowed down by silliness

might need to collude with procursus to create a toolchain trade deal idk

grabs popcorn

i’d like to decentralise dragon a bit more but at the same time

i dont like ads but i'd probably sell it if someone offered

if i’m the only person with any influence i can ensure that no drama gets involved

I'd worry about it turning to shit instantly if sold

which is a paradoxical situation

oh its horrible now

you just know all they care about is making back their sale price 1000000x by slapping 6 ads on the page

oh about ads, I was talking about content. but true

this is the reason I want to make Orion a Theos thing instead of a personal thing; I don’t think one person should have the burden of maintaining all of that

and then never caring about abuse or performance issues

yeah, I totally agree it should fall into some "community" umbrella like Theos

at the end of the day most projects of that calibur only have one real maintainer anyways

excluding theos itself

^ very true

this makes me think of how apt and dpkg are basically exclusively maintained by 1 guy each

Yeah I’m slightly concerned that’ll end up happening but I hope others want to help

and curl

and has been for the past 10+ years

everyone has the project they care about significantly more than anyone else

i have 5mil additions to dragon

mike ash literally owns the objc runtime

next highest is 50

not million or thousand, just 50 chars lol

one day one of these 1-guy teams is gonna lose their only guy and the world will just be lost on what to do next

my time’s kinda been split between Orion and Supercharge lately

of all people I'd want it to be him lmao

what about

yeah bus factor :/

apple is big on DRI, and he is "objc DRI"

i feel like

there are a lot of times where a single person being the “owner” of the project provide massive benefits over decentralised ownership

also I just finished the getting started tutorial for Orion imma tag it so that gh builds the docs and I’ll share a link here if anyone wants to see

and the only time it becomes an issue is when that person no longer cares about the project

at which point, in open source, decentralisation happens naturally

I really wanna properly read through these docs cause they sound great already

maybe if I just copy and paste dragon over Theos, I won't need to get to that documentation I never did

you could setup a github sponsorship on the theos org

dragon documentation is lacking as hell

unfortunately that sort of decentralisation also often comes with fragmentation (eg saurik stuff)

still better than theos but

one day I'll just do it and tell dustin he doesn't have a say if he hasn't touched the project in 8 years