#development

and there’s about 10 people total in the community that care about them whatsoever

yeah @robust radish and I discussed it a long long time ago, and he raised a really good point that I don't even know what companies are out there using Theos

whats the $ threshold that makes setting it up worth it? its low effort

rest of the people see it just like substrate

https://orion.theos.dev/getting-started.html it’s up :)

10 ppl could be $300 a month

who can be guilted into giving me money every month

feedback appreciated ofc

the 10 people are mostly the active theos contributors is the thing lol

I think even just mentioning Orion would easily get some patrons

it's been very long awaited

(mostly apple's fault)

completely unrelated

given my lack of understanding of orion internals

whats the $ threshold that would make it worth it then? i could probbaly do it

I've had this iPod for like 6 weeks now and I'm still on the first charge

how difficult would implementing orion in the toolchain itself be

i’m having fun ideas

could be convinced it has infinite battery life

why stop with objc and swift

interesting idea, why would that be beneficial though?

.

Orion for Android

what else would you want it for?

substrate for android definitely worked out..

wait so orion is already included in latest theos

lmao, sarcasm

i’m thinking more along the lines of

not yet

alright

implementing logos and orion into the same toolchain in a streamlined manner

then

its so funny going to look @ the substrate docs and seeing all the other platforms' docs

why not go a step further

I don't know how to explain that phenomenon, Magisk is the only "hooking" platform standing and even then the tweak selection is terrible

i know i’ll be trying it at launch lol

looks great

add JS via supercharges projects

magisks is the shit

and Xposed

Edxposed

make conventional tweak dev truly accessible

and when I say "hooking" I mean just supporting overlay filesystems

i maintain farms of android devices on that bs

aka when I type mount it outputs like 300 lines of each individual file in the overlay 🤷‍♀️

thing is orion doesn’t behave like a conventional preprocessor, it generates a glue file and implementing that in the toolchain would be relatively difficult

there’s a feature creep issue as well

or scope issue is maybe a better phrase

what about bytebuddy?

that wouldn’t really be a toolchain thing ig

something theos could handle

yeah Orion isn’t something that belongs in the toolchain imo

aka i implement it in dragon and flex it in the hopes theos gets it at some point

speaking of

when I think Magisk tweaks I think of the like 3 useful things you can do

1. bypass SafetyNet
2. replacing NotoColorEmoji.ttf with blobbos
3. installing useful tools to /system/xbin

https://github.com/DragonBuild/dragon/blob/master/internal/tools/device.py

I’m worried iOS might end up like that as well because tweaking swift is hard

it perplexes me how there just isn't a community that goes deeper than just the officially supported hooks (like launcher) as we have

this was written with theos transplantability in mind

scan apps for security issues dynamically

please consider using it if you ever feel the need to improve theos’ current device IP setup

also @lime pivot any chance you could go through the getting started tutorial when you have a minute?

and the roms situation is just a total mess, you just have to pick one of the many options that does most of what you want and just put up with the things you didn't want

lose SafetyNet, lose random features from your OEM's official AOSP build, lose Google apps without installing a questionable zip you have to pray isn't stealing your Google login

running device.py get will print export statements to stdout

my Xiaomi was a great phone for the time but every rom I tried had the same problem where the fingerprint sensor would activate on my leg in my pocket

idk if that would need to be adapted for make in a different way to make it usable

not an issue on stock MIUI

thats annoying

https://github.com/theos/theos/issues/536 it was written with #536 in mind

phone vibrates on recognising a "finger" and gets warm from repeated activations even after the timer locks out

and i might just go ahead and cover that issue rn with it

tomorrow maybe can do

already has support for multiple devices

cc @tacit spade

we've been floating the idea of building our own android rom at work but we'd have to go through the oem cert process w/ google to get the playstore working, which makes the whole thing very offputting

only “downside” is python becomes a dependency for theos

iirc llvm depends on python though

I feel like we do eventually need to take the plunge and just add python as a required dependency

that’s probably gonna happen anyway

yeah

ty

it'd help if macos shipped with python3

I mean doesn't matter if we do it sooner than later

that’s the only reason i could imagine the stuff i wrote with theos in mind not being used

I think it does now but I’m not sure

it's easy to detect and bail out on at least

but yeah i’m fairly sure llvm requires it

or maybe it’s lldb

refuse to run until python3 exists

better yet just write code “mostly” compatible with both

but its annoying for the user to install python3

“Usually™️ works on python2 but doing so is not officially supported”

does homebrew still compile it from source?

I always did --force-bottle and lo and behold that actually works

last I checked I have a /usr/bin/python3 so either stock macOS or Xcode command line tools come with it

i am

why it builds from source I really really don't know

fairly sure macos ships with py3, no?

oh yeah i have /usr/bin/python3 too

bc i remember big sur having 3.9

Nice

3.7 on catalina

which caused a bug

hmm

which i haven’t fixed

I guess it just doesn't exist in there or something

fix is “don’t use 3.9” iirc

otool -L /usr/bin/python3?

@nimble parcel swift prefs wen

mine just links libsystem basically

already on it :)

tf is this

I’m planning to make a tutorial for a swift tweak with prefs

that's all strings tells me

it may be an xcrun stub

probably one to hide/unhide the dock background without respringing (got that working with HBPrefs yesterday)

yep it is

30kb

oook yeah the OS doesn't ship with python3, it only ships with python2

lrwxr-xr-x 1 root wheel 67 Dec  6 10:24 /Library/Developer/CommandLineTools/usr/bin/python3 -> ../../Library/Frameworks/Python3.framework/Versions/3.8/bin/python3*```

annoying

makes sense

If the command line tools have python3 that should be good enough shouldn’t it

but i guess most ppl with theos will have brew?

they removed as much as they possibly could from the base OS and plan to remove more soon

and brew makes python3 less of a hassle

idk but if you’re running a machine without python3, you’re likely not at the point of being able to install theos

but still unideal

Apple PHP even tells you to not use PHP!

there were certain dependencies i don’t disclose as dependencies on the iOS version because it’s unrealistic that the user wouldn’t have them

WARNING: PHP is not recommended
true

@lime pivot I’m planning to use hbpreferences in the official prefs tutorial for orion yw

👀

lmao apple can be funny with that stuff

as especially with theos, the llvm project is technically a dependency, and to install it you’re going to end up with python3 and most other tools along the way

Banned @nimble parcel

i dont think you'd end up with python3 just installing make/theos

nice \n

definitely not

is python3 required for using llvm or just for building it?

i think none of us here being quite sure if macos shipped with 3 or not kinda made that clear

Cephei eats ur first child

for lldb

it doesn't for sure

on ios anyways

@nimble parcel I think python did ship with macOS

maybe python2

As I never installed it myself

but if you use theos without Xcode or CLT installed you're a little special for not reading instructions

And have it

so 🤷‍♀️

yeah it could be python2

python3 in particular tho

i’m not sure bc that’s referencing bing’s ios toolchain

and elu doesn’t have 3

how do I have python 3 then I never installed python 3

python ships as standard in all sane linux distros, and Cygwin is Cygwin

either

so

when it comes to theos then, actually

python2 would have to be the target lang

ugh, fuck

really

ugh

thatd suck

I mean at least it's not like Python 2.4 or some shit

less problematic than it sounds really

import future or whatever it’s called

the latest and greatest Telesphoreo has to offer

PyCharm does it automatically

using python 2 is a bad idea imo

id make ppl install python3 over writing it in python2 tbh

pretty sure I remember pip/easy_install just didn't work at all on that

Procursus

homecursus

using python 2 vs ensuring compatibility

Maccursus

target 3 but make sure 2 works as well

Python 2.6+ has the Python 3 forward compatibility stuff iirc

can we just make Procursus an absolute requirement lmao

device.py supports python2

Yes yes

can’t speak for dragongen

stuffs more popcorn into face

jeez eat in moderation at least

no type annotations

as hesitant as i am

needs to happen

you can’t tell me what to do mom

with shit like elu having the repurcussion of limiting work on theos

Listen to ur mom

Oof theos is indeed written in py2

I've been conditioned to always read "sliding in" as meaning something dirty

TIL

Same

One easy way to figure that out is to look up print statements

I'll do you one better it's written in perl

this would be better than the current state

yeah

shutter

Oh wait wtf it's written in perl...

it’s almost satirical

like

Rewrite theos into CBython pls

the projects not written in Makefile, which isn’t even an actual language

say "obsolete language with a new total refactor that's been in development for 10+ years with no release date in sight but it also happens to be really good at line-by-line parsing and regex" with me

are written in perl

Cython + Bython + Python

reminder that for something truly cursed you need to look no further than https://github.com/theos/theos/blob/kabiroberai/orion/bin/swift-support-builder.pl

I looked at the print statements and assumed py2 lol

literally just

Vibeok

as an example of how Theos has ruined my brain, I recently wrote a perl script to solve a problem at my job

please stop writing stuff in perl

perl projects: theos, ddos scripts

I'm sincerely sorry to whoever needs to run that script after my last day

take the jump, add py3 as a dependency

stop commiting perl code

it's also really hacky, so, take of it what you will

I should look for a job soon if January doesn’t make enough money for my goal

can i commit sudoku

My entire CV is basically empty Bc I’ve never worked anywhere

And these damn jobs require experiences

Then get a job to get that experience

i believe the politically correct terminology is “dying by perl code”

you've worked for the infamous tech company Tr1Fecta

it’s absurd that a project 10 years older than mine can’t do this

if the connection doesn’t fail it’ll automatically copy your key over as well

put projects on your github and use them as experience

it should do all those things

it’ll also generate the key if you haven’t yet

it also doesn’t require ssh-copy-id since ios doesn’t have that

I just shudder at thinking how I'd make it work nicely with make without breaking API contracts every time and just drop the idea

that took me an hour or two tops

expert: theos uses arp-scan to find devices and tries the ssh port, auto-chooses a jailbroken device. asks for you to select one if theres multiple

now that's galaxy brain

well

not even hard

.

that’s not even impractical using dns multicast stuff

you can also enable bonjour and scan for _ssh with the built-in dns-sd command in macOS

this was my first jailbreak related project i published actually

was a script that did that

that actually

lol

@gentle crescent I have perms to send messages in #794200785789124621 btw

Wait wrong channel

why are there so many names for the thing that broadcasts devices over DNS

satisfied the issue i posted in chat earlier

o

ty

me when I need to scan my network to find my devices

.

discoveryd throwback

i just used, bash i think, + a native c script that worked with arp

so what it did was actually allow you to install to a mac address instead of IP

buggy router back then

and it’d install to multiple

tricks picked up by maintaining farms of devices. I do something like this to push binaries to "any ios device that can be found on network with openssh"

nowadays I seem to usually be able to ssh to iproxy and it just, connects

even though I don't have Xcode wifi debug enabled

you've worked for the infamous tech company Tr1Fecta
@lime pivot true

probably partly only works on public networks (uni etc) because bonjour prefers ipv6

weird, i have to enable wifi debug for that to work. and wireless console logging

idk what it actually is but all of my apple devices can be accessed by hostname over ssh on my LAN

and it dies sometimes which sucks

i have no idea how

But I do need a job at some supermarket or something

why wireless lockdownd sometimes works sometimes doesn't continues to be a mystery

Make some more money Bc all my money is invested in shoes rn

i tried looking into it and i remember it confused some other people as well

but it's worked for me more often than it hasn't lately

everybody gangsta until someone walks in with a jailbroken phone with their password set to alpine

my router doesn’t support it

I need to make more money to invest in shoes

perks of living in kansas ig

I need less money so I stop buying shoes 😬

everybody gangsta until someone walks in with a jailbroken phone with their password set to alpine
@nimble parcel thats me

lmao could be bad. these devices are isolated on their own network

I have partial progress on a python implementation of this

I'm sure yall would be glad to take that burdensome savings account money off of me

I need less money so I stop buying shoes 😬
@lime pivot i can help u with that

only jailbreak anyone knows about here is when another methhead breaks out

the WiFi debug toggle is only required for paired lockdown operations iirc

wen open source

and

are you working on it on your vacation

We have another 2 boxes downstairs, mid January this’ll be about 20 boxes

yeah I think it totally bypasses all of the Xcode-specific safety stuff because it's just the tcp proxy feature

concerns about automatically opening port 22 on jailbreaks due to security issues imply that developers leave their house

not the "install and debug arbitrary code on this device" feature

have you considered becoming the proud owner of a recycling bin

I have one

installing tweaks is kind of crazy

see

don’t get me started

I may have forgotten to disable ssh password auth while I was holidaying in the US last year

package managers dont even show you what process and which entitlements a dylib is about to get

tweaks need to be reconceptuqlized from the ground up

Need drake to release his new album and new shoe collab with Nike so I can clear all the stock

tweaks need to be reconceptuqlized from the ground up
@half walrus and how do u plan on doing that

futurerestored the phone when I realised, ugh

and until that happens people need to stfu about privacy or security concerns

we’re galaxies worse than apple as it stands on that front

literally no UI difference between an executable and a tweak that hooks every process and scrapes shit. and jb users are hoenstly not all the brightess so they arent thinking about it

this reminds me

needs to be handled by package managers or repos or something

@half walrus you're still up for some paid work right? 🙃

if a closed source tool being able to inject into any process with root perms isn’t enough

go ahead and just write whatever you want in the postinst

we’ll just run it as root for ya

no need to show it to the user

sometimes theyre nice and echo stuff in them 😆

pro tip^ if you ever need to reset your root pass, just use cydia

i have a personalised echo in mine

certain FS directory i set up on first install as users wanted the ability to have layouts stored on device, if it’s already there there’s a little “welcome back” msg

that's cute

it’s just absurd that closed source and even obfuscation is widely accepted here

by users

postrm should clean that up tho

very much agreed

devs get too attached to their work because they spent so much unpaid spare time on it

it should, however i personally prefer the UX of it not doing that, as it then maintains my layouts

decide to DRM it up because they think it needs to be protected

if i have to remove the tweak because of a restoring loop ive now lost all of the layouts i had set up

i like releasing code for ppl to see more than releasing the projects

like, go read my code lol. fuck the tweaks

users are conditioned to accept it because they don't completely value the philosophy of jailbreaking, they just want cool shit

not an issue for me, but for passionate modders, having it persistant was just the better approach

god that’s so relatable

^^^^^

even open source my paid shit

because i worked so damn hard cleaning up homeplus source

all my paid tweaks were open source, then i got grossed out at profitting off of free jailbreaks and stopped charging for stuff

neh

be greedy

I mean open source but capitalise on laziness of not caring to build from source

i left out a critical file so it wouldn’t build regardless, but the code needed in that file is low-key also in the HomePlusBeta gh repo

^

didn’t hurt my sales a bit

yeah, really

other tweaks would heavily rip my shit after open sourcing

users don't understand, as far as they're concerned it's just some nerdy shit and all they want is home screen customiser thingy

i don’t get why people aren’t comfortable with this

https://github.com/search?q=canopenurl+aphelion&type=code

😂

everyone stole homeplus bets code since it was foss and the first full-fledged layout tweak for ios 13

@half walrus you're 5th on that page 💚

sorry 4th

i know this because i found a 7 line way to do what everyone did in my same original godawful way

not that I care it's just amusing to track the proliferation of code I wrote 8 years ago

they say imitation is the sincerest form of flattery

everytime a new multitasking tweak would pop up, i throw it in hopper and confirm it contains all the context hosting stuff from my old multitasking tweak

wish people would stop imitating my code

not bc i mind

bc it’s usually bad

there's a reason why they're taking your code instead of just learning from it

having to deal with PR review daily makes you good at producing production code all the time

it’s gonna be fun to see how orion affects reverse engineering tweaks

this mindset leads to this: https://iphonedevwiki.net

swift re is generally a bit harder than objc

and what i mean by that is

a dead website

a few openURL: calls is one thing, like, who cares, it's clear what it does, takes all of like 60 seconds to write

huh? theyre able to reuse it bc i open srouced the research

exactly

but massive chunks of a tweak? without understanding all of how it works? ugh

that’s the whole goal of it

if they’re ripping ur code, good

they probably would’ve done it worse and still shipped it otherwise

i have a script that pretties-up tweak hooks in Hopper. theres no way ill get it workign with the swift stuff

I don't mind being ripped off as long as it's either extremely obvious what the code does, or I feel comfortable that the dev gained value from it other than just saving a few days writing it from scratch

Who hosts the iphonedevwiki

this website is a ghost town dated heavily to iOS 6 because people stopped contributing as much research

more like iPhone OS 3

you could resort to dynamic instrumentation

and that’s unhealthy in a community where we’re working with entirely private frameworks

and even then so much of that came from the iphone-dev googlecode sites

unideal needing to have a device for static analysis

nobody can reasonably be expected to be able to research all of that on their own

btw is it just me or did the Xcode 12.1 iOS 14 SDK accidentally include private frameworks

if it did i feel like you shouldn’t be saying it in a public channel

either that or I copied them into the SDK and forgot

I think the people who were good at documentation back then didn't yet realise it would be profitable to hoard that knowledge indefinitely

eh it’s not like they’re much of a secret anyway

(to make a few thousand bucks over a few months to 2-3 years max)

it’s not even profitable

not the headers just the tbd files

like how homeplus pro performed made it very clear all of the arguments against open source and sharing research here are dumb

yeah I'm calling the mindset silly because it seems like a lot of money when you're like 15 and the best you could otherwise get is minimum wage at mcdonalds

but in the end you're just being a jerk for a few thousand bucks you're going to blow on a macbook or a car or some shit anyway

who cares if every other tweak has the exact same stability as h+ when it comes to layout hooks; that’s good, everyone wins there

it beat others because of the UX and UI

stability shouldn’t be a selling point over other products, should be a baseline

perhaps there could be info exported somewhere in the binary thatd be this easy to do with swift tweaks.. https://arxius.io/v/2e24a270

and when, just for example, spark sits on his RE into stuff related to AOD

that doesn’t make hyperion more popular

it just means a lot of peoples phones have worse battery life on alternatives

hm I just realised it should be possible to get the hooked methods pretty easily anyway

the hooked methods have objc selectors

reverse engineering the bodies of hooks won’t be as easy though

there’s lots of inlining and optimisation in release builds

swift is brutal to re statically

reminds me

has anyone really encountered objc_direct in the wild at all?

guess you may not really know unless existing code got refactored

no but i expect to very soon

this is about the only actual use I found on github just now https://github.com/twitter/ios-twitter-logging-service/blob/c306e276299030004f508175ddca7fee719b683d/Classes/TLS_Project.h#L71

most are just random clones of llvm

the pspdfkit sdk is using it heavily

idek what it looks like

or when to attribute a hook refusing to work properly to it

https://github.com/search?l=Objective-C&q=__attribute__+objc_direct+-clang+-llvm+-directCallVoidReturn+-directClassMethod2&type=Code

well there's the definitive list

i’ve had some hooks of methods just refuse to work, but i typically chalk that up to me needing to find a better way to do it

https://twitter.com/silzeejailbreak/status/1345618896204648449?s=21 idk who this is but they’re straight up promoting a virus now lol

hey theres a pspdfkit radar lol

the answer is Twitter, PSPDFKit, and two randoms' projects

may I suggest a tinfoil hat and a 5G covid preventing USB stick

kinda wanna throw another picture on the twitter

kinda wanna also avoid that becoming the content of my twitter

that's what you have the private-ish account for

yes but my ego

well at least you're confident

@calm folio You’ve been banned before in this discord, you’re an alt

just holding onto it while it lasts lol

or maybe it stays

i dont got an ego but my money do

haven’t once felt confident about looks up until this point so

myrepospace used to play that when you visited

kinda riding the wave

did that auction sell lmao

nope

also i gained 60 followers after NY so take that as you will

im awaiting response on my final bid

but he is way off base with his valuation

he's australian maybe you should try

i could see why he would make me pay more

it's just gonna be the usual eBay thing where they keep dropping the starting price for months wondering why selling for like 20x the actual value isn't working

damn

the auction's description of why he's selling it is based solely around the events we did lmao

really banned him before i could reply

smh

smh

https://twitter.com/atebitsy/status/1345690151566110721?s=21 @nimble parcel you have a customer

Because they’re the same user from yesterday that blew up #jailbreak with false information and how your fingerprint data is sent to the government and covid is fake

n1to?

Not Nito lmao, some random Karen

I don't think that even counts as false information

Dont get mad @tardy narwhal but i am curious, do you need a shared instance of a class if i try to access a ivar from that class from another class using mshookivar?

don’t tell me anyone bought this though

wouldn't even dignify a tinfoil hat theory with that high a status

was it just spam while everyone mocked em or

do i need to cry about the world for an hour again

can’t fathom the level of dissonance it takes to get to that point

a few days of amphetamines will get you there

at what point is it a medical condition and not just Idiot Disorder™️

drug induced psychosis

ugh I was meant to be having a chill holiday in London right now

bullshit i do this constantly and don’t pull that shit

hate worldwide pandemics forcing me to save my money smh

lmao all good, afaik depends. if it has a shared instance grab it else go for the class

i’d have to imagine there’d need to be some underlying issue

How do i restrict tcp/udp networks programmatically?

google

please

uroboro gave you a freebie yesterday

completely beyond the scope of most people here

and I’m sure I’ll have a lot more soon haha

wait

wait i have something for you actually

Sorry but when you say “go for the class”, i am actually not able to get what you mean.

beyond a question you can just ask really

too broad

lol

@digital vale http://newosxbook.com/bonus/vol1ch16.html best you’re gonna get

have fun

nobody here that i know of has any more info than what’s in that chapter

if its a tweak you can probably find some low level ssl function to hook thatd break connections

i would prefer someone do it properly

for once

well if you want to hook an ivar from a target and it doesn’t have a shared instance your options would be to hook the class directly or find its controller (if existent) and hook into that

every firewall tweak uses hacks to do it

and it’s just barely enough to where it’s not problematic

can you do it right on iOS without being in the kernel?

iOS has a built in packet filter

knowing DriverKit does not and likely may never exist on iOS

oh, so it does

I’m trynna build a tweak that restricts TCP/UDP,HTTP networks

pf/pfd is the userland device for that

hooking libc networking APIs should work for most stuff I assume

doesn't feel like that qualifies for "right"

the sslkillswitch project may be a good project to look into. it'll give you hints as to which areas you need to hunt for functions

https://github.com/evilpenguin/SSLBypass

pfd communicates with the kernel and handles it that way

perhaps this one might be of interest

What does it do?

some things like Go (and Rust?) use the syscalls directly though

when it comes to firewalling hooking libc is

have you even tried reading the description mate

not the right way to go

yeah ofc for a comprehensive firewall you’d need something closer to the kernel

has anyone else noticed how evilpenguin has been copying other ppls open source projects

‘Bypass SSL pinning on iOS 8 to iOS 14’

Ssl pinning bypass reminds me of my old hacking days

it’s odd but did he copy code as well

pretend you have a limited amount of questions to ask and try to figure most simple and easy things out yourself

it’ll get you far here

yeah from my managers project lol https://github.com/nabla-c0d3/ssl-kill-switch2. and his XPCSniffer is largely from a project from jonathen levin

Okay . I just want to get the text property of a UILabel from a UIView. It has not contain a view controller as far as i know. I want to access its value from another class

Sorry, i am not good at explaination

it has a view controller

something made it

he copied the project but removed the unit tests ??

NOOOOO LMAO

sounds good 2 me

hahahaha

Yes i can’t find lol.

fixed all the bugs then i’m sure

tests haven’t said anything to indicate otherwise, anyways

what happened to that evilpenguin guy to make him do this

his… his wife kinda died

yeah i was gonna say lol

more tweaks need unit tests

Oh actually. I have the view controller. I am so dumb

but how do you go from that to claiming code as yours

its a reach to make them a connection

can you sell me on the time cost/benefit here

of unit testing?

well I’d suggest using flexall or any flex* and browsing, usually you’d find a VC. Then hop over to browse the controller’s header file or use flexall/ flex* to inspect its props

in ios tweaks

that was a bit mean

I find it loll. I was trying to access it from its view controller. I am so dumb

all good, glad to see that from last time you’re progressing well

it has the same value as anywhere else, if not more due to the varying-os nature of tweaks. If you have a comprehensive unit test suite, you can run it on a new version of ios and know exactly what works and doesnt

i can’t imagine reasonable unit tests for something like HomePlus being possible

avoiding regressions

you can kind of do it with cycript

due to the nature of it, i’d have to factor in other variables since it’s just a library in the project that is SpringBoard

I feel like we’ve gone wrong somewhere as a wider tech community that unit tests just don’t exist most of the time

definitely guilty myself

so you’re writing unit tests for a project you don’t have source to

https://github.com/EthanArbuckle/carplay-cast/blob/master/tests/springboard_tests.cy

chariz is getting so complex it kinda needs to start having a lot of unit tests written

and in terms of cost/benefit i could just spend that time fixing dragon or fixing actual tweak bugs

no you unit test your code. so if you hook a function, invoke that function

if you have solid testing you'd likely not spend so much time on bugs bc thered be less

i mean a unit test for me is just toggling all of the shit in the editor

modularise your code such that you can test the output of an individual piece of logic given an input

who was asking for objc_direct though

maybe Mike Ash and that’s it

pls raise your hand

apparently it has insane performance improvements

someone at apple who's tasked with reducing OS size

I have my doubts anyone outside Apple actually wanted it, or even inside Apple to be honest

well turning objc to c and skipping the entire dispatch, I can imagine lmao

https://github.com/opa334/libundirect

we’re talking about objc call levels of performance improvements but still

like

why not

the dispatch is pretty quick nowadays

kinda hard to argue against it as a feature

but yes things like this usually tend to end up being purely about what Apple decided is the solution to a problem they have, not something we should care about

“makes shit faster”
cons:
none

yeah, i wouldn’t consider dispatch slow either tbf

don’t really see how it wouldn’t get approved

even minor improvements are great when they can be scaled across an entire OS

they did enough to prove objc is still highly performant this year

so what if it fucks tweak dev over

with other runtime changes (including breaking ABI in one place)

write better tweaks

@tardy narwhal my previous code work, but i forgot to change the extension. So dumb

Because it was .x

usually don’t need to hook very much at all

ayy nice

i get paid by the %hook

the improvements (which were all in a WWDC session I think hosted by Mike Ash?) definitely were mainly about binary size

there’s a point where not hooking certain stuff has a negative impact on readability of your project but a tweak with 0 hooks is absolutely possible

cause it’s easy to just throw money into making the compiler make smaller code, rather than find out how much of those few GB iOS is at now is dead code that nobody will miss

fun fact, SpringBoard.framework as it exists in the cache has so many load commands it breaks the extractor lol

you know

same shit with google

I love the idea that you can now make a SpringBoard.app app, launched by SpringBoard

astronomical bloat

fix their code/optimise build process?

nah, they just wrote ninja instead

not sure whether to complain

you can steal the springboard scene in an app process and display it / resize it and stuff

spring board kills xcode

I mean at least they gave us the gift of ninja, unlike Facebook who just ship MBs and MBs of cruft apparently nobody has the time to review and delete

“we made revolutionary progress in x area”

hahah

(“in an effort to avoid fixing y massive issue with our company”)

that sounds like so much fun

lol

u can do the same with the carplay scene, and make it show up on the device screen

mind you Facebook is also the same company that popularised this new reactive UI trend

there’s weirder stuff

and vice versa - springboard on carplay

one of my tweaks was crashing preferences

thing was

it didn’t have a pref bundle

it was a springboard tweak

i never looked deeply into it, just found a hack to detect it, but

why set up UI once and change it only when needed when you could just have the API user give you a chunk of UI you then have to traverse through to figure out what changed

apparently the Wallpaper preview view, at least on 12, isn’t dynamically generated

nor is it a streamed preview

I say that using react as the only UI library in chariz because I love punishing myself

it’s some pseudo-gutted remote instance of SpringBoard running in Preferences.app

it used to be just a snapshot that lived inside, I think, Library/Caches/SpringBoard/

and sb would crash from preferences because my tweak got bad_access trying to access instance variables

cpbitmap, like all great SpringBoard features

you can steal the springboard scene in an app process and display it / resize it and stuff
@robust radish

yeah no it was very much alive then

on ios8 there was an sbhomescreenpreviewview class in SB that was a remote view controller service

painful bug

sounds like what it was but idk anything about rvc

but clearly they’ve decided to just not bother with simple solutions any more

SBHomeScreenPreviewView still exists in 13

ok maybe it was always a remote view

id be more pumped about stuff like objc direct if they didn’t compensate for each improvement to the system/hardware with a shitload of overhead

maybe ti showed the screenshot while xpc connection was establishing

only condition where it’d have to be serialised to png is for Apple Configurator’s unnecessarily ginormous iPhone graphic

ios takes a lot of snapshots

imagine an iphone X on iOS 6

lovely

and how stupidly fast the performance would be

just to flex that they can show your wallpaper and home screen over usb

this is like running XP on a Ryzen 5900X tbh

i mean yeah

has anyone ever managed that, like, with everything working

both OSes add just enough bloat as hardware improves

did ios6 have arm64 support?

no

Windows was actually pretty steady in the Vista - 8.1 era

Metro was a whole thing but you could easily configure it to pretend it just didn’t exist

10 really started packing on features like crazy

if apple actually supports armv8.x the processors should be capable of running v7 in the same way windows can x86

the arm spec includes support for that, i vaguely remember something in the bootchain referencing it, but can’t say it for sure

https://twitter.com/1nsane_dev/status/1170728738729996289

oh neat

the only proof that it existed on prototypes as far as I’m aware is this battery screen

i wonder how much to buy the device

it’s also a switchboard build if the #hashtags are to be believed

so not like you’ll be seeing beautiful iOS 6 home screen on that anytime soon

mm AppleInternal

wish i had money

gm

have some stuff on the wish list

gotta get a flagship prototype someday

supposedly has working touch id also

someone should find the springboard src leak and revert git back to an ios6 commit, build for arm64

The SBHomeScreenPreviewView still works

hahah

course like uh

XS prototype that came out when XS was flagship is

the XS was already expensive as shit

can’t imagine how much they sold it for

love to get an internalUI device too, shit comes with a full bootstrap hot and ready

XS prices have gone down a lot

Lool

You can get one for 400 or lower now

llvm 3 though but

Friend got an XS Max for 420 or something

still a bootstrap lol

Few weeks ago

i keep checking my local craigslist for devfused devices but no luck

can we hack the Apple source server and update their llvm-build fork 👉👈

have you ever thought about, given how you can totally run XP on an iPhone X with reasonable speed while an iPhone 3G was about unusable, if Corellium were OSS, we would have been able to boot virtualised iOS 6 on iPhone X by now

like cmon apple we’ve got this shit just sitting in the open for you

@lime pivot yes

Need correlium

doesn’t go further back than 10

their usbfluxd project is very cool

ios still isn’t open

I had access to their thing for 24 hours but apparently the 24 hours go in as soon as you claim them

oh christ i

I thought they would start when u start using the product

I mean I think they’re in the rare position where they should probably never open source, or at least not yet

completely forgot about stuff i was gonna shoot to them on that

i had it for like 6months

given how they narrowly avoided one of the 2 charges Apple filed

had it for a month then, paypal yknow

haven’t been able to get in touch with them since now

Too bad they killed the android project sandcastle

ignoring my emails smh

Since it was just PR so they wouldn’t die

never was alive to begin with

i had a demo with their ceo and we asked what they would do if they got sued by apple, and she sighed and wass like "we have had meetings with them, they know what were doing.. we wont get sued"

maybe 1.5y ago

lmao

lmao that worked out great

publicity stunt, as a project no sane person would continue working on that while trying to run a business

ye

the “source code” was a ginormous patch file saying “idk download this exact commit of AOSP and apply this, have fun”

but goddamn that’s one hell of a publicity stunt if i’ve ever seen one

they spent a good amount of time on that tho

and their team isn't huge

can’t knock it, they deserve the attention

4 devs?

conversations that precede unfortunate events

turns out they were stealing tech in those meetings

lol i should

makes it shady that apple is a DT customer

send that message to the guy who approached me for contract work

yeah I mean man it’s something that they got the kernel to boot and actually not crash or brick your NAND

who i told no for like 3 months bc he’s gonna get sued

wants me to reimplement the imessage protocol

usability of AOSP eg GPU drivers a whole other issue of course

reverse and build proprietary closed source software to connect and use imessage

he’s gonna get sued by apple

that’s exactly what they go after

difficult to defend TOS and likely other violations for explicitly commercial purpose

but I’d totally dig running shitty software rendered AOSP as like a super beefy raspberry pi

and i won’t even be able to blame apple if they do

it’s their servers

you reminded me of this I just saw today https://sendblue.co

you’re charging for people to use servers you don’t host

I wonder who tf this is and how sanctioned it is

they’re definitely not using Business Chat, and they allocate you a number

this can’t be legal

i bet they have applescripts somewhere in the setup

so I guess it’s just a farm of iPhones???

mac imsg is easier to automate

well

I accidentally found their “old” homepage which lists a waiting list queue of like 370 people

ios automation is far easier

on mac its like a few loc of applescript

if you have a weathered jailbreak dev writing it for you

so I’m really imagining it’s just this weirdo fleet of cheap iPhones with unique Apple IDs and SIMs

got approached 3 times since july about that exact thing

how much are they offering

really weird actually

well

not enough

but they knew i was in a financially desperate situation

well the key is that you need to have a currently active iPhone with that number, so they could automate it on a mac, but the iPhone has to be allocated to that customer for life

i wouold do it

so enough to where i was in a position that i couldnt say no

i picked them up

didn’t really have another option

paypal froze my entire bank account

i very much regret it

the first group has been

difficult to work with to the point that the contract isn’t done and nobody has talked in a month or two

people who insist on being involved in the writing and RE

and don’t know what an NSString is

you hired me to do the RE, and i’m even fine doing the code, but at least let me do that

like they were insistently asking me for a header dump, but in a weird format, and with the value of each property

getting paid to reverse is the most anxiety inducing thing ever so I ask for payment after I get the job done

so i gave them flex

they couldn’t figure out how to use flex

ok

so i’ll see how easy itd be to dump it from flex

hint: no

so at that point i just tried to sit the guy down and tell him if he ever wants this project done he needs to just step back and let me do the project

long ass in depth conversation

feel better about the project

next day he asks me when i’ll be able to get him that dump

told me he was bringing on an iOS dev

rest of the project is finished so i said i’d wait till they bring them on and we can work the rest of the project out and get it shipped

been several months i think since that

Make sneaker bot ez money

i agreed to help reverse imessage, and the project scope at the end of it involved two custom jailbreaks, an app, a custom process code injection tool, a daemon to communicate with their server, and a mock-server process since they wouldn’t even send me the API details for the client

gone far beyond above and beyond

next guy has been better but it’s a massively complex thing because of his requirements

to the point running a headless macos VM in the background of an app was/is being considered as one of the few ways to pull it off

thankfully actually understood me explaining the complexity and brought on (i think) a talented dev with experience in an important area

https://reddit.com/r/jailbreak/comments/kp4ytl/news_windows_10_arm_on_ipad_pro/

someone opened an app guys

everybody scream

true

it would be cool if he showcased using the x64 emulation

also if this was accelerated it would be close to Surface Pro speeds?

oh right this isn't A12Z

but if you used an A12Z iPad it would be pretty close ig

doubt it

it’s emulated arm64

not native

it's a literal DTK, and if it was accelerated like M1 is maybe?

could the acceleration from Hypervisor.framework be reproduced

if an ipad were capable of what an M1 with rosetta is we wouldn’t have all gone nuts seeing the performance

and even then

well it's still getting faster benchmarks than my Intel mbp (A12Z) iirc

an M1 emulating an entire OS

isn't A12Z scoring like 4500 in geekbench

specifically an OS that relies on two more emulation layers to even boot

A12Z with good acceleration could be usable imo

there is no machine without KVM that could even dream of even sneezing at native performance

still gets close to the snapdragon chip performance

M1 beats Surface in a VM lol

this isn’t a VM though

it’s like 3

without any hardware virtualisation

doesn't that make it even more shameful of microsoft

you’re nuts if you think it’s possible for multiple layers of non accelerated VMs could run a modern OS at native speeds

M1 beats it in 3 VMs then

lol

what?

it's not native but it's still apparently the fastest

what are you talking about

M1 running WOA in a vm beats surface pro running native

i’m telling you it’s not possible for a machine emulating arm windows like UTM is to come even close to native performance

true

proof?

lemme find it again

time for my yearly development visit

idk what surface specs are

pay the bean tax

snapdragon 865 iirc

or whatever

stfu i’ve paid my taxes

https://www.windowslatest.com/2020/11/29/apple-m1-runs-windows-on-arm-faster-than-the-surface-pro-x/

quick source

i'll find the other one

@half walrus yeah it beats it by a fair margin

ah

and it's cheaper by a good margin too

1149 for a 128gb surface but 128 is unusable

because it’s using a hypervisor yes

.

if they got hardware virt on iOS it would be really good tho

UTM emulates the OS, it doesn’t boot it

that's what i mean

well yeah

if i got paid a lot of money i’d be rich

ok

there's no way hardware virt is impossible

in an app, i can’t say if that’s true

not really simple (even possible?) to run a hypervisor holding an OS without root system access

and UTM is the only functional QEMU iOS port i know of

i mean we're maybe getting X11 on iOS soon, would be great to have accelerated VMs too

mind you also

X11 with Procursus QEMU could get there?

iOS has 1500mb of ram

A14 has hypervisor too afaik, would be cool even if it requires JB to work

so

not the latest iPads

how much do they have

and if the new iPads with A14X drop, i'd assume they'd have more than 6

6gb iirc lemme check

yeah A12Z has 6

ok great so

assuming you get jetsam to completely ignore you

you have 4gb of ram max

lol if ms is selling a 4gb computer i'm sure you can get it running

running != usable in any way other than a novelty

as i said, when/if we get X11, you'd be able to plug that in a monitor and run it then

i just don’t think native performance is gonna happen on an apple tablet or phone because they weren’t built in a way that makes that reasonable

X11 would run in a VNC

iirc A14 has great VM features

not sure tho

still leaves the memory issue

i assume A14X will be 8gb

still leaves jetsam

what does that do

don’t think ios just lets an app grab 6gb of memory

could be wrong

they can't

2/3 max

it may actually properly work in the app with apples memory management

which is heavenly

2/3 of 8gb is fine

X11 with toms wm does not take 4 gbs to run

2/3gb of ram can’t boot windows

i meant 2 thirds of 8gb

my woa laptop uses 4 idling

that's like 5 1/3gb

ah so 5

yeah

maybe i’ll bite my tongue

you'd have an accelerated arm chip with decent scores and 5gb of ram

but i doubt it ever happens on ios

X11 uses like 500mb iirc

who’s gonna write the hypervisor though

An accelerated vm though, good luck

everyone has amazing ideals for the great new jailbreak they’re gonna write

or the new, better, alternative to an existing tool they’re gonna make

Literally all I want is the checkra1n ramdisk

didn’t they just foss pongo

and the kpf

Yep

so what’s missing i’m confused

Had to use an Ubuntu docker to build it

Wdym?

.

Yeah

The ramdisk is closed source

doesn’t it get mounted

Or I guess embedded in the bin

Yeah at /, then the rootfs gets mounted over it

i mean isn’t it just a binpack and bootstrap installer

There's more

I think

The stuff to mount the rootfs

can’t be much

Loader is a separate dmg that gets mounted later

Really I want to see what it's called so I can make my own ramdisk

Or at least how it's getting activated

doesn’t it get booted by pongo

isn’t that the entire point of pongo

Well shit. Now we have cameren and cameron

to boot custom ramdisks

although it seems to be getting expanded into an entire preboot environment which i’m so here for

Shoot, yeah, I thought about that, find it in the pongo src on the toilet last night and completely forgot later

that’s been public before the source