semaphore

The Linux X11/Wayland graphics conspiracy, for non computer geeks. TL;DR: There’s a weird conspiracy going on in Linux with how pixels are drawn, and we don’t know why yet, but corporations are acting BIZARRE. As they say, where there’s smoke, there’s fire. The way graphics is commonly done on Linux is undergoing radical change. For over a decade X11 (we like weird names) was the standard way to draw the user interface elements on Linux. About a decade ago this all changed with a new way-of-doing-things called “wayland”. An app written in wayland is not compatible with X11. Still with me? This caused havoc in the app world. I know, because my fellow engineers at Google bitched about how wayland graphics was totally incompatible with X11 but being forced anyway. Fast forward a decade. X11 has essentially be choked to death. Red Hat (a linux maker who now is the caretaker of X11) is refusing to accept fixes for known bugs. Essentially software donations. And not just refusing one or two fixes, but over a 1000. Obviously this causes our spider senses to tingle. But let’s not jump into a conspiracy right? Well late last week that all changed. One of the prominent engineers decided to fix all the problems of X11 by: (1) forking the project and (2) accepting 1000+ bug fixes. This is all pretty standard stuff on the open source world. However there was a twist: the X11 fork would be DEI free and gone too was the toxic woke “code of conduct”. What came next is shocking: RedHat and Ubuntu went APESHIT Red hat banned the software developer from the original X11 repo. But went further with Purging 1000+ community fixes that hadn’t been merged yet. Too late though, it’s already been forked!! Ubuntu (the most popular flavor of linux) in the span of 72 hours announced that they were purging the X11 graphics driver from every future release. The amount of coordination and pressure being applied to kill this boring legacy graphics driver is absolutely bizarre, and no one knows why. But oh boy, can we speculate… Profit? Control? Surveillance? This would have been a fringe conspiracy a decade ago. Now it’s becoming clear there is some agenda in play: X11 must die and must be replaced by the wayland graphics driver. I’m sure it will become clear. We are in the age of whistleblowers and leaks. If you are a country outside the United States my advice is this: audit wayland and be hyper vigilant. It’s starting to look like wayland is some sort of intelligence backdoor/trojan horse to compromise your system.

Today is a good day :)

@A2nkF_ lol nvm i just read your article... so brilliant. Now if only someone had written an Unrootless kext... @LinusHenze <3

I wrote a macOS LPE chain using only logic bugs a couple of months ago and now I can finally share it ^^ Here's my blogpost about the vulns and techniques I used: objective-see.com/blog/blog_0x4D… And here's the code: github.com/A2nkF/unauthd

@A2nkF_ Are you able to perform _arbitrary_ SIP bypass? or targeted SIP bypass (depending on the signed pkg)?

@iBSparkes Did you ask him if he was in the market? :)

I just bought a homeless guy a drink from a shop and he thanked me by asking how much my car cost wut?

@TheStuffOfMemes Wouldn't 'anti-antifa' be quicker? Granted it wouldn't be faster by much. :)

@sahilkapur @s1guza Furthermore, I don’t think trump knew it either.

1. AOC calls for abolishing the electoral college. 2. Trump campaign torches the idea as “crazy” in an e-mail to supporters. 3. AOC digs up an old Trump tweet bashing the electoral college.

@sahilkapur @s1guza Incidentally, what @realDonaldTrump said is correct. Disaster for a “democracy”. US isn’t a Democracy. It’s a Constitutional Republic. Would be a stretch to expect AOC to know that though.

@nitoTV TvOS 12.4 or iOS 12.4?

@_niklasb @NedWilliamson Wow. Didn't expect this when I woke up this morning...

🤦‍♀️ apparently Apple undid a patch for @NedWilliamson's bug in 12.4?

@DHowett I use RunKeeper. Turned off all notifications and didn’t set up any social crap. I love it for the flexibility. Sometimes I’m down for a run… sometimes a jog… sometimes putting one foot in front of the other more than twice is an accomplishment. Works for me tho.

@JohnNemECis @nitoTV @JahLinest If you were my kid, I’d let you jailbreak. But you’d give me your phone at. 10:30pm every night. (Like my grown girls have to (: ). They’re 17 and 16

@nitoTV @JohnNemECis @JahLinest Best quote: people pay hundreds for a phone but refuse to pay 1-2-5$ for a tweak representing often hundreds of hours of work?

@JohnNemECis @JahLinest @nitoTV Right. I talked to him recently about that. He can’t write uncrackable tweaks. No one can. You can, however, completely block access to assets. “Spoofing” UDID or w/e may have worked in 2009, but it takes a great deal more than that to get access to a secure repo.

@Arc32425 @icj_ @Pwn20wnd @nitoTV I suggest raising the bar on things like that. Tweaks shouldn’t be released on a whim. Same time, I don’t even provide access to my repo but to paying members. Can someone spoof? Yep. Do they? Nope.

@notcom @icj_ @Pwn20wnd @nitoTV As someone who used to pirate, I pirated as a test unless the dev gave a trial. If I like the tweak, I paid for it, if not, I removed it. It’s only fair. However, very few devs included trials and there are even less nowadays. Quality control with new devs has gone down too.

@JohnNemECis @JahLinest @nitoTV Ah sorry. I wasn’t talking about whether or not he actually did it (he didn’t; I talked to him personally and he feels as I do: he would never. He was just angry and said something in the heat of the moment. Smart? No. Does he deserve the daily crucifixion he’s been getting? No.)

@JohnNemECis @JahLinest @nitoTV Not the same thing with my repo. The point isn’t whether something is crackable/etc. The idea is: give legitimate users wide latitude (sharing privately is fine) and don’t punish legitimate users just to spite pirates. Yes. There are ways to make it difficult to obtain updates.

@nullriver @DingoTech @nitoTV Generally speaking yes. Of course it would be naive to think otherwise. The name of the game is this: give paying customers wide latitude (private sharing = cool) but make it extremely difficult to even obtain the resource. IDA comes to mind. Ppl just don’t leak it.

@icj_ @Pwn20wnd @nitoTV Restrict distribution + fingerprint (multiple layer) + allow private sharing (but no public sharing) Anyone that breaks the rules, will never get an update again; since you control distribution. No one will share with the cheat because their copy is fingerprinted to them.

@Pwn20wnd @nitoTV I will forever be amazed at people who buy devices worth 100s of dollars who refuse to pay small amounts for apps on those devices.

@nitoTV That was kinda outta nowhere?