HalesFall 🪽

680 posts

HalesFall 🪽 banner
HalesFall 🪽

HalesFall 🪽

@HalesFall

Founder & Viceroy of The Holy Trinity BTC • ETH • USD | "Do Not Cast Your Pearls Before Swine"

Division 0: Void Katılım Kasım 2014
1 Takip Edilen353 Takipçiler
HalesFall 🪽
HalesFall 🪽@HalesFall·
There's another component to FOMO: A lack of confidence you can avail the next opportunity. That's why you panic and top blast Donkey Shitters. ... .. . The Gods have not moved.
English
0
1
4
82
HalesFall 🪽
HalesFall 🪽@HalesFall·
HalesFall 🪽@HalesFall

No. You have no counter. RASP runs on the same device it's trying to protect against. A privilege escalation defeats it entirely. OWASP classifies RASP as a resilience control (defense-in-depth), NOT a substitute for a trusted execution boundary. A trusted display like Ledger / Trezor grants users a HARDWARE boundary. RASP is SOFTWARE. Your clipboard argument is weak, see the difference here: 1. A user compares their Ledger / Trezor [device screen] against a known-good source ---> they can detect the mismatched address and halt the TX. Funds are safe. 2. With Tangem, a compromised app shows the correct address while the card signs a swapped one the user never sees ---> attack succeeds silently. There's no hardware boundary to catch it. Funds are hacked. What Tangem gains in convenience, they trade away in security. Your userbase is casual crypto users, which is fine. But it's misleading to overstate what Tangem actually is. I can see a real use case that appeals to turbo normies. Serious money does not pull up to the multisig ceremony with a Tangem. They'd be crucified. P.S. I deliberately left out Ledger's disclosure of your recent vulnerability because I don't need it. You oversold "immutable firmware" as a feature and now look: there's an unpatchable exploit that is forever live. i) $250K is a small sum to pay against high-value targets. And it's a fixed cost, not a per-attack cost. The lab is built once, the methodology becomes known, and equipment costs only decrease. Meanwhile the vulnerability can never be patched, so its exploit lifetime is INFINITE. Ledger / Trezor can ship firmware patches, but you can't. Inb4 muh sweep with Backup Tangem and F1 race the hacker. That concedes Tangem is not appropriate for passive wealth protection and requires active monitoring. And extreme paranoia. ii) Tangem users are easier targets for a wrench attack. Since there is no seed, there is no plausible deniability with decoy wallets. I'm reading that you do support importing seed phrases with a passphrase, but that defeats the purpose of Tangem's reason to exist because you're just... bringing back seed phrases. Use a regular hardware wallet at that point. Lastly, Tangem runs a paid ambassador program. Anyone compensated to promote a security product owes users disclosure and technical honesty. I have seen zero of that because their salaries depend on them NOT understanding it. I criticize Ledger and Trezor too. Hardware Wallets are NOT cold storage because a gun to your face will flip Cold to Hot, immediately. True Cold Storage means you'll die from a wrench attack.

English
0
0
0
105
HalesFall 🪽
HalesFall 🪽@HalesFall·
@Ledger @Trezor Ledger has achieved mastery over @Tangem as well Even without this disclosure, Tangem has a far weaker security approach because an OS exploit will destroy you. It's not in the same category as Ledger or Trezor at all. x.com/P3b7_/status/2…
Charles Guillemet@P3b7_

💥One Check, One Laser, Every Card: The Tangem Immutability Trap. The @DonjonLedger just published research worth stating plainly. With a single laser pulse the Ledger Donjon team faults one conditional check in the firmware of a Tangem card and resets the password to a value of its choosing. No existing password, backup card, or recovery feature needed. Once reset, the attacker is able to sign anything and can potentially drain the user’s wallet. To be precise about the threat model: this attack requires physical possession of the card, invasive chip opening, lab-grade fault-injection equipment, our own setup costs roughly $250,000, and genuine technical expertise. That puts it well beyond the reach of an opportunistic thief, but comfortably within the capabilities of a serious lab. Both things can be true at the same time. Why one pulse is enough: the recovery path depends on a single yes/no check, “is this card in recovery state?”, and a pulse is simply a precisely timed electrical disturbance designed to make the chip misread that decision at the critical moment. Because there is no redundant check and no penalty for repeated SetPin attempts, one successful disturbance is enough. The chip’s countermeasures are formidable, but they cannot protect the one bit the firmware chose to trust. The uncomfortable part: it cannot be patched. Tangem cards have no firmware update mechanism. The vulnerability was disclosed on February 10th, 2026. There is no fix coming, because there is no channel to deliver one. Tangem presents immutable firmware as a security feature. Call it what it is: a trade-off. "We cannot change the firmware" is a strong story right up until the firmware is wrong. Then the same property that protected you guarantees you can never be protected again. This research did not create that reality. It made it visible. What a user can do, since there is no patch: this attack requires physical possession of the card and invasive lab work, so it cannot be done covertly. The practical risk is a lost or stolen card in the hands of a capable attacker. If the card stays in your possession, there is no reason to assume compromise. If you have doubt, or if your threat model requires a higher level of assurance, treat the funds as compromised and move them to a new secure set up. This was published in line with Ledger Donjon’s responsible disclosure process. When a vulnerability cannot be patched, the next responsibility is to inform users clearly and widely, so they can make their own informed decisions, especially here where the vulnerability can not be exploited remotely. The bigger lesson is not about one product. Security is never static, and systems should be designed with human error and future failure in mind. You should not have to blindly trust that yesterday’s assumptions still hold. You should be able to verify, adapt, and recover when they do not. Design for the day you are wrong, because eventually, you will be. Full write-up from Baptistin Boilot, Ledger Donjon. Stay safe. Stay honest about your trust assumptions. donjon.ledger.com/blog/bypassing…

English
1
1
4
2K
HalesFall 🪽
HalesFall 🪽@HalesFall·
🚨@Ledger has achieved perfect mastery over their competitor @Trezor They have now disclosed vulnerabilities in the entire product lineup: Trezor One, Trezor T, Trezor Safe 3, Trezor Safe 5, Trezor Safe 7 >be Trezor >dunks on Ledger >??? >¿¿¿ Ledger is carrying Trezor. Complete dominance. Zero bias, I use Trezors myself for testing. But Ledger has the better approach. I don't care about referral links, I'm retired. Ledger sucks in their own ways too. Too many assume muh open source = muh secure, whilst ignoring the critical vulnerabilities that sit undiscovered for years in open-source projects. You're reading this tweet from a closed source SoC, on a closed source OS, on a closed source app, btw. I recall when people were crying about Ledger Recover, lol. All hardware wallet manufacturers possess the same capabilities. You simply trust them not to deliver malicious firmware updates. Hardware wallets are also not "cold storage", but they are useful tools with a strong product market fit. [Not meant to discourage anybody, ANY hardware wallet is far more secure than only a software wallet. I also believe that "security" is not a solo venture, but a collective of many brilliant minds coming together to improve safety for all users.]
HalesFall 🪽 tweet mediaHalesFall 🪽 tweet media
Trezor@Trezor

Tropic Square disclosed a vulnerability in the TROPIC01 Secure Element chip used in Trezor Safe 7. It has been identified based on findings from the Ledger Donjon team's independent audit. Important: Your funds remain safe and secure. Trezor Safe 7 has not been hacked, and you don’t need to take any action. What you need to know: - This discovery cannot give an attacker access to your PIN, funds, or wallet backup in Trezor Safe 7. The vulnerability concerns only the TROPIC01 Secure Element chip, one of three physical, independent security layers, not the whole device. We’re releasing this news proactively because this is how open-source security should work. Transparency is non-negotiable. Collaborations like this raise the bar for the entire industry and make self-custody security stronger for everyone. Here is our response to the findings: trezor.io/blog/news/Trez…

English
1
1
3
708
HalesFall 🪽
HalesFall 🪽@HalesFall·
Seeing a lot of people get this wrong. It affects EVERYBODY regardless of country because these things have domino effects. Switzerland is not immune: they broke neutrality in 2022 to sanction Russia unironically BECAUSE of EU pressure. They have also bent the knee to the USA on numerous occasions. I love Switzerland, it's a wonderful country and the envy amongst the First World (acquiring citizenship is no easy feat), but they cannot afford to alienate themselves from the EU/USA. Look up "Crypto AG" to see who's really in charge. Sovereignty is meaningless when the CIA operates on Swiss soil unchallenged. When the Swiss govt finally found out, they did nothing. They just let it continue. This is also why I take issue with people shilling muh Proton Mail, muh Swiss Laws. Proton was successfully extorted for $6K due to a DDOS attack. Had nothing to do with jurisdiction. Then in 2021, a Swiss court order (via EUROPOL) compelled Proton to log the IP address of a baguette bro (frenchie). That's the EU applying pressure indirectly. Nevermind the govt applying actual pressure to inject malicious code, or spy on users. Nobody should be treating "email" as private, anyways. Of course EU legislation affects everybody as it sets a precedent and framework for everybody to follow. Some countries are simply waiting for an excuse, and the EU legislation would be their justification to model it. All of crypto should be rallying to oppose these draconian laws (buying underwater bags like Zcash or Monero does not help). The global elites seek CONTROL and they all meet behind closed doors none of us are privy to. There is a stark difference between being well off, being rich, actually being rich, and being politically powerful. End-to-end encryption does not protect you. Don't get complacent. The boomers aren't retarded, they understand well: Signal only protects messages in TRANSIT + SERVERS. The endpoints are decrypted into PLAINTEXT (how else could you read them?). Your chats are already leaked in notifications, screenshots, keyboards (some phone home), accessibility services, and device backups. Or, your friend with poor OPSEC doxxes you directly or indirectly. The regulators have a clear end goal (it never happens at once): 1. To compel privacy apps to inject malicious surveillance code 2. To compel the OS to inject malicious surveillance code (you're screwed here) On point 1: "Open Source" gets Rekt™ all the time. It never means private or secure. Having reproducible builds would be another tier entirely. But in reality, who is actually doing that? People rely on one or two dudes to thumbs up that the published code matches the reproducible build. It's why open source exploits can go unnoticed for YEARS despite hundreds of thousands of users utilizing it daily. Forks help somewhat: they have an independent pipeline from upstream, and it serves as a Canary Effect if, say, Signal diverged from their source code in a "scanning-relevant" manner. Some forks have features like passphrase-encrypted local storage + RAM wiping that do address the plaintext issue at rest. On point 2: you're screwed. On stock iOS/Android, OS level control is God Mode. No app has authority over the OS. If you think you're clever and want to "root", you open massive security holes to threat actors instead. And while your favorite "private OS" is better, they are still dependent on closed firmware/baseband/silicon/hardware which is where the attack vector would be. For regular users, SimpleX or Signal are the proper tooling. It's absolutely asinine to me (and I had this thought since entering crypto), that muh cypherpunks, were all using Telegram. I have never endorsed Telegram because it sucks. I don't even have an official handle. Our project will NOT be using Telegram at all. They roll their own crypto (MTPROTO). It's trash, and not private at all contrary to their misleading claims. 99% of chats are stored on their servers which they hold the keys to, and can read. And, the only way to gain meaningful protection for your Telegram account is to purchase one of their donkey NFTs which doubles as a verification phone number (floor is ~$3K USD). I lose respect for men who do NOT use Signal at the minimum.
HalesFall 🪽 tweet media
Squiggly Hair Shanks@redhairshanks86

this is an inconvenience to my life luckily, i live in switzerland, so i am unaffected by this homosexual rigamarole but here is the issue: even if my security and privacy is good, 50% of my friends are european so THEY are being supervised and if they don't take their privacy seriously, my chats with them are still compromised and i suffer from a policy that shouldn't affect me also, need some help on new setup: i assume insta, telegram, whatsapp and text messages are all affected. is signal still save? how should i communicate with europoors now

English
2
3
16
7.6K
HalesFall 🪽
HalesFall 🪽@HalesFall·
Because it IS a luxury. It means you have free time, money, and few responsibilities. A "digital nomad" is not the same thing. You're a Wagecuck on Wheels™ Mr. Shekelstein can summon you back to Zoom or cut off your livelihood at will. Then you'd have zero income to sustain "traveling". Vacation on the other hand, is LEISURE. And that's what people yearn for. People want to ENJOY the amusement park, they don't want to WORK at the amusement park. Working on a tourist visa is technically illegal and runs afoul of tax laws. It's just rarely enforced. Companies fire people once they find out because it's a massive liability. Most people cannot just go places and do things. Life stops them.
LUKEY 🦄@VERYKOOLLUKEY

I don’t know why normies think traveling is some kind of ultra exclusive activity reserved for nepo babies I pay for everything for me and my girlfriend to travel for less than 100$ a day on average (under 70 dollars here in Albania for example) that’s like 35$ per person if you were to split costs We stay in perfectly good private rooms, eat out a fair bit, do lots of fun activities You can easily travel for way cheaper than that too Travelling full time is cheaper than living in a tier 1/2 city in America If you have a remote job you can very easily travel full time for cheaper than living in America The biggest cost of traveling is just the opportunity cost of your time Most people just have a slave mentality, you can literally just go places and do things. Nobody can stop you.

English
1
1
4
3.4K
HalesFall 🪽
HalesFall 🪽@HalesFall·
HalesFall 🪽@HalesFall

No. You have no counter. RASP runs on the same device it's trying to protect against. A privilege escalation defeats it entirely. OWASP classifies RASP as a resilience control (defense-in-depth), NOT a substitute for a trusted execution boundary. A trusted display like Ledger / Trezor grants users a HARDWARE boundary. RASP is SOFTWARE. Your clipboard argument is weak, see the difference here: 1. A user compares their Ledger / Trezor [device screen] against a known-good source ---> they can detect the mismatched address and halt the TX. Funds are safe. 2. With Tangem, a compromised app shows the correct address while the card signs a swapped one the user never sees ---> attack succeeds silently. There's no hardware boundary to catch it. Funds are hacked. What Tangem gains in convenience, they trade away in security. Your userbase is casual crypto users, which is fine. But it's misleading to overstate what Tangem actually is. I can see a real use case that appeals to turbo normies. Serious money does not pull up to the multisig ceremony with a Tangem. They'd be crucified. P.S. I deliberately left out Ledger's disclosure of your recent vulnerability because I don't need it. You oversold "immutable firmware" as a feature and now look: there's an unpatchable exploit that is forever live. i) $250K is a small sum to pay against high-value targets. And it's a fixed cost, not a per-attack cost. The lab is built once, the methodology becomes known, and equipment costs only decrease. Meanwhile the vulnerability can never be patched, so its exploit lifetime is INFINITE. Ledger / Trezor can ship firmware patches, but you can't. Inb4 muh sweep with Backup Tangem and F1 race the hacker. That concedes Tangem is not appropriate for passive wealth protection and requires active monitoring. And extreme paranoia. ii) Tangem users are easier targets for a wrench attack. Since there is no seed, there is no plausible deniability with decoy wallets. I'm reading that you do support importing seed phrases with a passphrase, but that defeats the purpose of Tangem's reason to exist because you're just... bringing back seed phrases. Use a regular hardware wallet at that point. Lastly, Tangem runs a paid ambassador program. Anyone compensated to promote a security product owes users disclosure and technical honesty. I have seen zero of that because their salaries depend on them NOT understanding it. I criticize Ledger and Trezor too. Hardware Wallets are NOT cold storage because a gun to your face will flip Cold to Hot, immediately. True Cold Storage means you'll die from a wrench attack.

QME
0
0
0
101
Tangem
Tangem@Tangem·
This would mean that the attacker somehow modifies your app's code. To counter this, the Tangem application includes built-in mechanisms that verify its code and content to detect any unauthorized changes. These checks ensure that the application is genuine and prevent the execution of potentially harmful or unauthorized versions. Integrity checks are a crucial part of Runtime Application Self-Protection (RASP) and are recommended by the OWASP MSTG as a key to maintaining application trust and security. In case of a clipboard highjack, even a "trusted display" won't save you if you don't double check the address yourself. In such cases, the Tangem app would display the modified address, but so will other hardware wallets.
English
1
0
3
773
Tangem
Tangem@Tangem·
Hot take you'll agree with by the end: the SEED phrase is the worst thing that ever happened to self-custody. Tangem killed it. Your private key is generated on the card, backed up across three cards, and never revealed to you. Hide it from yourself, or hand it to a hacker. Your move. ⚡
English
29
27
309
30.1K
HalesFall 🪽
HalesFall 🪽@HalesFall·
No. You have no counter. RASP runs on the same device it's trying to protect against. A privilege escalation defeats it entirely. OWASP classifies RASP as a resilience control (defense-in-depth), NOT a substitute for a trusted execution boundary. A trusted display like Ledger / Trezor grants users a HARDWARE boundary. RASP is SOFTWARE. Your clipboard argument is weak, see the difference here: 1. A user compares their Ledger / Trezor [device screen] against a known-good source ---> they can detect the mismatched address and halt the TX. Funds are safe. 2. With Tangem, a compromised app shows the correct address while the card signs a swapped one the user never sees ---> attack succeeds silently. There's no hardware boundary to catch it. Funds are hacked. What Tangem gains in convenience, they trade away in security. Your userbase is casual crypto users, which is fine. But it's misleading to overstate what Tangem actually is. I can see a real use case that appeals to turbo normies. Serious money does not pull up to the multisig ceremony with a Tangem. They'd be crucified. P.S. I deliberately left out Ledger's disclosure of your recent vulnerability because I don't need it. You oversold "immutable firmware" as a feature and now look: there's an unpatchable exploit that is forever live. i) $250K is a small sum to pay against high-value targets. And it's a fixed cost, not a per-attack cost. The lab is built once, the methodology becomes known, and equipment costs only decrease. Meanwhile the vulnerability can never be patched, so its exploit lifetime is INFINITE. Ledger / Trezor can ship firmware patches, but you can't. Inb4 muh sweep with Backup Tangem and F1 race the hacker. That concedes Tangem is not appropriate for passive wealth protection and requires active monitoring. And extreme paranoia. ii) Tangem users are easier targets for a wrench attack. Since there is no seed, there is no plausible deniability with decoy wallets. I'm reading that you do support importing seed phrases with a passphrase, but that defeats the purpose of Tangem's reason to exist because you're just... bringing back seed phrases. Use a regular hardware wallet at that point. Lastly, Tangem runs a paid ambassador program. Anyone compensated to promote a security product owes users disclosure and technical honesty. I have seen zero of that because their salaries depend on them NOT understanding it. I criticize Ledger and Trezor too. Hardware Wallets are NOT cold storage because a gun to your face will flip Cold to Hot, immediately. True Cold Storage means you'll die from a wrench attack.
Tangem@Tangem

This would mean that the attacker somehow modifies your app's code. To counter this, the Tangem application includes built-in mechanisms that verify its code and content to detect any unauthorized changes. These checks ensure that the application is genuine and prevent the execution of potentially harmful or unauthorized versions. Integrity checks are a crucial part of Runtime Application Self-Protection (RASP) and are recommended by the OWASP MSTG as a key to maintaining application trust and security. In case of a clipboard highjack, even a "trusted display" won't save you if you don't double check the address yourself. In such cases, the Tangem app would display the modified address, but so will other hardware wallets.

English
1
1
3
664
HalesFall 🪽
HalesFall 🪽@HalesFall·
Our Project has a Hierarchy of Truth: 1. Signed Messages on Ethereum Mainnet 2. SimpleX Broadcast Channel (or Signal*) 3. Website 4. Discord / Twitter Crypto projects get cucked all the time. Their socials get hacked to post scam links. And even when they use hardware security keys, they still must rely on Discord & Twitter to enforce that security--but some exploits bypass authentication itself. We find that quite donkey, as such events can not only Rekt™ our users, but interferes with our Ranked Ecosystem which we measure as close to Merit as possible. For critical announcements, you can easily cross-reference against our Hierarchy of Truth for confirmation. The first is self-explanatory. Next is @SimpleXChat, which provides strong security guarantees compared to all other social media as there's no account to hijack. Accounts don't even exist. Our SimpleX Broadcast Channel lives on a dedicated security hardened device that even Cellebrite & Graykey have trouble breaking (as per public leaks). * @signalapp , which requires a phone number, is also strong but less so. Should a sim-swap attack occur, so long as the device continues pinging online with Registration Lock enabled, you will retain control of the account. The main benefit of Signal is its far more reliable to both iOS + Android users.
English
4
3
10
1.4K
LUKEY 🦄
LUKEY 🦄@VERYKOOLLUKEY·
I don’t know why normies think traveling is some kind of ultra exclusive activity reserved for nepo babies I pay for everything for me and my girlfriend to travel for less than 100$ a day on average (under 70 dollars here in Albania for example) that’s like 35$ per person if you were to split costs We stay in perfectly good private rooms, eat out a fair bit, do lots of fun activities You can easily travel for way cheaper than that too Travelling full time is cheaper than living in a tier 1/2 city in America If you have a remote job you can very easily travel full time for cheaper than living in America The biggest cost of traveling is just the opportunity cost of your time Most people just have a slave mentality, you can literally just go places and do things. Nobody can stop you.
geeked memes@GeekedMemes

English
45
8
573
71.3K
HalesFall 🪽
HalesFall 🪽@HalesFall·
HalesFall 🪽@HalesFall

🚨@Ledger has achieved perfect mastery over their competitor @Trezor They have now disclosed vulnerabilities in the entire product lineup: Trezor One, Trezor T, Trezor Safe 3, Trezor Safe 5, Trezor Safe 7 >be Trezor >dunks on Ledger >??? >¿¿¿ Ledger is carrying Trezor. Complete dominance. Zero bias, I use Trezors myself for testing. But Ledger has the better approach. I don't care about referral links, I'm retired. Ledger sucks in their own ways too. Too many assume muh open source = muh secure, whilst ignoring the critical vulnerabilities that sit undiscovered for years in open-source projects. You're reading this tweet from a closed source SoC, on a closed source OS, on a closed source app, btw. I recall when people were crying about Ledger Recover, lol. All hardware wallet manufacturers possess the same capabilities. You simply trust them not to deliver malicious firmware updates. Hardware wallets are also not "cold storage", but they are useful tools with a strong product market fit. [Not meant to discourage anybody, ANY hardware wallet is far more secure than only a software wallet. I also believe that "security" is not a solo venture, but a collective of many brilliant minds coming together to improve safety for all users.]

QME
0
0
0
27
soc
soc@socrypt·
Went on a lunch date with a girl in nyc and I paid $40 for this meal. She insisted this is normal and thay my frustration at the price indicated I was either poor or european. She's from Oklahoma and makes 60k a year.
soc tweet media
English
275
43
5.1K
425.4K
HalesFall 🪽
HalesFall 🪽@HalesFall·
@cliffster The surefire way to kill your dreams is a regular paycheck. It's a means to an end (for the brave).
English
0
0
1
61
cliff
cliff@cliffster·
when i wake up tomorrow it will be my 10th year of corporate wagecucking. i've hit every milestone i set out for when i first began. income, position, direct reports, budget control..all far surpassed what i thought was possible for me. it feels hollow. i have nothing to show for it all aside from a decade-long hole burned into my memory. when i was an intern i remember meeting all the senior guys in leadership positions and feeling a revulsion towards them. their curated work personas, the way they took trivialities so seriously, the complete absorption of their psyches into their 'roles'. i thought i could be different. i thought to myself, surely i can get to those levels without becoming like them. and over the course of my career i slowly forgot and betrayed that hope. i've fucked over dozens of people, pretended i cared about trivial work, feigned interest in people i despised..slowly stitching on the corporate mask. i sit here tonight reflecting on the last 10 years, realizing i have no personal memories, that i am a carbon copy clone of the archetype i hated as an intern. my psyche noticed it before my mind internalized it. my mask has been slipping for the past few years, irreversibly so in the past few months to the point my time in corporate is near finished. what i don't understand is how in 10 years, i never once saw another person crashout.
cliff tweet media
English
23
5
105
2.9K
HalesFall 🪽
HalesFall 🪽@HalesFall·
@DesireeAmerica4 There's a reason why pitbulls are given away for free. They are a vile breed for trashy owners who want to feel large and in charge. Always unleashed, and a nanny dog who would "never hurt a fly" despite being responsible for nearly all fatal dog attacks.
English
1
0
14
1.9K
HalesFall 🪽
HalesFall 🪽@HalesFall·
@sigildealer New Age slop to make you feel special, instead of actually doing something. It's the third world that possess no guilt or shame. Two men dueling requires honor. You can't conduct business if the other party has no moral worth. [I'm retired] before you try and LARP at me.
English
0
0
1
196
Gabriel
Gabriel@sigildealer·
You must avoid having guilt and shame at all costs Guilt and shame are the lowest of low frequencies Most arent even aware of this When you are vibrating on the frequency of guilt or shame you are in the lowest possible state of being In hell Now what do you think you attract when you are in a low frequency? More low frequency entities Scarcity is low frequency . Struggle is low frequency . This is why some people cant seem to outrun misfortune This is why it is so important to live in alignment with a total clear conscience You simply cannot ascend into higher states of being without getting rid of your guilt and shame
Gabriel tweet media
English
84
637
4.9K
169K
Darshak Rana ⚡️
Darshak Rana ⚡️@thedarshakrana·
I recently read about a psychologist in 1980s who healed an entire ward of criminally insane patients. WITHOUT SPEAKING TO THEM. WITHOUT ENTERING THE WARD. WITHOUT LOOKING AT THEM. He simply sat in his office, read their files, and repeated 4 phrases over and over while staring at their photos. That's it. Here's an incredible story that'll make you rethink healing and consciousness. His name was Dr. Ihaleakala Hew Len. The technique he used is called Ho'oponopono. It's a 5,000-year-old Hawaiian healing practice based on one radical premise: everything you experience is your responsibility to heal. And, the 4 phrases he uttered weren't instructions to them. They're instructions to himself: • I'm sorry • Please forgive me • Thank you • I love you That's the entire protocol. He repeated these while holding their file. While thinking of them. While acknowledging his role in their existence on their reality. But how did it work? Neuroscientists now know that holding resentment, anger, and blame literally reshapes your prefrontal cortex. Your thoughts about someone change their neural pathways in YOUR brain. When you release blame, you rewire yourself. And something bizarre happens: they often change too. Think about it this way. You're not healing them directly. You're healing your perception of them. You're removing the energetic charge you've placed on their existence. The moment you stop seeing them as guilty, dangerous, or broken, something shifts. They sense it. They respond to it. Dr. Len's insight was, "you can't change someone's behavior by confronting them. You change it by changing how you hold them internally." By taking responsibility for how they show up in your reality. By forgiving the part of yourself that attracted this person into your story. So, the 4 phrases work because they bypass the conscious mind. "I'm sorry" = I take responsibility for my role in this "Forgive me" = I release the judgment I've been holding "Thank you" = I recognize this person taught me something "I love you" = I see their wholeness despite their actions Repeat this 100 times a day and your nervous system reprograms. When you genuinely forgive—not for them, but for you—something neurological shifts. Your nervous system relaxes. Your perception opens. You see possibilities instead of problems. And paradoxically, the people you forgive often transform. Because you stopped projecting your pain onto them. Start today. ➸ Pick one person who still has a charge for you. ➸ Repeat the 4 phrases 50 times while thinking of them. ➸ "I'm sorry. Please forgive me. Thank you. I love you." Track what happens to your nervous system. To your thoughts about them. The deeper you go with Ho'oponopono, the more you realize: everyone who appears in your reality is a mirror. They're showing you something unhealed in yourself. Which means healing is always possible. Because the only person you can ever truly change is you.
English
164
1.6K
5.4K
297.5K
HalesFall 🪽
HalesFall 🪽@HalesFall·
@luo_yuehan "North Macedonia" is a modern day LARP on the international stage. They are Slavic. Not Greek. No relation to Ancient Greece, its culture, customs, and certainly no lineage tracing back to Alexander the Great.
English
2
1
37
5.4K
HalesFall 🪽
HalesFall 🪽@HalesFall·
@MGreen954 A lot of you simps have not caught on that e-girls have been LARPing as tradwives for years now, telling you whatever you want to hear to lure you in.
English
0
0
3
94