Tiffany young

介于可能会分享越来越多的内容，于是准备将技术分享合集置顶一下 2023.03.05 miui弹窗拦截/三方应用跳转拦截分析 twitter.com/X_8964/status/… 2021.08.14 miui反跟踪分析 及 Android跟踪方案分析 twitter.com/X_8964/status/…

@Lakr233 @yetone @hwwaanng @EEEEYHN runasnode？

昨天听 CEO 说，原来 OpenAI 的 Computer Use 团队以前是在 Apple 做 Shortcuts 的。怪不得这么牛逼。

@HubertX13 @ResolvLabs Hi, I'm also a big vault curator on morpho market, who have listed and invested in RLP market. Can we keep in touch regarding the upcoming effects on the RLP morpho market.

After gathering thoughts from various parties at ETHCC, here is my take on the options available to @ResolvLabs regarding their recent $USR hack. For me it’s very clear, there are two paths going forward: 1/ Resolv reduces $RLP value by the loss in collateral pool and uses treasury funds to partially compensate Fluid and Gauntlet for their USR bad debt. In this case, pretty much no end user will loose anything since fluid has repaid already, and anyway both gauntlet and fluid committed to repay right after the hack so it’s their word on the line. After that, new USR token and Resolv is back in business. 2/ Resolv repays fluid’s and gauntlet’s USR bad debts. RLP takes a significant hit, this creates an additional few millions of bad debt increasing even more the whole. Fluid is happy as they can replenish their treasury. Gauntlet is half happy half rekt because of the RLP bad debt generated. Tons of end users get rekt. Resolv then shut down as nobody will ever allocate funds to RLP again. Probably possible to get an exit door at Fluid. As an investor in Resolv, I would very much prefer if the team would decide to go the option 1 route (which is btw the most solid one from a legal standpoint). Hopefully there is a path towards rebuilding a successful Resolv.

@Lylo69 @HubertX13 @ResolvLabs Agree

@HubertX13 @ResolvLabs The collateral for RLP is intact and the terms are not clear about an issue related to offchain hack. Resolv risks litigations if they misuse the RLP collateral.

@Elmidou Hi, I'm also a big vault curator on morpho market, who have listed and invested in RLP market. Can we keep in touch regarding the upcoming effects on the RLP morpho market.

Update: Resolv investor wants Resolv Labs to misappropriate RLP assets for the benefit of Fluid and Gauntlet. The intrigue thickens. x.com/hubertx13/stat…

This is the clearest explanation of what risk RLP holders took and what RLP holders didn’t take. Don’t misappropriate RLP’s assets @ResolvLabs and give them to third parties!

@colinwu 他现在默认不搜索，所以幻觉拉满

Gemini 幻觉太严重了，让 Grok 总结了一篇今天 X 上关于被盗事件的综述，然后让 Gemini 做真实性确认，结果。。。

@TiezhuCrypto 等一个链接

咋说，已经覆盖了美股TOP10和三大指数。应该够用了吧。对常规的期权选手来说。

The vulnerability disclosed by the researcher from OneKey Anzen marimo-team.notion.site/Security-Relea…

@passluo 点进去发现已屏蔽，哈哈哈哈

爱玛，我是说怎么有人喷我直接复制别人推文，你们嗅觉也太灵敏了 😅

我们把 Xcode 打包进你的浏览器了 免费账号就能签名安装 无需下载任何软件 光速替代 Cydia Impactor 欢迎来玩～

现在再听「龙虾」、「养虾」这些词儿就有一种听「奥利给」、「真给力」这种过时网络用语一样尴尬羞耻了

不是，哥们儿，tradingview忘换证书了？还是我的dns给他什么api干了

@lipeng0820 神奇，理论上skip proxy就会回退到普通siri（圆球），我也是港版

@X_8964 明白，我再让他想想可以怎么优化。不过我此刻的Apple intelligent是正常状态，不知道是不是跟港行有关

Antigravity的妙用+1 ： 用来魔改梯子的分流规则 哪里不爽改哪里，之前的规则在 iOS 端访问 AppStore 会导致报“无法连接，无法载入页面，请重试。” 且无法绕过公司的内网环境，这下好了，统统搞定👌 轻松打造属于自己的专属分流规则

@lipeng0820 感谢解答，1 ipv6可以可以试试，2 skip proxy会导致apple intelligent用不了，3 如果proxy再走国内dns解析反而可能绕路

你也遇到这个问题了么？让 AI 总结了一下他之前的操作 1. 禁用 IPv6 (杀手锏) 在 Shadowrocket 和 Clash 的配置中，强行关闭 IPv6 开关。 # Shadowrocket 配置ipv6 = falseprefer-ipv6 = false 原因：强制系统回归 IPv4。IPv4 的链路成熟度更高，在大规模分流规则下极其稳定，能解决 90% 的“无法载入页面”问题。 2. 内核级绕过 (skip-proxy / Bypass) 不要仅仅在 [Rule] 区域写 DIRECT。我们直接将 Apple 的基建域名加入 skip-proxy（绕过代理）名单。 # Shadowrocket 配置skip-proxy = 192.168.0.0/16, *.apple.com, *.icloud.com, *.mzstatic.com, *.itunes.apple.com 原因：这能让 Apple 的流量完全不进入 VPN 隧道。对于系统而言，这部分流量就像没开 VPN 一样透明传输，完美避开了苹果的所有隧道检测。 3. DNS 阵列加固 指定苹果域名永远由国内（AliDNS/TencentDNS）进行原生解析。 yaml# Clash Meta 配置nameserver-policy:"apple.com": "223.5.5.5""icloud.com": "119.29.29.29" 原因：确保解析出的 IP 永远是离你最近、最快的苹果 CDN 节点，杜绝因 DNS 污染导致的连接重置。

原文 Blog 链接：security.googleblog.com/2025/11/androi…

@oasisfeng 港版17p，实体卡国内，esim海外

在国行 iPhone 17e 上，把国内运营商的号码写入手机的 eSIM，然后用实体卡槽插 eUICC 卡用来保存和使用其它 eSIM。 不知这个方案靠谱吗？有没有啥坑？

@yecharlie__ @fxtrader su7ultra比max定位高吧

@fxtrader SU7 MAX比Pro配置高一些吧

#观察 小米红米的命名有点反直觉，“至尊版（Ultra）”的定位居然会比“Max”更低。

@Randark_JMT @pypi u r right

@pypi Dear PyPI security team, during this period of frequent supply chain poisoning incidents, you're still relying solely on the inspector service for code security checks. Does this mean if attackers use .pyd or .so files to deliver payloads, you won't detect it?😅

@luoleiorg hanime1.me。🫡

给家里网络拓扑，又做了亿点点小小优化，现在所有落地的 IP ，不再暴露家宽或者服务器 IP，全部又套了一层 Cloudflare WARP。🤡

@0xFrosch @ResolvLabs Maybe they need our money in rlp to pay back the big whales.

@ResolvLabs why was RLP redemption blocked? it was USR that was exploited

Ivan, co-founder of Resolv, has shared an update on the protocol security incident and recovery process. Some of the questions covered: → Why were whitelisted USR users redeemed first? Verified wallets allowed the team to act within 24 hours manually to limit further impact on the broader market. 98% of those redemptions are complete. → What can non-whitelisted pre-exploit USR holders expect? The same 1:1 commitment. The team is finalising the technical solution for redemptions. → Was this an insider incident? The investigation with @Mandiant and @zeroshadow_io is ongoing. No evidence of insider involvement has been found at this stage. → What about post-exploit USR holders, LPs and RLP holders? The remaining steps involve legal, technical, and ecosystem coordination across many counterparties. There is no single obvious solution — only a set of trade-offs. The goal is to find the most balanced outcome. → How long will the full recovery plan take? We are moving as quickly as the process responsibly allows. Watch the full video below: