As of macOS 12 (Monterey), Apple's Virtualization framework has nice support for macOS guest virtual machines, but with severe limitations: For example you can't install a macOS guest on Intel Macs, install guests with newer versions of macOS than the host, copy and paste between the host and the guest, or install third party kernel extensions in the guest. As usual for Apple, the functionality they do support is nicely implemented, but they've left out so much that the result is only marginally useful -- at least compared to
// | |
// airtag-decryptor.swift | |
// | |
// Decrypt all beacons files from ~/Library/com.apple.icloud.searchpartyd - updated when FindMy is running | |
// Results in /tmp/com.apple.icloud.searchpartyd - same file hierarchy | |
// | |
// Created by Matus on 28/01/2024. - https://gist.github.com/YeapGuy/f473de53c2a4e8978bc63217359ca1e4 | |
// Modified by Airy | |
// | |
import Cocoa |
nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1 --force-dfu | |
89994699affdef:132 | |
9905b4edc794469:695 | |
9905b4edc794469:695 | |
e2846af5eb52553:475 | |
9526cec925bde03:111 | |
image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde | |
image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x42e6 | |
ae71af5ee32b84:116 |
Unfortunately I have some bad news for downgrading. | |
Before I explain the bad news at the end of this post, I first need to introduce a background of iOS devices. | |
In iOS 16, Apple introduced a new firmware component known as Cryptex1. Technically, this is a "virtual" co-processor. | |
It's purpose is to allow Apple to push RSRs (Rapid Security Responses) which are separate from traditional iOS updates and can be installed much faster. | |
Like other firmwares, it also has a signing ticket locked to a cryptographic nonce (number-used-once). | |
We commonly refer to the Apple signing tickets as SHSH blobs. | |
Meaning the firmware can't be installed without a valid signing ticket as well as a matching nonce. | |
The "big two" components we deal with signing/nonces are AP and SEP. AP is basically the main device chip (Application Processor). | |
SEP is the security chip (Secure Enclave Processor). | |
With regards to APNonce, Apple conveniently gave us the com.apple.System.boot-nonce NVRAM property which we use to set the APNonce generator. |
A curated list of useful command line apps, in celebration of the TUI.
“Knowledge brings fear” (Mars University Mission Statement)
If you want to contribute, you are highly encouraged to do so. Please read the contribution guidelines.
Highly extensible software like Emacs, Vim, and Neovim tend to grow their own package managers. A software developer, for example, might want to install editor plugins that hook into a particular programming language's linter or language server. The programmer's text editor is therefore extended to support managing additional software to extend the text editor. If this loop continues for too long, the programmer's editor becomes more delicate and complex. The remedy for this problem is to manage software using dedicated tools apart
If you want to change things on the root drive of a Mac you will need to take some steps to disable the built in security of the system. Most of these steps are the same regardless if you are on Intel or Apple Silicon. If there is a difference it is noted.
Note that all of these things put a Mac into an unsupported and less secure state.
Make sure you either perform these steps in a VM or that you reset the protections after you are done poking around
(This list is not exahustive on the details of each. Check the links at the end for more info.)
John Belmonte, 2022-Sep
I've started writing a toy structured concurrency implementation for the Lua programming language. Some motivations:
- use it as a simple introduction to structured concurrency from the perspective of Lua (this article)
- learn the fundamental properties of structured concurrency and how to implement them
- share code that could become the starting point for a real Lua library and framework
So what is structured concurrency? For now, I'll just say that it's a programming paradigm that makes managing concurrency (arguably the hardest problem of computer science) an order of magnitude easier in many contexts. It achieves this in ways that seem subtle to us—clearly so, since its utility didn't reach critical mass until around 2018[^sc_birth] (just as control structures like functions, if
, and while
weren't introduced to languages until long after the first compu
{ config, pkgs, ... }: | |
let | |
p = import ./test.nix; | |
pkgsM1 = import <nixpkgs> { overlays = []; }; | |
inherit (import <nixpkgs> {}) fetchFromGitHub lib; | |
inherit (pkgsM1) ffmpeg imagemagick tmux zsh starship gnupg nodejs-14_x nodejs-16_x postgresql_13 rustup; |