dunxen dunxen

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

Messaging Changes

I am assuming minimal changes to commitment transaction structure, essentially swapping out HTLC for PTLC, so no fast-forward schemes here.

Here are output labels because I get confused so often what things in BOLTs mean:

(a) a_o_atx_* Alice-offered "offered PTLC" in Alice's tx
(b) a_o_btx_* Alice-offered "received PTLC" in Bob's tx
(c) b_o_atx_* Bob-offered "received PTLC" in Alice's tx
(d) b_o_btx_* Bob-offered "offered PTLC" in Bob's tx

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

	"use client";

	/* eslint-disable @next/next/no-img-element */
	import Link from "next/link";
	import { useState, useEffect } from 'react';
	import {
	AppBskyFeedDefs,
	AppBskyFeedPost,
	type AppBskyFeedGetPostThread,
	} from "@atproto/api";