Peter A. ink-splatters

Domains.plist

Documentation of /System/Library/Backup/Domains.plist. File taken from iOS 16.4 iPhone SE 3. The file was removed in iOS 17.0

Values

Values in the plist. Other than SystemDomains, these are not really important and are just here for preservation sake.

A domain in domains.plist contains keys that determine what gets backed up for what types of devices and where (i.e. iCloud vs iTunes). Not all domains have each key. The only 2 keys that must be in every domain are RootPath and RelativePathsToBackupAndRestore. Some domains have the value ShouldDigest. I am not sure exactly what it means but I have included it for documentation purposes.

Version: "24.0"
SystemDomains: (Dictionary), see below

Running Third Party Kernel Extensions on Virtualization Framework macOS Guest VMs

As of macOS 12 (Monterey), Apple's Virtualization framework has nice support for macOS guest virtual machines, but with severe limitations: For example you can't install a macOS guest on Intel Macs, install guests with newer versions of macOS than the host, copy and paste between the host and the guest, or install third party kernel extensions in the guest. As usual for Apple, the functionality they do support is nicely implemented, but they've left out so much that the result is only marginally useful -- at least compared to

AI Voice Cloning / Transfer (eg. RVCv2)

My random collection of notes on AI voice cloning services/models/techniques/etc. Just because something is listed here, doesn't necessarily mean I have tried it, nor endorse it. Use this as a starting point for doing your own further research.

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

A curated list of useful command line apps, in celebration of the TUI.

“Knowledge brings fear” (Mars University Mission Statement)

If you want to contribute, you are highly encouraged to do so. Please read the contribution guidelines.

Manage Neovim plugins (and more!) with Nix and Home Manager

Highly extensible software like Emacs, Vim, and Neovim tend to grow their own package managers. A software developer, for example, might want to install editor plugins that hook into a particular programming language's linter or language server. The programmer's text editor is therefore extended to support managing additional software to extend the text editor. If this loop continues for too long, the programmer's editor becomes more delicate and complex. The remedy for this problem is to manage software using dedicated tools apart

How to Defang macOS System Protections

If you want to change things on the root drive of a Mac you will need to take some steps to disable the built in security of the system. Most of these steps are the same regardless if you are on Intel or Apple Silicon. If there is a difference it is noted.

Note that all of these things put a Mac into an unsupported and less secure state.

Make sure you either perform these steps in a VM or that you reset the protections after you are done poking around

Protections and Terms

(This list is not exahustive on the details of each. Check the links at the end for more info.)

	//
	// airtag-decryptor.swift
	//
	// Decrypt all beacons files from ~/Library/com.apple.icloud.searchpartyd - updated when FindMy is running
	// Results in /tmp/com.apple.icloud.searchpartyd - same file hierarchy
	//
	// Created by Matus on 28/01/2024. - https://gist.github.com/YeapGuy/f473de53c2a4e8978bc63217359ca1e4
	// Modified by Airy
	//
	import Cocoa

	nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1 --force-dfu
	89994699affdef:132
	9905b4edc794469:695
	9905b4edc794469:695
	e2846af5eb52553:475
	9526cec925bde03:111
	image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde
	image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x42e6
	ae71af5ee32b84:116

	Unfortunately I have some bad news for downgrading.
	Before I explain the bad news at the end of this post, I first need to introduce a background of iOS devices.
	In iOS 16, Apple introduced a new firmware component known as Cryptex1. Technically, this is a "virtual" co-processor.
	It's purpose is to allow Apple to push RSRs (Rapid Security Responses) which are separate from traditional iOS updates and can be installed much faster.
	Like other firmwares, it also has a signing ticket locked to a cryptographic nonce (number-used-once).
	We commonly refer to the Apple signing tickets as SHSH blobs.
	Meaning the firmware can't be installed without a valid signing ticket as well as a matching nonce.
	The "big two" components we deal with signing/nonces are AP and SEP. AP is basically the main device chip (Application Processor).
	SEP is the security chip (Secure Enclave Processor).
	With regards to APNonce, Apple conveniently gave us the com.apple.System.boot-nonce NVRAM property which we use to set the APNonce generator.