Will StrafachVerified account

@chronic

building great things. breaking others. | founder & | email: will@wstraf.me

worldwide
Joined October 2009

Tweets

You blocked @chronic

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @chronic

  1. Pinned Tweet
    6 Feb 2017

    I just published “76 Popular Apps Confirmed Vulnerable to Silent Interception of TLS-Protected Data”

    Undo
  2. Retweeted
    11 hours ago

    Presenting Collectra — an up-to-date statistics dashboard with device and version popularity, allowing tweak developers to have a better idea of the jailbroken iOS ecosystem.

    Show this thread
    Undo
  3. Retweeted
    Jul 7

    For the first time since the KPP, tvOS has a stable Jailbreak! Working on a firmware that is STILL SIGNED too!! And Apple finally fixed the issue with apps made for newer versions not downloading; They now offer you a compatible version. There is no reason to not JB your AppleTV!

    Undo
  4. Retweeted
    Jul 8

    Just two days after announcing my newsletter, it has 275 subscribers. The support has been incredible — a huge thank you to everyone. The first one went out this morning. You can read it here: Get it delivered every Sunday here:

    Undo
  5. Retweeted

    Shortcuts (left), Workflow (right). I am so happy to see this full app intact. And not only that, it can do even more things that they would never be able to do as a third-party developer. Gotta be one of Apple’s best app acquisitions (since, like, Final Cut Pro)

    Undo
  6. Retweeted
    Jul 6
    Undo
  7. Retweeted
    Jul 6

    Electra for iOS 11.2-11.3.1 is now available! Note: First run will require rebooting. Make sure to re-run electra after the first reboot to continue jailbreak.

    Undo
  8. Jul 6

    fact stated very simply: serving executable content (HTML/JS) over plaintext HTTP creates an unnecessary and very real attack surface for your users, totally independent of the sensitivity of whatever actual content you are serving.

    Show this thread
    Undo
  9. Jul 6

    many folks see HTTPS as protecting the encapsulated data from being read, which is true, but it's important to remember that it also protects that data from being modified. all someone would need to do is be near your phone/computer while you use it. HTTP = big liability.

    Show this thread
    Undo
  10. Jul 6

    the idea of is very handy, but seems there is a hugely important factor not explicitly stated: serving over plain HTTP gives an opportunity for an attacker to throw a WebKit or other web based exploit into user traffic, pwning non-updated phones/computers

    Show this thread
    Undo
  11. Retweeted
    Jul 5

    New wild story: employee of NSO, a company selling high end, remote iPhone hacking tools to governments, allegedly stole the company's source code + malware, tried to sell it to unauthorized parties for $50 million. Highlights serious risk of proliferation

    Show this thread
    Undo
  12. Jul 5
    Undo
  13. Retweeted
    Jul 4
    Undo
  14. Jul 3

    this is highly likely. approval process does not provide security.

    Undo
  15. Jul 3

    FYI - this is absolutely in iOS apps as well. and some may have mic functionality.

    Undo
  16. Retweeted

    Here's a fun thing that's kinda significant: the UIKit apps in macOS Mojave are the exact same build as in iOS 12. This suggests that Marzipan apps will be updated in lockstep with iOS, and are not some weird fork for the desktop on their own delayed schedule. Huge implications

    Show this thread
    Undo
  17. Jul 3

    respectfully, the author of this post does not fully understand the feature. they are incorrect. would be happy to be proven wrong with a PoC of some new vuln I do not know about though.

    Undo
  18. Jul 3

    The Complete Guide To Getting Every Corruption Secret Immediately Leaked

    Undo
  19. Jul 3

    key difference which I hope more folks pick up on

    Undo
  20. Retweeted
    Jul 1

    New: Homeland Security has subpoenaed Twitter for the account information on a data breach finder.

    Show this thread
    Undo
  21. Retweeted

    Gee, I wonder why 😜 (my money is firmly on a shared App Store and universal binaries between iOS and macOS on ARM)

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·