Jay Freeman (saurik)

At tomorrow's IVCSD meeting, we will be discussing climate change legislation, local compost service, public safety information, the 2020 census, and what is likely to be an awkward organizational process involving the establishment of multiple committees. https://islavistacsd.ca.gov/files/cbead89df/1_28_2020+Regular+Meeting+Agenda.pdf …

Back in 2016, I was elected to the board of a small special district in California--a new government I helped create for Isla Vista, the college town next to UC Santa Barbara (where I studied Computer Science twenty years ago and never left)--we meet twice a month for ~2-3 hours.

(If myacinfo were to be deactivated entirely, that would also affect the deployment tools used by larger companies such as Facebook and Google, something Apple might enjoy rather than shy away from; if I were @FastlaneTools, I would be paying close attention to what is going on.)

(Note: right now, Apple chose to only target people without paid Developer accounts; but they know as well as we that this is merely a speed bump; so, I wonder if they might intend to fully deprecate myacinfo due to security issues and are using free developers to derisk impact.)

Regardless, I'm simply not in a position to dedicate time to this until mid-December; and I also do not have much good advice for users, other than to annoyingly note that if you buy an Apple developer account, Cydia Impactor works and you can install apps on hundreds of devices.

If anyone else wants to do this work, I am *not* a gatekeeper: if there were a "walk-through" of GrandSlam, people like me can easily support it; the only existing references I've found are presentations by Vladimir Katalov (the CEO of @ElcomSoft...) and work by InflatableDonkey.

I actually am very interested in doing this work; but, as I have stated before, I also now have a day job where I'm in charge of technology for a company that absolutely must release its product within the next few weeks. I just can't take weeks off right now to work on Cydia :(.

(FWIW, I am actually impressed with the "creative workaround" (a plugin for Apple Mail) that @rileytestut came up with for @altstoreio's AltServer (which is largely based on the open source code for Cydia Impactor's core, ldid!) and am interested to see what he does for Windows.)

(On jailbroken iOS—or apparently on "a jailbroken Mac", where you disable SIP and patch amfid, similar to how we jailbreak iOS... I wonder how much longer it will be before we need exploits for that :/—one can directly use Apple's AuthKit to get the right authentication headers.)

(Alternatively, I could drop support for Linux—which honestly feels like "defeat" :(—to only support macOS and Windows, in which case I spend my time ripping apart iTunes to figure out where it is storing its keys on Windows; but this would be easy for Apple to repeatedly break.)

Cydia Impactor (unlike, say, ReProvision) is intended to run on stock desktop platforms (macOS, Windows, and Linux); to support this new authentication scheme will require spending some time—I'd guess well over a week?—reverse engineering Apple's code to achieve interoperability.

(I then told myself I shouldn't be working on this at the wedding unless I had a fast fix (which I didn't), was being swamped with an audit deadline at work I needed to hit, frankly hate having to wade into the "eta wen" posts, and honestly wanted to see what other people found.)

When Apple did this, I'd just arrived in Florida for a wedding (one of a dear friend and where I was a groomsman); even so, I stayed up ludicrously late the night before the ceremony rehearsal to understand the issue and try to triage how much it would hurt to fix Cydia Impactor.

About two weeks ago, Apple made a change to their provisioning service to require a different authentication scheme for "free" Apple accounts (they return an error that mentions upgrading to "Xcode 7.3"); this broke Cydia Impactor for users without a paid Apple Developer account.

Today, Cloudflare made WARP, their VPN service with an unlimited free tier, available to everyone; it only has clients for iOS and Android, but the protocol they are using seems to be off-the-shelf Wireguard, so you can connect from macOS! Run this script: https://cache.saurik.com/twitter/wgcf.sh 

(LOL: I just noticed the third tweet here said "iPhone 13 Pro Max". I meant "iPhone 11 Pro Max on iOS 13". While I am making corrections: the latency difference I got was more precisely 46-66ms, not 50-66, though the precision I can claim on any of this is pretty weak anyway ;P.)

I did this as I was having a subtle-yet-annoying feeling of motion sickness using the iPhone 13 Pro Max camera that I have never experienced with an iPhone before and wanted to be 100% sure I wasn't making it up; a 100ms input latency was already "pushing it": 166ms is "too far".

I also ran isolated trials of each phone in the same sensor position of the test phone to mitigate any rolling shutter effects, tested with both the 1x and 2x lenses, used exposure locking to isolate auto focus, and turned the screens off and on to break up frame synchronization.