Every few months there’s some sensational news reporting that some high profile individual doesn’t use bluetooth wireless headphones and everyone goes “Wait, what?”. From Taylor Swift’s public appearances featuring exclusive use of wired headphones to former Vice President Kamala Harris on The Late Show with Stephen Colbert stating:
Number 3 may surprise you! I’m kidding of course, blatant web-based phishing attacks are boring. This blog isn’t about those. Most of these examples will probably surprise you in some way. This blog is about the spiraling mess of URI handlers, auth flows, proof-of-presence, and the complete lack of fuzzed code coverage of the ecosystem as a whole.
VPN: phone, not desktop. WiFi: N/A. These statements are correct. Or at least as correct as is applicable to the general user in the scope of the following contextual blog which generally recommends that:
Recently I ran into a headache of Out-Of-Memory errors when using Binary Ninja. Specifically, this was in relation to dissassembling a Mach-O aarch64 binary from an iOS app grabbed from decrypt.day.
The popular social media app “TikTok” is likely facing an iminent ban in the United States in the coming days. This has resulted in a mass migration to the Chinese app 小红书 (meaning “little red book”), Xiaohongshu, or simply “REDnote”.
In iOS if you are: Using Apple Maps for directions Playing Music Connected to a car over Bluetooth (not Apple CarPlay) …when you pause your music it will remain paused until the next direction is audibly announced by Apple Maps. At which point, the music will unpause itself once the Apple Maps voice is done talking. Additionally, because all music apps for iOS utilize the OS-hosted audio contols, closing the music app entirely does not stop this behavior. You must uninstall the app. You may think that navigating to iOS settings and disabling that app’s ability to utilize mobile data may limit the impact. However, this simply makes it play the current song which has already been cached.
In early 2017, @ericlaw wrote a blog post titled The Line of Death. The general premise is that there is some inherent user trust of any content that appears above the browser window and that considerations must be taken to ensure that browsers can not be manipulated to easily betray this trust.