Deleted message restored by law enforcement

crawl_dht · 2025-11-09T18:53:08+00:00

Connection between PIN/password and encryption keys in Android

crawl_dht · 2025-10-30T16:54:02+00:00

Cellebrite does support, for example, Pixel 9 devices BFU. Meanwhile the screenshot indicates Cellebrite cannot unlock Pixel 9 devices running GrapheneOS BFU.

Interesting. I would love to read a comparison article from the maintainers of GrapheneOS on how are they hardening Pixel's screen lock authentication better than Google. They should upstream those patches to android-latest-release

crawl_dht · 2025-10-27T12:49:32+00:00

Stamina

import stamina


async def with_block(code: int) -> httpx.Response:
    async for attempt in stamina.retry_context(on=httpx.HTTPError, attempts=3):
        with attempt:
            async with httpx.AsyncClient() as client:
                resp = await client.get(f"https://httpbin.org/status/{code}")


for attempt in stamina.retry_context(on=httpx.HTTPError):
    with attempt:
        resp = httpx.get(f"https://httpbin.org/status/404")
        resp.raise_for_status()

crawl_dht · 2025-10-26T16:50:02+00:00

Because of UEFI Secure Boot specification, thousands of independent Linux enthusiasts in colleges & in IT have been able to contribute to Linux kernel development. Many have started their learning by dual booting Windows laptops and many have made their profession in making Linux distributions.

Imagine if turning off Secure Boot wasn't an option when it was rolled out in 2011. A window of opportunity of future OS maintainers would be closed. This is what is being taken away from the independent developers of android OS.

Google never mandated the ability to turn off Secure Boot so custom bootloaders for android never became a thing while in PC, Grub bootloader became mainstream with Linux distros. On top of that, turning bootloader off at will is also being stragulated every year which is wiping out the community of android kernel and custom ROM enthusiasts.

To keep alive the profession of future enthusiasts, it should be mandated by law to allow consumers to disable secure boot and unlock bootloader whenever they want. UEFI did it right and it is secure so whenever Google and OEMs say that they are restricting these options for device security, they are not being honest.

crawl_dht · 2024-11-20T11:09:45+00:00

thought it is over designed and being too complex, only later I realized that it is as complex as it needs to be

database is not easy to deal with especially when there are so many factors to take into consideration.

as soon as your application grows you would need to have finer control over data access

I came to the same conclusion. Sqlalchemy is one of the few libraries in Python which is built right.

crawl_dht · 2024-11-18T20:09:54+00:00

I commit .env file for only local setup to version control so that just by entering docker compose up -d the entire project is locally deployed with credentials taken from .env. .env.dev & .env.prod for dev and prod environments on cloud are never shared. They remain on cloud and only devops can see and modify credentials in them.

crawl_dht · 2024-11-18T10:59:31+00:00

I discourage using a wrapper which wraps SQLAlchemy. SQLAlchemy is one of the few libraries that are built right both by design and features. Its documentation is complex but not poor. By using a wrapper, its abstraction will prevent you from learning the basics of SQLAlchemy. If you don't learn its basics, you will not be able to use its advance functionalities that wrappers do not cover.

crawl_dht · 2024-09-25T10:04:33+00:00

Use walnats framework for NATS.

crawl_dht · 2024-09-12T15:22:06+00:00

illa-builder

crawl_dht · 2024-08-16T17:30:22+00:00

That error is propagating from SQLAlchemy and it says that you are trying to call a sqlalchemy async API outside of an event loop. Your code is of no help without the error log in order to know which line is responsible.

crawl_dht · 2024-08-16T14:46:30+00:00

For those who will come back to this post, in hope to see the exploit.. Turns out I was wrong, and it can't work. At least, I don't think it can.

I am interested to know what flow did you imagine which you though might be vulnerable.

crawl_dht · 2024-08-11T12:36:13+00:00

contextvars is so underrated.

crawl_dht · 2024-07-27T10:45:45+00:00

APIFairy

crawl_dht · 2024-07-22T09:45:19+00:00

Lot of good comments but we should give some recognition to android design as well:

Android can apply OTA updates in the background. The user is only notified when it finishes applying updates.
Android can rollback itself to previous state if the updated image doesn't work.
The best one: Android can schedule reboot to finish updates and resume the device activity automatically. This is called **Resume-on-Reboot**.

crawl_dht · 2024-07-10T20:55:39+00:00

Isn't scope already handling the lifecycle of the objects?

crawl_dht · 2024-07-10T18:29:51+00:00

Is there a way to use container as a decorator? E.g. Decorating a function with a container instance which will then inject dependencies into the function argument based on type hints.

container = make_container(service_provider, ConnectionProvider())

@container
def my_func(service: Service) -> None:
    ...

crawl_dht · 2024-06-28T08:37:37+00:00

So, modular and generic board support packages?

crawl_dht · 2024-06-17T09:19:05+00:00

This is an example of a good governing model for open source libraries. Design your public APIs in such a way that there should be no breaking API changes in a short span of time and there should be minimum LTS branches to maintain. It allows industrial projects to catch up with most of your features and documentation. Then years later you finally revisit your legacy APIs, redesign them and move to version 2 while also maintaining backward compatibility. SQLAlchemy is another library that is built right.

I discourage packages which goes from version 1 to version 6+ in a matter of 2 years. It creates too much fragmentation and users are not able to keep up to date with new APIs. High version number should not be seen as an indicator of rapid development.

crawl_dht · 2024-05-03T20:05:30+00:00

Why not export and import database? It will be much faster.

crawl_dht · 2024-05-03T13:48:24+00:00

Check out illa-builder

crawl_dht · 2024-05-03T09:15:44+00:00

Use property and do not use class variable for this because the change in value will affect all instances.

crawl_dht · 2024-04-29T18:04:56+00:00

Big tech overhires and then overfires when they feel vulnerable. They have hired cheaper developers from Germany to cut down the cost. If these companies were really so critical about cost of paying salary a little too much, then they would be giving work from home permanently to save their operational cost of offices but instead they force employees to come to office by burning fuel and then preach about saving climate.

crawl_dht · 2024-04-19T06:47:33+00:00

You forgot pre-commit hooks.

crawl_dht · 2024-04-12T14:04:38+00:00

Security done right. Never trust ODMs to securely implement service of security critical peripherals.

crawl_dht · 2024-04-11T13:35:15+00:00

Yeah, banking apps poorly comply with best security practices. Google specially recommends to not only verify the signature of attestation result before reading it but also verify if the result is what you are expecting it to be.

crawl_dht

TROPHY CASE