yuna0x0 yuna0x0

Control external monitor brightness using ddcutil with Waybar integration.

Features

Left click: Set brightness to 100%
Right click: Set brightness to 0%
Scroll: Fine adjustment (optional)
Instant updates via signals

Requirements

ddcutil installed

Frontend Security

	Security Measure	Description
☐	Use HTTPS everywhere	Prevents basic eavesdropping and man-in-the-middle attacks
☐	Input validation and sanitization	Prevents XSS attacks by validating all user inputs
☐	Don't store sensitive data in the browser	No secrets in localStorage or client-side code
☐	CSRF protection	Implement anti-CSRF tokens for forms and state-changing requests
☐	Never expose API keys in frontend	API credentials should always remain server-side

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

Domains.plist

Documentation of /System/Library/Backup/Domains.plist. File taken from iOS 16.4 iPhone SE 3. The file was removed in iOS 17.0

Values

Values in the plist. Other than SystemDomains, these are not really important and are just here for preservation sake.

A domain in domains.plist contains keys that determine what gets backed up for what types of devices and where (i.e. iCloud vs iTunes). Not all domains have each key. The only 2 keys that must be in every domain are RootPath and RelativePathsToBackupAndRestore. Some domains have the value ShouldDigest. I am not sure exactly what it means but I have included it for documentation purposes.

Version: "24.0"
SystemDomains: (Dictionary), see below

It took me 3 days to pass the error The device does not meet the minimum integrity requirements.

Finally, I exported my Authy from my Android 14 phone on custom ROM.

Phone: Realme GT2
ROM: custom ROM PixelOS
State: Root already
Android: 14
Integrity: MEETS_DEVICE_INTEGRITY

The Sane Rendering Manifesto

The goal of this manifesto is to provide an easy to follow and reasonable rules that realtime and video game renderers can follow.

These rules highly prioritize image clarity/stability and pleasant gameplay experience over photorealism and excess graphics fidelity.

Keep in mind that shipping a game has priority over everything else and it is allowed to break the rules of the manifesto when there are no other good options in order to ship the game.

Do not use dynamic resolution.

Which GGUF is right for me? (Opinionated)

Good question! I am collecting human data on how quantization affects outputs. See here for more information: ggml-org/llama.cpp#5962

In the meantime, use the largest that fully fits in your GPU. If you can comfortably fit Q4_K_S, try using a model with more parameters.

llama.cpp feature matrix

See the wiki upstream: https://github.com/ggerganov/llama.cpp/wiki/Feature-matrix

Logger: https://github.com/curtisf/logger

You can still selfhost the bot (view selfhosting-guide in the support server)

Selfhosted Loggers:

WARNING: It's unlikely any public instances of Logger will be added here, Discord failed to verify and grant intents needed to another public selfhosted instance and the user had to shutdown their instance.

INFO

The only selfhosted Loggers listed here will be from trusted members of the Logger support server. If you're selfhosting and a trusted member and want your selfhosted Logger to be listed then we'll reach out to you directly, don't ask to be listed here.

	#!/bin/bash

	# Force public key authentication
	cat > /etc/ssh/sshd_config.d/20-force_publickey_auth.conf <<EOF
	PasswordAuthentication no
	AuthenticationMethods publickey
	EOF

	# Deny root login
	echo "PermitRootLogin no" > /etc/ssh/sshd_config.d/20-deny_root.conf

	// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
	// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
	(() => {
	const SHOW_SIDES = false; // color sides of DOM nodes?
	const COLOR_SURFACE = true; // color tops of DOM nodes?
	const COLOR_RANDOM = false; // randomise color?
	const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
	const MAX_ROTATION = 180; // set to 360 to rotate all the way round
	const THICKNESS = 20; // thickness of layers
	const DISTANCE = 10000; // ¯\\_(ツ)_/¯