Telegram Web
tgoop.com » United States » Sukka's Notebook » Telegram Web
Sukka's Notebook
Forwarded from Sunbelife真不要脸啊
This media is not supported in your browser
VIEW IN TELEGRAM
7.4K views
Sukka's Notebook
Forwarded from TUNA Mirror Status (Harry)
https://opentuna.cn/news/opentuna-shutdown/

OpenTUNA 将于 2023/12/20 停止服务。
6.1K views
Sukka's Notebook
https://blog.cloudflare.com/cloudflare-gen-12-server-bigger-better-cooler-in-a-2u1n-form-factor/
The Cloudflare Blog
Cloudflare Gen 12 Server: bigger, better, cooler in a 2U1N form factor
Cloudflare Gen 12 Compute servers are moving to 2U1N form factor to optimize the thermal design to accommodate both high-power CPUs (>350W) and GPUs effectively while maintaining performance and reliability
6.8K views
Sukka's Notebook
https://fxtwitter.com/isukkaw/status/1734787704146305090
FxTwitter / FixupX
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
This is my #GitHubUnwrapped!
Get your own at https://www.githubunwrapped.com
6.5K views
Sukka's Notebook
[#PSA] Telegram 官方 macOS Swift 客户端会对随机的、不属于 Telegram 的 IP 的 443 端口进行 TCP 握手。随机 IP 没有规律、有时甚至会尝试向不存在的 IP(如图中的 0.36.205.8 )发起 TCP 握手。

https://github.com/overtake/TelegramSwift/issues/1060

建议使用防火墙拦截上述的随机 TCP 连接,Surge for Mac 用户可以使用下述规则拦截:


# Telegram 域名
RULE-SET,https://ruleset.skk.moe/List/non_ip/telegram.conf,[replace with your policy name],extended-matching
# Telegram 官方在 https://core.telegram.org/resources/cidr.txt 列出的 Telegram IP 段
RULE-SET,https://ruleset.skk.moe/List/ip/telegram.conf,[replace with your policy name]
# 非官方收集的 Telegram ASN 列表
RULE-SET,https://ruleset.skk.moe/List/ip/telegram_asn.conf,[replace with your policy name]
# 静默丢弃 Telegram 客户端发起的、目标非 Telegram 域名和 IP 的其他连接
PROCESS-NAME,Telegram,REJECT-DROP
GitHub
[Bug] Telegram macOS (Swift version) often connects to random IPs that doesn't belongs to Telegram · Issue #1060 · overtake/TelegramSwift
As shown in the screenshot above, the Telegram Swift is trying to connect to random IPs' 443 port. This also includes an invalid IP 0.36.205.8. And here are more screenshots:
7.8K viewsedited  
Sukka's Notebook
6.5K views
Sukka's Notebook
6.7K views
Sukka's Notebook
7.0K views
Sukka's Notebook
https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html

TL; DR

macOS 上知名软件的破解版(NaviCat Premium、UltraEdit、FinalShell、SecureCRT 等)内置了后门。后门通过软件从 HTTP 地址下载 payload 并释放在 /tmp/.test 目录和 /Users/Shared/.fsevents 目录下,并创建 LaunchAgent 确保后门存活。

受影响的破解版软件由以下网站传播:

macv.com
macw.com
macz.com
macjb.com
macsc.com
macxf.com
orsoon.com
macxz.com
mac89.com
52112.com
macyy.cn
macdown.com
zupee.com
10.5K views
Sukka's Notebook
https://blog.skk.moe/post/2023-browser-from-a-to-z/
Sukka's Blog
2023:浏览器从 A 到 Z | Sukka's Blog
将 A-Z 逐一输入到 Google Chrome 的地址栏里,Google Chrome 都会自动补全出哪些域名呢(诶?)
7.0K viewsedited  
Sukka's Notebook
Sukka's Notebook pinned «https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html TL; DR macOS 上知名软件的破解版(NaviCat Premium、UltraEdit、FinalShell、SecureCRT 等)内置了后门。后门通过软件从 HTTP 地址下载 payload 并释放在 /tmp/.test 目录和 /Users/Shared/.fsevents 目录下,并创建 LaunchAgent 确保后门存活。 …»
Sukka's Notebook
Sukka's Notebook
[#PSA] Telegram 官方 macOS Swift 客户端会对随机的、不属于 Telegram 的 IP 的 443 端口进行 TCP 握手。随机 IP 没有规律、有时甚至会尝试向不存在的 IP(如图中的 0.36.205.8 )发起 TCP 握手。 https://github.com/overtake/TelegramSwift/issues/1060 建议使用防火墙拦截上述的随机 TCP 连接,Surge for Mac 用户可以使用下述规则拦截: # Telegram 域名 RULE…
[#PSA] Telegram 团队至今仍然拒绝对 Telegram 官方 macOS Swift 客户端连接随机 IP 的行为做出任何解释。
请前往 https://bugs.telegram.org/c/36949 为新创建的 Bug Report 点赞。
Bugs and Suggestions
Telegram macOS (Swift version) is connecting to random IPs not owned by Telegram all the times
As shown in screenshots, the Telegram Swift Client is trying to connect to random IPs' 443 port. Those IPs are not owned by Telegram, and sometimes the IP is invalid (e.g. 0.36.205.8 as in screenshots) Steps to reproduce Open Telegram Swift on macOS and log…
7.5K viewsedited  
Sukka's Notebook
https://blog.skk.moe/post/context-in-javascript/
Sukka's Blog
在 JavaScript 中实现和使用 Context | Sukka's Blog
使用过 React 构建应用的开发者对 React Context 一定不会陌生。在 React 的世界中,相比于把 prop 不断透传给下一层子组件(prop-drilling),React Context 可以更优雅地自上而下将数据从父组件传递到深层级的子组件、并确保数据在不同子组件之间保持一致。不过,Context 绝不是仅属于 React,在 JavaScript 中 Context 一样
7.3K views
Sukka's Notebook
继在印度新设 DC5 的 CDN 节点(AS44907、上游为 TATA 与 Bharti Airtel)以后,Telegram 疑似在芬兰赫尔辛基新增 CDN 节点(AS211157,上游为 RETN)。

https://bgp.tools/as/211157
9.4K viewsedited  
Sukka's Notebook
Polyfill CDN 服务 polyfill.io 被中国菠菜 CDN 收购:
https://github.com/polyfillpolyfill/polyfill-service/issues/2834
Cloudflare 提供了一个 alternative endpoint: https://blog.cloudflare.com/polyfill-io-now-available-on-cdnjs-reduce-your-supply-chain-risk
7.1K viewsedited  
Sukka's Notebook
Sukka's Notebook
Polyfill CDN 服务 polyfill.io 被中国菠菜 CDN 收购: https://github.com/polyfillpolyfill/polyfill-service/issues/2834 Cloudflare 提供了一个 alternative endpoint: https://blog.cloudflare.com/polyfill-io-now-available-on-cdnjs-reduce-your-supply-chain-risk
https://fxtwitter.com/isukkaw/status/1763414827605868840
FxTwitter / FixupX
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
Polyfill CDN 服务 http://polyfill.io 被中国菠菜 CDN 收购:
https://github.com/polyfillpolyfill/polyfill-service/issues/2834
Cloudflare 提供了一个 alternative endpoint:https://blog.cloudflare.com/polyfill-io-now-available-on-cdnjs-reduce-your-supply-chain-risk?utm_campa…
6.7K views
Sukka's Notebook
Sukka's Notebook
Polyfill CDN 服务 polyfill.io 被中国菠菜 CDN 收购: https://github.com/polyfillpolyfill/polyfill-service/issues/2834 Cloudflare 提供了一个 alternative endpoint: https://blog.cloudflare.com/polyfill-io-now-available-on-cdnjs-reduce-your-supply-chain-risk
强烈推荐所有使用 polyfill.io 的人切换到 Fastly 或 Cloudflare 提供的 endpoint:
Fastly:https://community.fastly.com/t/new-options-for-polyfill-io-users/2540
Cloudflare:https://blog.cloudflare.com/polyfill-io-now-available-on-cdnjs-reduce-your-supply-chain-risk

https://fxtwitter.com/isukkaw/status/1763512312722608582
5.7K viewsedited  
Sukka's Notebook
Safari 浏览器就是新时代的 IE:

https://fxtwitter.com/isukkaw/status/1765031468131291354

上述 Bug 可在 Safari 17.4 复现。
FxTwitter / FixupX
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
Don't know why #Safari is the new IE? Safari basically implements JavaScript without being ECMA-262 compliant. You can just test this out on Safari 17.4:

https://nonzzz.github.io/safari-scope-repoduction/
5.7K views
Sukka's Notebook
https://fxtwitter.com/isukkaw/status/1767177307998020090
FxTwitter / FixupX
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
本来想着滥用一下 CSDN 家的 Git 平台 GitCode、上去存一点擦边业务文件搞下国内分发加速,发现 GitCode 搞了个大模型搜索引擎。简单玩了一下,结果好像给玩坏了。。。
6.5K views
Sukka's Notebook
https://youtu.be/zrmuxEk3l48
过年了过年了过年了过年了
#touhouproject
6.3K views
2025/02/21 12:17:22
Back to Top
HTML Embed Code: