mvt
nixpkgs
| mvt | nixpkgs | |
|---|---|---|
| 91 | 975 | |
| 9,809 | 15,753 | |
| 1.1% | 2.8% | |
| 8.7 | 10.0 | |
| 7 days ago | 1 day ago | |
| Python | Nix | |
| GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mvt
-
Exploiting the iPhone 4
Amnesty International released Mobile Verification Toolkit to check your phone for malware, by checking encrypted backups on your computer. https://github.com/mvt-project/mvt
-
Meduza co-founder's phone infected with Pegasus
From what I was able to read previously, it has no ability to spread by itself and has to be installed by a targeted attack. There is also a tool from Amnesty International that can detect it (or was able to): https://github.com/mvt-project/mvt
It is a race though, so past info may no longer be valid. However, I doubt it will ever be able to spread by itself, since it uses very expensive zero days to infect and they will be quickly fixed after detection.
-
NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
Public Service Announcement:
Amnesty International has a program on GitHub with Citizens Lab for those keeping an eye out for additional protections
https://github.com/mvt-project/mvt
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
-
As recommended, I ask it here : how can I find out if my phone is being tapped, and what should I do if it is?
You can do a backup of your phone and analyze said backup using digital forensics to see if for example "automated software" will detect any of the more mainstream spyware/hacks. You can use mobile verification toolkit (mvt) to do this, but it won't detect everything. It is however a good start, you can investigate the basic results with limited knowledge and if something is detected you can further it up to a digital forensics company because it will very highly likely be beyond your qualifications to analyze by yourself. Hope this helps.
- How do I download this on iPhone
-
I dont know if i downloaded malware
I was extremly paranoid i got a virus a few months ago and i think i may have downloaded something. Its been more thank half a year and just remebered that i tried to download something from here,https://github.com/mvt-project/mvt i dont know if i was even sucessful, i am fully updated ios, cant find anything in files so i dont think i had it for very long and prob dealted after a whille
- iOS 16.5.1 TriangleDB spyware
-
Can anyone hack my phone via sending a WhatsApp Photo? How to know it?
If you wanna check your phone, maybe try using this: https://github.com/mvt-project/mvt
- Disabling Apple from Spying on You
-
Extent of getting hacked for iPhone vs Android
if android, this is available -- https://github.com/mvt-project/mvt
nixpkgs
-
Nix: The Breaking Point
I don't think so. The article is probably intended for the Nix community, so the author doesn't need to convince HN that something is going on. If as an outsider you are interested then you need to look into it yourself, the community has no obligation to make their internal conflicts legible to the outside world.
As an outsider myself, it certainly looks like something is going on as more than 20 Nixpkg maintainers left in a week: https://github.com/NixOS/nixpkgs/issues?q=label%3A%228.has%3...
- Maintainers Leaving
-
Air Force picks Anduril, General Atomics to develop unmanned fighter jets
https://github.com/NixOS/nixpkgs/commits?author=neon-sunset
-
Eelco Dolstra's leadership is corrosive to the Nix project
I see two signers in the top 6 displayed on https://github.com/NixOS/nixpkgs/graphs/contributors
-
3rd Edition of Programming: Principles and Practice Using C++ by Stroustrup
For a single file script, nix can make the package management quite easy: https://github.com/NixOS/nixpkgs/blob/master/doc/languages-f...
For example,
```
- NixOS/nixpkgs: There isn't a clear canonical way to refer to a specific package
-
NixOS Is Not Reproducible
Yes, Nix doesn't actually ensure that the builds are deterministic. In fact it works just fine if they aren't. There are packages in nixpkgs that aren't reproducible: https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aiss...
-
The xz attack shell script
I'm not familiar with Bazel, but Nix in it's current form wouldn't have solved this attack. First of all, the standard mkDerivation function calls the same configure; make; make install process that made this attack possible. Nixpkgs regularly pulls in external resources (fetchUrl and friends) that are equally vulnerable to a poisoned release tarball. Checkout the comment on the current xz entry in nixpkgs https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/comp...
-
Debian Git Monorepo
NixOS uses a monorepo and I think everyone's love it.
I love being able to easily grep through all the packages source code and there's regularly PRs that harmonizes conventions across many packages.
Nixpkgs doesn't include the packaged software source code, so it's a lot more practical than what Debian is doing.
https://github.com/NixOS/nixpkgs
-
From xz to ibus: more questionable tarballs
In this specific case, nix uses fetchFromGitHub to download the source archive, which are generated by GitHub for the specified revision[1]. Arch seems to just download the tarball from the releases page[2].
[1]: https://github.com/NixOS/nixpkgs/blob/3c2fdd0a4e6396fc310a6e...
[2]: https://gitlab.archlinux.org/archlinux/packaging/packages/ib...
What are some alternatives?
hardened_malloc - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
whatsapp-media-decrypt - Decrypt WhatsApp encrypted media files
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
WhatsDump - Extract WhatsApp private key from any non-rooted Android device (Android 7+ supported)
git-lfs - Git extension for versioning large files
AMDH - Android Mobile Device Hardening
easyeffects - Limiter, compressor, convolver, equalizer and auto volume and many other plugins for PipeWire applications
XiaomiADBFastbootTools - A simple tool for managing Xiaomi devices on desktop using ADB and Fastboot
spack - A flexible package manager that supports multiple versions, configurations, platforms, and compilers.
WebKit - Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.