Danny Lin @kdrag0n Twitter profile

Pinned Tweet

Danny Lin

4 months

Hiring for @orbstack ! Looking for a founding engineer who can't get enough of systems and unfamiliar problems Containers should be a joy to use, not something you have to put up with. Let's build the future of dev envs. If and

10

69

303

Last Seen Profiles

@MLBPAA

@AmazonSammi

@ParcoMollos

@Mostafizur38931

@Just_Miyo

@CarolynMTBFB

@Juninho43942342

@robertpatt__

@SamuelOwus78972

@Diego53260777

@ValorantEsports

@dongodavid39572

@NEfood

@Lexus_AIO

@Qingerrr_

@SCION_TV

@chefporkbelly

@dapperlabs

@ElCoroNextDoor

@noniesstardust

@oldscratch4

@SubRosaDictum

@fkabudu

@Steve5993785935

@HasteCod

@emerross

@luastardust

@SaimaAzam823563

@adyashhad

@knguyenpoetry

@OrderArmy

@ParallelPride

@stel_online

@Hary_Tanoe

@wshsterriers

@PaganBlackBull

Danny Lin

@kdrag0n

1 month

The xz backdoor is, well, setting a fire under the entire Linux ecosystem... but I'm also so impressed with how it was set up: 2-yr maintainership, oss-fuzz, etc. ...and who knows how long it would've stayed undetected if the injected sshd code ran faster (<600ms) Highlights:

77

2K

12K

Danny Lin

@kdrag0n

25 days

Thanks for charging me $165,137.40 @Cloudflare

59

65

4K

Danny Lin

@kdrag0n

11 months

Whimsical chaos when the Desktop is full

Tobias Reich

@electerious

11 months

Really didn't expect widgets to push icons away like that under macOS Sonoma

95

192

3K

52

409

4K

Danny Lin

@kdrag0n

2 years

And here's Windows 11 as a VM on Pixel 6

Danny Lin

@kdrag0n

2 years

Full-blown virtual machines with the KVM hypervisor (near-native performance) on Pixel 6 + Android 13 DP1

43

381

2K

91

792

3K

Danny Lin

@kdrag0n

2 years

Full-blown virtual machines with the KVM hypervisor (near-native performance) on Pixel 6 + Android 13 DP1

43

381

2K

Danny Lin

@kdrag0n

1 month

2 years of contributions. What if there's a more covert backdoor or subtle C bug?

3

43

2K

Danny Lin

@kdrag0n

9 months

Add "auth sufficient pam_tid.so" to /etc/pam.d/sudo and never type a sudo password again pam_tid.so + Magic Keyboard with Touch ID = 😘

15

127

1K

Danny Lin

@kdrag0n

25 days

@thebrewergame @Cloudflare Just emails lol

2

1

1K

Danny Lin

@kdrag0n

1 month

Relying on distros building from tarballs instead of Git tags

4

34

1K

Danny Lin

@kdrag0n

2 years

Pixel 7 has KVM on by default, and I finally got a chance with play with it. Here's a Linux VM running *without root*

18

150

999

Danny Lin

@kdrag0n

1 month

Syntax error to disable Landlock sandboxing (maybe the payload affects more than just sshd?)

Malcore

@Malcoreio

1 month

Just disables land locking no big deal. PR accepted!

11

29

455

2

34

912

Danny Lin

@kdrag0n

25 days

@fire @Cloudflare 5770 emails for the same charge

4

0

893

Danny Lin

@kdrag0n

1 month

Only activating on deb/rpm package builds * also, patching sshd in memory only on these distros due to an indirect dependency on liblzma (via libsystemd)

1

25

884

Danny Lin

@kdrag0n

1 month

"Fixing" oss-fuzz failures

2

17

857

Danny Lin

@kdrag0n

1 month

Open questions: - why ifunc? maybe less likely to be detected at runtime than PLT hooking, but more disruptive - why is the RSA_public_decrypt code so slow? - what else is the payload doing? in programs other than sshd? - what else is hidden in Jia Tan's 449 commits?

9

35

846

Danny Lin

@kdrag0n

1 month

Asking Debian to update xz through another account, sandwiched between other package updates

1

19

786

Danny Lin

@kdrag0n

11 months

2020 flashback: Minecraft server running on the Pixel 2's HDR+ image coprocessor chip (Pixel Visual Core)

Danny Lin

@kdrag0n

4 years

@franciscof_1990 Well, it can run a Minecraft server, though the performance leaves a lot to be desired.

1

2

99

19

97

709

Danny Lin

@kdrag0n

3 years

Got my Pixel 6 Pro earlier today, here we go

10

15

589

Danny Lin

@kdrag0n

1 month

Very unfortunate timing on this PR (but *not* related)

3

11

555

Danny Lin

@kdrag0n

2 years

Early preview of my simplified Linux VM app for Pixel 6 and newer is now on Patreon: - No root needed on Pixel 7 - Shared folders - Easy to use, everything is set up behind the scenes - Terminal based on Termux, w/ UX improvements

17

94

531

Danny Lin

@kdrag0n

3 years

I've managed to get the new wallpaper-based theming system, Monet, working on Android 12 DP1. Here are some examples of predominantly purple and orange wallpapers:

18

60

495

Danny Lin

@kdrag0n

2 years

Yes, it runs Doom (connecting to the phone's Windows VM from my computer for keyboard input)

25

71

480

Danny Lin

@kdrag0n

1 month

A reasonable-looking liblzma_la-crc64-fast.o?

1

12

492

Danny Lin

@kdrag0n

1 year

🚀 Introducing OrbStack A new way to run Docker & Linux on macOS ⚡️ Fast: Starts instantly, fast network, Rosetta 💨 Light: 0.1% CPU, native Mac app 🍰 Simple: Seamless integration, easy UI 🔨 Powerful: Supercharged WSL + Docker Desktop Try it out 👇

28

111

471

Danny Lin

@kdrag0n

2 years

Booting Windows, logging in, using it a bit

13

65

427

Danny Lin

@kdrag0n

3 years

ProtonAOSP 12.0.0, my custom ROM focused on performance and UI/UX, is now available as a stable version based on Android 12!

9

32

387

Danny Lin

@kdrag0n

3 years

Sneak peek of my dynamic theme engine as a rootless app for any Android 12 ROM 👀

Mishaal Rahman

@MishaalRahman

3 years

Last week, @Wander1236 and I teased "something incredible" we found in Android 12. We were being vague on purpose because it takes advantage of a flaw we found in an undocumented API. Now, we're ready to share details on this finding, as well as an app that takes advantage of it!

6

28

278

29

38

384

Danny Lin

@kdrag0n

3 years

Here's my implementation of dynamic colors for UI themes, similar to Google's Pixel-exclusive implementation in Android 12. It's not perfect, but I think the results have surpassed Google's (as of Beta 2) by now :)

16

44

362

Danny Lin

@kdrag0n

2 years

Been a few days since I've had time to work on Pixel 7 VMs, but I'm trying to get the app done today. Added container creation, list, tabs, terminal, and settings

10

36

350

Danny Lin

@kdrag0n

3 years

Android 12 design experiment: light QS in light mode (normally always black) and dark QS in dark mode (dark, but not pure black, otherwise there's no visible wallpaper hue)

16

19

312

Danny Lin

@kdrag0n

2 years

Repainter, my recently-released app for customizable dynamic theming on Android 12, is now stable!

19

33

311

Danny Lin

@kdrag0n

1 month

Danny Lin

@kdrag0n

1 month

New commit in xz's upstream repo to fix the sabotaged Landlock check (2 hours ago). Lasse Collin is probably clear?

4

11

138

1

4

310

Danny Lin

@kdrag0n

3 years

Here is Android 12 Beta 2's ongoing call chip in action, along with the new call notification style. It's enabled by default; Google Dialer just doesn't support it yet.

15

20

290

Danny Lin

@kdrag0n

5 months

In the next version of OrbStack: native Finder & terminal access to container files Makes it easy to edit and copy files in containers with the same tools you use on macOS No clunky Electron files UI

14

18

285

Danny Lin

@kdrag0n

2 years

Worked on performance a bit and the Windows VM is actually really usable now, though there's still no graphics acceleration. CPU, I/O, and memory pressure are much better now.

4

33

277

Danny Lin

@kdrag0n

2 years

Google's mainline 5.15 kernel branch (with downstream Android changes + drivers) works surprisingly well on the Pixel 6.

7

23

263

Danny Lin

@kdrag0n

2 years

Repainter 2.0: biggest release yet! • Now free to use, unlock all features with a free trial • Shareable theme profiles: save & share themes with the world • Search by color: find themes with your favorite color Explore 300+ themes here:

15

28

259

Danny Lin

@kdrag0n

2 months

Soon in OrbStack: debug any container (even distroless) with your favorite tools Comes with common tools + nice zsh setup; install any package on top No more: - "docker exec -it /bin/sh" - busybox - missing package manager / shell - missing vim, curl, ip, etc.

7

33

247

Danny Lin

@kdrag0n

2 years

Answers for common questions: - It's Windows on ARM, not x86 - Nested virtualization isn't supported, so no WSA - I'll probably write about how I did this and/or release tools in the future. Root needed as of DP1 - No GPU or 3D acceleration on Windows. Linux? Maybe in the future

13

21

227

Danny Lin

@kdrag0n

1 year

👀

15

10

224

Danny Lin

@kdrag0n

2 years

As far as I can tell, we can pretty much get full EL2 on production devices now. Protected KVM is optional and can be enabled on a per-VM basis, but for non-protected VMs, it looks like full KVM functionality is available.

3

8

200

Danny Lin

@kdrag0n

2 years

UX experiment: Android 12L taskbar on a phone, without a tablet display size. Buggy, but it works better than I expected. Thanks for the idea!

Mishaal Rahman

@MishaalRahman

2 years

I know Android's new taskbar is only intended for tablets and other large screen devices, but I kind of wish I could use it on phones as well. I know you can use it (see the screenshot), but I'd rather not have to lower the density or root my phone to do so.

9

7

176

16

21

194

Danny Lin

@kdrag0n

10 months

Who needs curl or Postman? Just use bash to make HTTP requests

7

13

200

Danny Lin

@kdrag0n

2 years

Also, Windows 11:

Danny Lin

@kdrag0n

2 years

And here's Windows 11 as a VM on Pixel 6

91

792

3K

1

15

198

Danny Lin

@kdrag0n

3 years

Android 12's under-display fingerprint enrollment and unlock flows have gotten more developed in Beta 3. Again, I tested it with Google's under-display fingerprint simulator, not a Pixel 6.

6

10

191

Danny Lin

@kdrag0n

3 years

Some interesting under-the-hood changes in Android 12:

2

21

188

Danny Lin

@kdrag0n

9 months

Quick demo: run a local Supabase + Next.js stack with @OrbStack , get clean local domain names and (soon) HTTPS for free Thanks for the pressure to build a POC for HTTPS @_buildspace @_nightsweekends

13

17

190

Danny Lin

@kdrag0n

1 year

Not a bad start. SwiftUI is nice overall, very similar to Compose

5

3

183

Danny Lin

@kdrag0n

2 years

Compiling Linux 5.17-rc3 allnoconfig for arm64 on Arch (keep in mind that I'm also recording the screen at the same time)

3

10

190

Danny Lin

@kdrag0n

10 months

Personal news: next stop @stanford

30

1

186

Danny Lin

@kdrag0n

2 years

Video of various Linux distros booting as VMs

2

19

184

Danny Lin

@kdrag0n

3 years

Another Android 12 design experiment: power menu themed with dynamic colors, adapted to both light and dark system themes

7

6

182

Danny Lin

@kdrag0n

4 months

Not your usual 2023 post

20

4

185

Danny Lin

@kdrag0n

2 years

ProtonAOSP 12.3.0 brings stable Android 12L to the Pixel 6 and 6 Pro, before the official delayed release: This includes all changes from older versions of ProtonAOSP 12.

5

12

182

Danny Lin

@kdrag0n

11 months

CPU architecture names are such a mess arm64, aarch64, armv8 amd64, x86_64, (colloquially) x86 i386, i686, (pedantically) x86 To make it worse, Go uses arm64 and amd64. Two letters apart. Mixed them up countless times

3

12

178

Danny Lin

@kdrag0n

3 years

I've switched to a new color model for my dynamic theme engine, which improves theme quality overall and provides a higher dynamic range in terms of colorfulness.

4

12

176

Danny Lin

@kdrag0n

10 months

Unpopular opinion: I don't want an OLED laptop. Text isn't as crisp or smooth as LCDs because of the Pentile subpixels There's color fringing around the edges

18

9

178

Danny Lin

@kdrag0n

3 years

AOSP 12 + my dynamic theme engine from Android 12 Extensions

6

11

172

Danny Lin

@kdrag0n

8 months

It's finally here. Super frantic morning

OrbStack

@OrbStack

8 months

Introducing OrbStack 1.0: the fast, light, easy way to run Docker containers & Linux

29

219

1K

20

5

171

Danny Lin

@kdrag0n

1 year

Kubernetes on Pixel 7 with Nestbox Had to enable a bunch of kernel features and add some hacks to make kubelet and flannel happy, but k3s works out-of-the-box now

1

17

168

Danny Lin

@kdrag0n

11 months

grrraduated 🎓

23

0

159

Danny Lin

@kdrag0n

2 years

ProtonAOSP 12.1.0 adds full, stable support for the Pixel 6 and 6 Pro!

5

4

157

Danny Lin

@kdrag0n

25 days

@fire @Cloudflare Yeah, fun inbox to wake up to

1

0

159

Danny Lin

@kdrag0n

3 years

Local wallpaper-based widget colors for AOSP, using the same dynamic theme engine as the rest of the system

4

10

153

Danny Lin

@kdrag0n

10 months

Zenbleed is pretty bad, most reliable PoC I've seen for any CPU bug

LaurieWired

@lauriewired

10 months

Want to leak your password through a mispredicted ASM routine? Run this on a Zen 2 Processor: vcvtsi2s{s,d} xmm, xmm, r64 vmovdqa ymm, ymm jcc overzero vzeroupper overzero: nop Tavis Ormandy uncovered a flaw "Zenbleed" (CVE-2023-20593) in

20

215

934

2

31

155

Danny Lin

@kdrag0n

3 years

Android 12 Beta 1 changes:

6

19

149

Danny Lin

@kdrag0n

3 years

A major quick settings redesign is in the works. QS tiles are now large rounded rectangles, and the QS panel covers most of the screen. There's also a shortcut to the power menu at the bottom.

35

16

153

Danny Lin

@kdrag0n

4 months

Got a new monitor

8

3

154

Danny Lin

@kdrag0n

2 years

Repainter 1.2.0 is out! Highlights: • Quick, guided one-time setup for unrooted Pixel and 12L devices (much easier; no need for Shizuku) • New theme styles for unrooted Android 13 DP2, Samsung (One UI 4.x), and all rooted devices

10

12

144

Danny Lin

@kdrag0n

2 years

Taskbar for phones is now shipping in ProtonAOSP:

Danny Lin

@kdrag0n

2 years

UX experiment: Android 12L taskbar on a phone, without a tablet display size. Buggy, but it works better than I expected. Thanks for the idea!

16

21

194

8

11

144

Danny Lin

@kdrag0n

9 months

Kubernetes up and running in OrbStack, with NodePorts working on macOS localhost Pretty decent power savings too (tweaks and measurements soon) Honestly I could just release this as-is and it wouldn't be any worse than competitors, but I'll go a bit beyond that

5

9

144

Danny Lin

@kdrag0n

3 years

For advanced users, all the hidden features and changes I've found in Android 12 so far can be enabled with this Magisk + Xposed module:

Danny Lin

@kdrag0n

3 years

Android 12 Beta 1 changes:

6

19

149

5

15

144

Danny Lin

@kdrag0n

3 years

Android 12 DP2 has a new privacy indicator UI, as seen in the mockups that leaked in early February. It's much more polished than the hidden implementation in Android 11 and it matches the mockups surprisingly well.

4

12

140

Danny Lin

@kdrag0n

9 months

When people ask how I learned dev in general or language/tech XYZ, I don't really have good advice to give because I jump in and learn by doing, Googling as I go This is what it really looks like when I'm using something for the first time

4

10

139

Danny Lin

@kdrag0n

6 months

Automatic HTTPS+domains for all containers & services in OrbStack (this is first-time setup — very seamless)

10

139

Danny Lin

@kdrag0n

1 month

New commit in xz's upstream repo to fix the sabotaged Landlock check (2 hours ago). Lasse Collin is probably clear?

Danny Lin

@kdrag0n

1 month

The xz backdoor is, well, setting a fire under the entire Linux ecosystem... but I'm also so impressed with how it was set up: 2-yr maintainership, oss-fuzz, etc. ...and who knows how long it would've stayed undetected if the injected sshd code ran faster (<600ms) Highlights:

77

2K

12K

4

11

138

Danny Lin

@kdrag0n

2 years

Turns out that Pixel Monet themes have been less colorful than intended since the December QPR, especially in light mode.

3

135

Danny Lin

@kdrag0n

2 years

Amazing suggestion

7

136

Danny Lin

@kdrag0n

2 years

Trying something new with color science: customizable dynamic code editor themes

6

8

130

Danny Lin

@kdrag0n

6 months

The Home Screen is just a giant app icon

2

8

132

Danny Lin

@kdrag0n

2 years

Finished JetBrains Fleet support for Hueflake, so all themes can now be exported for @JetBrains_Fleet . I think that makes Hueflake the first Fleet theme(s) ever!

5

8

128

Danny Lin

@kdrag0n

2 years

Probably one of the single biggest Repainter features so far, but I think it'll be worth it

7

1

129

Danny Lin

@kdrag0n

25 days

@skhaz @Cloudflare Yeah I have 11 petabytes of data on R2

1

130

Danny Lin

@kdrag0n

3 years

Android 12 DP3 changes:

3

23

127

Danny Lin

@kdrag0n

4 years

Mainline Linux v5.8-rc4 kernel running on a Pixel Visual Core image coprocessor, built with Clang 11 + LTO + CFI + SCS for kicks. It runs Linux, so why not put it to good use?

3

18

126

Danny Lin

@kdrag0n

3 years

My theme engine also generates themes 34x faster than Google's (0.05 ms per theme), making it practical to change the UI theme every frame at 60 or 90 FPS. Of course, I wouldn't actually recommend doing that, but here's a Jetpack Compose sample app modified for it on Android 11.

Danny Lin

@kdrag0n

3 years

Here's my implementation of dynamic colors for UI themes, similar to Google's Pixel-exclusive implementation in Android 12. It's not perfect, but I think the results have surpassed Google's (as of Beta 2) by now :)

16

44

362

12

13

126

Danny Lin

@kdrag0n

2 years

Gonna try to make something like WSL 2 (easy-to-use containers on a managed VM), w/o root

2

0

125

Danny Lin

@kdrag0n

3 years

AOSP 12: tweaked version of my custom ripple animation, closer to Fluent Design and Google's new ripple in some ways

9

5

123

Danny Lin

@kdrag0n

5 months

In the next version of OrbStack: Cloud-init for machines Use the same user data (YAML or script) as EC2 and other cloud providers to replicate & test environments locally

2

12

119

Danny Lin

@kdrag0n

2 years

Pixel 6 Pro display power usage at different brightness levels, tested at 60 and 120 Hz (with 10 Hz idle) under low and high ambient light on the February 2022 security patch.

5

6

115

Danny Lin

@kdrag0n

5 months

Got Kubernetes cluster.local domains working on macOS

2

4

119

Danny Lin

@kdrag0n

2 years

Repainter is now on sale for $2.99 to celebrate Easter! Make your Easter colorful:

2

11

113

Danny Lin

@kdrag0n

11 months

@luciascarlet Looks better than this at least

1

112

Danny Lin

@kdrag0n

2 years

Repainter 1.0.1 beta: Mostly a bug fix and compatibility release (especially for Samsung devices), but I've also switched to using more Material You-esque dialogs from Jetpack Compose for errors and progress.

3

4

113

Danny Lin

@kdrag0n

8 months

Finally ditched SwiftUI List. Crashes were the last straw Wrote my own wrapper for AppKit's NSOutlineView: - No random crashes, empty rows, stale selections, black bars - Programmatically expandable groups + sections - Could also do tables & animations - Feels faster ~700 LOC

5

1

114

Danny Lin

@kdrag0n

2 years

Built a new UI with fluid animations for separate main (accent) / background color selection in Repainter. Jetpack Compose definitely made adding and tweaking the animations easier, though it was a bit hard to optimize for 120 Hz.

2

4

113

Danny Lin

@kdrag0n

4 years

FreeBSD running on the Pixel Visual Core, because mainline Linux wasn't enough.

5

2

110

Danny Lin

@kdrag0n

2 years

Okay, I think my dynamic code editor/terminal theme engine is just about done

3

5

108

Danny Lin

@kdrag0n

2 years

Repainter 1.3.0 release: Several improvements across the board. More features coming soon... What's new: • Easy built-in wireless debugging mode for One UI and Pixel 3 • Style updates from Android 13 Beta 3

3

5

104