Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
wukko Profile picture
@uwukko
Sep 24, 2024 1 tweets 1 min read Read on X
the panels app is very poorly made and all payments are verified on client side

links to all wallpapers (hd/sd) are preloaded right after the app is launched, all you need are basic mitm skills to get them for free. the file with links isn’t authenticated or protected *at all*

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with wukko

wukko Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @uwukko

wukko Profile picture
Mar 28
does anyone know of any alternatives to turnstile that aren't useless (altcha), don't cost like rent in san francisco (hcaptcha/recaptcha), and also don't fingerprint people for advertising purposes (recaptcha)?

i don't know of any and i doubt they exist at all
people keep saying that there are alternatives that are "better" but i can't find any that would work for cobalt considering the traffic (a lot) and budget (almost nothing) we have

vast majority of unsolved challenges are spam requests, cloudflare turnstile does a very good job Image
the stats are for 24hr, we go way beyond (often 10x) monthly limits of all mentioned alternatives

altcha is useless if you self host it cuz it's just pow that can be easily automated, and the paid tier is extremely limiting Image
Read 6 tweets
wukko Profile picture
Mar 12
drm in question is widevine, meaning that youtube won’t work at all on devices/browsers that haven’t paid google for the license

totally not a monopoly btw
why does google feel like it’s entitled to videos that people are forced to upload on their video hosting platform? people do it only because youtube is a monopoly, not because they like it
is it even legal to put CC videos behind drm?
Read 6 tweets
wukko Profile picture
Jan 19
if you want to access your US tiktok account after the block, here's how to do it:

open the tiktok web app with vpn enabled, then modify the "store-country-code" cookie in dev tools to any country code that's not US (such as uk, au, nl, etc), and go to the home page lol
step by step:
1. open dev tools on the tiktok page (F12 on windows or option+command+i on mac)
2. in dev tools, select "application", then select "cookies" on left side, and tiktok domain
3. find the "store-country-code" cookie and change it to nl
4. go to tiktok's home page Image
Image
Image
Image
don't take photos or screenshots of the page with cookies, it contains very sensitive information

i recommend using either mullvad.net or windscribe.com vpn, they're pretty good and don't sell your data
Read 6 tweets
wukko Profile picture
Feb 12, 2024
you know how apple is "extremely strict" about what gets on app store and what doesn't? i guess it doesn't apply to literal trojan horse apps that pretend to be one app and switch up to a completely different one inside it

sanctioned russian banks use this all the time! 🧵
Image
Image
recently sber released yet another mock app that pretended to be a lending tracking app, which shortly got taken down

it pretends to be a lending app only in western countries (left), but if your ip is detected as russian, it lets you into the real part of the app (right)
Image
Image
how it does this is by pulling a config that's hosted on a "third party" server (more on that later) right after app start and checks its contents. if it matches whatever criteria they have, then it switches to sberbank online app, if it doesn't, then you get the fake one.
Read 13 tweets
wukko Profile picture
Nov 20, 2023
it's not your internet, youtube now makes you wait 5 extra seconds as a penalty for not using google chrome

this "issue" is 100% artificial and hardcoded, changing the user agent to google chrome magically fixes the timeout
if you have the same issue, here's how to fix it in ublock origin: reddit.com/r/uBlockOrigin…
it also seems to be in a/b testing because i don't have it in firefox but do have it in safari

many others have it in firefox and brave though:
reddit.com/r/youtube/comm…
reddit.com/r/uBlockOrigin…
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(