Felix Krause
@KrauseFx
Followers
34,521
Following
1,035
Media
1,512
Statuses
27,822
Currently building - Security Researcher - Creator of (previously @google @twitter )
Vienna, Austria
Joined June 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#Eurovision2024
• 1443921 Tweets
América
• 489127 Tweets
New Jersey
• 221256 Tweets
#धरती_को_स्वर्ग_बनाना_है
• 181169 Tweets
#母の日
• 155711 Tweets
Nemo
• 120414 Tweets
ヴィクトリアマイル
• 62568 Tweets
#MothersDay
• 60490 Tweets
#UFCStLouis
• 47995 Tweets
Barco
• 30835 Tweets
Tatum
• 30010 Tweets
Pachuca
• 29430 Tweets
カーネーション
• 28767 Tweets
ストフェス
• 27108 Tweets
Igor
• 23763 Tweets
Saint MSG Insan
• 20112 Tweets
カグヤ様
• 19463 Tweets
Canes
• 17958 Tweets
Roger Corman
• 16886 Tweets
Garland
• 16316 Tweets
ナミュール
• 14064 Tweets
Buckley
• 11443 Tweets
Derrick Lewis
• 10937 Tweets
Pinned Tweet
And just like that, ContextSDK went from being just me, to a team of 5 full-time, multiple part-time, and as of last week: our very own office. Excited for what's next!
19
3
207
🔥 New Post: Announcing InAppBrowser - see what JavaScript commands get injected through an in-app browser
👀 TikTok, when opening any website in their app, injects tracking code that can monitor all keystrokes, including passwords, and all taps.
409
14K
30K
📝 One of these is Apple asking you for your password and the other one is a phishing popup that steals your password
322
13K
13K
Imagine reviewing the designs for this screen, considering that the user has to understand it *while* they’re on a call, and thinking: yep, ship it
127
417
7K
💥 New Post: Instagram & Facebook tracks everything you do on any website in their in-app browser
95
2K
5K
When opening a website from within the TikTok iOS app, they inject code that can observe every keyboard input (which may include credit card details, passwords or other sensitive information)
TikTok also has code to observe all taps, like clicking on any buttons or links.
58
2K
4K
Sorry, but how did we go from this to this in the last 13 years?
140
312
3K
Wow, what an honour to have my work featured on
@forbes
Including statements by TikTok confirming the code I found exists and does what I expected.
via
@richardjnieva
45
409
2K
- a new tool I used to investigate the in-app browsers of apps (that use them) to look for any external JavaScript code being injected.
17
553
2K
"Should I implement a custom share-sheet for my iOS app?" - a handy chart, please use it
34
579
2K
Converting HEIC files to JPGs is actually built into Finder now, no need to manually use ‘Preview’ or similar.
34
214
2K
📍 Any app gets complete access to where you've been the last years within a second, when you grant access to photos
65
2K
2K
🔓 iOS users have been trained for years to enter their iCloud passwords in alerts that appear at random times & random apps
39
1K
2K
📯 5 years ago, I started building fastlane to solve problems I faced while building iOS apps in my dorm room. I'm humbled to see how many developers it's reached, and the community that's emerged.
Today was my last day working on fastlane and at Google.
165
170
2K
My friend left her MacBook Pro on a Manhattan park bench.
Timeline:
Within 5 minutes: laptop gone
Within 6 hours: laptop in Bronx
After 7 days: in the Dominican Republic
Fascinating how stolen electronic logistic networks work, and how they don’t properly reset the hardware
48
451
2K
Continuing to analyse the Instagram iOS app, I found something new:
Besides injecting pcm.js (as covered last week), Instagram also injects JavaScript code to observe all taps happening inside their in-app browser, like clicking on buttons, links or images.
6
531
2K
How can you protect yourself? It's trickier than you might expect
20
1K
2K
@aidencoder
Let me introduce you to the beautiful US visa system, where an employee is bound to a specific employer, and the engineer quitting means having to leave the country 😅
17
64
1K
📍 3 years in the making, finally ready to go live:
?
📈 How I put my whole life into a single database - tracking over 100 different data types, ranging from fitness & nutrition to social life, computer usage and weather, with over 380,000 data points
66
136
1K
In 2010 I visited the Google campus for the first time. Today, 7 years later, I completed my first day at Google 😊
41
50
1K
As of iOS 14.3, apps can easily hide their JavaScript activities from websites using WKContentWorld.
Hence, it becomes more important than ever to find a solution to end the use of custom in-app browsers for showing third party content.
3
224
1K
Good news, we can now all go back to skeuomorphic app icons, thanks to AI ✨
22
68
1K
Step 1️⃣ Go through the most popular inactive open source libraries
Step 2️⃣ Reach out to author and ask to help out
Step 3️⃣ Get push access and release a compromised version
Step 4️⃣ Reach 2 million applications within a week
22
682
1K
🚀 Launching a new project:
a collection of best practices for iOS app development processes, covering dependency declarations, build environments, configuration management, app versioning and more.
All inspired by the famous
17
361
1K
Manually moving away 25 Google Domains. It's like they don't want your money...
Google Domains was one of the perfect Google products IMO: Clean interface, easy-to-use, fast and reliable. Can't wait for the Google Flights shutdown, so they can focus on ✨ AI ✨
49
40
1K
Apps that use the recommended SFSafariViewController approach, don’t have any of those problems.
Even with the WKContentWorld system, there is no way the iOS app can inject JS code into external websites, making it the safest choice for the user.
4
215
1K
🔓 Just found out: over the last 8 years my iOS Safari "leaked" my Safari Favorites bookmarks to every single WiFi hotspot and ISP I was ever connected to, as well as all other machines in the same network...
Safari always refreshes the favicon of all your Favorites.
17
617
1K
When introduced the .HEIC format, they should have upgraded the macOS file-picker to auto-convert to JPG when uploading images to websites and other apps
25
36
1K
4 years ago I published this little open source project called "fastlane"
Today I found out it's listed as a job requirement by companies like Nike, Bose, Yelp, NBCUniversal, Snapchat and Slack 😍
21
90
1K
When you Google for an error message, and the only mention of it is on a Google Group thread, you know you lost
12
85
932
The problem is actually easy to fix: instead of asking for the password directly, iOS should tell the user to open the settings app
22
319
859
See company politics in action:
1) Use your iPhone to google a book
2) Tap on the Amazon link
3) Amazon properly deep links and opens its app
4) Amazon app: “Oh wait, if we sold a book now, Apple wants its cut, noooope, not with us”
5) Amazon app opens Safari again
6) Tadaaa 🎉
33
278
892
Step 1: Buy a $3,000 MacBook
Step 2: Buy a $700 USB-C monitor
Step 3: Notice the WiFi is spotty when you connect it
Step 4: Google the problem
Step 5: Wrap your cable in aluminum foil and rethink your life choices
32
156
878
"The new Facebook Messenger is twice as fast to start and is one-fourth the size"
"We accomplished this by using the native OS wherever possible (...)"
Yah surprise
23
230
893
"Should I hide the status bar in my iOS app?" - a handy chart, please use it
13
316
878
GitHub now warns you if one of your dependencies has a known security vulnerability, this is great 🚨
5
348
850
Found the secret design doc for how the iPhone handles WiFis that requires a login - it all makes sense now
16
137
801
Based on your iPhone's accelerometer sensors, any website/app can guess how you're using your phone, so I built this
11
344
755
Exactly one year ago I got rid of my belongings to live out of a only suitcase. I wrote about my experience so far:
✈️ the challenges
💪 how it affected fitness goals
💰 rent prices
👨👩👧👦 friends & family
🛥 a boat
🤗 mood & happiness
23
86
751
Meta injects tracking code into all websites displayed inside their app without the user’s consent, nor the website operator’s permission
This is done by the iOS and Android apps of Instagram, Facebook and FB Messenger
7
353
732
130 days ago I got rid of all my stuff and reduced my life to 2 suitcases
🎒I always carry 100% of my belongings with me
🏠 I don’t have a permanent address anymore
🗺️ I never stay at the same place for longer than 2 weeks
I wrote about it here 👉
45
89
717
What companies think developers need in an office: open floor plan, ping pong, slides, yoga
What we actually need: a quiet space with WiFi
40
320
672
🚀 2014 I built this little tool called
@FastlaneTools
in my college dorm room, in a small town in the UK.
This picture was taken a day before the first public release of fastlane
32
36
670
💯 After reading the famous
@waitbutwhy
article about "Your Life in Weeks" () I decided to create a spreadsheet to visualize my whole life
Really interesting to see things in perspective 🔍
17
63
657
🔓 Sandboxed Mac apps can record your entire screen at any time, without you knowing.
Running the screen through simple OCR software, this allows the attacker to access personal information, like emails, messages, API keys and more
14
441
633
"Should I build my own web view to show external websites in my iOS app?" - a handy chart, please use it
There is SFSafariViewController and opening a page in the Safari app
17
163
624
Amazing feeling: just booked an Airbnb and the host recognized my profile picture and thanked me for my work on fastlane 🏡❤️
9
16
626
The most shocking thing about this, is that it only took me about 15 minutes to build a perfect replica of the original
10
225
563
Dear Apple,
- Setup a team of highly experienced iOS devs
- Let them rethink and rebuild everything related to crash reporting
- Reliability and privacy are key
- Third party crash reporters should be optional
- Make crashes a key metric both internally and for third party apps
Due to a major increase in crashes across the iOS ecosystem caused by an issue with a popular iOS SDK, iOS crash processing in Crashlytics was disabled at 11:00 PM UTC. We are actively working to return processing to normal. Visit our status dashboard for the latest updates.
8
98
442
16
78
589
I’ve spent the last months analyzing how to optimize iOS apps to maximize conversion of in-app purchases. Here are the most important things to look out for:
13
71
572
✅ Received a recruiter email offering an iOS job that has "experience with fastlane" as job requirement
17
47
577
Apple really needs to start a task force fixing "Storage" for both iOS and macOS.
2021 M1 MacBook Pro, 2TB space, latest macOS, 1.86 TB of "System Data"
Also, Messages and Mail should **not** be listed here, those are (and should be) optional apps I don't use.
59
23
551
GitHub is crushing it again , codespaces looks fascinating!
Meanwhile Xcode takes 17GB on-disk
16
82
530
🚀 Kicking off fastlane․ci
Fully open source, self-hosted, mobile-optimized CI powered by fastlane.
It's an early WIP and we decided to build it in the open, working with all of you! ❤️
16
155
487
🐦 Many people asked me how I use Twitter, I have a highly customized setup
- Secret lists to follow people
- No mentions in timeline
- Disable all RTs
- Muted many clients
- Custom mute regexes
Found some time while I was 🤒 to explain how it works
13
58
488
I got rid of all my stuff and live off only a suitcase - staying in Airbnbs to explore different areas 🏡🚀 excited to live nomad life
22
6
475
🎉 Launching a new project
Let friends queue their music at your party
18
34
478
What I think about whenever I read Yet Another Article on "Using iPad for development"
19
45
470
📸 Every iOS app you ever gave permission to use your camera can record you any time it runs - without notice
33
400
464
Google's software quality has decreased significantly. I now replaced many (paid) services recently:
- Gmail →
@Fastmail
- Google Search →
@perplexity_ai
- YouTube Premium →
@WatchNebula
- Google Photos → Apple Photos
- Google Domains →
@Cloudflare
- Google Chrome →…
45
44
457
a new app to intercept network traffic on your Mac, a beautiful, native Mac app. Still a huge fan of Charles web proxy, but this one just looks so nice
@proxyman_app
8
74
452
🔐 31% of the most popular iOS SDKs can easily be hijacked, allowing attackers to reach millions of iPhone users at once
A total of over 600 libraries are affected, including Amazon Web Services and BuddyBuild
12
252
451
How I silently changed my profile picture over the last 5 years without anyone noticing
22
24
449
That selfie cost me $1,149 🏊♀️💦📱
So much for the iPhone X being water resistant 😢
At least iCloud Photos was fast enough to upload it right before the phone died
63
61
437
The creator of
@Sparrow
created
@dejaluapp
, a new Mac email client with the same fast core and features. Been using it the last few months, and
@dinhvh
just open sourced the whole Mac app:
Native, offline, fast and clean email client, a 💯 Mac app
10
99
440
The biggest luxury in life is not having Slack or Teams on any device
15
55
431
🙃 It's 2019 and the `xcodebuild` terminal output is still mostly noise.
🤗 The 2 tools that solve this problem are now part of its own GitHub org
- xcpretty: Parse and format the xcodebuild output
- trainer: Parse the xcodebuild plist test result file
11
89
431
Haven't used fastlane yet because you were scared of writing Ruby?
💥 You can now write your Fastfile using Swift
Awesome work
@taquitos
[fastlane] 2.69.0 introducing fastlane Swift support (beta release) ✨🕺🔥 Write your fastlane configurations in Swift via Xcode!
Check out our docs to get started:
6
100
180
15
141
422
fastlane enables blind and visually impaired iOS developers publish their apps to their store, this just made my day ❤️
12
99
413
Why is this a big deal?
Instagram & Facebook actively work around the new App Tracking Transparency System which was designed to prevent exactly this kind of abuse, to keep tracking users outside their ecosystem
3
125
399
✨ Today it’s time for the next big step for
@FastlaneTools
: fastlane is joining
@Google
🚀
45
242
405
First time staying in a Japanese capsule hotel tonight 🛏
Basically the same size as most San Francisco apartments 😆
19
11
399
Announcing Overkill for Mac: Don't let iTunes interrupt your workflow
A native Mac app that automatically kills iTunes as soon as it launches itself
10
87
398
✨ I built a dashboard for my my life:
- Track through a Telegram bot
- Cover mood, fitness, nutrition, personal growth, productivity, travel
- Data is stored in a plain spreadsheet, fully in control
- Track progress and habits
- Multi-timezones
21
28
388
1. New Mac, install Xcode
2. Create a new empty Xcode project
3. Include a WebView
4. Compile and Run
5. iOS simulator is all black
6. Google "Xcode iOS new project all black"
7. Answer from 2013 to reset the iOS simulator
8. It works
iOS development, never change 🥰
13
22
382
"People won't notice the difference between
@electronjs
and a native Mac app" featuring
@SlackHQ
19
144
374
6 years ago, fastlane used a headless web browser to interact with iTunes Connect
5 years ago we built spaceship to use plain HTTPs requests /
@snatchev
1 year ago Apple introduced the first official API
Today, the official API supports all features fastlane deliver needs 🚀
We did it! 🥳 `deliver` is able to work fully with the App Store Connect API Key... No Apple ID required!
This will be coming to you in
@FastlaneTools
this week 🚀
Also... it only took 115 API calls to upload screenshots, metadata, the IPA, and submit it for review 😉
29
95
653
4
60
375
Amazing feeling to have a book written about your open source project 😍
Written by
@doronkatz
via
@PacktPub
6
27
374
I found a security issue with the iTunesConnect backend, where I could access the full build information unreleased builds (e.g. internal TestFlight) of any app available.
Reporting it was a pain, it took forever. They fixed it within 4w. I never heard back. I never got thanked.
Here’s Apple’s payouts for bug bounties and their corresponding categories.
Maximum payout is now 1 million.
2
22
87
13
57
362
25,000 GitHub stars 🎉
With that,
@FastlaneTools
is now the 4th (!) biggest Ruby open source project on GitHub, right after
@rails
,
@jekyllrb
and
@discourse
🤗
8
27
363
There is a point when some product companies become so large and inefficient (Spotify, Airbnb, Twitter) that all they do is being busy dealing with themselves, optimizing processes, and not shipping any new relevant features to their user base.
22
41
361
I wish
@github
made better use of the social aspect of the platform - in particular the Stars and the Followers 🤗
Imagine an easy way for open source projects:
- poll about project directions & features
- tell them about upcoming launches
- conferences, meetups, etc.
13
52
354
