A Deep Dive into Plan 9 - Investigating Performance Bottlenecks in the Plan 9 SPI Driver

March 9, 2026

The Plan 9 Operating System was developed by Bell Labs, released in 1992 for university use and again in 1995 for non-commercial purposes. Plan 9 was designed to be an improved Unix, primarily emphasizing a file-based system in a much more literal sense than the Unix implementation. In a study focused on scheduling in operating systems, this work takes a deep dive into the Plan 9 operating system, discovering how its scheduling operates alongside making improvements to one of its newer drivers on the Raspberry Pi 4 architecture. The circumstances of this study arose from observing flickering in an LED matrix connected via the SPI controller to a Raspberry Pi 4 running Plan 9. Due to performance demands of the LED controller's code, the real-time scheduler was initially suspected of failing. Real-time tasks should maintain high priority and performance should not be diminished despite high operating system load. Further investigation led to discovering performance lapses in the Plan 9 SPI controller on the Raspberry Pi 4.

Discovering Flaws in Anti-Cheat Systems - Responsibly Disclosing Vulnerabilities in Supercell Games

January 22, 2022 (published April 14, 2022)

Before I begin, it should be known that everything reported in this write-up was discovered with permission, in a controlled environment, and all content has been patched and responsibly disclosed to Supercell. The noticable 3 month gap in between the date this blog post was written and released was due a disclosure period I gave to the developers, so there was plenty of time for this work to be analyzed and patched by the team. Over the last few years, I have disclosed various vulnerabilites and bugs to Supercell, but I never touched their anti cheat. The reason being that I didn't have a purpose to until recently, which was true until October of 2021, when Supercell released an update where they included some new protections inside of the game. After some time spent reverse engineering the game, I discovered a all-in-one bypass to Clash of Clans' debugger protection, modification prevention, and jailbreak detection.

Machium - The ARM "Apple Silicon" Debugger

December 9, 2021

I was given the opportunity to create anything (within reason) for my honors project in my Introduction to Computer Science course. My mind immediately went to a project I wanted to create for a while. I have used debuggers a million times, but I never really truly understood how they worked. It's very trivial to google "how do debuggers work", but that's not fun at all. I wanted to know how ARM debuggers work, which is much more niche topic than debugging on x86. An even more niche topic is learning how ARM debuggers work on iOS, or as Tim Cook say, how debuggers work on Apple Silicon.

SearchKit & RevelariOS - Taking a Dive into the vm_region()

September 28, 2020

Searching through memory on iOS to find a specific value isn't a new idea. There's plenty of tools available for searching memory on iOS, and source code is available for most of them. However, the source code only explains the how behind the project but not the why. The goal of RevelariOS was to create a technical version of these tools with a how and why explaination available through a combination of this blog post and the source code. SearchKit is meant to be a development toolkit so developers can add memory searching in their own projects, while RevelariOS is built to show off the power of SearchKit and its potential uses in research and development. In order to explain how RevelariOS and similar programs work, we have to take a dive into the vm_region().

Breaking the Chain of Trust - Manipulating Asset Files in Supercell Games

June 1, 2020

In Supercell games, asset files are stored as .csv files for general information used in the game while .sc files contain the graphics. All .csv file contents are stored as primitive data types (int, bool, String, etc). Prior to December of 2019, for over 7 years after Clash of Clans' launch, asset files were not scanned by the game for modification or signed to check integrity. The implications of this being that any user could write their own edits into the .csv files and load them into the game. Most data stored in the .csv files is checked against the server, so trying to modify an achievement and getting 9 million gems for completing it will cause the game to "Out of Sync" and reset since the client calculations are different than what the server expected. Although this system is mostly bulletproof, occasionally a few bugs slip through the cracks.