via techcrunch.com
Posted via email from GLTSS
Showing posts with label iphone. Show all posts
Showing posts with label iphone. Show all posts
Thursday, September 9, 2010
Wednesday, September 1, 2010
Thursday, June 3, 2010
Friday, May 28, 2010
Wednesday, May 26, 2010
Wednesday, May 5, 2010
Monday, April 19, 2010
Wednesday, February 24, 2010
Wednesday, January 6, 2010
Monday, November 23, 2009
A New iPhone Worm is Here, And This Time it’s Malicious [WARNING]
A couple of weeks ago, the first iPhone worm appeared, spreading on jailbroken devices with the SSH application installed (vulnerability being the fact that many users haven’t changed the default root password). As far as worms go, this one was quite benign, merely “rickrolling” users; i.e., changing the background image on the device to an image of Rick Astley.
Now, according to early reports of strange activity by Dutch ISP XS4ALL, and later confirmed by Sophos, there’s a new worm in the wild, and this one is far more malicious.
The new worm is called “Duh” or “Ikee.B”, and it uses the exact same vulnerability as the first one. The fix is thus identical – change the root password in the SSH application to something other than the default, which is “alpine”.Failing to do so might result in very serious consequences. According to Sophos, Ikee.B is “designed to connect to a server in Lithuania and to follow orders from remote hackers.” It can find vulnerable iPhones on a wide range of IP addresses, including IPs in several different countries, for example the Netherlands, Portugal, Australia (
), Austria, and Hungary. Furthermore, it changes the root password on the iPhone to “ohshit” (as discovered by Paul Ducklin, head of technology in Sophos Asia Pacific.)
Users who haven’t jailbroken their iPhone or haven’t installed the SSH application are not affected by this vulnerability.
via mashable.com
Posted via web from GLTSS
Wednesday, November 4, 2009
blacksn0w unlocks 3.1.2; Apple looks to curtail jailbreaking - Ars Technica
Jailbreakers rejoice! If you've been holding off on updating to iPhone OS 3.1.2 to keep your jailbreaks or carrier unlocks intact, blackra1n and blacksn0w are here to rescue you. However, don't expect the jailbreaking fun to last forever—Apple is looking to hire a manager to lead a team to boost the iPhone platform's security.
blackra1n is a new jailbreaking tool for Mac OS X and Windows from iPhone hacker George Hotz, aka "GeoHot," who also created purplera1n earlier this year. With the addition of blacksn0w, users with iPhone OS 3.1.2 and its updated 05.11.07 baseband—the software that runs the cell radio—can unlock the phone and use it on whatever GSM/UTMS carrier they prefer. (Note that in the US, your only other option is T-mobile, and it won't work on 3G, only EDGE.) "Jailbreaking and unlocking have never been easier," GeoHot wrote on his blog. The tool promises faster jailbreaking, one-click hacktivation, unlocking, and enabling tethering support all in one app. blacksn0w will be added as a separate iPhone app on Cydia for unlocking if you've already jailbroken using PwnageTool or some other method.
blackra1n and blacksn0w do come with a few caveats. They only work in tethered mode with new iPhone 3GS and iPod touch models that use a different bootloader than older models. That means the device has to be tethered to a computer with blackra1n running whenever the device is rebooted; otherwise, the jailbreak is undone on reboot. Also, blacksn0w won't unlock the baseband on EDGE-only iPhones. For that, GeoHot recommends the BootNeuter tool.
On the iPhone, security exploits are essentially what make jailbreaking possible, and Apple is looking to beef up the security of iPhone OS. The company recently posted a job listing for an iPhone OS Platform Security Manager, which will oversee a team "focused on the platform security of iPhone OS." That team is tasked with ensuring "secure booting and installation of the OS"—which essentially would mean an end to jailbreaking. It's also responsible for "partitioning and hardening of security domains within the OS, cryptographic services, and risk analysis of security threats," and any potential manager will be asked to implement "a methodology for proactively finding security vulnerabilities."
(And since we're talking security, we'll take this opportunity to remind jailbreakers to go ahead and change the default passwords, just in case.)
Tighter security is good, but the more secure iPhone OS is, the harder it will be to jailbreak. It took some time and effort to get blackra1n—and particularly blacksn0w—working, and GeoHot warns that "[t]his may be the best iPhone users ever have it." Apple could—and likely will—patch the exploit that makes the jailbreak and unlock possible in the future.
via arstechnica.com
Posted via web from GLTSS
Friday, October 30, 2009
Subscribe to:
Posts (Atom)