iPhoneRoot.com       

News tagged ‘security’


Foxconn's Servers Hacked, Exposing Vendor Usernames and Passwords





login

Swagg Security hacking group announced this week that they managed to hack Foxconn servers that expose usernames and passwords for clients and employees. Such information could be used to place fraudulent orders for companies like Apple and Microsoft.

Swagg Security alleged that it had bypassed Foxconn's firewall "almost flawlessly." Using several hacking techniques and a couple of days time, the hackers reportedly dumped "most of everything of significance," including usernames and passwords. According to the group, the leaked passwords "could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell."


Read the rest of this entry »




|
   

Leave a comment

Written by Svetlana Osipova

Thursday, February 9th, 2012. 20:48

Apple removes blatant copycat apps from App Store



appstore

TechCrunch reports that Apple removed from the App Store a number of copycat applications such as Temple Run, Tiny Wings and Words with Friends that closely mimicked the titles of successful games after they provoked a public outcry from developers over the issue. The fraudulent apps were largely the work of developer Anton Sinelnikov.

Sinelnikov, however, is not alone in his efforts, as dozens of other applications from other developers have attempted to dishonestly capitalize on the successes of others. Numerous developers and users asked Apple to take down the offending apps. Keith Shepherd, the creator of Temple Run, noted on his account that an app like Temple Jump "taints the integrity of the App Store." After Apple pulled the app, Shepherd posted on Twitter that he was "thankful."


Read the rest of this entry »




|
   

Leave a comment

Taiwanese Site Sued by Supplier After Leaking Claimed iPad 3 Dock Connector



ipad_3_dock_connector

In July 2011 Taiwanese site Apple.pro published several photos of what was claimed to be the dock connector and ribbon cable for the next-generation iPad 3. Honestly, the connector didn’t provide much information about the full iPad 3 tablet. The only obvious fact was that the connector itself being white as opposed to black on the iPad 2, and it was one of the first reported leaks of iPad 3 parts. However,  Apple's suppliers seem to have taken the leak seriously. Apple.pro now reports that it has been sued by the supplier responsible for the part leaked in last year's report.


Read the rest of this entry »




|
   

Leave a comment

Written by Svetlana Osipova

Tuesday, January 31st, 2012. 23:02

Mac platform faced 58 malware threats from Q2 to Q4 2011



malware

Security lab F-Secure released its 2011 Mac Malware Summary earlier this week, noting that Mac OS X platform endured 58 separate malware attacks from April 2011 to December 2011. Of course, this numbers couldn’t be compared with multiply attacks that Microsoft's Windows operating system experienced over the same period.

The firm counted only unique variants of malware that occurred during the second, third and fourth quarters of 2011. "We prefer a more conservative approach when counting malware. The more generic and family based, the better," the report noted.


Read the rest of this entry »




|
   

Leave a comment

Written by Svetlana Osipova

Friday, January 20th, 2012. 14:27

iOS Accessories At CES 2012: Wireless HDMI, Multi-docks, iNotebook, Kiosk



inCharge

There are tons of accessories showed off at CES 2012, many of which were designed for iOS devices. Among the most interesting are multi-docs which offer various ways of charging several iOS devices simultaneously.


Read the rest of this entry »




|
   

Leave a comment

Written by maxim

Thursday, January 12th, 2012. 21:29

"Dream Team" will work on untethered iPad 2 and iPhone 4S jailbreak



pwned

Pod2g has recently announced that Planetbeing, MuscleNerd, and P0sixninja have joined his effort to release an iOS 5.0.1 untethered jailbreak for the iPhone 4S and iPad 2.

@planetbeing, the legendary hacker behind iPhone Linux and lot of jailbreaks has joined the A5 research! The famous @MuscleNerd, the leader of the iPhone Dev Team, who did a lot of tests for Corona and whom integrated it and made it simple in redsn0w is willing to help also. And last, but not least @p0sixninja, the leader of the Chronic Dev Team, and my partner for years on iPhone security research has started to code and fuzz the Apple sandbox.

That means that we now have a dream team to create a public release of the A5 jailbreak.


Read the rest of this entry »




|
   

Leave a comment, read comments [7]

Apple Patent Describes Multi-User Face Detection System



apple-face-detection

Like the controversial face unlock functionality in Google’s Galaxy Nexus, a new Apple’s patent application points out that the company is developing similar but more sofisticated face detection solution. As PatentlyApple reports, Apple said that these user detection system could be included in a future MacBook, iPad, iPod touch and iPhone.
Read the rest of this entry »




|
   

Leave a comment

Apple to Build Semiconductor R&D Center in Israel



a5chip

The resent rumors suggesting that Apple may purchase Israeli firm Anobit, nudge that Apple plans to set up its first research and development center outside of its Cupertino headquarters.

Sources inform "Globes" that Apple Inc. has decided to open a development center in Israel focusing on semiconductors. The decision was taken even before the company entered into talks to acquire Herzliya-based flash storage solutions provider Anobit Ltd..

Apple has hired Aharon Aharon, a veteran player in Israel's high tech industry, to lead the new development center.

[...]


Read the rest of this entry »




|
   

Leave a comment

Written by Svetlana Osipova

Thursday, December 15th, 2011. 16:43

Developers crack Siri’s security protocol to enable it with any device



siri_icon

A team of developers called Applidium has announced that they managed to investigate how Siri, exclusive service available on the iPhone 4S, talks to Apple servers. Applidium notes that iPhone 4S uses standard HTTPS network requests to communicate with Apple's servers, but sends data using an "ACE" command rather than regular web GET requests. Moreover, each Siri request involves a unique identifier based on UUID. Such identifier prevents access of unauthorized devices to Apple’s servers. User’s requests are compressed with the Speex audio codec optimized for VoIP. Applidium discovered that iPhone, to provide Siri’s voice recognition, should support at least Siri's basic voice recognition features, but Apple doesn’t plan to port such capabilities on earlier iOS 5 models.

So far, Applidium's investigation has revealed that Siri packages requests in compressed property lists, but further exploration of the protocol is hampered by a number of issues, including the complexity of requests, the fact that they are tied to a hardware key, and that they are subject to change.

Noteworthy, Apple could at any time stop supporting a particular hardware identifier, if it is suspected of being used to exploit its servers, and change way of data transmitting.

Applidium says "anyone could now write an Android app that uses the real Siri! Or use Siri on an iPad!" But you will need a real unique user key of an actual iPhone 4S.




|
   

Leave a comment

Jailbreakers and unlockers: don't update to iOS 5.0.1



noupdate501

Apple has recently released iOS 5.0.1. It is still tethered jailbreakable. However if you want untethered jailbreak or unlock - you should stay away from 5.0.1

Earlier this week pod2g reported that a code signing bug found in iOS 5.0 will make it easier for hackers to develop a full jailbreak for iOS 5 firmware version. That bug might have been closed in iOS 5.0.1. UPDATE: According to pod2g the bug is still present, but harder to exploit because another exploit found by Charlie Miller is fixed in iOS 5.0.1.

Also, MuscleNerd via twitter has warned iOS users that there is no downgrade from iOS 5.0.1 to iOS 5.0 yet and he recommends to wait until downgrade mechanism is available.

Jailbreakers and unlockers should avoid today's 5.0.1 until a flow for downgrading to 5.0 is developed.

Downgrade flow needs to be modified for AP "nonce" http://is.gd/b3G0io ... saved SHSH blobs are not enough to downgrade to 5.0




|
   

Leave a comment

Apple Releases iOS 5.0.1 to Address Battery Life Issues



ios_5_0_1

Yesterday Apple released the promised update of the iOS 5.0. The iOS 5.0.1 should fix battery life issues found on devices upgraded to the iOS 5, as well as on new iPhone 4S. Apple publicly said the battery life bugs affected a small number of users. In addition to addressing battery life issues, the update also brings new multi-touch gestures for the first-generation iPad.

This update contains improvements and other bug fixes including:

  • Fixes bugs affecting battery life
  • Adds Multitasking Gestures for original iPad
  • Resolves bugs with Documents in the Cloud
  • Improves voice recognition for Australian users using dictation

The update also includes security improvements, as well as a new way for developers to specify files that should remain on a device even in low storage situations.

iOS 5.0.1 is available for iPhone (4S, 4, and 3GS), iPod touch (third- and fourth-generation), and all iPad models. The update is now available to all users through iTunes, and will be soon available as an over-the-air update.

Direct links for downloads:




|
   

Leave a comment

iOS Security Exploit Allows Apps To Execute Malicious Code



Video where Miller demonstates this exploit

According to Forbes, security specialist Charlie Miller has found an exploit on iOS devices, which allows developers to put malware apps onto the App Store without detection. These malware apps can be used to steal user’s contacts, photo and other information, play a ringtone, make the device vibrate and more at any time the developer chooses.


Read the rest of this entry »




|
   

Leave a comment

Written by maxim

Tuesday, November 8th, 2011. 12:33

Apple Vice President of Global Security John Theriault departs company following lost iPhone 4S investigation



theriault_linkedin

A large number of Apple senior executives have left the company this year. And Apple’s vice president of global security John Theriault is one of them. We’ve heard that the reason for his departure could be the lost iPhone 4S prototype, while the official reason is retirement.

In July, an Apple employee lost a prototype of the new iPhone at the Cava22 bar in San Francisco. Following the loss of the prototype device, Apple security personnel being escorted by San Francisco police visited a home to where the device had been traced. Apple security officials reportedly posed as police officers in their search of this prototype iPhone. Apple and the SFPD may face a lawsuit over the matter, as the resident claims that he was threatened by the police and was not informed that Apple's security officials were not actually officers.

Theriault, a former FBI agent and Pfizer vice president, joined Apple in 2007. Theriault was responsible for all of the Apple’s security operations and led an anti-counterfeit team in 2008 in a fight against China’s growing counterfeit product market.




|
   

Leave a comment

Written by Svetlana Osipova

Saturday, November 5th, 2011. 19:40

Apple Pushed Implementation Of Sandboxing Requirement In Mac App Store To March



sandboxing

Among the user-interface changes in OS X 10.7 (Lion), Apple also included a number of changes in the security model that may affect customers of Mac App Store in the near future. One of them is a sandboxing system which can prevent third-party apps from causing damage.


Read the rest of this entry »




|
   

Leave a comment

Written by maxim

Thursday, November 3rd, 2011. 12:31

Apple released iOS 5.0.1 beta to developers



ios-501

Apple has just relased iOS 5.0.1 (9A402) to developers. The new update features battery life fixes, multitasking gestures on the original iPad, improves Voice recognition for Australian users, and features other bug and security fixes. The update is about 811MB. Developers can download it from the Developer Center.

iOS 5.0.1 beta also introduces a new way for developers to specify files that should remain on device, even in low storage situations.

Changelog:

Read the rest of this entry »




|
   

Leave a comment

Written by admin

Thursday, November 3rd, 2011. 3:28