iPhoneRoot.com       

News tagged ‘security’


Apple uses a jailbroken iPhone in patent application





Recently we talked about Apple's second patent about biometric security. The funny thing is that the images used in this patent show a jailbroken firmware 1.x iPhone, with installed Installer.app, SMBPrefs  and the iWood Realize theme from the iSpazio repository. There are also "Terminal", "Game", "VRecord", "Blocks" and others.

img1

You can check yourself here. Here is a screenshot:

screenshot




|
   

Leave a comment

Apple patents a biometric recognition system for iPhone and MacBook



Apple filed a new patent that shows a new system of biometric recognition for the safety of iPhone and MacBook. Currently the only way to protect our devices is to use a security code, which is not safe enough. In the future Apple plans to integrate a sensor below the screen to scan our fingerprints when we execute the "slide to unlock" .

Other security methods may be that the voice recognition or facial recognition. This might include the future implementation of a front camera. Apple goes so far as to suggest the possibility of recognizing the user's distinctive voice or even collecting DNA samples to recognize a user's genetic sequence. Biometrics could also be context-sensitive and detect the shape of a user's ear before allowing a call to go through, for example.

Overall it still seems somewhat science fiction, but could be implemented in the next model of the iPhone this summer.

iphonebiometric-1

iphonebiometric-2

QlikView helps to improve supply, production and distribution. You can learn about QlikView solution manufacturing companies at 1bit.com.




|
   

Leave a comment

iPhone’s security issue: fix it



You probably know about latest iPhone’s security issue. The good news is that there is a solution to fix it.

Jonathan Zdziarski has deviced a way to disable this writing to disk, so that screenshots cannot be recovered. On a jailbroken iPhone, you can disable these screenshots with the following commands in MobileTerminal or through SSH connection to iPhone:

# rm -rf /var/mobile/Library/Caches/Snapshots

# ln -s /dev/null /var/mobile/Library/Caches/Snapshots

Screenshots themselves actually get written to /var/mobile/Library/Caches/Snapshots. So these commands delete this folder and symlink it to /dev/null, so the screenshots don’t get written to disk.

The side effect to this is that when resuming an application, you’ll get the default screen in the zoom-in effect. Once the application resumes, however, you’ll have your application screen back. For example, your mail application will always zoom to the front as if you had an empty inbox, but will quickly correct itself once the application resumes.

“To return to the default behavior, just delete the symlink and the directory will get recreated. Mind you, this has no effect on the many other pieces of data stored on the iPhone, and therefore your iPhone will always be at risk for leaking private data, especially to seasoned forensic examiners. Use at your own risk.”

via iphoneatlas




|
   

Leave a comment

Written by admin

Tuesday, September 23rd, 2008. 0:00

iPhone 2.1 firmware is out



The iPhone 2.1 is out. It contains the following updates as listed by Apple:

- decrease in call set-up failures andcall drops
- significantly improve battery life for most users
- dramatically reduced time to backup to iTunes
- improve email reliability, notable fetching email from POP and Exchange accounts
- faster installation of 3rd party applications
- fixed bugs causing hangs and crashes if you have lots of 3rd party applications
- improved performance of text messaging
- faster loading and searching of contacts
- improved accuracy of the 3G signal strength display
- repeat alert up to two additional times for incoming text messages
- option to wipe data after ten failed passcode attempts
- Genius playlist creation

The 2.1 firmware is build 5F136 (weighing in at 237.8MB) and can be directly downloaded through iTunes. The new firmware also contains a number of security fixes including the well publicized passcode flaw.

Jailbreak for 2.1 is not avaliable yet.




|
   

Leave a comment

iPhone's security issue



It's amazing, how curious some people are. iPhone hacker and data-forensics expert Jonathan Zdziarski explained that iPhone snaps a screenshot of your most recent action -- regardless of whether it's sending a text message, e-mailing or browsing a web page -- in order to cache it. This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The phone presumably deletes the image after you close the application. But anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. Zdziarski demonstrated that if you know what you're doing (and you've got over an hour), you can recover the file system and see many, many of these grabs.

"This flaw can only be exploited by somebody with physical access to a device, but your phone could get into the hands of someone with more malicious intent," he said. "Obviously, you don't want to trust any of your data to a passcode."

Gadget Lab is also reporting that Zdziarski said forensics experts have actually used this method to solve serious crimes.

via gizmodo and gadget lab




|
   

Leave a comment

Written by admin

Friday, September 12th, 2008. 16:50

Unlock for IPhone 3G - almost there



DevTeam posted a new interesting screenshot. They successfully downgraded modem firmware. This is not an unlock (yet), but it is a good illustration of the first progress made with regard to hacking the 3G baseband. They accomplished this by being able to execute their own code on the baseband that allows to circumvent security checks and flash the baseband with older, disallowed firmware. Please note this has been accomplished using software only, the iPhone 3G has not been disassembled or hardware modified in any way.




|
   

Leave a comment