iPhoneRoot.com       

News tagged ‘security’


Howto secure iPhone iOS: PDF exploit fix





There is a big a security hole in iPhone iOS. The device is insecure in a big and obvious way. You should be extremely careful of what sites you visit.

The FlateDecode vulnerability can be used when a PDF File is embedded within a Web page. Basically Safari tries to parse the PDF. And when it does it executes some code. Hackers can use this exploit to read and write iPhone data, get your contacts, sms, even delete something. So they can get all kinds to access your personal information stored on your iOS device.

Apple will fix it some day. Until then you need to take care of your iPhone security. There is a fix for that. It is available via Cydia for jailbroken devices. So you need to jailbreak in order to secure (funny isn't it?).


Read the rest of this entry »




|
   

Leave a comment

Apple investigates iOS vulnerabilities



Vupen

Recently Vupen, which is a French security firm, posted an advisory that contained information about two critical security vulnerabilities in Apple's iOS. After a while hacker comex used these flaws to create a jailbreak, which is now widely known and available on JailbreakMe.com.

But according to Reuters, yesterday Apple decided to react and its spokeswoman Natalie Harrison revealed that the company is currently investigating Vupen's advisory. So it looks like these exploits are going to be fixed soon!




|
   

Leave a comment

Written by SimplyMax

Wednesday, August 4th, 2010. 23:16

New Jailbreak for iOS Devices is Browser-Based



BrowserJailbreak

Starting today every owner of iPad, iPhone or iPod can easily jailbreak his device via browser on http://jailbreakme.com/

The site was created in a week after decision of the Library of Congress (that operates the Copyright Office), which states that jailbreaking isn't illegal, though Apple claims it actually represents a threat to the stability and security of the company's devices. Apple also says that jailbreaking voids the warranty, but such an action can be easily undone by resetting a device to the default factory settings.

Site JailbreakMe.com easily became a trending topic in Twitter after its announcement on RedmondPie.com. The jailbreak itself was created by hacker comex, and the website was done by chpwn and westbaer.




|
   

Leave a comment, read comments [2]

Android Data Theft App Was Downloaded By Million Users



lookout_firm

At the Black Hat security conference, which is being held this week, research firm Lookout told about malicious application that was found in Google's Android Market. It was collecting private data (such as phone's SIM card number, text messages, browsing history, voice mail password and subscriber identification) and then sending it to a web site imnet.us, which is owned by an unknown person in Shenzhen, China.

According to VentureBeat report, written by Dean Takahashi, an app was claimed to load custom background wallpapers and was submitted by Jackeey Wallpaper.

Read the rest of this entry »




|
   

Leave a comment

Apple Improved iTunes Store Security



Applesnewsecurity

As you remember, few weeks ago iTunes Store was hacked and the top list of the Books category had been filled with a bunch of obscure books. That was achieved by a number of unauthorized charges that were made on accounts of several iTunes users, who eventually lost few hundred dollars. In turn Apple deleted developers who were found to use the fraudulent purchases.

These days Apple added new layer of security which now require every user to enter the security code of their credit card each time they register a new device or computer with their account, according to Different District blog. So if earlier malicious user just needed to guess a password for the account in order to receive and/or resell the acquired information to fraudulent buyers, after Apple’s security innovation it will require more efforts to do that.




|
   

Leave a comment

Written by SimplyMax

Thursday, July 29th, 2010. 1:35

Old Wi-Fi-enabled iPhone Will Finally Go On Sale in China



china-100712

According to The Wall Street Journal, last week Chinese Telecommunication Equipment Certification Center approved Wi-Fi enabled iPhone to be put on sale soon in China. The problem is that on the accompanying picture it is clearly seen that the approved device is the iPhone 3G or 3GS, but certainly not the iPhone 4.

Apple’s smartphone went on sale last year, but it was Wi-Fi disabled because technology's standard was temporarily banned by the Chinese government. In May 2009 the ban was relaxed.

Read the rest of this entry »




|
   

Leave a comment

Official iOS 4 changelog from Apple



Here's an official changelog for recently released iOS 4 for iPhone and iPod Touch:

This update contains over 100 new features, including the following:

• Multitasking support for third-party apps*
– Multitasking user interface to quickly move between apps
– Support for audio apps to play in the background
– VoIP apps can receive and maintain calls in the background or when device is asleep
– Apps can monitor location and take action while running in the background
– Alerts and messages can be pushed to apps using push and local notifications
– Apps can complete tasks in the background
• Folders to better organize and access apps
• Home screen Wallpaper*
• Mail improvements
– Unified inbox to view emails from all accounts in one place
– Fast inbox switching to quickly switch between different email accounts
– Threaded messages to view multiple emails from the same conversation
– Attachments can be opened with compatible third-party apps
– Search results can now be filed or deleted
– Option to select size of photo attachments
– Messages in the Outbox can be edited or deleted


Read the rest of this entry »




|
   

Leave a comment

Apple refreshed MobileMe and released Find My iPhone app



mm1
Yesterday Apple presented new version of the MobileMe subscription service alone with its new design and Find My iPhone application.

New version of the MobileMe mail was in beta since May, and those who wanted to try it had already had an opportunity. Here is a shortlist of innovations:

Read the rest of this entry »




|
   

Leave a comment

AT&T Experiences Major Problems With iPhone 4 Preorders



preorders5

Yesterday AT&T suddenly entirely stopped accepting iPhone 4 preorders. The company said that it was the busiest online sales day in its history.

Meanwhile AT&T's site started to show old information on iPhone 3GS prices, that was actual before iPhone 4 was announced. Some people also claimed they were shown info that wasn't theirs on AT&T's and Apple's site (the latter sometimes pulls information from AT&T's site to verify shipping address).

Read the rest of this entry »




|
   

Leave a comment

AT&T servers had been hacked



att_applelogo-299x300

A group of hackers found a security flaw on the web servers of AT&T and after obtaining users’ 3G iPad SIM addresses (also known as ICC ID) from the web made an automated script attack to receive their email addresses.

According to Gawker report, now hacked users may "be vulnerable to spam marketing and malicious hacking". SIM addresses are easy enough to obtain, because many people have already posted their ICC ID numbers in photos published on Flickr for instance. But most of them have their e-mails published too, so it is likely that they have already received such spam.

Read the rest of this entry »




|
   

Leave a comment

Yankee Stadium banned iPad



yankee_stadium

Recently posted report from Associated Press reveals that a local team of the New York Yankeees, decided to ban the iPad from the world-famous Yankee stadium because of a security and safety issues. MLB Advanced Media Chief Executive Officer Bob Bowman said Business Insider that the real reason is that the Yankees don't want people to get distracted because of iPad and then getting hit with a ball. But IntoMobile notes that people will still have an ability to bring their iPads anyway.

"If you've got a loose-fitting jacket or some monstrous pockets on your blue jeans, you might be able to smuggle the tablet inside”.

It is interesting that the Yankee Stadium is one of the most tech-savvy parks with computer screens in their lockers.




|
   

Leave a comment

Written by SimplyMax

Tuesday, May 25th, 2010. 18:23

Lost iPhone Prototype Affidavit Revealed - Totally New Details



affidavit

This Friday Judge Clifford Cretan from San Mateo County in California unsealed the affidavit of the lost iPhone prototype case. Cnet was first who studied the document and concluded that Steve Jobs personally called Gizmodo editor Brian Lam to return iPhone:

"Jobs requested that Lam return the phone to Apple. Lam responded via the e-mail address...that he would return the iPhone on the condition that Apple provided him with a letter stating the iPhone belonged to Apple."


Read the rest of this entry »




|
   

Leave a comment

Wi-Fi Sync Is Now Available on Cydia



WiFiSyncDesktop

You may remember our post about "Wi-Fi Sync" app that allows you to sync your iPhone/iPod touch with iTunes via Wi-fi. Well, this week Apple rejected it. But its developer Greg Hughes submitted it to Cydia (an unauthorized source of different software for jailbroken iDevices), and now it is available there for $9.99.

Greg also told Engadget that he talked to Apple representative and he said the case was not about any violations.

"While he agreed that the app doesn't technically break the rules, he said that it does encroach upon the boundaries of what they can and cannot allow on their store. He also cited security concerns."

"Wi-Fi Sync" is currently available only for Mac users, but Hughes promises to release version for Windows.




|
   

Leave a comment

Apple develops Gianduia - an alternative to Flash



Gianduia

As you remember, last week Steve Jobs posted a letter about his thoughts on Flash and that same day Adobe’s CEO commented on it.  Sometime later chief technology officer Kevin Lynch also expressed his opinion on the situation:

"It's not about HTML5 vs. Flash. They're mutually beneficial. The more important question is the freedom of choice on the Web."

In the meantime, Instead of using plugin-based technologies like Adobe Flash and Microsoft Silverlight, Apple created a new client-side framework Gianduia to produce quality online applications for retail users.

Read the rest of this entry »




|
   

Leave a comment, read comments [2]

A New Round of Apple VS Adobe Confrontation



WSJ

This week's sensation was a Steve Jobs' letter published officially on Apple's site. If you didn't read it or want to remind it to yourself, here are its main tent poles:

Read the rest of this entry »




|
   

Leave a comment