iPhoneRoot.com       

News tagged ‘security’


Square Enables iPhone to Handle Credit Card Purchases





Jack Dorsey, the founder of Twitter, launched the new service named Square (still in beta) that allows you to make or take payments using your iPhone.

accept-payments

All this happens through an accessory able to process credit cards that is connected to the the device.

User just need to enter the amount, the security code and the signature directly on the touchscreen. There are no charges of any kind, except a U.S. cent on every transition, which is donated to charity.

square-lg2

The system is able to display a bill with lots of information: the map, the amount, the number of times that we used this system of payments in that particular store, and much more.

square-lg3

The system is currently being tested in the US. Maybe one day we will all use it everywhere.




|
   

Leave a comment

Written by admin

Wednesday, December 2nd, 2009. 17:55

1Password Pro for iPhone Is Free Until Dec 1st



Agile Web Solutions is offering 1Password Pro free until December 1st for iPhone and iPod touch users.

1Password will securely store your important information and can automatically log you into websites with a single tap. There's no need to remember the username, password, or even the website address.

1Password Pro is normally $7.99 and can be installed from the AppStore (link).


Feature List:

  • (pro) Special easy switching mode allows you to quickly copy-and-paste usernames and passwords to Mobile Safari.
  • (pro) Support for copying multiple field values (for example, both username and password) from 1Password to Mobile Safari.
  • (pro) Folders for better organization (in this version a desktop application required - sold separately)
  • (pro) Features coming soon: Favorites, MobileMe/WebDAV syncing, and more.
  • Securely store your website names and passwords so you never forget them again
  • Save important information like credit cards and membership numbers
  • Jot down other notes too sensitive for stickies or bar napkins
  • Synchronize it all with 1Password for Mac via Wi-Fi (sold separately, available at http://1password.com)
  • Automatically log into Web sites on iPhone and iPod touch to avoid remembering and typing usernames and passwords
  • Hardware-accelerated AES encryption and Auto-Lock keep your data protected even if your iPhone is lost or stolen
  • All cryptographic operations are performed using standard iPhone libraries to ensure there are no security gaps or backdoors
  • Two-layer defense with Unlock Code and Master Password to combine security and convenience
  • Data Backup & Restore option available on Mac, Windows and Linux.



|
   

Leave a comment

New iPhone Worm Wants User's Bank Passwords



apple_worm

A second iPhone worm virus has been found by security company F-Secure. It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING.

It redirects the bank's customers to a site with a log-in screen (phishing). The worm attacks "jailbroken" phones - a modification which enables the user to run non-Apple approved software on their handset. Only handsets with installed SSH (secure shell) are at risk. SSH is a file-transfer program that enables users to remotely connect to their phones. It comes with a default password, 'alpine' which should be changed.

Here is a tutorial how to change the default SSH password and minimize the risk.




|
   

Leave a comment

Apple extends the In-App Purchase to free applications



in-app-purchase

Apple has just announced that all iPhone developers can now use the In-App Purchase in free applications! In the past the use of these APIs was reserved only for commercial software.

This is great, because developers can completely eliminate the Lite version, creating only a limited free version with full function unlock through an in-app purchase. All this is also intended to provide greater security for developers.




|
   

Leave a comment

Firmware 3.0 security bug allows you to read passwords [Video]



A bug was found in firmware 3.0 that allows you to view hidden passwords. Here's the video demonstration:

As you can see it is easy, just erase a digit and shake the iPhone to see the number or character of the password. This bug had been fixed in firmware 3.1.




|
   

Leave a comment

Speech-to-Speech Voice Translator [Video]



Sakhr is a translation company with big clients like the U.S. Department of Defense and Homeland Security. They specialize in English/Arabic translation, and this demo of their iPhone/Blackberry app (not publicly available) looks like the Holy Grail of translation software.

You hold a button, say a phrase and the software captures the information through speech recognition. The text is then translated into either Arabic or English (in the cloud, we believe) and then read aloud so mispronunciation is not an issue.

Voice recognition is a hard part. But if an app works even with 85% accuracy, that's close enough for most tourists—even if soldiers could find the mistakes a bit more costly.

via gizmodo




|
   

Leave a comment

What's new in iPhone OS 3.0 beta 2?



iphone-3

Here is an unofficial changelog of iPhone 3.0 beta2 firmware:

  • Better Spotlight feature
  • Better Copy-Cut-Paste
  • Greater speed and overall stability
  • MMS natively supported (without any hack) for a lot of new countries
  • In-App Purchase first APIs released
  • Push notifications first APIs released
  • New APIs available to developers
  • Bugs afflicting Beta 1 fixed
  • Safari’s lower bar is no more transparent
  • New “Store” entry in Settings App: it links to a blank page
  • Contacts now divided in “All contacts”, “All contacts on My iPhone” and “All contacts (Mobile Me)”
  • New Safari’s landscape mode when clicking on a image or a link
  • Anti-phishing mode in Safari. Activate it in Settings App > Safari, switching Fraud alert ON. The green title bar on 3.0 firmware means a security certified and reliable website. The “htpps” protocol icon instead has been moved on the left of the title.
  • SpringBoard has now up to 11 pages and 180 applications.

via ispazio




|
   

Leave a comment

How To create an iTunes App Store account without a credit card



To create an iTunes App Store account without a credit card please follow the steps below.

Note: In order to create an account without a credit card, you must make sure you are in the App Store, not the iTunes Store.

  1. Pick your country from the pop-up menu at the bottom of the iTunes Store homepage.
  2. If your country also has an iTunes Store, you'll need to navigate to the App Store by clicking on the "App Store" link from the menu on the left.  If not, proceed to step 3.


    Read the rest of this entry »



|
   

Leave a comment

Written by admin

Wednesday, April 1st, 2009. 0:26

Apple uses a jailbroken iPhone in patent application



Recently we talked about Apple's second patent about biometric security. The funny thing is that the images used in this patent show a jailbroken firmware 1.x iPhone, with installed Installer.app, SMBPrefs  and the iWood Realize theme from the iSpazio repository. There are also "Terminal", "Game", "VRecord", "Blocks" and others.

img1

You can check yourself here. Here is a screenshot:

screenshot




|
   

Leave a comment

Apple patents a biometric recognition system for iPhone and MacBook



Apple filed a new patent that shows a new system of biometric recognition for the safety of iPhone and MacBook. Currently the only way to protect our devices is to use a security code, which is not safe enough. In the future Apple plans to integrate a sensor below the screen to scan our fingerprints when we execute the "slide to unlock" .

Other security methods may be that the voice recognition or facial recognition. This might include the future implementation of a front camera. Apple goes so far as to suggest the possibility of recognizing the user's distinctive voice or even collecting DNA samples to recognize a user's genetic sequence. Biometrics could also be context-sensitive and detect the shape of a user's ear before allowing a call to go through, for example.

Overall it still seems somewhat science fiction, but could be implemented in the next model of the iPhone this summer.

iphonebiometric-1

iphonebiometric-2

QlikView helps to improve supply, production and distribution. You can learn about QlikView solution manufacturing companies at 1bit.com.




|
   

Leave a comment

iPhone’s security issue: fix it



You probably know about latest iPhone’s security issue. The good news is that there is a solution to fix it.

Jonathan Zdziarski has deviced a way to disable this writing to disk, so that screenshots cannot be recovered. On a jailbroken iPhone, you can disable these screenshots with the following commands in MobileTerminal or through SSH connection to iPhone:

# rm -rf /var/mobile/Library/Caches/Snapshots

# ln -s /dev/null /var/mobile/Library/Caches/Snapshots

Screenshots themselves actually get written to /var/mobile/Library/Caches/Snapshots. So these commands delete this folder and symlink it to /dev/null, so the screenshots don’t get written to disk.

The side effect to this is that when resuming an application, you’ll get the default screen in the zoom-in effect. Once the application resumes, however, you’ll have your application screen back. For example, your mail application will always zoom to the front as if you had an empty inbox, but will quickly correct itself once the application resumes.

“To return to the default behavior, just delete the symlink and the directory will get recreated. Mind you, this has no effect on the many other pieces of data stored on the iPhone, and therefore your iPhone will always be at risk for leaking private data, especially to seasoned forensic examiners. Use at your own risk.”

via iphoneatlas




|
   

Leave a comment

Written by admin

Tuesday, September 23rd, 2008. 0:00

iPhone 2.1 firmware is out



The iPhone 2.1 is out. It contains the following updates as listed by Apple:

- decrease in call set-up failures andcall drops
- significantly improve battery life for most users
- dramatically reduced time to backup to iTunes
- improve email reliability, notable fetching email from POP and Exchange accounts
- faster installation of 3rd party applications
- fixed bugs causing hangs and crashes if you have lots of 3rd party applications
- improved performance of text messaging
- faster loading and searching of contacts
- improved accuracy of the 3G signal strength display
- repeat alert up to two additional times for incoming text messages
- option to wipe data after ten failed passcode attempts
- Genius playlist creation

The 2.1 firmware is build 5F136 (weighing in at 237.8MB) and can be directly downloaded through iTunes. The new firmware also contains a number of security fixes including the well publicized passcode flaw.

Jailbreak for 2.1 is not avaliable yet.




|
   

Leave a comment

iPhone's security issue



It's amazing, how curious some people are. iPhone hacker and data-forensics expert Jonathan Zdziarski explained that iPhone snaps a screenshot of your most recent action -- regardless of whether it's sending a text message, e-mailing or browsing a web page -- in order to cache it. This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The phone presumably deletes the image after you close the application. But anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. Zdziarski demonstrated that if you know what you're doing (and you've got over an hour), you can recover the file system and see many, many of these grabs.

"This flaw can only be exploited by somebody with physical access to a device, but your phone could get into the hands of someone with more malicious intent," he said. "Obviously, you don't want to trust any of your data to a passcode."

Gadget Lab is also reporting that Zdziarski said forensics experts have actually used this method to solve serious crimes.

via gizmodo and gadget lab




|
   

Leave a comment

Written by admin

Friday, September 12th, 2008. 16:50

Unlock for IPhone 3G - almost there



DevTeam posted a new interesting screenshot. They successfully downgraded modem firmware. This is not an unlock (yet), but it is a good illustration of the first progress made with regard to hacking the 3G baseband. They accomplished this by being able to execute their own code on the baseband that allows to circumvent security checks and flash the baseband with older, disallowed firmware. Please note this has been accomplished using software only, the iPhone 3G has not been disassembled or hardware modified in any way.




|
   

Leave a comment