Does not require jailbreaking, doubles throughput rates
An altered carrier update that has been modified by two hackers successfully increases the bandwidth available for iPhone 5 units on T-Mobile's US network, tests have found. The patch to the carrier update file, which was originally distributed to add LTE signal to the iPhone 5 using T-Mobile's 1900MHz band, works on both unlocked AT&T units as well as "native" T-Mobile iPhone 5 devices without requiring a jailbreak, though instructions vary for customers using jailbroken iPhones.
Rogue broker ruins own firm, defrauds another in bad bet
David Miller, a former stock trader who brought down his employer in a bet on Apple stock, has pleaded guilty to wire fraud and conspiracy in a plea deal reached with prosecutors. The incident began when Miller improperly bought 1,000 times the number of shares requested by a customer, expecting Apple's stock price to rise and then selling off the excess stock and pocketing the profit before the fraud was noticed. He had been facing up to 25 years in prison for the fraud, but instead will likely see a five-to-eight year sentence.
Jailbreak devs targeted, reveals flaw in Messages app
A flaw in the Messages application used widely on iOS devices has been revealed through a denial-of-service (DoS) attack on a group of jailbreak app developers. The program is subject to simple "flood" type attacks in which an attacker automatically sends messages incredibly rapidly, effectively rendering an account useless. Grant Paul, who goes by "chpwn" on Twitter and was one of the half-dozen victims in the attacks, said that the problem is that "Apple doesn't limit how fast messages can be sent," thus filling up the inbox and requiring the user to clear notifications and text in order to use the app.
Requires unlocked model
A new hack allows a current-generation AT&T iPhone 5 to operate on the 1700MHz band of T-Mobile's network, reports claim. The method involves a custom carrier file, and demands an unlocked A1428 model of the phone, whether with AT&T or officially unlocked by Apple. Once active the hack only provides access to LTE, and not T-Mobile's HSPA+ network.
Amazon adds X-Ray functionality to popular TV shows
Amazon has updated the X-Ray feature of its Instant Video service to now include television shows. The update will allow users to view IMDB information for individual episodes of programs, including the names of actors, what other shows they have appeared in, and other similar content. Expanding what the company has done to movies in the last six months since the feature's launch, X-Ray is available to use for a number of popular TV shows on the Kindle Fire, Kindle Fire HD, and the Amazon Instant Video app on the Wii U.
Quick response prevents any reports of actual account compromises
A security flaw exposed earlier on Friday has already been fixed, just hours after it was discovered, according to Apple. The issue, which could have allowed malicious users to hijack and lock out the legitimate owners, just by knowing the email address and exact birthdate of a victim. In response, Apple temporarily took its "iForgot" password-resetting service offline while it resolved the issue.
New updates patches six exploits, breaks evasi0n jailbreak
In closing six potential exploits in the security-oriented iOS 6.1.3 update released earlier today -- and simultaneously breaking compatibility with the evasi0n jailbreak -- Apple has acknowledged the contributions of the Evad3rs team behind the jailbreak with finding four of the six flaws that, in the wrong hands, could have lead to an increased risk of malware rather than just a path to unofficial apps and customizing. Though the jailbreak hack no longer works, the team suggest that other flaws still exist.
Users can collect unused data for later; 30 percent already on board
FreedomPop, a cellular internet service provider and maker of an iPod Touch case that can turn it into a full working smartphone, has just implemented a new "data rollover" feature for its plans, which let users keep unused data from month to month. The service, which offers 500MB of monthly WiMAX and LTE cellular data for free following the purchase of one of its custom sleeves for iPhones or iPod touch models, allows users to share data with friends and earn additional free data through referrals. It provides either mobile or home internet service.
Vulnerability comes from carrier, enterprise configuration profiles
An Israeli security firm has published a proof-of-concept pointing a weak link in Apple's otherwise very tight security for its mobile platform iOS -- mobileconfig files. The profiles, which are often installed by carriers or enterprise device management solutions, can be downloaded from unencrypted websites, reports Skycure Security. If users were tricked (through social engineering or redirected websites) into installing a malicious profile, it would configure system-level settings to allow attackers access to several key iOS services.
Firefox, older 32-bit browsers may avoid worst effects
On the heels of more problems with browser plug-ins such as Java and Flash, a newly-discovered flaw in HTML5 -- used throughout the web and a fundamental part of all modern browsers -- can be used maliciously to fill hard drives to capacity with junk data. The exploit can be demonstrated on a website set up to document the flaw, called Filldisk. All browsers are susceptible to it -- though Mozilla's Firefox features a hard cap of 5MB of such data and thus mitigates the effect, while some older 32-bit browsers may crash rather than fill up the drive.
Service available over 29 counties across NY, CT, NJ, PA
Aereo today announced that its Internet-repeating television service is now available to the more than 19 million people living in the New York City metropolitan area. The region includes 29 counties across New York, New Jersey, Connecticut and Pennsylvania. Previously, Aereo was only available to residents of New York City's five boroughs.
Could potentially force hackers to start 'from scratch' on new app
iOS 6.1.3 beta 2 -- seeded to developers late last week -- wrecks the evasi0n jailbreak, one of the members of evad3rs tells Forbes. David Wang elaborates that it closes at least one of the five exploits evasi0n currently depends on, specifically a glitch in iOS' timezone settings. Wang says he is still testing v6.1.3, but notes that if "most" of the v6.1.2 exploits have been fixed, evad3rs will have to start "from scratch" on opening up the new firmware.
Third emergency update may be the charm for recent malware issues
Oracle has once again released an updated version of Java SE 7 in order to combat serious vulnerabilities that have resulted in malware attacks on both Macs and Windows PCs. The new version, Update 15, comes less than three weeks after the previous patch, and follows an Apple-issued update to Java SE 6 in the wake of hacker attacks against Apple's own employees' work Macs. The new update is said by Oracle to "enhance security" as well as improve performance and stability.
All devices supported by original hack still usable with update
Holding true to a promise made on evasi0n spokesperson "planetbeing's" twitter feed, the iOS jailbreak tool has been released enabling support for the new 6.1.2 OS update. No bug fixes are noted for the release, or specific notes on what the group had to modify to enable the hack.
Not yet spotted 'in the wild' but could become a threat
Anti-malware software maker Intego is confirming reports of a new OS X-based malware it called "Pintsized" that uses a modified version of OpenSSH to potentially set up a remote connection into Mac accounts, whereupon it could be used to snoop for private owner information. Though not yet seen "in the wild," the malware attempts to disguise itself by using filenames that appear as part of the normal OS X printing system, and sets itself to launch on startup.
Algorithms protect against spammers
Google has claimed victory against account hijackers, claiming the number of legitimate accounts compromised by spammers has dropped by 99.7 percent since 2011. The company's latest security protocols have been developed in response to a surge in account hijacking starting in 2010, as cyber criminals began using stolen passwords to distribute spam from legitimate accounts in an attempt to bypass ever strengthening spam filters, according to a blog post from Google security engineer Mike Hearn.
Expected to fix Exchange glitches, lockscreen vulnerability
iOS 6.1.2 is already in development and should go live early next, say sources for German website iFun. The site adds that the firmware will probably go live before February 20th, and that it's expected to close the lockscreen vulnerability discovered in iOS 6.1, along with Exchange problems. It could conceivably fix other issues as well, but these aren't mentioned by iFun.
Not first instance of lockscreen glitch
(Updated with Apple response) A vulnerability in iOS 6.1 allows people to bypass the iPhone's lockscreen without entering a passcode, reports say. To accomplish the hack, a person has to go to the Emergency Call screen, begin to power off, but then cancel and make a call which should also be cancelled. The phone next has to be put into standby, woken up, and then swiped; the bypass is finally possible by tapping the Emergency Call button after holding down the power button for three to four seconds. The home button has to be hit right away to prevent the phone from shutting off, and users are still blocked from email, messaging, and browsing.
Keyboard support extends to aTV Flash features
Developer FireCore has released updated versions of aTV Flash (black) and Seas0nPass for people hoping to jailbreak Apple TVs running the new v5.2 firmware. While Seas0nPass is simply the required jailbreaking utility, aTV Flash adds new functions, such as web browsing and wider format compatibility. FireCore notes that the Bluetooth keyboard support in v5.2 carries over to Flash's features.
Update for iPhone 4S broke compatibility with hack
The team behind the Evasi0n jailbreak for devices running iOS 6.0 and later have unveiled an updated version in order to fix some bugs that appeared with the original release as well as re-add support for iPhone 4S devices that were updated to iOS 6.1.1, released yesterday. Apple released iOS 6.1.1 as a fix for problems with v6.1 on the iPhone 4S, including unusual battery drain and 3G connectivity issues. The updated Evasi0n tool (now at version 1.3) tackles other problems.
May make software most quickly-adopted for jailbreaks
Almost 7 million iOS devices have been jailbroken since evasi0n was released earlier this week, according to Jay Freeman, administrator of the Cydia app store for jailbreakers. Cydia tracking has so far recorded about 5.15 million iPhones, 1.35 million iPads, and 400,000 iPod touches. Freeman claims that the numbers make evasi0n the most rapidly-adopted jailbreak utility to date.
Users were having issues with weather, boot times, more
Following the popular release of the evasi0n "jailbreak" tool for devices running iOS 6 and higher, the team behind it have released at least two updates to fix problems caused by the jailbreak, which has been claimed to have been downloaded more than 1.5 million times since its release on Monday. The most common bug was that the jailbreak caused the stock Weather app to crash or (on iPads) revealing a hidden but outdated iPhone version of the app.
Most iOS devices supported
The Evad3rs hacking team has released its promised jailbreaking tool for iOS 6 devices. Known as evasi0n, the software supports any version of iOS 6 through 6.1, and is available in Mac, Windows, and Linux editions. It's also untethered, meaning that it doesn't require connecting to a computer and reapplying the jailbreak if an iOS device is rebooted.
Creators start to wobble on firm release date, however
A "supergroup" of well-known iOS hackers now called the Evad3rs have launched an official website to promote the team's jailbreak for a wide variety of iOS devices running iOS 6 or 6.1, the latter of which was just released on Monday. The jailbreak should enable most recent iOS devices to be able to further customized and let users install apps unavailable from the official App Store -- but as with any jailbreak, the exploit required for it to work could be used for pirating and malware as well.
Final version of iOS 6.1 could arrive as soon as today
A public jailbreak for iOS 6 could be coming soon, according to tweets by prominent hackers. One hacker, planetbeing, says that "tons of progress" has been made in recent days, and that "the future is looking bright for jailbreaking." He claims in fact that an exploit of his is already working, but that he's been testing it to ensure no "unpleasant side-effects."
Community events to use released government data to help nation
The White House has announced an event that will encourage US residents to make use of government data. The National Day of Civic Hacking on June 1-2 will see 27 cities play host to community events where publicly-released data will be used to create "solutions for problems that affect Americans."
Oracle raises default security settings in Java security patch to High
Oracle has issued an emergency patch for Java, its popular web technology. Security researchers last week uncovered a zero-day exploit that is being exploited by hackers in two malware tookits prompting the US government to issue a warning to PC owners. Although the patch addresses certain holes, Reuters reports that a security analyst still believes that the platform remains vulnerable.
Open webOS port slow, incomplete, but works
A developer working over winter break from his college has managed to get Open webOS -- the descendant of the operating system that powered Palm and HP's ill-fated mobile devices -- to work on the Asus-produced Nexus 7 tablet from Google. The port is still in alpha stages, showing some lag and freezing while running on the Nexus 7, but the developer was able to get Wi-Fi and Internet browsing working on the device. Thanks to prior work done porting Open webOS to Samsung's Galaxy Nexus, the device even supports a "virtual gesture area," allowing it to retain the gesture-driven interface that was a signature of Palm's defunct operating system.
Reasons for shutdowns disputed
Two important sites for pirated iOS apps -- Hackulous and Apptrackr -- have suddenly announced their closures over the weekend, notes AppleInsider. A statement from Hackulous claims that the site's community has become "stagnant," and that its forums "are a bit of a ghost town." In spite of this, the site's owners say that it's become hard to keep the forums online and well-moderated.
Uses 'SMS activation' to hide subscription charge on cell bill
A Russian security firm with a mixed track record is warning about a new malware threat for the Mac, which masquerades as an installer for various types of software. Doctor Web, who claimed to have discovered the malware, says it is widely available on various sites -- though at present it is targeting Russian Mac users. The Trojan is apparently a Mac variation on a widespread Windows and Android trickware ruse that asks users for their cell number in order to send an activation code by SMS.
Japanese blog finds new model well-designed inside too
The latest version of the iMac is just 5mm (0.2 inches) thick at its thinnest point, and yet the redesigned machine has revealed quite a bit of empty space in a teardown by Japanese enthusiast site Kodawarisan, which took apart a high-end 21.5-inch iMac just hours after the new version had debuted in Japan. The interior layout and engineering matches the sparse, elegant outside -- with a clean organization of components, an emphasis on airflow design, and a central fan distributing and channeling air.
Illustrates flaw in 'open' store app policy, possibly malware-infected
For a brief time on Saturday, a batch of apps claiming to be from "Apple Inc." and including all the titles formerly grouped under the headings "iWork" and "iLife" appeared as Android apps on Google's Play store. The apps, which were apparently lightly-disguised scams, were pulled from the store a few hours later. It is unknown how many Android users may have been fooled and downloaded the apps, and its not yet known for what purpose the fake apps appeared (though malware, very common in the Android community, is very possible).
Hacktivists to remember fifth of November with Facebook attack
Hactivist group Anonymous is rumored to be planning an attack on social networking giant Facebook tomorrow, marking Guy Fawkes Day by taking down the site unless Zynga backpedals on what Anonymous contends is a plan to cut 1,000 jobs. Tomorrow's action would also include the release of Zynga's games for free download. Anonymous claims that Zynga's job-cutting maneuver is inexcusable in light of the company's significant financial reserves.
Missed email response caused loss of 'remote intern' status
On Thursday, Nicholas Allegra, also known as iPhone hacker Comex, reported in a tweet that "as of last week, after about a year, Iím no longer associated with Apple." Allegra is planning on focusing on his studies at Brown university, and does not plan on returning to the iOS jailbreak "scene." His employment contract was not renewed with Apple because he forgot to respond to an offer from the company offering an extension.
Nokia N900 converted to vibrate when squeezed
A phone has been modified to be able to transfer a squeeze to another phone. A prototype by Nokia Research and the Helsinki Institute of Information Technology amended an N900 to use a resistor to detect up to four different levels of pressure from compression. The recipient of the phone call receives different levels of vibration, depending on the amount of pressure applied.
Microcomputer capable of more memory-intensive applications
The Raspberry Pi has received a RAM upgrade. The miniature computer has now got 512MB of RAM, double that of the original release, and allows the Raspberry Pi to be used in more memory-intensive applications. Despite the increase in onboard memory, the non-profit foundation chose to keep the price at $35, instead of raising it higher.
Carrier says it has 'stepped up' efforts
T-Mobile USA is denying claims that it plans to drop the iPhone from its "Unlimited and Unlocked" campaign, a spokesperson tells 9to5Mac. Yesterday TmoNews reported that T-Mobile had issued an internal memo warning workers to no longer refer to Apple or the iPhone as a part of Unlimited & Unlocked marketing. The document also allegedly mentioned that "BYOi [Bring Your Own iPhone] Program focus will change to BYOD [Bring Your Own Device]," although "iPhone Demo Devices should continue to be used for training and customer demonstration purposes."
Factory-standard MacBook Pro altered for tablet form factor
As expected, preorders for the tablet-enabled Modbook Pro have commenced The full-conversion of a 13-inch MacBook Pro can be reserved for $500, with a final price of $3,499. The ModBook pro sports a 2.5GHz or 2.9Ghz processor, up to 16GB of RAM, a screen and stylus with 512 discrete pressure levels, and up to 480GB of SSD storage.
Pre-orders set to start October 3rd
The resurrected Modbook Pro will be made available with a selection of SSD-only drives. The change from standard hard disks to solid state drives will give the tablet computers a significant speed boost compared to previous versions of the Macbook Pro modification, which is set to go on sale by mid-November.
Insulin pumps, defibrillators capable of killing patients
According to a Government Accountability Office report, wireless medical devices vulnerable to remote control by hackers are proliferating, and should come under greater government oversight. Devices with wireless connections potentially vulnerable to attack include insulin pumps, pacemakers, defibrillators, and neurosurgical implants.
Researchers find HTC, Sony, other Android phones are also vulnerable
In a follow-up to yesterday's report of a security flaw that can wipe the data of Samsung's smartphones, it's being reported that handsets from other makers are also vulnerable. While the security patch for Samsung phones is already said to be out, the latest report suggests that many other Android-powered devices are susceptible. They include but aren't limited to the HTC One X, Motorola Defy, HTC Desire, and likely Sony Xperia Active and Xperia Arc S.
New system prevents leaks, increases energy efficiency
The California Institute for Telecommunications and Information Technology (CALIT2) at the University of California San Diego has launched the test for a new server farm cooling technology. A negative-pressure liquid cooling system has been deployed on a three 1U servers in the Calit2 server room to test both the efficacy of the setup as well as the energy efficiency improved by the use of the liquid cooling system.
London theft similar to Japanese heist in scale, timing
An O2 cellular retailer store in London's Wimbledon area was hit in a robbery early Friday morning, with more than 250 iPhone 5 units stolen along with cash in what police say was an inside job. The BBC reports that 252 iPhones worth around $165,000 were taken from the shop in the Tandem Centre at 1:30AM local time, and want to speak with Usman Sethi, 23, who worked as an assistant at the shop. Sethi is also wanted for questioning regarding the theft of jewelry belonging to a member of his family. Coincidentally, around the same number iPhones were stolen in organized attacks on three Japanese iPhone stores in Osaka, Japan.
Discovery brings US iPhone 5 more flexibility for travelers
According to reports, the Verizon iPhone 5 is GSM unlocked out of the box, as per requirements imposed on Verizon. In addition, using a cut-down AT&T micro-SIM to roughly conform with the nano-SIM standard, the Verizon iPhone 5 is able to acquire an AT&T signal, and connect to the HPSA+ network, AT&T's 4G-equivalent network.
New graphics routines to blame, solution for problem announced
[Updated with discussion of problem and Codeweavers update information] According to an announcement post on the Codeweavers support forum, virtualization application Crossover fails to operate under recently-released OS X versions 10.8.2 and 10.7.5. Crossover reports that the bug "prevents CrossOver from operating any application that uses 3D functions" and that it is "working with Apple on this issue and we hope to resolve it rapidly."
Turbo mode lets System on Chip hit 1GHz
The Raspberry Pi can now be overclocked without affecting the warranty. The credit card-sized microcomputer maker has created a way to make a "turbo mode", which allows the 700MHz processor run at around 1GHz, with nbench reporting it as 52-percent faster on integers, 64-percent faster on floating points, and 55-percent faster on memory.
Former NSA penetration tester attacked MacBook Air, iOS, more
A prolific white-hat hacker that repeatedly attacked Apple products along with Windows systems for prize money has been hired by Twitter. Charlie Miller, previously a penetration tester for various security firms and a former "Global Exploitation Analyst" for the NSA, will join a team dedicated to finding security flaws in the social network, and help prevent others from performing the same attacks.
Advertising Identifiers replaces UDIDs, prevents abuse
Apple's forthcoming iOS 6 release will include an option for users to limit the amount of device tracking advertisers can do, an effort to prevent abuse of personal information and enhance privacy that goes beyond simply blocking cookies in Mobile Safari. The change will force advertisers and third parties to rely on non-permanent and non-personal device identifiers to help tailor served ads, though Apple includes a note saying that until all ad networks transition to using the AI tokens, targeted ads may continue for a while.
iPhone-oriented robot listens to music, responds accordingly
A team of roboticists from MIT, Israel's IDC, and Georgia Tech calling themselves Tovbot have developed the Shimi -- an iPhone-connectible "musically intelligent robotic speaker dock." The Shimi is currently in the beginning of its Kickstarter campaign for funding, and sits just over 10 percent funded in just a few days, with four weeks remaining.
Fix for 1080p third-gen Apple TV still elusive
FireCore, a company that specializes in jailbreak and media server software for various models of Apple TV has released version 2.0 of its aTV Flash (black) program, which is specifically aimed at jailbroken second- and third-generation Apple TVs (the small black model that sells for $99). The new update is not yet working for the latest, 1080p-supporting black Apple TV, but brings a new Library View, integrated search, trakt.tv and Last.fm scrobbling, Recently Added displays and more to second-gen Apple TV units.