Tag Archives: iPhone

Another, New iOS Lock Screen Vulnerability Uncovered

Hot on the heels of a vulnerability that gave snoopers the ability to bypass the iPhone’s passcode in iOS 6 and make calls, view and modify contacts, and even access to photos via the Contacts app, is a new one that allows the entire contents of the handset to by synced with iTunes.

“The vulnerability is located in the main login module of the mobile iOS device [applies to iPhone or iPad] when processing to use the screenshot function in combination with the emergency call and power button,” said Vulnerability Lab, who initially discovered the flaw.

The vulnerability allows anyone with physical access to the iOS device the ability to easily bypass the passcode lock and use  a USB cable to get access to the data stored on the iPhone or iPad from a Mac or PC.

Below is a video demonstrating the vulnerability.

This is a very serious vulnerability indeed, as it means that someone could get access to data stored on an iOS device without leaving a trace. While home users might not like the idea of family and friends snooping through their data, it’s businesses who use iPhones and iPads that need to be really worried. This vulnerability means that storing sensitive information on an iOS 6 is not a good idea, and additional steps need to be taken to protect the data.

Source: Forbes

iPhone Lockscreen Can Be Bypassed with New iOS 6.1 Trick

A security flaw in Apple’s iOS 6.1 lets anyone bypass your iPhone password lock and access your phone app, view or modify contacts, check your voicemail, and look through your photos (by attempting to add a photo to a contact). The method, as detailed by YouTube user videosdebarraquito, involves making (and immediately canceling) an emergency call and holding down the power button twice. We followed the steps and managed to access the phone app on two UK iPhone 5s running iOS 6.1. This isn’t the first time this has happened — a very similar bug affected iOS 4.1 and was fixed in iOS 4.2. We’ve reached out to Apple for comment and will update you once we hear back.

Watch this Youtube Video demonstration of the hack.

Source: The Verge

Why 2013 Is RIM’s BlackBerry Year

The iPhone isn’t that great and the Android OS is woefully insecure. Come Jan. 30, if mobile users take a hard look at their devices and then look at the new BlackBerry 10, RIM could be in for a windfall.

CIO – As we look ahead to 2013, it’s becoming increasingly clear that the new year provides an unprecedented opportunity for Research in Motion to make a huge comeback.

This is largely because the market is dominated by two platforms: Android, which is seen as an unsecure malware magnet, and iOS, which comes from a firm that has never learned to spell “IT.” In fact, Apple’s biggest failures were Lisa and the Apple Server, both created on Steve Jobs’ watch (Lisa was even his product, initially) and both targeted at the IT market.

While phones and tablets are largely a consumer play, they are increasingly being used for business. Even in a BYOD world, IT still has a great deal of say about the hardware connected to its networks and services. As we start 2013, and as RIM brings out its next-generation products, the company will stand alone as the only mobile solutions provider focused on IT first and the needs of users later.

RIM will still need corporate and consumer users, but given the threats the company faces, this differentiator could drive the back into market. Let’s look at a few other reasons why.

Apple’s Flaws: Siri, iCloud Disappoint

Siri represents an Emperor’s New Clothes issue that is cropping up around the iProducts. Siri, a voice command application that Apple has heavily marketed, really doesn’t work well. During Steve Jobs’ tenure, the company was able to create this image that, if a user had problems with the offering, then it was uniquely the user’s issue, but Tim Cook hasn’t been able to contain the customers talking among themselves and discovering that their problems are in fact common.

Apple’s success is partially due to the fact that users have largely ignored the problems with their products, while Apple has been incredibly effective in making those products seem trivial. However, MobileMe was terrible , and iCloud is marginally better. Both were critical to strong integration with Microsoft Exchange—which is a typical user requirement when tied to phone use for work.

If Apple users start looking at the faults in their devices—particularly in areas such as mail integration, where RIM is strong—the stage is set for a strong backlash favoring RIM.

Android’s Flaws: Security, Poor Mail Support

Google recently pulled Exchange support from its mail platform as a free offering. Android lives in the world of free, and even though Google Play is second only to the Apple App Store in terms of the number of apps, app developers have long complained that they can’t make money from a customer base that will accept only free stuff. Into this tension Google now pushes Exchange support—for a fee.

On top of this, the device market is highly fragmented, which makes the operating system hard to secure and explains why Android is a malware magnet. A few months ago, for example, McAfee attacked an Android phone, causing it to cycle until it overheated and failed catastrophically. The mere idea that a phone might catch fire in a plane or office, should it be widely believed, would crater Android sales.

RIM, like Apple and Microsoft, operates in a way that promotes apps that people buy and focuses on making products secure. As a result, BlackBerry devices are likely to be favored by those abandoning Android.

Enter BlackBerry 10 to Save the Day?

I’ve had some time to talk to RIM about its upcoming platform, and it appears to address each one of these shortcomings with a vengeance. BlackBerry 10 is based on an OS that is used to operate machinery. RIM started with a business oriented core and then addressed consumer needs—as opposed to the more common approach of putting a business façade over a device that was targeted first at consumers.

If the market spits up Apple and Android devices for their inability to meet business user needs, RIM stands alone—or will, on Jan. 30, 2013 and the days that follow the BlackBerry 10 launch—as the company ready to embrace them. This is an unprecedented opportunity. As a result, 2013 could be an amazing year for RIM.

Rob Enderle is president and principal analyst of the Enderle Group. Previously, he was the Senior Research Fellow for Forrester Research and the Giga Information Group. Prior to that he worked for IBM and held positions in Internal Audit, Competitive Analysis, Marketing, Finance and Security. Currently, Enderle writes on emerging technology, security and Linux for a variety of publications and appears on national news TV shows that include CNBC, FOX, Bloomberg and NPR.

Source: CIO.com

Apple “Shake to Charge” Patent May One Day Power iPhones and iPods

Apple has revealed the Cupertino company’s plans to use electromagnetic induction technology in their products in the future. Electromagnetic Induction is basically a production of an electric current in a conductive element as it moves through a magnetic field, which in turn is used to generate power.

Apple will be introducing this technology somehow in their products in the future but unlike the more traditional method of electromagnetic induction, Apple’s version will use printed coils with moveable magnets, while the typical version is the opposite where a coil will move around a stationary magnet. Seen below.

According to the patent, it can be mounted onto a portable device with Apple’s iPod and iPhone used as examples.

How to Get Pulse News Reader on the BlackBerry PlayBook

Pulse news reader is a great news feed application that has been available on Android devices and in Apple’s App Store. It is not available on any BlackBerry device, though I could definitely see it running nicely on a BlackBerry 10 device.

Pulse is by far one of my favorite news feed applications and it is one of the most unique in it’s layout. I figured that there would be a Pulse application available for the PlayBook by now but that sadly is like a lot of other great apps that could be and should be on the PlayBook but aren’t.

If you know how to sideload Android apps onto your PlayBook, either by using your computer or doing it the way I prefer which is by using LocalBar2 on my PlayBook and my Bold. With LocalBar2 you can download the .bar files on your PlayBook and use your BlackBerry or Android device as a proxy server to install the apps directly to your PlayBook with no need for a computer or wires of any kind. Visit Yohanes Nugroho’s LocalBar2 site Here. Also note (I assume that LocalBar2 will work on most OS versions on the PlayBook, as I am currently running Beta OS v2.1.0.840 and it works just fine).

Here’s the .bar file for Pulse News Reader for BlackBerry PlayBook.

Besides doing that as many already know Pulse recently released a Pulse news reader website. The site is http://pulse.me and it is a great looking site and works beautifully.

I have found that the new Pulse website actually works very well on the BlackBerry PlayBook’s default browser and I have been using it lately, though of course there are little annoyances’. Like when scrolling at times articles you touch will move to saved articles.

So if you are a fan of Pulse and you would like to be able to view Pulse news on your PlayBook these are two simple suggestions.

Severe Security Flaw in iOS Exposed

Security researcher and iOS hacker pod2g has found and detailed a flaw in iOS that is considered “severe”, though it does not involve code execution.

According to pod2g “The flaw exists since the beginning of the implementation of SMS in the iPhone, and is still there in iOS 6 beta 4.”

The flaw is found in the SMS messaging on iOS devices. The SMS text is a few bytes of data exchanged between two mobile phones, with the carrier transporting the information. The text is converted to PDU (Protocol Description Unit) by the mobile device and sent through then passed to the baseband for delivery.

PDU handles the sending and receiving of various types of messages in mobile devices. Included in the message header there are various pieces of information about the message, including the details of the message sender. This feature is commonly used for automated messages from companies and carriers. And since carriers don’t check for the validity of this information when used by third-parties it can be exploited.

Because iOS does not allow you to view the number that you’re replying to this enables a malicious sender to fake his identity, making you think that a trusted number is sending the SMS. Because the “reply-to” number is different to the number displayed, iOS would send your message to a hidden number without you realizing.

According to pod2g, he believes the following is why this flaw is an issue:

    • Pirates could send a message that seems to come from the bank of the receiver asking for some private information, or inviting them to go to a dedicated website. [Phishing]
    • One could send a spoofed message to your device and use it as a false evidence.

Source: pod2g’s iOS Blog