Latest Entries »

BitTorrent’s Secure Dropbox Alternative Goes Public

Filed under: Applications, BitTorrent, Computers, Internet, IPTV, Software, Technology, Windows by Ryan Boese — Leave a comment
04/23/2013

BitTorrent Inc. has opened up its Sync app to the public today. The new application is free of charge and allows people to securely sync folders to multiple devices using the BitTorrent protocol. Complete control over the storage location of the files and the absence of limits is what sets BitTorrent’s solution apart from traditional cloud based synchronization services.

Dropbox, Google Drive, Microsoft Skydrive and Mega are just a few examples of the many file-storage and backup services that are available today.

All these services rely on external cloud based hosting to back up and store files. This means that you have to trust these companies with your personal and confidential files, and that your storage space is limited.

For those people who want to be in control of their own data there haven’t been many alternatives, but BitTorrent Sync has the potential to trigger a small revolution on this front.

BitTorrent Sync’s functionality is comparable to services such as Dropbox and Skydrive, except for the fact that there’s no cloud involved. Users sync the files between their own computers and no third-party has access to it.

Besides increased security, BitTorrent sync transfers also tend to go a lot faster than competing cloud services. Another advantage is that there are no storage or transfer limits, so users can sync as many files as they want, for free.

Earlier this year BitTorrent started a closed Alpha test with a limited number of users, and today Sync is being released to the public for the first time.

“We’re really excited about opening up this Alpha. The feedback has been universally positive. Those in the closed Alpha have already synced more than 200TB since we started the program,” BitTorrent announces.

Over the past weeks many improvements have been made to the Sync application, prompted by user feedback. Among other things it is now possible to allow one-way synchronization and to exclude files or directories from being shared.

While Sync uses BitTorrent technology, people’s files are not accessible to outsiders. Only those who have the unique private key can access the shared folder.

“All the traffic is encrypted using a private key derived from the shared secret. Your files can be viewed and received only by the people with whom you share your private secret,” BitTorrent explains.

To increase security, the latest Sync version also has the option to let the secret key expire after a day so new devices can’t be added, even if outsiders have the private key.

BitTorrent stresses that Sync is still in Alpha development but tests carried out by TorrentFreak confirm that it works very well. It is an ideal tool for people who want to share large amounts of data between computers without going through third-party services.

The application is also surprisingly easy to configure. There’s no need to create an account and it only takes a few clicks to get going.

The Sync application is available for Windows, OSX, Linux and has the ability run on NAS devices through a web-interface. Readers who are interested in giving it a spin can head over to BitTorrent labs, where the Sync app can be downloaded.

Download BitTorrent Sync for Windows here.
Download BitTorrent Sync for Mac 10.6 or newer here.

Source: TorrentFreak

Tags: , , , , , , , , , , , ,
Comment

Did you know we repair more then just iPhones?

Filed under: 3G, 3GS, 4, 4G, 4S, Android, Apple, Applications, Cell Phone Unlocking, Computers, HP, HTC, Huawei, iOS, iPhone, iPhone Repair, Jailbreak, Laptop, Repairs, Ryan's Unlock Shop, Samsung, Security, Software, Tablets, Telecom, Unlocking by Ryan Boese — Leave a comment
04/22/2013

Most of you know about our PC repair services, but did you know we fix/repair/unlock cellphones & tablets? Did you also know that we offer the lowest prices in the Fraser Valley and will price match and BEAT any competitor price? Now you do.

We repair all Smartphones / iPhones for :

* Broken LCD Screens & Touch Screen Replacement
* Water and other Liquid Damage Repair / Corrosion Clean Up
* Phone Data Recovery – Photos, Music, Text Messages
* No Power / Phone does not turn on
* Charging Problems / Charging Controller / Charging Port Replacement
* Battery Replacement (200+ Batteries in stock)
* Staticky, Crackling Speakers & Microphones
* Home Button / Power Lock Button Replacement
* Malfunctioning button, Trackball, Trackpad and Keypad
* Malfunctioning SIM card readers / NO SIM Reading Fix
* Software problems, upgrades and reflashing (All Models)
* Language change
* JTAG Service (Android Phones)
* Unknown Baseband, IMEI missing
* Password Protected / Disabled Phones / Pattern Lock Reset (Samsung)
* Jailbreaking — iPhone, AppleTV 1 & 2 + FREE TV & MOVIES + FREE APPS
* Rooting — Most Android Models — Custom Rom Reflashing Available

We unlock ALL Smartphones For :

* iPhone 2G/3G/3GS (Most iOS Versions)
* iPhone 4/4S – Factory unlock Fido/Rogers/Telus/Koodo/AT&T/Bell
* iPhone 5 – Factory unlock Telus/Koodo/AT&T/Rogers/Fido
* iPhone 4S/5 unlocking for iOS 5.x, 6.1.3 and below!
* BlackBerry, Samsung, LG, HTC
* Nokia, Motorola, Sony Ericsson, Huawei, Alcatel and other Overseas Models.

- iPhone Factory unlock for USA, UK, Brazil, Australia, France, Spain, Ireland, Netherlands, Denmark, Norway, Chile, Switzerland, Sweden, Saudi Arabia, Norway, Romania, Japan, etc.

As always, we DO NOT charge for repairs that cannot be performed.

180 Warranty on ALL parts & Labour – We ONLY use OEM Factory Parts.

Call the shop if you need a price quote, make sure to ask for Ryan.

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Comment

Russian BadNews bug found in Android app store

Filed under: Android, Applications, Cybersecurity, Droid, Exploit, Google, Hackers, Internet, Malware, Mobile, Repairs, Security, Spyware, Technology, Virus by Ryan Boese — Leave a comment
04/19/2013

Security researchers have identified 32 separate apps on Google Play that harboured a bug called BadNews.

On infected phones, BadNews stole cash by racking up charges from sending premium rate text messages.

The malicious program lay dormant on many handsets for weeks to escape detection, said security firm Lookout which uncovered BadNews.

The malware targeted Android owners in Russia, Ukraine, Belarus and other countries in eastern Europe.

The exact numbers of victims was hard to calculate, said Lookout, adding that figures from Google Play suggest that between two and nine million copies of apps booby trapped with BadNews were downloaded from the store.

In a blogpost, Lookout said that a wide variety of apps were harbouring the BadNews malware. It found the programme lurking inside recipe generators, wallpaper apps, games and pornographic programmes.

The 32 apps were available through four separate developer accounts on Play. Google has now suspended those accounts and removed all the affected apps from its online store. No official comment from Google has yet been released.

Lookout said BadNews concealed its true identity by initially acting as an “innocent, if somewhat aggressive, advertising network”. In this guise it sent users news and information about other infected apps, and prompted people to install other programmes.

BadNews adopted this approach to avoid detection systems that look for suspicious behaviour and stop dodgy apps being installed, said Lookout.

This masquerade ended when apps seeded with BadNews got a prompt from one of three command and control servers, then it started pushing out and installing a more malicious programme called AlphaSMS. This steals credit by sending text messages to premium rate numbers.

Users were tricked into installing AlphaSMS as it was labelled as an essential update for either Skype or Russian social network Vkontakte.

Security firm Lookout said BadNews was included in many popular apps by innocent developers as it outwardly looked like a useful way to monetise their creations. It urged app makers to be more wary of such “third party tools” which they may include in their code.

Half of the 32 apps seeded with BadNews are Russian and the version of AlphaSMS it installed is tuned to use premium rate numbers in Russia, Ukraine, Belarus, Armenia and Kazakhstan.

Source: BBC News

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Comment

Apple finally fixes App Store flaw by turning on encryption

Filed under: Apple, Cybersecurity, Exploit, Hackers, iOS, Malware, Security, Vulnerability by Ryan Boese — Leave a comment
03/10/2013

Apple has finally fixed a security flaw in its application store that for years has allowed attackers to steal passwords and install unwanted or extremely expensive applications.

The flaw arose because Apple neglected to use encryption when an iPhone or other mobile device tries to connect to the App Store, meaning an attacker can hijack the connection. In addition to a security flaw, the unencrypted connections also created a privacy vulnerability because the complete list of applications installed on the device are disclosed over Wi-Fi.

It also allows the installation of apps, including extremely expensive ones that top out at $999.99, without the user’s consent, which can create serious consequences because Apple doesn’t give refunds. To do this, an attacker needs to be on the same private or public Wi-Fi network, including, for example, a coffeeshop, hotel, or airport network.

Security researcher Elie Bursztein discovered the vulnerability and reported it to Apple last July. Apple fixed the problem in a recent update that said “content is now served over HTTPS by default.” Apple also thanked Bernhard Brehm of Recurity Labs and Rahul Iyer of Bejoi.

Bursztein, who works at Google, in Mountain View, Calif., but emphasized this was work done at home in his spare time, published a personal blog post today that described details about the App Store vulnerability and included videos of how an attacker was able to steal passwords or install unwanted apps.

Publicizing this flaw, Bursztein said, highlighted how necessary encrypted HTTPS connections were. “Many companies don’t realize that HTTPS is important for mobile apps,” he said. But if they rely on Web connections or Webviews, he added, they are vulnerable to attacks: “Providing a concrete example seems a good way to attract developer attention to the issue.”

As a postdoctoral researcher at Stanford University, Bursztein published research that included demonstrating flaws in Captchas and the Web interfaces of embedded devices. At the Defcon conference in Las Vegas two years ago, he demonstrated how to bypass Windows’ built-in encryption that Web browsers, instant messaging clients, and other programs used to store user passwords.

Bursztein’s blog post comes a day after Apple’s marketing chief, Phil Schiller, took a security-related swipe at Google on Twitter by pointing to a report on the rise of Android malware.

 

Source: CNET

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Comment

Lock Screen Security Bug Found: Samsung Galaxy S3

Filed under: Android, Cybersecurity, Exploit, Mobile, OS, Repairs, Samsung, Telecom, Unlocking, Vulnerability, Wireless by Ryan Boese — Leave a comment
03/07/2013

Following closely on the heels of a Samsung Galaxy Note 2 security vulnerability, another Samsung user has found that the bug affects other models.

Unlike the Samsung Galaxy Note 2 flaw, the bug allows for full access to the Samsung Galaxy S3. The method is similar in that it requires a fleet-fingered user to hop through a number of screens.

As discovered by Sean McMillian, the smartphone can be manipulated by tapping through the emergency call, emergency contacts, home screen, and then the power button twice. McMillian admits that the bug isn’t consistent — sometimes, he said, it works right away, while other times it takes 20 attempts.

Indeed, we weren’t able to replicate the bug after many tries (Engadget was able to do it, but it took a long time). That suggests that would-be snoopers must act quickly and deftly, but the lesson here (and always) is to keep a watchful eye on that $500 smartphone.

As McMillian indicates, the bug seems to be related to Samsung’s software and not an Android-wide issue. Judging by the similarities in the two flaws, we might expect Samsung to issue software updates to address the concerns.

Source: CNET

Tags: , , , , , , , , , , , , , , , , , , , , ,
Comment

Apple Is Beta-Testing A Fix For Evasi0n Jailbreak

Filed under: 3GS, 4, 4G, 4S, Apple, Applications, Cell Phone Unlocking, Cybersecurity, Cydia, Exploit, Hackers, iOS, iPhone, iPhone Repair, Jailbreak, Repairs, Unlocking by Ryan Boese — Leave a comment
02/25/2013

All good jailbreaks must come to an end.

Late last week Apple released an update for iOS to developers in beta that prevents the use of the popular jailbreak software evasi0n, according to one of evasi0n’s creators who tested the patch over the weekend, David Wang.

Wang tells me that he’s analyzed the 6.1.3 beta 2 update and found that it patches at least one of the five bugs the jailbreak exploits, namely a flaw in the operating system’s time zone settings. The beta update likely signals the end of using evasi0n to hack new or updated devices after the update is released to users, says Wang, who says he’s still testing the patch to see which other vulnerabilities exploited by the jailbreak might no longer exist in the new operating system.

“If one of the vulnerabilities doesn’t work, evasi0n doesn’t work,” he says. “We could replace that part with a different vulnerability, but [Apple] will probably fix most if not all of the bugs we’ve used when 6.1.3 comes out.”

That impending patch doesn’t mean evasi0n’s time is up, says Wang. Judging by Apple’s usual schedule of releasing beta updates to users, he predicts that it may take as long as another month before the patch is widely released.

When evasi0n hit the Web earlier this month, it quickly became the most popular jailbreak of all time as users jumped at their first chance to jailbreak the iPhone 5 and other most-recent versions of Apple’s hardware. The hacking tool was used on close to seven million devices in just its first four days online.

Despite that frenzy, Apple has hardly scrambled to stop the jailbreaking.  Evasi0n has already gone unpatched for three weeks. That’s far longer, for instance, than the nine days it took Apple to release a fix for Jailbreakme 3.0, the jailbreak tool released in the summer of 2011 for the iPhone 4, which was by some measures the last jailbreak to approach Evasi0n’s popularity.

Apple’s slow response to Evasi0n is explained in part by the relatively low security risk that the tool poses. Unlike Jailbreakme, which allowed users to merely visit a website and have their device’s restrictions instantly broken, Evasi0n requires users to plug their gadget into a PC with a USB cable. That cable setup makes it far tougher for malicious hackers to borrow Evasi0n’s tricks to remotely install malware on a user’s phone or tablet.

Security researchers have nonetheless pointed out that Evasi0n could give criminals or spies some nasty ideas. The tool uses five distinct bugs in iOS, all of which might be appropriated and combined with other techniques for malicious ends. And F-Secure researcher Mikko Hypponen points out that if a hacker used a Mac or Windows exploit to compromise a user’s PC, he or she could simply wait for the target to plug in an iPhone or iPad and use evasi0n to take over that device as well.

More likely, perhaps, is a scenario described by German iPhone security researcher Stefan Esser. He argues that a hacker could use a secret exploit to gain access to an iPhone or iPad and then install evasi0n, using the jailbreaking tool to hide his or her tracks and keep the secret exploit technique undiscovered by Apple and unpatched. “That way they protect their investment and leave no exploit code that could be analyzed for origin,” Esser wrote on Twitter.

Apple already has a more pressing security reason to push out its latest update. The patch also fixes a bug discovered earlier this month that allows anyone who gains physical access to a phone to bypass its lockscreen in seconds and access contacts and photos.

When Apple’s update arrives, the team of jailbreakers known as the evad3rs may still have more tricks in store. Wang tells me that the group has discovered enough bugs in Apple’s mobile operating system to nearly build a new iOS jailbreak even if all the bugs they currently use are fixed.

But then again, Wang says he hasn’t yet been able to check Apple’s patch for every bug it might fix–either the ones evasi0n employs or those he and his fellow hackers had hoped to keep secret for their next jailbreak. “If they patch most of the bugs,” Wang says. “Then we’re starting from scratch.”

Ryan says:  We’re offering our customers the opportunity to Jailbreak their iPhone 5 for FREE until the end of March! – Call Ryan to book an appointment!

Source: Forbes

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Comment

New next-gen Xbox details emerge, reinforcing reports that used games will be unplayable

Filed under: Applications, Gaming, Microsoft, Software, Technology, XBox 360 by Ryan Boese — Leave a comment
02/06/2013

The mystery surrounding Sony’s (SNE) PlayStation 4 will soon dissipate when the company unveils its next-generation video game console on February 20th. Meanwhile, Microsoft’s (MSFT) upcoming rival console is still very much a mystery, though pieces of the puzzle continue to come together. The latest report comes from Edge, which cites multiple unnamed people with “first-hand experience of Microsoft’s next generation console” in claiming that the new Xbox will require an always-on internet connection to check disc registration in order to function. The report reinforces earlier rumors that Microsoft will restrict or even completely block owners’ ability to play used games.

BGR also reaffirms specs reported earlier, including a 1.6GHz eight-core AMD CPU, D3D11.x 800MHz graphics and 8GB of RAM, and it says we should expect a new Kinect sensor to launch alongside the console.

Microsoft’s next Xbox is expected to be unveiled during the E3 gaming conference this summer.

Source: BGR

Ryan:  Limiting the ability to play used XBOX games on the new console is will be their downfall. If this happens, I won’t be buying one. PS4 FTW?!?!

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Comment

Sophisticated botnet steals more than $47M by infecting PCs and phones

Filed under: Applications, Computers, Cybersecurity, Exploit, Hackers, Internet, Malware, Repairs, RootKit, Security, Spyware, Trojan, Virus by Ryan Boese — Leave a comment
12/05/2012

A new version of the Zeus trojan—a longtime favorite of criminals conducting online financial fraud—has been used in attacks on over 30,000 electronic banking customers in Europe, infecting both their personal computers and smartphones. The sophisticated attack is designed to circumvent banks’ use of two-factor authentication for transactions by intercepting messages sent by the bank to victims’ mobile phones.

The malware and botnet system, dubbed “Eurograbber” by security researchers from Check Point Software and Versafe, was first detected in Italy earlier this year. It has since spread throughout Europe. Eurograbber is responsible for more than $47 million in fraudulent transfers from victims’ bank accounts, stealing amounts from individual victims that range from 500 Euros (about $650) to 25,000 Euros (about $32,000), according to a report published Wednesday.

The malware attack begins when a victim clicks on a malicious link, possibly sent as part of a phishing attack. Clicking on the link directs them to a site that attempts to download one or more trojans: customized versions of Zeus and its SpyEye and CarBerp variants that allow attackers to record Web visits and then inject HTML and JavaScript into the victim’s browser. The next time the victim visits their bank website, the trojans capture their credentials and launch a JavaScript that spoofs a request for a “security upgrade” from the site, offering to protect their mobile device from attack. The JavaScript captures their phone number and their mobile operating system information—which are used in the second level of Eurograbber’s attack.

With the phone number and platform information, the attacker sends a text message to the victim’s phone with a link to a site that downloads what it says is “encryption software” for the device. But it is, in fact, “Zeus in the mobile” (ZITMO) malware—a Trojan crafted for the Android and BlackBerry mobile operating systems that injects itself between the user and the mobile browser and SMS messaging software. With both devices now compromised, the malware waits for the victim to access a bank account, and then immediately transfers a percentage of the victim’s balance to an account set up by the criminals running the botnet.

The malware then intercepts the confirmation text message sent by the bank, forwarding it to the trojan’s command and control server via a relay phone number. The server uses the message to confirm the transaction and withdraw the money. The same process happens every time the victim logs into their bank account, gradually withdrawing money without alerting the user.

Both Checkpoint and Versafe have added signature and behavior detection to their malware protection products that can block Eurograbber. Updating software that is a frequent target for Web “driveby download” exploits—such as Adobe Flash, Java, and Web browsers—can help prevent infection by the malware, as can a healthy amount of paranoia about clicking links in e-mails.

Source: Arstechnica

Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,
Comment

Upgrading RAM on the new iMac is practically impossible

Filed under: Apple, Computers, iOS, Laptop, Mac, Repairs by Ryan Boese — Leave a comment
12/03/2012

The electronics website iFixit on Friday downgraded the new 21.5-inch iMac’s repair score to 3 out of a possible 10, calling servicing the computer “an exercise in disappointment.”

The website urged do-it-yourselfers to look for a leftover 2011 model instead. “Hackers, tinkerers, and repairers be forewarned: Get last year’s model if you’d like to alter your machine in any way,” said Miroslav Djuric, iFixit’s chief information architect, in an email announcing the site’s teardown of the newest iMac.

Apple started selling the redesigned 21.5-inch iMac on Friday at its retail and online stores. The larger, more expensive 27-in. iMac is to ship later this month.

After disassembling the iMac, iFixit assigned the all-in-one desktop a repair score of just 3 out of 10; The 2011 version of the same-sized iMac sported a more DIY-friendly score of 7 out of 10.

The iMac’s new score is in the same low range as Apple’s 15- and 13-inch Retina-equipped MacBook Pro laptops, which earned a 1 and 2, respectively, this summer and fall. In June, iFixit called the 15-inch MacBook Pro “the least-repairable laptop we’ve taken apart.”

Explaining the iMac’s low score, iFixit cited the copious amounts of “incredibly strong” adhesive that bonds the LCD and front glass panel to the frame. Earlier iMacs fixed the display in place with magnets rather than the hard-to-dislodge glue, which is even harder to replace.

Just as damning was an Apple design decision that makes it practically impossible for users to upgrade the iMac’s RAM. The 21.5-in. iMac comes standard with 8GB of memory – and can be upgraded to 16GB – but because the RAM is buried beneath the logic board, owners must “take apart most of the iMac just to gain access,” iFixit said.

Older 21.5-inch iMacs had four external RAM slots that were easily accessed by users.

Apple mentions the impracticality of memory upgrade only in a side note hidden on the iMac’s options page. There, Apple said: “Every 21.5-inch iMac comes with 8GB of memory built into the computer. If you think you may need 16GB of memory in the future, it is important to upgrade at the time of purchase, because memory cannot be upgraded later in this model.”

The not-yet-available 27-inch iMac will continue to sport four external memory slots. Customers can boost the RAM at the time of ordering to 16GB (for an extra $200) or 32GB ($600), but those prices are exorbitant compared to third-party RAM that users install themselves. An additional 8GB of memory – which would raise the iMac’s total to 16GB – costs just $40 at Crucial.com, for example.

iFixit spotted several other changes to the iMac, including a larger, single fan rather than several smaller fans; dual microphones, likely a noise cancellation move for FaceTime video calls; and a vibration-dampening housing around the laptop-sized 2.5-in. hard disk drive.

The teardown also exposed the location where Apple places a “Fusion Drive,” the option that combines 128GB of flash storage with a standard platter-based hard drive.

The new iMacs are priced between $1,299 and $1,999 – $100 more than their precursors – and can be purchased or pre-ordered at Apple’s online and retail stores.

iFixit reduced the repair score of Apple’s iMac from 7 to 3 (out of 10), citing screen-to-chassis glue and the impracticality of upgrading RAM or swapping drives.

Source: TechWorld

Tags: , , , , , , , , , , , , , , , ,
Comment