Tag Archive: Apple


Acer’s MacBook Air-cloning Aspire 3951 Ultrabook Leaks Out

Filed under: Acer, Apple, Computers, Intel, Laptop, Macbook, PC, Supercomputer, Technology, Ultrabook by Ryan Boese — Leave a comment
August 9, 2011

A hinted-at Acer ultrabook may have had its first public sighting through leaked renders and details in Vietnam. The 13.3-inch Aspire 3951 would borrow more than a few cues from the MacBook Air Intel’s ultrabook spec is meant to imitate and would have a supposedly 0.51-inch thick, aluminum, 3.09-pound shell. In a nod to the Dell Adamo, however, Sohoa‘s look showed that most of the ports would be moved to the back, where the hinge design would make sure they stayed available.

The system would also make the solid-state drive optional. Buyers could pick the likely Intel-made 160GB SSD or opt for more traditional 250GB and 500GB hard drives. Not much is known about the choice of processor other than using a 2011 Core chip, although the Aspire would follow Apple into including Bluetooth 4.0 while swapping out the Thunderbolt for a plainer HDMI output. A card reader is in view on the right-hand side.

Acer is believed to be focusing on longevity, offering a competent though shorter six hours of battery use as well as 30 days of standby; the long idle time might only be true for the SSD option. Moving from sleep to wake should take 1.7 seconds.

Earlier rumors have had Acer’s ultrabook shipping at the very end of the year. The 3951 might undercut the MacBook Air with estimated prices of between $769 to $961 depending on the model, although it’s not clear what a base model would involve. Any lower pricing is likely to entail a slower rotating hard drive and might go below the 1.7GHz Core i5 Apple uses in its own system.

Intel devised the ultrabook spec as a way of sustaining notebook sales in the face of tablets through taking a cue from the Air. The decision may have triggered a pushback from Windows PC builders who have been fighting to lower the price after they were worried they would have no choice but to match Apple’s price after Intel set similar quality and performance goals.

Source: Electronista

Tags: , , , , , , , , , ,
Comment

Vonage offering unlimited international calling via mobile phones

Filed under: Android, Internet, Mobile, Technology, Telecom, VoIP, WiFi, Wireless by Ryan Boese — Leave a comment
July 27, 2011

Vonage’s international calling plan is stepping up to be a more affordable and flexible option as the service extends to mobile.

The new Vonage World plan is as follows: Subscribers can call land-line numbers in over 60 countries from either their own land-line or mobile phone using the VoIP service for $25.99 per month. Users can also call mobile numbers in up to 10 countries on the same plan.

Vonage suggests that anyone who already conducts international phone calls for a little as an hour a week could save up to $250 with this option.

Mike Tempora, senior vice president of product management for Vonage, said that the mobile option was in high demand from its customers, citing that “70 percent said they make international calls while their away from home either by using a calling card or paying high carrier rates.”

Additionally, the revamped plan includes the new Extensions feature, which enables customers to add any U.S. phone number (mobile, home or office) as another number on the plan. (Note that fax numbers as well as 800/887 and virtual numbers are not supported). That number can then double as a virtual calling card to re-route calls over the Vonage’s network.

For example, this makes the most sense if a subscriber has Vonage World at home or work, and wants to add his or her cell phone number to the plan, or vice versa.

The process to take advantage of this might seem a bit complicated on paper, but it’s rather straightforward. Once the user registers the number on his or her online account page, the user will then have to select a PIN number for validating the subscriber and the phone line later on. From there, when the user wants to make an international call, he or she just dials an access number, the PIN number and then the international phone number he or she is calling.

Tempora added that customers who use virtual numbers and/or international calling cards will find the process to be quite similar and intuitive.

Although this service is supported by any mobile device, there will be apps for iOS and Android in the coming weeks with a one-touch solution to streamline this process.

Ryan: Good news for people looking for a cheaper alternative to call overseas. I will be definitely downloading the app once it hits the Android Market.

Source: ZDNet

Tags: , , , , , , ,
Comment

Jailbroken iOS 5 devices: No OTA updates for you

Filed under: 4G, Apple, Applications, Cydia, iPhone, Jailbreak, Technology, Telecom, Unlocking, Wireless by Ryan Boese — Leave a comment
July 24, 2011

The iPhone, iPod Touch and iPad crowd got understandably excited with the word that the next version of iOS, iOS 5, will finally usher in over-the-air (OTA) updates for the platform. Android device owners have been enjoying OTA updates from the beginning, and finally Apple is cutting the cord for device updates. Folks are already using beta versions of iOS 5 even though it won’t officially appear until later this year, and the early adopters discovered that the first iOS 5 beta update just released OTA will not work on jailbroken devices.

Android device owners are already familiar with the lack of OTA updates on rooted devices, the equivalent to the jailbroken iOS device. Rooting or jailbreaking is the process owners go through to allow unofficial software to be installed to serve functions the official OS doesn’t support. It has long been understood that rooting an Android device ends OTA updating, and it is now clear the same will apply on the iOS front for jailbroken devices.

Those using beta iOS 5 report you can still apply Apple updates by connecting to a computer via USB cable, so all is not lost. Getting OS updates OTA is a much better alternative to cabling up a device, so those with jailbroken iPhones may need to rethink that once iOS 5 is officially released.

Ryan:  I say disable Automatic Updates in iTunes (Apple only seems to be updating iOS when new Jailbreaks are released), and stop tethering completely!

Source: ZDNet

Tags: , , , , , , , ,
Comment

Apple Laptops Vulnerable To Hack That Kills Or Corrupts Batteries

Filed under: Apple, Computers, Cybersecurity, Exploit, Hackers, Laptop, Macbook, Security by Ryan Boese — Leave a comment
July 22, 2011

Your laptop’s battery is smarter than it looks. And if a hacker like security researcher Charlie Miller gets his digital hands on it, it could become more evil than it appears, too.

At the Black Hat security conference in August, Miller plans to expose and provide a fix for a new breed of attack on Apple laptops that takes advantage of a little-studied weak point in their security: the chips that control their batteries.

Modern laptop batteries contain a microcontroller that monitors the power level of the unit, allowing the operating system and the charger to check on the battery’s charge and respond accordingly. That embedded chip means the lithium ion batteries can know when to stop charging even when the computer is powered off, and can regulate their own heat for safety purposes.

When Miller examined those batteries in several Macbooks, Macbook Pros and Macbook Airs, however, he found a disturbing vulnerability. The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode. “These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”

Miller discovered the two passwords used to access and alter Apple batteries by pulling apart and analyzing a 2009 software update that Apple instituted to fix a problem with Macbook batteries. Using those keys, he was soon able to reverse engineer the chip’s firmware and cause it to give whatever readings he wanted to the operating system and charger, or even rewrite the firmware completely to do his bidding.

From there, zapping the battery such that it’s no longer recognized by the computer becomes trivial: In fact, Miller permanently “bricked” seven batteries just in the course of his tinkering. (They cost about $130 to replace.) More interesting from a criminal perspective, he suggests, might be installing persistent malware on the chip that infects the rest of the computer to steal data, control its functions, or cause it to crash. Few IT administrators would think to check a battery’s firmware for the source of that infection, and if undiscovered the chip could re-infect the computer again and again.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” says Miller.

That attack would require finding another vulnerability in the interface between the chip and the operating system. But Miller says that’s not much of a barrier. “Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.”

And the truly disturbing prospect of a hacker remotely blowing up a battery on command? Miller didn’t attempt that violent trick, but believes it might be possible. “I work out of my home, so I wasn’t super inclined to cause an explosion there,” he says.

In fact, the batteries he examined have other safeguards against explosions: fuses that contain an alloy that melts at high temperatures to break the circuit and prevent further charging. But Miller, who has worked for the National Security Agency and subsequently hacked everything from the iPhone to virtual worlds, believes it might still be possible. “You read stories about batteries in electronic devices that blow up without any interference,” he says. “If you have all this control, you can probably do it.”

Miller, currently a researcher with the consultancy Accuvant, isn’t the first to explore the danger of explosive batteries triggered by hackers. Barnaby Jack, a researcher for with antivirus giant McAfee, says he worked on the problem in 2009, but he says he ”benched the research when I didn’t succeed in causing any lithium ion fires. Charlie has taken it a lot further and surpassed where I was at the time.”

Miller says he’s received messages from several other researchers asking him not proceed with the battery work because it could be too dangerous. But Miller has worked to fix the problems he’s exposing. At Black Hat he plans to release a tool for Apple users called “Caulkgun” that changes their battery firmware’s passwords to a random string, preventing the default password attack he used. Miller also sent Apple and Texas Instruments his research to make them aware of the vulnerability. I contacted Apple for comment but haven’t yet heard back from the company.

Implementing Miller’s “Caulkgun” prevents any other hacker from using the vulnerabilities he’s found. But it would also prevent Apple from using the battery’s default passwords to implement their own upgrades and fixes. Those who fear the possibilities of a hijacked chunk of charged chemicals in their laps might want to consider the tradeoff.

“No one has ever thought of this as a security boundary,” says Miller. “It’s hard to know for sure everything someone could do with this.”

Source: Forbes

Tags: , , , , , , , , , , , ,
Comment

Apple releases ‘Mac Defender’ security update

Filed under: Apple, Exploit, Mac, Malware by Ryan Boese — 2 Comments
May 31, 2011

Apple has just released a security update for Mac OS X that is designed to detect and remove Mac Defender malware. But unless you’re running the latest ‘Snow Leopard’ version, you’re outta luck.

Apple security update 2011-003 (only for Snow Leopard) consists of three components:

File Quarantine
Malware detection definitions for OSX.MacDefender.A has been added to the File Quarantine system.

Automatic Updates
The system will check daily for updates to the File Quarantine malware definition list. An opt-out is available.

Malware Removal
The update will scan and remove Mac Defender and known variants.

This update is available for Mac OS X v10.6.7 and Mac OS X Server v10.6.7 (if you’re using an earlier version of Mac OS X, tough, Apple doesn’t love you) via Software Updates or via Apple Downloads. No reboot required.

Hello Mac OS X users, welcome to the world of daily malware signature updates.

Source: ZDNet

Tags: , , , , , , , ,
Comment

Apple acknowledges Mac Defender malware, promises software update

Filed under: Apple, Applications, Computers, Cybersecurity, Exploit, Mac, Malware by Ryan Boese — 2 Comments
May 24, 2011

Apple has decided to publicly acknowledge the Mac Defender malware that seems to be creeping onto Mac users’ computers. The company posted an online support document Tuesday evening that outlines how to identify and get rid of the program, which attempts to trick users into handing over their credit card information. The company also promised to issue a software update soon that will specifically hunt out and remove Mac Defender and its variants.

“A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus,” Apple wrote in its support document. “In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.”

The much-welcome acknowledgement from Apple comes less than a week after it came out that real users were beginning to see this malware in the wild a little more often than usual. When we investigated the issue, we were told by several Apple Store Geniuses that they had also seen a spike—one Genius at a large Apple Store said he had seen malware reports in his store go from approximately 0.2 to percent to 5.8 percent in a matter of weeks, with the large majority of those being Mac Defender or its variants, often known as Mac Security or Mac Protector. (Smaller, third-party support folks were somewhat split on whether there had been a spike in malware reports.)

At the time, one of the more controversial aspects of Apple’s reaction was that there was none—Apple had instructed its AppleCare and retail staff not to even acknowledge Mac Defender’s existence, and not to remove it from users’ infected computers.

Now, however, the company has apparently had a change of heart. In the support doc, Apple says to trash the app immediately if you haven’t installed it yet, but if you have, there’s a series of steps to follow in order to get rid of it. And, of course, there’s also the lazy route: if you have Mac Defender installed but haven’t given it your credit card information yet, you could just wait for Apple to issue its software update and have it removed automatically. Or, you can use the Mac Defender removal tool from Icrontic.

Source: Ars Technica

Tags: , , , , ,
Comment

Untethered Jailbreak for iOS 4.3.3 Now Available

Filed under: Apple, Applications, Cydia, Exploit, iPhone, Jailbreak, Mac, Unlocking, Windows by Ryan Boese — 2 Comments
May 6, 2011

If you recently upgraded to iOS 4.3.3 that fixed Locationgate woes, you’ll be delighted to know that untethered jailbreak and unlock for iOS 4.3.3 is now available. The iPhone Dev-team have updated their PwnageTool and redsn0w programs so it’s now possible to jailbreak iOS 4.3.3 using Mac and Windows in a way that doesn’t require connecting the device to a computer each time it’s rebooted.

The iOS 4.3.3 untethered jailbreak is based on the exploit created by @i0nic for iOS 4.3.1. The updated redsn0w tool also allows you to turn on multitasking gestures, the team noted in a blog post. If you wish to unlock your device for use with any carrier, there’s an app for that.

To unlock an iOS 4.3.3 device, use the ultrasn0w tool. Remember that ultrasn0w at the time of this writing only worked with iPhone 4 baseband 1.59.00 and iPhone 3G/3GS basebands 4.26.08, 5.11.07, 5.12.01, 5.13.04 and 6.15.00. Use a custom IPSW to update to 4.3.3 in order to avoid updating your baseband. You may wanna use excellent ipswDownloader for Mac to easily find and download any iOS firmware build. This app also figures out your baseband version and tells you whether your iOS version can be jailbroken and unlocked. If you’re on Windows, download the f0recast app that checks whether your device is unlockable or tethered with a USB connect.

If you just want to perform an untethered iOS 4.3.3 jailbreak, I recommend handy step-by-step guides for redsn0w or PwnageTool. The below video shows how easy it is to perform an untethered jailbreak of iOS 4.3.3 via redsn0w 0.9.6rc15. For newbies, iClarified.com provides a wealth of jailbreaking and unlocking guides. And if you need a reason to jailbreak, Cydia creator Saurik has a few.

As for the iPad 2 jailbreak, it’s still pending per a note over at the iPhone Dev-team blog.

The iPad2 jailbreak remains under development. As you may know, the original exploit @comex developed in the first week of the iPad2 release was mysteriously fixed by Apple within days of its development. Partly because of this, don’t expect much public discussion of the iPad2 jailbreak until it’s actually finished and ready for release (and please avoid asking about it). In all liklihood, it will be a userland exploit like the first (unreleased) one, not dependent on bootrom dumps. The first one can’t be released even for those with the original 4.3 firmware due to legal (distribution) reasons.

 

Download the Untethered Jailbreak for iOS 4.3.3 Mac OS X version, here.

Download the Untethered Jailbreak for iOS 4.3.3 for Windows XP/Vista/7 here.

The PwnageTool Official BitTorrent Release, via BitTorrent, here.

Source: 9 to 5 Mac

Tags: , , , , , , , , , , , , , , ,
Comment

What Android Phones Do that Apple Phones Don’t

Filed under: Amazon, Android, Apple, Droid, Gaming, iPhone, Mobile, Motorola, OpenSource, Sony, Technology, Wireless by Ryan Boese — 1 Comment
April 21, 2011

Does anyone remember this ad for the Motorola Droid? “Everything iDon’t,” it said, “Droid does!”

Of course, the iPhone can do half of those things now, like take 5-megapixel pictures in the dark. And the usefulness of some of the others is up for debate. (What exactly is “Open development?”) But even today, there are some pretty big things the iPhone can’t do, that Android phones can … and you may be surprised by some of them.

Come in all different shapes and sizes

Here’s one you probably won’t be surprised by, although you might be surprised by some of the weird Android phones out there. A slider phone with a second touch screen instead of a keyboard?

In all seriousness, though, the one-size-fits-all iPhone leaves out the people it doesn’t fit. Want a keyboard with actual keys? A gigantic screen, plus a kickstand for watching movies? There’s an Android phone out there for you. There’s even a phone with a slide-out game controller, a la the PSP Go. And speaking of portable PlayStations.

Run PlayStation games

And I don’t just mean games that were originally made for the Sony PlayStation (although like the Xperia Play.

These things are made for gaming, to Sony’s specs, and have access to tons of exclusive games. They can even connect to the PlayStation Network, using will be able to play Android games designed for the PlayStation Certified phones, which just shows how committed Sony is to gaming on Android devices.

Buy apps from Amazon

That’s right, Amazon has its own “Appstore for Android.” So why would you want to go through its 8-step signup process?

Well, first off is the “free app of the day.” These aren’t apps that are normally free, and are being promoted; they’re paid apps, costing as much as $4.99 sometimes, they’re put up for download for free. A new one goes up each day, like it says. You can also use Amazon.com to look for all discounted apps, or to read reviews and look for similar apps, just like you would for any other product you buy from Amazon.

 

 

A bunch of other stuff?

The iPhone doesn’t support text reflow, which is an Android feature that makes it so zoomed-in text on a website fits the screen width, so that you don’t have to swipe back and forth to read paragraphs. It also doesn’t support home screen “widgets,” which let you do things like check your bank balance or the latest news stories without opening an app. There’s even a widget to set your phone to silent mode. With all this stuff Android phones can do that the iPhone can’t, one might ask: Why does anyone buy an iPhone at all?

The answer’s as simple as it is obvious. The iPhone’s the best-designed smartphone there is, and it has more and better apps than every Android phone combined. Plus, Apple’s clout means that the wireless carriers can’t mess up its phones, with huge logos and non-uninstallable apps.

One size, though, doesn’t fit all. And thanks to Android’s open-source programming code, companies like Sony and Amazon are getting to try some interesting things, that they never would’ve been able to on the iPhone.

Source: Yahoo! / Video: IntoMobile

Tags: , , , , , , , , , ,
Comment

Inquiries Grow Over Apple’s Data Collection Practices

Filed under: Apple, GPS, Security, Tablets, Technology, Telecom, Wireless by Ryan Boese — 2 Comments
April 20, 2011

The controversy surrounding the security of Apple’s iPhone and iPad escalated Thursday as some European governments said they would investigate whether the company had violated privacy laws by collecting and storing users’ geographic location data.

The introduction of the Apple iPad 2 in London in March drew crowds. Now the security of the device is being widely questioned.

At the same time, some researchers said that contrary to reports published Wednesday, the iPhone’s recording of location information in a hidden file on the device, later stored on iTunes on a PC, has been known for some time, and that the information has, on some occasions, been used by law enforcement agencies in investigations.

“This data that was supposedly discovered yesterday has existed in earlier iPhones,” said Alex Levinson of Katana Forensics, a company that specializes in extracting data from electronic devices for legal cases. Mr. Levinson said that he and colleagues had explained Apple’s practices at conferences and in research papers, and that his firm has helped law enforcement agencies “harvest geolocational evidence from iOS devices,” a reference to the Apple operating system.

Mr. Levinson said that an update to Apple’s operating system changed the location of the file storing the information, but that the file had existed previously.

Security experts say law enforcement agencies can often get more precise location information from cellphone carriers than from the hidden file.

While privacy advocates and many iPhone users were alarmed by the revelations, Mr. Levinson and other security experts said they suspected that Apple had been using the data to be able to pinpoint a phone’s location more quickly, saving bandwidth and battery life, when their owners used location-based services like maps and navigation.

Still, the controversy has been magnified by Apple’s silence. For the second day, the company did not respond to calls and e-mails seeking comment.

But in a letter sent by Apple in July to two congressmen — Edward J. Markey, Democrat of Massachusetts, and Joe L. Barton, Republican of Texas — the company appeared to confirm that it has been storing and collecting location information for some time.

In the letter, Apple said it collects the location data anonymously and only when consumers agree to use its location-based services like maps, or any apps that ask a user’s location, and for its advertising system, iAds. The company said that it has been offering location-based services since 2008, but that only in 2010, when it released iOS 3.2, did it begin relying on its own databases for those services. Explaining its need to collect data from its customers’ phones, Apple wrote, “These databases must be updated continuously.”

Security experts say companies like Apple and Google collect the location of Wi-Fi networks and cell towers to pinpoint the location of phones without using GPS technology. Some suggested Apple was doing so through the users of its iPhones.

 

 

Mark Seiden, an information security consultant in Silicon Valley, said that Apple’s letter to the congressmen suggests that it uses the location data from the previously hidden file “so a phone knows where it is quickly.” Mr. Seiden said that Apple did not appear to be using the data to track people, but that the company should probably be more diligent about deleting dated location information. “I don’t know why they would want to keep old data on the device,” he said.

Mr. Markey on Thursday sent a follow-up letter to Apple asking it to explain why it was storing the information in the user’s device, and raising concern that its actions could violate the Communications Act.

“Apple needs to safeguard the personal location information of its users to ensure that an iPhone doesn’t become an iTrack,” Mr. Markey said in a statement. On Wednesday, Senator Al Franken, Democrat of Minnesota, also sent a letter asking Apple for an explanation.

The controversy erupted on Wednesday, when two computer programmers issued a report at a conference in San Francisco describing the files with the hidden data. The programmers also released a program that allowed users to see their stored location data on a map.

Some privacy experts were particularly concerned that the files were not encrypted, and that they were backed up on users’ computers.

The concerns quickly spread to Europe, where privacy laws are typically stricter than in the United States.

The Bavarian Agency for the Supervision of Data Protection, in Germany, said it would examine whether — and if so, why — the iPhone and iPad were storing such user data. Thomas Kranig, the director of the agency, said his office had asked Apple whether geographic information was being stored and for what purpose.

“If it’s true that this information is being collected, and it is being done without the approval and knowledge of the users, then it is definitely a violation of German privacy law,” Mr. Kranig said.

The Italian Data Protection Authority also opened an investigation into Apple’s data collection, expanding one it had begun on how mobile applications process personal data, Reuters reported.

France may follow suit. Yann Padova, the secretary general of CNIL, the French data protection authority, said the agency was trying to verify the report by the American programmers.

The French agency plans to send Apple France a letter asking for an explanation next week, Mr. Padova said. A major concern will be whether the information remained on the device or whether it was transferred by Apple to one of its commercial partners.

“In the first case, it is a matter of simply not obtaining the consent of  the consumer for the data to be collected,” Mr. Padova said. “In the second case, if the information is marketed without the knowledge of the consumer, it is much more serious.”

Source: New York Times

Tags: , , , , , , , , , , ,
Comment

Apple patches Pwn2Own iPhone OS vulnerabilities

Filed under: Apple, Exploit, Jailbreak, Mac, Mobile, Security, Technology by Ryan Boese — Leave a comment
April 16, 2011

Apple has released a critical update for its flagship iOS mobile operating system to fix several gaping security holes, including a few that were used in successful exploits at this year’s CanSecWest Pwn2Own contest.

The new iOS 4.3.2 software update, which is available for download via iTunes, provides cover for five documented security problems, including vulnerabilities exploited by Charlie Miller (iPhone) and a team of researchers who broke into RIM’s BlackBerry smartphone.

The raw details:

  • QuickLook: A memory corruption issue existed in QuickLook’s handling of Microsoft Office files. Viewing a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. Credit to Charlie Miller and Dion Blazakis working with TippingPoint’s Zero Day Initiative.
  • WebKit: An integer overflow issue existed in the handling of nodesets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Credit to Vincenzo Iozzo, Willem Pinckaers, Ralf-Philipp Weinmann, and an anonymous researcher working with TippingPoint’s Zero Day Initiative.
  • WebKit: A use after free issue existed in the handling of text nodes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Credit to Vupen Security working with TippingPoint’s Zero Day Initiative, and Martin Barbella.

The iOS update also fixes the Comodo certificate trust policy problem that allowed an attacker with a privileged network position to intercept user credentials or other sensitive information.   This issue was also fixed in separate Safari and Mac OS X updates.

Source: ZDNet

Tags: , , , , , , ,
Comment