Category: 4


Apple Fixes “Fundamental” SSL Bug in iOS 7

Apple quietly released iOS 7.06 late Friday afternoon, fixing a problem in how iOS 7 validates SSL certificates. Attackers can exploit this issue to launch a man-in-the-middle attack and eavesdrop on all user activity, experts warned.

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” Apple said in its advisory.

Users should update immediately.

Watch Out for Eavesdroppers
As usual, Apple didn’t provide a lot of information about the issue, but security experts familiar with the vulnerability warned that attackers on the same network as the victim would be able to read secure communications. In this case, the attacker could intercept, and even modify, the messages as they pass from the user’s iOS 7 device to secured sites, such as Gmail or Facebook, or even for online banking sessions. The issue is a “fundamental bug in Apple’s SSL implementation,” said Dmitri Alperovich, CTO of CrowdStrike.

The software update is available for the current version of iOS for iPhone 4 and later, 5th generation iPod Touch, and iPad 2 and later. iOS 7.06 and iOS 6.1.6. The same flaw exists in the latest version of Mac OS X but has not yet been patched, Adam Langley, a senior engineer at Google, wrote on his ImperialViolet blog. Langley confirmed the flaw was also in iOS 7.0.4 and OS X 10.9.1

Certificate validation is critical in establishing secure sessions, as this is how a site (or a device) verifies that the information is coming from a trusted source. By validating the certificate, the bank website knows that the request is coming from the user, and is not a spoofed request by an attacker. The user’s browser also relies on the certificate to verify the response came from the bank’s servers and not from an attacker sitting in the middle and intercepting sensitive communications.

Update Devices
It appears Chrome and Firefox, which uses NSS instead of SecureTransport, aren’t affected by the vulnerability even if the underlying OS is vulnerable, Langley said. He created a test site at https://www.imperialviolet.org:1266. “If you can load an HTTPS site on port 1266 then you have this bug,” Langley said

Users should update their Apple devices as soon as possible, and when the OS X update is available, to apply that patch as well. The updates should be applied while on a trusted network, and users should really avoid accessing secure sites while on untrusted networks (especially Wi-Fi) while traveling/

“On unpatched mobile and laptop devices, set ‘Ask to Join Networks’ setting to OFF, which will prevent them from showing prompts to connect to untrusted networks,” wrote Alex Radocea, a researcher from CrowdStrike.

Considering recent concerns about the possibility of government snooping, the fact that iPhones and iPads were not validating certificates correctly can be alarming for some. “I’m not going to talk details about the Apple bug except to say the following. It is seriously exploitable and not yet under control,” Matthew Green, a cryptography professor at Johns Hopkins University, posted on Twitter.

Check out this video from News Loop:

 

Source: PC World Security Watch

iPhones, iPads vulnerable to hacking: Apple

A major flaw in Apple software for mobile devices could allow hackers to intercept email and other communications that are meant to be encrypted, the company said Friday.

If attackers have access to a user’s network, such as by sharing the same unsecured wireless service offered by a restaurant, they could see or alter exchanges between the user and protected sites such as Gmail and Facebook, experts said.

“It’s as bad as you could imagine, that’s all I can say,” said Johns Hopkins University cryptography professor Matthew Green.

Apple did not say when or how it learned about the flaw in the way iOS handles sessions in what are known as secure sockets layer or transport layer security, nor did it say whether the flaw was being exploited. But a statement on its support website was blunt: The software “failed to validate the authenticity of the connection.”

Apple released software patches and an update for the current version of iOS for iPhone 4 and later, 5th-generation iPod touches, and iPad 2 and later.

Without the fix, a hacker could impersonate a protected site and sit in the middle as email or financial data goes between the user and the real site, Green said.

Apple did not reply to requests for comment.

The flaw appears to be in the way that well-understood protocols were implemented, an embarrassing lapse for a company of Apple’s stature and technical prowess. The company was recently stung by leaked intelligence documents claiming that authorities had 100 percent success rate in breaking into iPhones.

Friday’s announcement suggests that enterprising hackers could have had great success as well if they knew of the flaw.

Ryan:  Kinda told you Apple lovers that this gear is very insecure.. did ya listen to me?

Most of you know about our PC repair services, but did you know we fix/repair/unlock cellphones & tablets? Did you also know that we offer the lowest prices in the Fraser Valley and will price match and BEAT any competitor price? Now you do.

We repair all Smartphones / iPhones for :

* Broken LCD Screens & Touch Screen Replacement
* Water and other Liquid Damage Repair / Corrosion Clean Up
* Phone Data Recovery – Photos, Music, Text Messages
* No Power / Phone does not turn on
* Charging Problems / Charging Controller / Charging Port Replacement
* Battery Replacement (200+ Batteries in stock)
* Staticky, Crackling Speakers & Microphones
* Home Button / Power Lock Button Replacement
* Malfunctioning button, Trackball, Trackpad and Keypad
* Malfunctioning SIM card readers / NO SIM Reading Fix
* Software problems, upgrades and reflashing (All Models)
* Language change
* JTAG Service (Android Phones)
* Unknown Baseband, IMEI missing
* Password Protected / Disabled Phones / Pattern Lock Reset (Samsung)
* Jailbreaking — iPhone, AppleTV 1 & 2 + FREE TV & MOVIES + FREE APPS
* Rooting — Most Android Models — Custom Rom Reflashing Available

We unlock ALL Smartphones For :

* iPhone 2G/3G/3GS (Most iOS Versions)
* iPhone 4/4S – Factory unlock Fido/Rogers/Telus/Koodo/AT&T/Bell
* iPhone 5 – Factory unlock Telus/Koodo/AT&T/Rogers/Fido
* iPhone 4S/5 unlocking for iOS 5.x, 6.1.3 and below!
* BlackBerry, Samsung, LG, HTC
* Nokia, Motorola, Sony Ericsson, Huawei, Alcatel and other Overseas Models.

– iPhone Factory unlock for USA, UK, Brazil, Australia, France, Spain, Ireland, Netherlands, Denmark, Norway, Chile, Switzerland, Sweden, Saudi Arabia, Norway, Romania, Japan, etc.

As always, we DO NOT charge for repairs that cannot be performed.

180 Warranty on ALL parts & Labour – We ONLY use OEM Factory Parts.

Call the shop if you need a price quote, make sure to ask for Ryan.

Apple Is Beta-Testing A Fix For Evasi0n Jailbreak

All good jailbreaks must come to an end.

Late last week Apple released an update for iOS to developers in beta that prevents the use of the popular jailbreak software evasi0n, according to one of evasi0n’s creators who tested the patch over the weekend, David Wang.

Wang tells me that he’s analyzed the 6.1.3 beta 2 update and found that it patches at least one of the five bugs the jailbreak exploits, namely a flaw in the operating system’s time zone settings. The beta update likely signals the end of using evasi0n to hack new or updated devices after the update is released to users, says Wang, who says he’s still testing the patch to see which other vulnerabilities exploited by the jailbreak might no longer exist in the new operating system.

“If one of the vulnerabilities doesn’t work, evasi0n doesn’t work,” he says. “We could replace that part with a different vulnerability, but [Apple] will probably fix most if not all of the bugs we’ve used when 6.1.3 comes out.”

That impending patch doesn’t mean evasi0n’s time is up, says Wang. Judging by Apple’s usual schedule of releasing beta updates to users, he predicts that it may take as long as another month before the patch is widely released.

When evasi0n hit the Web earlier this month, it quickly became the most popular jailbreak of all time as users jumped at their first chance to jailbreak the iPhone 5 and other most-recent versions of Apple’s hardware. The hacking tool was used on close to seven million devices in just its first four days online.

Despite that frenzy, Apple has hardly scrambled to stop the jailbreaking.  Evasi0n has already gone unpatched for three weeks. That’s far longer, for instance, than the nine days it took Apple to release a fix for Jailbreakme 3.0, the jailbreak tool released in the summer of 2011 for the iPhone 4, which was by some measures the last jailbreak to approach Evasi0n’s popularity.

Apple’s slow response to Evasi0n is explained in part by the relatively low security risk that the tool poses. Unlike Jailbreakme, which allowed users to merely visit a website and have their device’s restrictions instantly broken, Evasi0n requires users to plug their gadget into a PC with a USB cable. That cable setup makes it far tougher for malicious hackers to borrow Evasi0n’s tricks to remotely install malware on a user’s phone or tablet.

Security researchers have nonetheless pointed out that Evasi0n could give criminals or spies some nasty ideas. The tool uses five distinct bugs in iOS, all of which might be appropriated and combined with other techniques for malicious ends. And F-Secure researcher Mikko Hypponen points out that if a hacker used a Mac or Windows exploit to compromise a user’s PC, he or she could simply wait for the target to plug in an iPhone or iPad and use evasi0n to take over that device as well.

More likely, perhaps, is a scenario described by German iPhone security researcher Stefan Esser. He argues that a hacker could use a secret exploit to gain access to an iPhone or iPad and then install evasi0n, using the jailbreaking tool to hide his or her tracks and keep the secret exploit technique undiscovered by Apple and unpatched. “That way they protect their investment and leave no exploit code that could be analyzed for origin,” Esser wrote on Twitter.

Apple already has a more pressing security reason to push out its latest update. The patch also fixes a bug discovered earlier this month that allows anyone who gains physical access to a phone to bypass its lockscreen in seconds and access contacts and photos.

When Apple’s update arrives, the team of jailbreakers known as the evad3rs may still have more tricks in store. Wang tells me that the group has discovered enough bugs in Apple’s mobile operating system to nearly build a new iOS jailbreak even if all the bugs they currently use are fixed.

But then again, Wang says he hasn’t yet been able to check Apple’s patch for every bug it might fix–either the ones evasi0n employs or those he and his fellow hackers had hoped to keep secret for their next jailbreak. “If they patch most of the bugs,” Wang says. “Then we’re starting from scratch.”

Ryan says:  We’re offering our customers the opportunity to Jailbreak their iPhone 5 for FREE until the end of March! – Call Ryan to book an appointment!

Source: Forbes

iOS 6.0.1 already jailbroken — for some devices

iOS 6.0.1 users can now jailbreak their devices, but there are some bumps in the road.

The latest version of the iPhone Dev Team’s Redsn0w can jailbreak iOS 6.0.1 devices, Redmond Pie confirmed today after testing the update.

However, not everyone can take advantage of the effort at this point.

The jailbreak works only on iOS devices powered by an A4 chip or lower. People who own the iPhone 5, the newest iPads, or the latest iPod Touch are out of luck. The jailbreak takes advantage of the Limera1n exploit, which can’t handle the A5 or later chips.

That leaves just the iPhone 3GS, iPhone 4, and the iPod Touch 4G as prime candidates. The iPod Touch 3G and the original iPad don’t support iOS 6.0 or higher.

The jailbreak is also a tethered one. So after you shut down or reboot your device, you’ll need to connect it to your computer to return it to a jailbroken state.

Apple, or course, isn’t too fond of jailbreaking, a process that allows device owners to unlock certain features and install apps not found in the App Store.

The iPhone maker once tried to argue that the action violates its copyright. The U.S. Copyright Office recently ruled that jailbreaking is illegal on tablets and gaming consoles but not on smartphones.

Source: CNET

iPhone 3G/3GS/4/4S Factory Unlock Now Available at Ryan’s Unlock Shop

Enjoy the freedom of switching carriers locally or while roaming in another country! Save money on roaming fees!

iPhone 3G/3GS/4/4S Factory Unlock starting @ $40 – Carrier Unlock – No SIM Tray / Interposer Required!

Permanent Unlock – Update to ANY iOS.

We can unlock your 3G/3GS/4/4S for most carriers worldwide, please select from the country the iPhone is originally locked to. Factory Unlocking starts @ $40 for AT&T. Call (778) 245-0780 if you have any questions about unlocking your iPhone.

The process for factory unlocking iPhone 4 and 4S models can take between 1 and 2 days depending on server wait times.

We can currently unlock ALL iPhone 3G/3GS/4/4S (GSM or WCDMA) iPhones from Koodo, TELUS, Rogers, Fido, AT&T & Sprint.

The benefits to unlocking your iPhone permanently as opposed to keeping your iPhone unlocked via interposer chip are:

  • Update to any iOS version without losing your unlock.
  • No Modified SIM Tray / Interposer required.
  • No need for instructions to use unlock chip. (no chip required)
  • Higher re-sale value.
  • Use with any carrier that supports iPhone worldwide.

Purchase a factory unlock for your iPhone using our online unlocking website here.