Category: Apple


Acer’s MacBook Air-cloning Aspire 3951 Ultrabook Leaks Out

A hinted-at Acer ultrabook may have had its first public sighting through leaked renders and details in Vietnam. The 13.3-inch Aspire 3951 would borrow more than a few cues from the MacBook Air Intel’s ultrabook spec is meant to imitate and would have a supposedly 0.51-inch thick, aluminum, 3.09-pound shell. In a nod to the Dell Adamo, however, Sohoa‘s look showed that most of the ports would be moved to the back, where the hinge design would make sure they stayed available.

The system would also make the solid-state drive optional. Buyers could pick the likely Intel-made 160GB SSD or opt for more traditional 250GB and 500GB hard drives. Not much is known about the choice of processor other than using a 2011 Core chip, although the Aspire would follow Apple into including Bluetooth 4.0 while swapping out the Thunderbolt for a plainer HDMI output. A card reader is in view on the right-hand side.

Acer is believed to be focusing on longevity, offering a competent though shorter six hours of battery use as well as 30 days of standby; the long idle time might only be true for the SSD option. Moving from sleep to wake should take 1.7 seconds.

Earlier rumors have had Acer’s ultrabook shipping at the very end of the year. The 3951 might undercut the MacBook Air with estimated prices of between $769 to $961 depending on the model, although it’s not clear what a base model would involve. Any lower pricing is likely to entail a slower rotating hard drive and might go below the 1.7GHz Core i5 Apple uses in its own system.

Intel devised the ultrabook spec as a way of sustaining notebook sales in the face of tablets through taking a cue from the Air. The decision may have triggered a pushback from Windows PC builders who have been fighting to lower the price after they were worried they would have no choice but to match Apple’s price after Intel set similar quality and performance goals.

Source: Electronista

Facebook Launches Standalone Mobile Messaging App

Facebook has launched a standalone messaging app for iPhone or Android, showing the company’s larger ambitions as a service for communication between friends.

People no longer have to log-in to the Facebook app to get and send messages. Like with Facebook’s web interface, people can see SMS text messages, chat messages, emails and Facebook messages all in one place.

For friends who are not on Facebook, the app will send them a text message, so people do not have to decide which is the best way to reach someone. If users share their location with friends in a group chat, they can see a screen with their friends on a map.

Facebook previously acquired start-up Beluga, a group messaging app in March. That team has worked on building out this app for Facebook.

It’s an interesting move for Facebook, setting up a completely separate app just for messaging. It shows Facebook’s emphasis on mobile and the company’s increasing focus there. Facebook still doesn’t have an iPad app, but it’s widely expected.

One way to look at this is, is that people’s Facebook contacts–what Facebook calls the “social graph”–are extremely valuable in and of itself, outside of all the other features of Facebook. Group messaging apps such as GroupMe, Gogii’s TextPlus, Pinger’s TextFree, WhatsApp, and Zlango have grown quickly as a way for people to stay in touch with small or large groups of people on their mobile devices, with mostly free texting. To stay in the middle of all that communication, Facebook now has an app of its own.

Source: Forbes

Jailbroken iOS 5 devices: No OTA updates for you

The iPhone, iPod Touch and iPad crowd got understandably excited with the word that the next version of iOS, iOS 5, will finally usher in over-the-air (OTA) updates for the platform. Android device owners have been enjoying OTA updates from the beginning, and finally Apple is cutting the cord for device updates. Folks are already using beta versions of iOS 5 even though it won’t officially appear until later this year, and the early adopters discovered that the first iOS 5 beta update just released OTA will not work on jailbroken devices.

Android device owners are already familiar with the lack of OTA updates on rooted devices, the equivalent to the jailbroken iOS device. Rooting or jailbreaking is the process owners go through to allow unofficial software to be installed to serve functions the official OS doesn’t support. It has long been understood that rooting an Android device ends OTA updating, and it is now clear the same will apply on the iOS front for jailbroken devices.

Those using beta iOS 5 report you can still apply Apple updates by connecting to a computer via USB cable, so all is not lost. Getting OS updates OTA is a much better alternative to cabling up a device, so those with jailbroken iPhones may need to rethink that once iOS 5 is officially released.

Ryan:  I say disable Automatic Updates in iTunes (Apple only seems to be updating iOS when new Jailbreaks are released), and stop tethering completely!

Source: ZDNet

Apple Laptops Vulnerable To Hack That Kills Or Corrupts Batteries

Your laptop’s battery is smarter than it looks. And if a hacker like security researcher Charlie Miller gets his digital hands on it, it could become more evil than it appears, too.

At the Black Hat security conference in August, Miller plans to expose and provide a fix for a new breed of attack on Apple laptops that takes advantage of a little-studied weak point in their security: the chips that control their batteries.

Modern laptop batteries contain a microcontroller that monitors the power level of the unit, allowing the operating system and the charger to check on the battery’s charge and respond accordingly. That embedded chip means the lithium ion batteries can know when to stop charging even when the computer is powered off, and can regulate their own heat for safety purposes.

When Miller examined those batteries in several Macbooks, Macbook Pros and Macbook Airs, however, he found a disturbing vulnerability. The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode. “These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”

Miller discovered the two passwords used to access and alter Apple batteries by pulling apart and analyzing a 2009 software update that Apple instituted to fix a problem with Macbook batteries. Using those keys, he was soon able to reverse engineer the chip’s firmware and cause it to give whatever readings he wanted to the operating system and charger, or even rewrite the firmware completely to do his bidding.

From there, zapping the battery such that it’s no longer recognized by the computer becomes trivial: In fact, Miller permanently “bricked” seven batteries just in the course of his tinkering. (They cost about $130 to replace.) More interesting from a criminal perspective, he suggests, might be installing persistent malware on the chip that infects the rest of the computer to steal data, control its functions, or cause it to crash. Few IT administrators would think to check a battery’s firmware for the source of that infection, and if undiscovered the chip could re-infect the computer again and again.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” says Miller.

That attack would require finding another vulnerability in the interface between the chip and the operating system. But Miller says that’s not much of a barrier. “Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.”

And the truly disturbing prospect of a hacker remotely blowing up a battery on command? Miller didn’t attempt that violent trick, but believes it might be possible. “I work out of my home, so I wasn’t super inclined to cause an explosion there,” he says.

In fact, the batteries he examined have other safeguards against explosions: fuses that contain an alloy that melts at high temperatures to break the circuit and prevent further charging. But Miller, who has worked for the National Security Agency and subsequently hacked everything from the iPhone to virtual worlds, believes it might still be possible. “You read stories about batteries in electronic devices that blow up without any interference,” he says. “If you have all this control, you can probably do it.”

Miller, currently a researcher with the consultancy Accuvant, isn’t the first to explore the danger of explosive batteries triggered by hackers. Barnaby Jack, a researcher for with antivirus giant McAfee, says he worked on the problem in 2009, but he says he ”benched the research when I didn’t succeed in causing any lithium ion fires. Charlie has taken it a lot further and surpassed where I was at the time.”

Miller says he’s received messages from several other researchers asking him not proceed with the battery work because it could be too dangerous. But Miller has worked to fix the problems he’s exposing. At Black Hat he plans to release a tool for Apple users called “Caulkgun” that changes their battery firmware’s passwords to a random string, preventing the default password attack he used. Miller also sent Apple and Texas Instruments his research to make them aware of the vulnerability. I contacted Apple for comment but haven’t yet heard back from the company.

Implementing Miller’s “Caulkgun” prevents any other hacker from using the vulnerabilities he’s found. But it would also prevent Apple from using the battery’s default passwords to implement their own upgrades and fixes. Those who fear the possibilities of a hijacked chunk of charged chemicals in their laps might want to consider the tradeoff.

“No one has ever thought of this as a security boundary,” says Miller. “It’s hard to know for sure everything someone could do with this.”

Source: Forbes

Apple releases iOS 4.3.4 update

Apple has released a security update for iOS that fixes the exploit used for easy jailbreaking of devices.

This update fixes the PDF vulnerability used on the JailbreakMe.com site to easily  jailbreak the device via the Safari mobile browser. This update means that hackers won’t be able to use the same vulnerability to compromise iOS devices.

Apple took nine days to plug this hole.

If you want to be protected, fire up iTunes, connect your iOS device and download this update. If you want to jailbreak your device, do so and then install the third-party patch created by the jailbreak community to plug the hole.

iOS update 4.3.4 is for GSM iPhone 4, iPhone 3GS, iPad 2, iPad, and third- and fourth-generation iPod touch. If you have a Verizon CDMA iPhone 4 then you need iOS 4.2.9.

Ryan Says:  Those of you still wanting to use the Jailbreakme.com website to download cydia should avoid the latest 4.3.4 Apple iTunes update.

Source: ZDNet

Apple girding gadgets against hackers

Apple on Friday said it was working to patch a vulnerability that hackers could use to break into the company’s popular iPad, iPhone and iPod Touch gadgets.

Engineers at the California firm are fixing a weakness pointed out by the German Federal Office for Information Security (BSI).

“Apple takes security very seriously,” Apple spokeswoman Trudy Muller said in response to an AFP inquiry.

“We are aware of this reported issue and developing a fix that will be available in an upcoming software update,” she said.

BSI warned this week of a flaw that would let hackers infiltrate Apple mobile devices by duping users into opening PDF document files booby-trapped with malicious computer code.

Although no attacks have been observed, hackers are likely to try to exploit the weakness, according to a posting on the agency’s website.

Possible “attack scenarios for cyber-criminals” include accessing passwords, email messages, contact lists, or built-in cameras and eavesdropping on phone conversations or getting location information, according to BSI.

The agency recommended that Apple device users guard against hackers by not opening PDF documents from unfamiliar sources.

Apple gadget users should limit Web browsing to reliable websites and avoid clicking on links in emails unless they are certain where they lead, BSI advised.

Source: Yahoo! News

JailbreakMe.com back online, easy iOS jailbreaking for all!

JailbreakMe.com. the web-based jailbreak tool for (almost all) iOS devices, is back online once more after a long hiatus.

The process is simple and pain-free. Just visit the website in the Safari browser and click the FREE button to begin the process. It uses a PDF exploit to carry out the hack and it’s very fast – and there’s no need to connect your iOS device up to a PC or Mac to do it.

Because the hack relies on a know known PDF exploit, the developers of the hack recommend installing “PDF Patcher 2″ in Cydia once you’ve jailbroken the device.

The following devices are supported:

  • iPad1: 4.3 through 4.3.3
  • iPad2: 4.3.3
  • iPhone3GS: 4.3 through 4.3.3
  • iPhone4: 4.3 through 4.3.3
  • iPhone4-CDMA: 4.2.6 through 4.2.8
  • iPod touch 3g: 4.3, 4.3.2, 4.3.3
  • iPod touch 4g: 4.3 through 4.3.3

The only iOS devices that aren’t supported are the 1st and 2nd generation iPhones.

 

For more information check out the Q&A here.

Source: ZDNet

Leaked JailbreakMe 3.0 Beta PDF for iPad, iPhone

Comex’s leaked JailbreakMe 3.0 beta version for iPad 2, 1, iPhone 4, 3GS, 3G, iPod Touch 4G, 3G, 2G PDF jailbreak are available for download, direct links also provided below.

We have reported about the leaked version of Comex’s PDF exploit called ‘JailbreakMe’. The jailbreak not only works for the iPad 2 but it also can jailbreak your iPhone, iPod touch and iPad 1. But according to the numerous reports, this leaked version for iPad 2 only works over iOS 4.3.0 firmware. However, it does support iOS 4.2.1 to iOS 4.3.3 for iPhone 4, iPhone 3GS, iPhone 3G, iPod Touch 4G, iPod Touch 3G (iOS 5 is not supportable currently).

So those users who have save their SHSH Blobs using TinyUmbrella or downgraded their devices, now can use this jailbreak.

By following the simply method as this jailbreak is pretty easy as it does not requires to connect your device to computer, only you need to have an internet connection.

Simply launch MobileSafari on your iOS device and click on the respective direct-download links (provided below) of the JailbreakMe, then you will notice that Cydia will automatically starts downloading on your homescreen just like you download any application from the App Store.

Following the direct download links of JailbreakMe leaked version:

NOTE: This is not an official JailbreakMe release by Comex so that’s why it may cause you problems or it does includes bugs and issues with it as reports are coming on various websites that this leaked JailbreakMe is quite buggy and its suggested that users should wait until Comex releases it’s official JailbreakMe version with complete changelog through his official website at JailbreakMe.com

Source: iDrugged

Google may have developed Android rival to BBM, iMessage

Google has at least at one point been developing an equivalent to BlackBerry Messenger and Apple’s iMessage, an insider mentioned Thursday. Details of the system were few, but it’s implied it would be much more than just the existing Google Talk and other IM apps. The WSJ clue made no mention of whether it was still active or a dead project.

Both the Apple and RIM messaging systems are both meant to be lures to keep users on the platform but are also end-runs around text messaging rates. While it does affect data use, the small size of text makes it cheaper than signing up for a a text messaging plan. On AT&T, that can save at least $10 per month and keeps the price down for those who only expect to chat to other BlackBerry owners on BBM or, in the fall, iPhone users on iMessage.

Google’s motivations weren’t explained, but it would likely want to have an additional incentive to lure away BlackBerry users. Android for now has mostly had to rely on third-party apps like Kik to provide a direct messaging alternative.

Carriers were reportedly caught unawares by iMessage and may be worried that, between this, BBM, and a possible Google solution, its once lucrative messaging business has been disappearance. Traditional messaging levels have still grown, though the creation of a non-SMS messaging system may be worrying for them in the long term.

Google didn’t comment on the plans.

Source: Electronista

Apple releases ‘Mac Defender’ security update

Apple has just released a security update for Mac OS X that is designed to detect and remove Mac Defender malware. But unless you’re running the latest ‘Snow Leopard’ version, you’re outta luck.

Apple security update 2011-003 (only for Snow Leopard) consists of three components:

File Quarantine
Malware detection definitions for OSX.MacDefender.A has been added to the File Quarantine system.

Automatic Updates
The system will check daily for updates to the File Quarantine malware definition list. An opt-out is available.

Malware Removal
The update will scan and remove Mac Defender and known variants.

This update is available for Mac OS X v10.6.7 and Mac OS X Server v10.6.7 (if you’re using an earlier version of Mac OS X, tough, Apple doesn’t love you) via Software Updates or via Apple Downloads. No reboot required.

Hello Mac OS X users, welcome to the world of daily malware signature updates.

Source: ZDNet

Apple acknowledges Mac Defender malware, promises software update

Apple has decided to publicly acknowledge the Mac Defender malware that seems to be creeping onto Mac users’ computers. The company posted an online support document Tuesday evening that outlines how to identify and get rid of the program, which attempts to trick users into handing over their credit card information. The company also promised to issue a software update soon that will specifically hunt out and remove Mac Defender and its variants.

“A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus,” Apple wrote in its support document. “In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.”

The much-welcome acknowledgement from Apple comes less than a week after it came out that real users were beginning to see this malware in the wild a little more often than usual. When we investigated the issue, we were told by several Apple Store Geniuses that they had also seen a spike—one Genius at a large Apple Store said he had seen malware reports in his store go from approximately 0.2 to percent to 5.8 percent in a matter of weeks, with the large majority of those being Mac Defender or its variants, often known as Mac Security or Mac Protector. (Smaller, third-party support folks were somewhat split on whether there had been a spike in malware reports.)

At the time, one of the more controversial aspects of Apple’s reaction was that there was none—Apple had instructed its AppleCare and retail staff not to even acknowledge Mac Defender’s existence, and not to remove it from users’ infected computers.

Now, however, the company has apparently had a change of heart. In the support doc, Apple says to trash the app immediately if you haven’t installed it yet, but if you have, there’s a series of steps to follow in order to get rid of it. And, of course, there’s also the lazy route: if you have Mac Defender installed but haven’t given it your credit card information yet, you could just wait for Apple to issue its software update and have it removed automatically. Or, you can use the Mac Defender removal tool from Icrontic.

Source: Ars Technica