Category: iPhone 5S


Just a quick update for our clients in the Fraser Valley and Lower Mainland – Even though we are tucked away we have the BIGGEST selection of WHOLESALE priced accessories. All Blue tagged items take an additional 25% OFF.  The sales starts on December 14th and goes all the way until December 28th!  What does that mean?  Our already low prices are an additional 25 PERCENT OFF!  Most of the cool stuff will have the blue tag discount so get here quick before everything is sold out!  Happy Holidays and a VERY Merry Christmas to all my friends that continue to support our business!

For our iphone 5/5s/5C/6/6 Plus Customers – Mention this and get a FREE case with your cell phone screen repair!  THIS OFFER IS VALID UNTIL DECEMBER 31ST!

For anyone unlocking their smartphone or iPhone on UnlockMyPhone.ca our unlocking website, use promo code “5OFFUNLOCK” for an additonal $5 dollars off any unlock code or iPhone factory unlock!

 

We get lots of customers calling to ask us if we do cell phone and smart phone repair, most frequently iPhone repair.  Yes indeed we do all major cell phone repairs for most makes and models including Apple, HTC, Samsung, Motorola, Huawei, BlackBerry and Sony Ericsson.  Unlike most of the repair shops in town just doing simple iPhone repairs like glass screens, we provide our clients extremely technical repairs most shops turn down.  We also provide our customers with pickup and drop off services in case they can’t make it in to the shop.  Our clients always get a 6 month warranty on the parts and labour so you can trust your getting the best quality parts and service in town.

We also repair all iPad, iPad Mini and iPad Air Glass Screen or LCD’s, Samsung Galaxy Tab 2 or 3 Glass or LCD Replacement, Charging Port Replacements, Battery Replacements, Antenna Repairs, Dead Motherboard Repairs, JTAG Repair Services and so much more!  Call us today! (778) 245-0780.

 

For all my clients coming from Chilliwack  and Hope – there is now an incentive to come to our shop!  Not only will we beat ANY and ALL price quotes from all Chilliwack iPhone repair shops.  We guarantee our parts are real OEM and not knockoff like we have been seeing a lot of from out that way.  Ask about our free gift with purchase! (Mention this Blog Post)

One customer named Bob came in earlier today and mentioned he has been to another iPhone repair place in Chilliwack on Unsworth.  His screen lasted two days after the replacement was put in, upon further inspection, we informed Bob the part was a fake knockoff and very low quality.. The screen wasn’t even set properly and was practically coming off the LCD.  UV glue was not properly used.

At Ryan’s PC Repair Shop, we provide our customers with real original OEM parts (You get what you pay for), a 6 month warranty on the parts and labour and after sale service you can always depend on.  Ryan’s been in the industry for over 10 years and fix just about any issue you may have.

If you’ve been to another shop and they’ve told you the phones not repairable, bring it by my shop and I’ll get it working for you.  There is no charge to look at the device if its not repairable! No diagnostic fees charged ever!

600 million Apple devices contain secret backdoors, researcher claims

Apple-iconA security researcher considered to be among the foremost experts in his field says that more than a half-billion mobile devices running Apple’s latest iOS operating system contain secret backdoors.

Jonathan Zdziarski, also known by his online alias “NerveGas,” told the audience attending his Friday morning presentation at the Hackers on Planet Earth conference in New York City that around 600 million Apple devices, including iPhones and tablets, contain hidden features that allow data to be surreptitiously slurped from those devices.

During Zdziarski’s HOPE presentation, “Identifying Backdoors, Attack Points and Surveillance Mechanisms in iOS Devices,” the researcher revealed that several undocumented forensic services are installed on every new iPhone and iPad, making it easier that ever for a third-party to pull data from those devices in order to compromise a target and take hold of their personal information, including pictures, text messages, voice recordings and more.

Among the hidden functions running on iOS devices, Zdziarski said, are programs called “pcapd,” “file_relay” and “file_relay.” If used properly, he added, those programs can allow anyone with the right means and methodology to pull staggering amounts of data from a targeted phone, even when the rightful owner suspects the device is sufficiently locked.

Zdziarski has previously exploited older versions of the iOS operating system and authored several books on mobile security. Even after raising multiple questions with Apple, however, he said he has yet to figure out why, exactly, the tech giant ships iOS devices with programs that appear to do nothing other than leak digital data.

According to the slides Zdziarski presented during Friday’s talk, there’s little reason to believe the functions are used to run diagnostics or help developers.

Most services are not referenced by any known Apple software,” one slide says in part, and “the raw format of the data makes it impossible to put data back onto the phone, making useless for Genius Bar or carrier tech purposes.”

“The personal nature of the data makes it very unlikely as a debugging mechanism,” he added.

A man shows a photograph he took on his iPhone of an Apple store in Beijing

According to the researcher, evidence of the mysterious programs raises more questions than it does answers.

“Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?” he asked in one slide. “Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone? Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?”

“Apple really needs to step up and explain what these services are doing,” Zdziarski told Ars Technia on Monday after his HOPE presentation was hailed over the weekend by the conference’s attendees as a highlight of the three-day event. “I can’t come up with a better word than ‘backdoor’ to describe file relay, but I’m willing to listen to whatever other explanation Apple has. At the end of the day, though, there’s a lot of insecure stuff running on the phone giving up a lot of data that should never be given up. Apple really needs to fix that.”

Indeed, Apple responded on late Tuesday by saying that the tree functions in question are “diagnostic capabilities to help enterprise IT departments, developers and AppleCare troubleshoot issues.”

“Apple has, in a traditional sense, admitted to having back doors on the device specifically for their own use,” Zdziarski responded quickly on his blog. “Perhaps people misunderstand the term ‘back door’ due to the stigma Hollywood has given them, but I have never accused these ‘hidden access methods’ as being intended for anything malicious, and I’ve made repeated statements that I haven’t accused Apple of working with NSA. That doesn’t mean, however that the government can’t take advantage of back doors to access the same information. What does concern me is that Apple appears to be completely misleading about some of these (especially file relay), and not addressing the issues I raised on others.”

“I give Apple credit for acknowledging these services, and at least trying to give an answer to people who want to know why these services are there – prior to this, there was no documentation about file relay whatsoever, or its 44 data services to copy off personal data. They appear to be misleading about its capabilities, however, in downplaying them, and this concerns me,” he added.

On Apple’s part, the company said they have “never worked with any government agency from any country to create a backdoor in any of our products of services.”

 

Source: RT

Apple Fixes “Fundamental” SSL Bug in iOS 7

Apple quietly released iOS 7.06 late Friday afternoon, fixing a problem in how iOS 7 validates SSL certificates. Attackers can exploit this issue to launch a man-in-the-middle attack and eavesdrop on all user activity, experts warned.

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” Apple said in its advisory.

Users should update immediately.

Watch Out for Eavesdroppers
As usual, Apple didn’t provide a lot of information about the issue, but security experts familiar with the vulnerability warned that attackers on the same network as the victim would be able to read secure communications. In this case, the attacker could intercept, and even modify, the messages as they pass from the user’s iOS 7 device to secured sites, such as Gmail or Facebook, or even for online banking sessions. The issue is a “fundamental bug in Apple’s SSL implementation,” said Dmitri Alperovich, CTO of CrowdStrike.

The software update is available for the current version of iOS for iPhone 4 and later, 5th generation iPod Touch, and iPad 2 and later. iOS 7.06 and iOS 6.1.6. The same flaw exists in the latest version of Mac OS X but has not yet been patched, Adam Langley, a senior engineer at Google, wrote on his ImperialViolet blog. Langley confirmed the flaw was also in iOS 7.0.4 and OS X 10.9.1

Certificate validation is critical in establishing secure sessions, as this is how a site (or a device) verifies that the information is coming from a trusted source. By validating the certificate, the bank website knows that the request is coming from the user, and is not a spoofed request by an attacker. The user’s browser also relies on the certificate to verify the response came from the bank’s servers and not from an attacker sitting in the middle and intercepting sensitive communications.

Update Devices
It appears Chrome and Firefox, which uses NSS instead of SecureTransport, aren’t affected by the vulnerability even if the underlying OS is vulnerable, Langley said. He created a test site at https://www.imperialviolet.org:1266. “If you can load an HTTPS site on port 1266 then you have this bug,” Langley said

Users should update their Apple devices as soon as possible, and when the OS X update is available, to apply that patch as well. The updates should be applied while on a trusted network, and users should really avoid accessing secure sites while on untrusted networks (especially Wi-Fi) while traveling/

“On unpatched mobile and laptop devices, set ‘Ask to Join Networks’ setting to OFF, which will prevent them from showing prompts to connect to untrusted networks,” wrote Alex Radocea, a researcher from CrowdStrike.

Considering recent concerns about the possibility of government snooping, the fact that iPhones and iPads were not validating certificates correctly can be alarming for some. “I’m not going to talk details about the Apple bug except to say the following. It is seriously exploitable and not yet under control,” Matthew Green, a cryptography professor at Johns Hopkins University, posted on Twitter.

Check out this video from News Loop:

 

Source: PC World Security Watch