By Cody Lee on Nov 24, 2013
Winocm, the developer leading the work on the iOS 6.1.3/4 jailbreak, has managed to port iOS to a non-Apple device. The photo you see above is the iOS core, known as the “XNU Kernel,” running on a Nokia N900 smartphone.
The port is extremely primitive, as it doesn’t include any of iOS’s or OS X’s user-interface elements and cannot be run as a useable operating system. But it does signal a major development for the ongoing open source project… Read More
By Jeff Benjamin on Sep 27, 2013
Once again, another Lock screen vulnerability has reared its ugly head, this one right on the heels of Apple’s 7.0.2 update to fix another vulnerability.
Dany Lisiansky has posted the steps on a YouTube video he recently uploaded, and we’ve verified that the steps, albeit a bit involved, do work.
If there’s one bright spot about this latest vulnerability, it is that it doesn’t expose anything outside of the Phone app to would be snoopers, and you can nix the bug by disabling Siri access from the Lock screen. Still, Apple’s security team can’t be happy about this. Read More
By Cody Lee on Sep 24, 2013
Over the weekend, a group of hackers called the Chaos Computer Club announced that it had managed to bypass Apple’s Touch ID system using the popular ‘fake finger’ method involving a hi-res photograph, and pink latex milk.
As you’d expect, the announcement has caused quite a commotion, and has a lot of folks concerned. But according to security expert Marc Rogers, they shouldn’t be. He says the average consumer has nothing to worry about… Read More
By Cody Lee on Sep 23, 2013
A group of German hackers called the Chaos Computer Club has reportedly figured out a way to bypass Apple’s new Touch ID fingerprint sensor using a variation of the long-running ‘fake finger’ technique.
The method involves taking a high resolution photo of the original user’s fingerprint, printing it on a transparent sheet with a thick toner setting, and then filling it in with pink latex milk. Here, watch the video… Read More
By Sébastien Page on Aug 28, 2013
We have some good news following our yesterday’s report that PlexConnect, the hack that allows you to run Plex on a non jailbroken Apple TV had been disabled in the device’s recent update. As it turns out, you can still run PlexConnect on your Apple TV, although it might not be as straightforward as it once was.
Developer Paul Kehrer has written a fairly detailed tutorial explaining how to run PlexConnect on your Apple TV. The hack still poses as Apple TV’s Trailers app in order to accomplish the install… Read More
By Christian Zibreg on Aug 27, 2013
Apple this morning has issued an update making its popular $99 Apple TV gadget a whole lot more useful by enabling an additional five content channels: 24/7 music video streaming via Vevo TV, in addition to on-demand and live video feeds from Weather Channel, Disney Channel, Disney XD and Smithsonian Channel.
While not a software update per se – new icons automatically appear on your Home screen upon firing up the set-top box without requiring any intervention on the user’s part – something has changed because it’s broken PlexConnect, a popular hack that fools Apple’s Trailers app into streaming media files stored on your computer, no jailbreak required… Read More
By Christian Zibreg on Aug 20, 2013
Ibrahim Balic, an independent security researcher, made the headlines by taking credit for knocking Apple’s Dev Center out for thirteen days following his discovery of a serious iAd Workbench vulnerability.
Even though that issue hasn’t made the hack directly possible, it did force Apple to shut down Dev Center for more than a week.
It has also prompted an overhaul of Apple’s developer systems, including updating the server software and rebuilding the entire database. Though Balic has rarely come out of stealth mode since protecting his Twitter timeline out of fear of potential consequences, he needn’t worry as Apple has now credited him with reporting the iAd Workbench vulnerability… Read More
By Jeff Benjamin on Aug 5, 2013
Although the majority of its services are back online and in working condition, Apple has been diligent about keeping developers updated on the progress of its efforts after suffering a security threat a few weeks back.
Key services like the iOS and Mac dev centers are back online, but there are still a few items that remain stuck in limbo, namely, Xcode automatic configuration, TSIs, program enrollments, and renewals in Member Center.
Apple says that it expects that the majority of the remaining services should be back online this week. Have a look inside for the full e-mail that was issued to developers today. Read More
By Cody Lee on Aug 1, 2013
If you’ve followed the jailbreak scene for any extended amount of time, you know that it takes a person with high-level skills to exploit iOS. There’s only a handful of people in the world that can do it, and let’s just say they’re very, very talented.
So it shouldn’t come as a surprise that planetbeing—one of the 4 members of the evad3rs—was recognized at this year’s Black Hat hacking convention. He took home the Pwnie for privilege escalation, which was used in the evasi0n jailbreak… Read More
By Cody Lee on Aug 1, 2013
Back in June, a group of researches discovered a flaw in iOS that would theoretically allow an iOS device to be hacked using a malicious USB charger. Their proof-of-concept allowed them to invisibly install malware on non-jailbroken iPhones and iPads.
The results of the experiment were called ‘alarming,’ and brought to the attention of Apple in hopes for a quick fix. The Cupertino company must have gotten the message, because according to a new report, the exploit has been patched in the latest iOS 7 beta… Read More
By Cody Lee on Jul 28, 2013
Internet companies beware, hackers are out in full force this month. In the past two weeks, we’ve seen Apple’s Dev Center hacked, several Instagram accounts hacked, and the popular voice and messaging service Viber attacked.
Viber claims, though, that the damage it suffered from its breach was minimal, saying the attacker only gained access to two minor support systems. But a quick glance at its App Store description suggests that wasn’t the case… Read More
By Cody Lee on Jul 27, 2013
If you’ve been having trouble logging into your Instagram account this morning, or have noticed any strange photos posted to your stream, you’re not alone. Several users are reporting that they’ve been hacked on the popular photo sharing network.
Reports first started surfacing about the issue on Twitter around 11PM last night, according to a report by The Verge. Users who suffered attacks complained that unauthorized photos along with strange URLs had been posted to their accounts… Read More
By Christian Zibreg on Jul 24, 2013
Seven days into the Dev Center outage and there’s no end in sight to this major blunder. Developers use Apple’s Dev Center to access technical documentation, download iOS 7 and OS X beta builds, file bug reports, give feedback, use web tools to manage their code and much more.
Therefore, this downtime is entirely unacceptable and it’s become totally conceivable now that such a significant downtime might spoil Apple’s blockbuster Fall. Realizing as much, the firm on Wednesday posted a notice outlining its steps going forward.
And, a brand new dashboard status page charts Apple’s recovery from the hack… Read More
By Cody Lee on Jul 23, 2013
Popular voice and messaging service Viber has been hacked by the Syrian Electronic Army, reports The Hacker News. The group has a history of hacking the Twitter accounts of the Associated Press, The Guardian, and other news sources.
Proof of today’s attack came in the form of a warning message on Viber’s support website (which has since been). The SEA claims that the messaging platform is spying and tracking its users, and it posted a screenshot of alleged evidence… Read More
By Cody Lee on Jul 23, 2013
Last Thursday, an intruder attempted to secure personal information from Apple’s developer website. The company immediately took the dev center offline, and at the time of this writing it’s still down, in order to rebuild its systems in a way that this won’t happen again.
But just exactly how did it happen? Well according to Turkish security researcher Ibrahim Balic, who is claiming responsibility for the outage, he was able to infiltrate Apple’s servers thanks to an exploit he discovered in the recently released iAd Workbench software… Read More
By Christian Zibreg on Jul 22, 2013
You’re probably aware by now Apple’s portal for its registered developers has been down since noon on Thursday, July 18. The firm on Sunday updated the standard “we’ll be back soon” message at the service’s landing page to warn the “maintenance will take longer than expected”.
Adding fuel to fire, Apple soon after emailed developers with details on what they revealed as a nasty security breach that may have left some private information exposed. Unfortunately, the company stopped short of detailing precisely what information might have been compromised and how.
Be that as it may, the seeming privacy scare has left many scratching their head over the potential unpleasantries that might transpire next. Apple on its part did confirm the breach won’t affect consumer iTunes account and said no credit card data had been compromised… Read More
By Cody Lee on Jul 21, 2013
On Friday, we noted that Apple’s developer center—where it hosts downloads, documentation and other resources—had been down for a record 48 hours. Well here it is Sunday, and the dev portal appears to still be out of commission.
At first, the company was mum on the outage, saying only that it was sorry that “maintenance was taking longer than expected,” and that it would make up for the lost time. But today, it broke the silence, announcing it has been hacked… Read More
By Cody Lee on Jul 21, 2013
Jay Freeman, also known as Saurik, is well known by iOS users for his work in the jailbreak community. Not only does he run Cydia, the definitive jailbreak store, but he also develops tweaks and handles a number of other aspects.
But Saurik is also making a name for himself among Android users as well. Back in May, he released a working form of his Cydia substrate for Google’s platform, and this weekend he’s posted a fix for a major security vulnerability… Read More
By Cody Lee on Jul 8, 2013
The iTweakiOS team has been pretty busy over the past few months. Not only have they released hacked carrier bundles for all four of the top wireless carriers in the US to improve network performance, but they’ve also managed to add HD voice and other features as well.
And this weekend they introduced a new project that, they claim, will enable free hotspot tethering on your iOS device—no jailbreak required. In fact, all you need is a GSM iPhone or iPad running on iOS 6 (or 7), a desktop computer, and the ability to follow a few simple steps… Read More
By Cody Lee on Jun 25, 2013
This is kind of interesting. Joshua Hill, better known as the iOS hacker p0sixninja, sent out a bit of a cryptic message from his Twitter account last night saying that he has a lot of amazing things coming to ‘us all’ soon.
Hill, who has helped build a number of jailbreaks including Greenpois0n and Absinthe, has been fairly quiet lately. But he did say back in March that he had independently discovered enough exploits to build a new hack… Read More