Hack

Geohot wins $150,000 for exposing ChromeOS exploits

Cody Lee ∙ March 15, 2014

Google held its Pwnium 4 security competition last week at CanSecWest in Vancouver, Canada. The day-long event ended with hundreds of thousands of dollars being awarded to hackers who demonstrated exploits in Google Chrome. And believe it or not, $150,000 of that went to Geohot.

For those not familiar with the name, Geohot has picked up a number of headlines over the past 7 years. After hacking the iPhone he took his talents to the PS3, where he caused enough chaos to get sued by Sony. And he's since been spotted at Facebook, iOSDevCamp and various other places...

Read More

Give your old device the look and feel of iOS 7 with Whited00r 7

Cody Lee ∙ December 29, 2013

Although Apple is one of the best handset-makers around when it comes to supporting older devices, it does have a cutoff point. And for iOS 7, that cutoff point was the iPhone 4, meaning you can not install the new firmware on devices older than that.

But never fear! If you happen to be running an older device, you can still get the look and feel of iOS 7 thanks to Whited00r 7. The modded firmware includes an iOS 7-style UI with card multitasking, Control Center, push notifications, and much more...

Read More

Researchers have found a way to discreetly activate Mac iSight cameras

Cody Lee ∙ Updated April 18, 2016

Hackers have long had the ability to infiltrate a person's personal computer, and enable their webcam without their knowledge. We've been hearing horror stories about this for years, where users were covertly spied on through their PC's camera.

But Mac owners have always been led to believe that this can't happen with the iSight camera, because it's designed to always illuminate the adjacent green light every time it's active. Researchers have found a way, though, to get around this behavior...

Read More

Developer ports iOS core to Nokia N900

Cody Lee ∙ Updated April 14, 2018

Winocm, the developer leading the work on the iOS 6.1.3/4 jailbreak, has managed to port iOS to a non-Apple device. The photo you see above is the iOS core, known as the "XNU Kernel," running on a Nokia N900 smartphone.

The port is extremely primitive, as it doesn't include any of iOS’s or OS X’s user-interface elements and cannot be run as a useable operating system. But it does signal a major development for the ongoing open source project...

Read More

Expert says ‘average consumers’ shouldn’t worry about Touch ID hack

Cody Lee ∙ Updated May 4, 2017

Over the weekend, a group of hackers called the Chaos Computer Club announced that it had managed to bypass Apple's Touch ID system using the popular 'fake finger' method involving a hi-res photograph, and pink latex milk.

As you'd expect, the announcement has caused quite a commotion, and has a lot of folks concerned. But according to security expert Marc Rogers, they shouldn't be. He says the average consumer has nothing to worry about...

Read More

Hacker group bypasses Apple’s Touch ID with ‘fake finger’ technique

Cody Lee ∙ Updated September 23, 2017

A group of German hackers called the Chaos Computer Club has reportedly figured out a way to bypass Apple's new Touch ID fingerprint sensor using a variation of the long-running 'fake finger' technique.

The method involves taking a high resolution photo of the original user's fingerprint, printing it on a transparent sheet with a thick toner setting, and then filling it in with pink latex milk. Here, watch the video...

Read More

New hack brings Plex back to the Apple TV

Sébastien Page ∙ August 28, 2013

We have some good news following our yesterday's report that PlexConnect, the hack that allows you to run Plex on a non jailbroken Apple TV had been disabled in the device's recent update. As it turns out, you can still run PlexConnect on your Apple TV, although it might not be as straightforward as it once was.

Developer Paul Kehrer has written a fairly detailed tutorial explaining how to run PlexConnect on your Apple TV. The hack still poses as Apple TV's Trailers app in order to accomplish the install...

Read More

Bad news: this morning’s Apple TV update broke PlexConnect hack

Christian Zibreg ∙ Updated October 12, 2018

Apple this morning has issued an update making its popular $99 Apple TV gadget a whole lot more useful by enabling an additional five content channels: 24/7 music video streaming via Vevo TV, in addition to on-demand and live video feeds from Weather Channel, Disney Channel, Disney XD and Smithsonian Channel.

While not a software update per se - new icons automatically appear on your Home screen upon firing up the set-top box without requiring any intervention on the user's part - something has changed because it's broken PlexConnect, a popular hack that fools Apple's Trailers app into streaming media files stored on your computer, no jailbreak required...

Read More

Apple credits Ibrahim Balic for reporting iAd Workbench vulnerability

Christian Zibreg ∙ Updated September 26, 2016

Ibrahim Balic, an independent security researcher, made the headlines by taking credit for knocking Apple's Dev Center out for thirteen days following his discovery of a serious iAd Workbench vulnerability.

Even though that issue hasn't made the hack directly possible, it did force Apple to shut down Dev Center for more than a week.

It has also prompted an overhaul of Apple's developer systems, including updating the server software and rebuilding the entire database. Though Balic has rarely come out of stealth mode since protecting his Twitter timeline out of fear of potential consequences, he needn't worry as Apple has now credited him with reporting the iAd Workbench vulnerability...

Read More

Apple issues another system status update to developers

Jeff Benjamin ∙ Updated April 14, 2018

Although the majority of its services are back online and in working condition, Apple has been diligent about keeping developers updated on the progress of its efforts after suffering a security threat a few weeks back.

Key services like the iOS and Mac dev centers are back online, but there are still a few items that remain stuck in limbo, namely, Xcode automatic configuration, TSIs, program enrollments, and renewals in Member Center.

Apple says that it expects that the majority of the remaining services should be back online this week. Have a look inside for the full e-mail that was issued to developers today.

Read More

planetbeing wins Pwnie award for ‘privilege escalation’ used in evasi0n jailbreak

Cody Lee ∙ August 1, 2013

If you've followed the jailbreak scene for any extended amount of time, you know that it takes a person with high-level skills to exploit iOS. There's only a handful of people in the world that can do it, and let's just say they're very, very talented.

So it shouldn't come as a surprise that planetbeing—one of the 4 members of the evad3rs—was recognized at this year's Black Hat hacking convention. He took home the Pwnie for privilege escalation, which was used in the evasi0n jailbreak...

Read More