Apple Releases iPhone OS 3.0.1 to Close SMS-Based Security Hole

Posted by:
Date: Friday, July 31st, 2009, 10:29
Category: iPhone

3gs.jpg

Responding to a dangerous security exploit unveiled this week, Apple released an update to its iPhone operating system Thursday to patch the security hole.

iPhone OS has just become available for the iPhone, iPhone 3G and iPhone 3GS handsets. The update is between 230 and 300 megabytes and appears to exclusively fix the reported SMS exploit.

According to AppleInsider, security researcher Charlie Miller, co-author of The Mac Hacker’s Handbook, demonstrated the hack Thursday at the Black Hat 2009 conference in Las Vegas. The attack takes advantage of a vulnerability in the phone’s short messaging service, or SMS, feature, allowing an outside party into the phone’s root access without the owner’s knowledge.

The exploit takes advantage of the fact that SMS can send binary code to a phone which is then automatically processed without user interaction, and can be compiled from multiple messages, allowing larger programs to be sent to a phone. The exploit supposedly exposes the iPhone completely, allowing access to the camera, dialer, messaging and Safari. It occurs regardless of hardware revision or which version of the iPhone OS is running.

The technique involves sending only one unusual text character or else a series of “invisible” messages that confuse the phone and open the door to attack. Given that users won’t know which messages to block in advance, there’s little iPhone owners can do but to shut off the phone immediately if they suspect they’re at risk. Once exploited, the trick could also be used to make an iPhone send additional messages of its own, thereby spreading the problem.

To install the new iPhone OS firmware, simply connect your iPhone to your Mac or PC, open iTunes, select the iPhone in the device window and tell it to check for an update. The process will complete on its own.

If you’ve tried the new firmware, let us know what you make of it in the comments or forums.

Apple Updates Knowledge Base/Troubleshooting Articles for iPhone, Notebook Optical Drives

Posted by:
Date: Friday, July 31st, 2009, 05:20
Category: iPhone, News

applelogo_silver

If you’re in a pinch, the Apple Knowledge Base has generally been a useful place to go. Per MacFixIt, the company has just updated Knowledge Base articles for both its iPhone hardware as well as the slot-loading optical drives found on various Macs and notebooks.

For the iPhone hardware article, click here.

For help with slot-loading optical drives, click here.

Head on over, take a gander and let us know what you think.

Chinese iPhone Gains State Approval

Posted by:
Date: Friday, July 31st, 2009, 04:00
Category: iPhone

3gs.jpg

Over on the China State Regulatory Commission web site (basically the Chinese version of the FCC), the government has apparently approved a GSM/WCDMA cell phone complete with Bluetooth, an internal model number A1324 by Apple Inc. According to Engadget, the device was approved on May 7th, 2009 with the approval certificate set to expire in five years.

That being said, China Unicom should have plenty of time to capitalize on its reported three-year deal to offer the phone in mainland China.

And to sweeten the deal, an image of what may be the Chinese iPhone…

chinaiphone3g

Apple Releases 2TB Time Capsule Router

Posted by:
Date: Thursday, July 30th, 2009, 05:29
Category: Time Capsule

timecapsule.jpg

Apple released an anticipated Time Capsule router router with an integrated two terabyte hard drive on Thursday, the new unit selling for US$499 while the previous generation one terabyte model is now available for US$299, per AppleInsider.

Earlier this year, Apple introduced new AirPort Extremes and Time Capsules with dual-band support. The new models allow simultaneous 2.4 GHz and 5 GHz dual-band networking. With dual-band, base stations can simultaneously support iPhones and other 802.11b/g devices operating at 2.4 GHz, while also broadcasting 802.11n wide signals in the 5GHz band to maximize throughput for notebooks and devices such as Apple TV.

Time Capsule pairs the existing AirPort Extreme with a hard drive to serve as a backup appliance for Leopard machines running Time Machine, in addition to acting as a simple file and print server. It is offered for both Mac and Windows users, although Windows PCs (or Macs not running Leopard) won’t have Time Machine and therefore will access it only as a regular file and print server.

Apple Releases MobileMe Application for iPhone

Posted by:
Date: Thursday, July 30th, 2009, 05:48
Category: iPhone, Software

3gs.jpg

I’m not sure how critical your MobileMe account is to you, but as of yesterday, it came to the iPhone. According to Engadget, Apple released MobileMe iDisk, a long-awaited free application for iPhone OS 3.0 that enables iPhone and iPod touch users with MobileMe accounts to access the inner sanctums of their own iDisk.

The app lets users log in, view files up to 20 megabytes and share files by sending others a link via email to whatever you deem appropriate. The application includes an option to password protect assorted files and limit the amount of days the download is active, though viewing files is limited to iPhone-supported file types such as iWork, Office, QuickTime, PDF, etc.

MobileMe iDisk requires iPhone OS 3.0 or later to install and run.

SpamSieve Updated to 2.7.5

Posted by:
Date: Thursday, July 30th, 2009, 05:40
Category: News, Software

spamsieve2.jpg
Michael Tsai’s must-have shareware program, SpamSieve, has just been updated to version 2.7.5. The new version, a 5.9 megabyte download, makes the following fixes and improvements:

* Made various accuracy improvements.
* Fixed a problem where Apple Mail (running on pre-release versions of Mac OS X 10.6) could freeze at launch if you had a rule involving address book groups.
* Rewrote the Setting up a Spam Filtering Drone instructions.
* Added Why does the Spam mailbox appear empty when there’s a number beside it? to the frequently asked questions.
* Updated the Automatically Deleting Old Spam Messages instructions to include Entourage.
* The search fields are now scrollable.
* The Apple Mail plug-in is better at detecting when SpamSieve’s Dock icon is hidden.
* Worked around a problem where Mail could crash if you had installed two copies of the SpamSieve plug-in at the same time.
* Fixed a bug that could cause SpamSieve to freeze when applying a whitelist/blocklist rule involving certain regular expressions.
* The crash reporter works better with pre-release versions of Mac OS X 10.6 (Snow Leopard).
* Fixed a bug that could prevent SpamSieve from launching.
* Updated the Dutch, Japanese, and Korean localizations.

SpamSieve is available for a US$30 registration fee and requires Mac OS X 10.4 or later to run. The new version can either be downloaded directly from the web site or brought up to the current version via the program’s built-in update feature.

Drive Genius 2.2 Out the Door

Posted by:
Date: Wednesday, July 29th, 2009, 10:54
Category: Software

drivegenius.jpg
Prosoft Engineering has released Drive Genius 2.1.1, an updated version of its drive repair and recovery program for Mac OS X.

The new version, a 33.3 megabyte download, offers the following fixes and features:
* Now supports Snow Leopard.
* Improved defragmentation functionality.
* Improved repartition performance and other improvements.

Drive Genius retails for US$99 and requires Mac OS X 10.4 or later installed to work. The application is a Universal Binary and functions natively under both PowerPC and Intel-based hardware.

Canadian Markets Complain of iPhone 3GS Supply Shortage

Posted by:
Date: Wednesday, July 29th, 2009, 04:23
Category: iPhone, News

3gs.jpg

Up in the frosty north, the Canadian markets are complaining about a shortage in the iPhone 3GS supply. According to The Unofficial Apple Weblog, the major suppliers, Fido and Rogers, are both reporting they are sold out pretty much across the country. Some Apple Stores in Canada have them in stock, but a couple of calls revealed that even Apple Stores are often out of stock.

Both Rogers and FIDO say new shipments will arrive in ‘weeks,’ and that back orders are being filled on a priority basis. No dates are being given, and buyers are being told to check back with their local stores or online.

Similar shortages occurred in Canada and the UK earlier this month and during the Apple conference call last Tuesday, COO Tim Cook said iPhone demand has been “staggering in almost every country we’ve shipped in.”

Apple has stated that the company will release the new iPhone to 20 more countries on August 22nd.

VLC Reaches Version 1.0.1

Posted by:
Date: Wednesday, July 29th, 2009, 04:18
Category: Software

vlclogo.jpg

Video Lan Client, the nigh-indispensable open source media player for multiple audio and video formats (MPEG, MPEG-2, MPEG-4, Divx, ogg, etc.), was updated to version 1.0.1 on Tuesday. The new version, a 28.7 megabyte download, adds the following fixes and changes:

* Flv and mpeg2 seeking.
* Wmv, wav, rtsp and ssa support.
* Fixes for Qt and MacOS interface.
* Fix of an integer underflow in Real pseudo-RTSP module.
* Translations updates.
* Port of the ZVBI module to Windows for full teletext support.
* Codecs updates for Windows and Mac OS.

VLC 1.0.1 requires Mac OS X 10.5 or later to install and run and is available as a free download.

Apple Systematically Pulling Google Voice, Similar Applications

Posted by:
Date: Tuesday, July 28th, 2009, 06:24
Category: News

elgoogle

Apple is apparently systematically yanking iPhone applications from the App Store that use Google Voice to simplify and reduce the costs of making phone calls, though it’s suspected Apple isn’t the one making the actual judgment call.

According to AppleInsider, developer Sean Kovacs, was surprised on Monday to discover that his GV Mobile client for Google Voice was to be pulled from the App Store as it was allegedly duplicating the iPhone’s calling and text messaging features. Apple representative Richard Chipman contacted him personally but not only wasn’t specific about what could be fixed but wouldn’t provide e-mail to confirm the takedown.

Although individual removals aren’t uncommon, later reports have surfaced that Apple had pulled VoiceCentral, another competitor, and had even denied Google when it tried to quietly submit a Google Voice app six weeks ago in spite of its corporate partnerships with Apple.

The systematic disappearances don’t currently have a larger official explanation but, given the common thread of their using the same service, is now thought less to a matter of Apple guarding its built-in features and more cellular carriers pushing it to keep the service out. Google Voice not only allows users one virtual phone number to call multiple real phones but greatly reduces the cost of outbound long-distance and messaging, all of which potentially deprive AT&T and eventually other carriers of possible extra revenue.

Such an unspoken ban would also go a step beyond normal restrictions on which apps are allowed and what they can do. In the past, carriers have argued against allowing voice over IP apps such as Fring and Skype on the cellular network for technical reasons, such as latency; the lag on even a 3G network is high enough that holding a regular conversation isn’t really feasible, for example. In restricting Google Voice, which still uses the regular voice network for much of its activity, the primary advantage is to eliminate competition.

Neither Apple nor AT&T have offered official comments on the issue.