AT&T to begin unlocking off-contract iPhone units beginning April 8th

Posted by:
Date: Friday, April 6th, 2012, 11:31
Category: iPhone, News

attlogo

As much as AT&T may drive you crazy, you might like this.

Per Electronista and Engadget, AT&T will begin unlocking certain iPhones in the (very) near future. As of April 8, customers that are either out of contract or bought contract-free will have the option of derestricting the phone’s SIM slot much like the already-unlocked iPhones sold at Apple retail stores. The only other condition was to have a healthy account.

“Beginning Sunday, April 8, we will offer qualifying customers the ability to unlock their AT&T iPhones,” a spokesman said. “The only requirements are that a customer’s account must be in good standing, their device cannot be associated with a current and active term commitment on an AT&T customer account, and they need to have fulfilled their contract term, upgraded under one of our upgrade policies or paid an early termination fee.”

The initiative follows a number of complaints that led to Apple’s Tim Cook taking action and arranging for a handful of case-by-case unlocks. Other carriers worldwide have been offering after-sale iPhone unlocks, most notably in Canada, but AT&T until now has declined to do it, even for customers who paid the unsubsidized price.

More incentive exists for AT&T to unlock phones now that its spectrum refarming gives a real chance that its 3G network, and future 4G LTE network, will work properly with existing iPhones. A SIM unlock was previously only useful for those either willing to limit themselves to 2G data or who were traveling and wanted a much less expensive local SIM card instead of AT&T’s roaming plans.

If you go through the unlocking experience, please let us know how it went and stay tuned for additional details as they become available.

Security hole discovered in Facebook, Dropbox apps for iOS, physical connection needed to exploit it (updated)

Posted by:
Date: Friday, April 6th, 2012, 07:26
Category: security, Software

You’re probably not going to like this.

According to security researcher Gareth Wright and The Next Web, a fairly prominent security hole has been discovered in the popular Facebook and Dropbox iOS apps. The good news is that someone would have to have physical access to your iPhone, and you’d have to allow them to plug it into their Mac, then allow them to do a bunch of business on your phone to grab a plain text file from inside these apps, then they’d have to go and do something malicious on your Facebook or Dropbox accounts.

Although many have reported jailbreak is required to access this hole, that is simply not true. A Mac app like iExplorer, which allows you to open app folders on an iPhone, will allow you to access the security hole.

According to The Unofficial Apple Weblog, it works like this: iOS apps use .plist files (aka property list files), to store all sorts of little things about an app. In this case, Dropbox and Facebook are using an unencrypted property list to apparently store both the oauth key and its secret counterpart.

By using iExplorer to find the right plist, that file can be copied and dropped into another device, which would then be able to access your account as though you had already logged in. Using a property list in this way leaves us scratching our heads.

Facebook issued a comment saying they will patch this soon and a representative with Dropbox offered the following comment:

“Dropbox’s Android app is not impacted because it stores access tokens in a protected location. We are currently updating our iOS app to do the same. We note that the attack in question requires a malicious actor to have physical access to a user’s device. In a situation like that, a user is susceptible to all sorts of threats, so we strongly advise safeguarding devices.”

Stay tuned for additional details as they become available.

Apple releases Digital Camera Raw Compatibility Update 3.12

Posted by:
Date: Friday, April 6th, 2012, 07:47
Category: News, Software

eliphoto

Early Friday, Apple posted its Digital Camera Raw Compatibility Update 3.12, an update designed to extend RAW image compatibility for the Aperture 3 and iPhoto ’11 applications.

The update, a 7.6 megabyte download, adds support for the following camera:

- Canon EOS 5D Mark III

The update requires Mac OS X 10.5.8 or later to install and run and is also available via Mac OS X’s built-in Software Update feature.

If you’ve tried the new Digital Camera RAW update and noticed any changes, please let us know how it went.

Apple releases Java for OS X 2012-002 update, offers potential fixes for Flashback trojan

Posted by:
Date: Friday, April 6th, 2012, 06:40
Category: News, Software

applelogo_silver

It’s been a strange week for Java on the Mac.

Per AppleInsider, Apple on Thursday rolled out its second Java update for Mac OS X in less than a week via Software Update.

Java for OS X 2012-002 appeared on Software Update just two days after version 2012-001 was released on Tuesday. Apple also released Java for Mac OS X 10.6 Update 7 earlier in the week. The updater, a 63.8 megabyte download, requires an Intel-based Mac running Mac OS X 10.7 or later to install and run.

It’s not immediately clear, however, how the most recent update differs from the earlier version, as Apple’s links for more detail and information point to the same page as the old update. Java for OS X 2012-001 resolved multiple vulnerabilities in Java, the most serious of which could “allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.”

On Wednesday, a Russian antivirus company revealed that an estimated 600,000 Macs had been infected by a “Flashback” trojan that exploited the Java vulnerability to turn the computers into bots. The majority of the infected computers were located in the U.S.

The virus was first discovered by a security firm last September. F-Secure has posted a tutorial on how to detect and remove the trojan.

Stay tuned for additional details as they become available.