O'Grady's PowerPage » Hack

FBI not submitting San Bernadino iPhone hack for peer review

Posted by:
Date: Thursday, April 28th, 2016, 08:50
Category: Hack, iPhone, Legal, News, security

lockediphone5c

The FBI is keeping the San Bernadino iPhone hack technique to itself for the time being.

A recent report has stated that the FBI will not be submitting the exploit used to break into the iPhone 5c of San Bernardino shooter Syed Rizwan Farook to a review process that could clear it for sharing with outside parties.

The FBI, which used a third party to unlock the iPhone, apparently didn’t acquire the rights to the technical details used in the hack, according to Amy Hess, the FBI’s executive assistant director for science and technology. As a result, Hess said the agency doesn’t “have enough technical information about any vulnerability” that could be considered for release.

(more…)

AceDeceiver trojan surfaces on iOS devices in Chinese marketplace, exploits weakness in FairPlay DRM

Posted by:
Date: Thursday, March 17th, 2016, 08:31
Category: Hack, iOS, News, security, Software

trojanhorse

A new variant of iOS trojan has been found in the wild.

The trojan, named “AceDeceiver”, has been found to infect non-jailbroken iOS devices, was discovered by Palo Alto Networks and is currently affecting iOS users in China.

The malware exploits a flaw in Apple’s FairPlay digital rights management system. It apparently uses a technique called “FairPlay Man-in-the-Middle,” which has been used to spread pirated iOS apps in the past by using fake iTunes software and spoofed authorization codes to get the apps on iOS devices. The same technique is now being used to spread the AceDeceiver malware.

(more…)

Security researcher examines MacKeeper, says sensitive data for more than 13 million accounts easily accessed

Posted by:
Date: Monday, December 14th, 2015, 08:34
Category: Hack, News, security, Software

MacKeeper-Logo

And yet more reasons have surfaced as to why you’d want to punch the entire staff of MacKeeper in their heads.

A security researcher claims that extremely poor security has allowed him to access sensitive data for more than 13 million MacKeeper accounts.

White-hat researcher Chris Vickery, who has previously exposed data breaches at MLB, ATP, Slipknot and a network of K-12 charter schools in California, posted the following to Reddit:

I have recently downloaded over 13 million sensitive account details related to MacKeeper, Zeobit, and/or Kromtech […] stuff like names, email addresses, usernames, password hashes, computer name, ip address, software license and activation codes, type of hardware (ex: “macbook pro”), type of subscriptions, phone numbers and computer serial numbers.

(more…)

Researchers demonstrate proof of concept for firmware worm that can directly target Macs

Posted by:
Date: Monday, August 3rd, 2015, 16:00
Category: Hack, MacBook, MacBook Air, MacBook Pro, News, security, Software

trojanhorse

It’s generally been accepted that Apple’s computers are much more secure than their Windows PC counterparts.

This isn’t entirely true, as a part of researchers have found that several known vulnerabilities affecting the firmware of all the top PC makers can also hit the firmware of Macs. The researchers have designed a proof-of-concept worm for the first time that would allow a firmware attack to spread automatically from MacBook to MacBook, without the need for them to be networked.

(more…)

Hack: User pulls off ROM hack, runs Mac OS 6.0.1 on Amiga 500 computer

Posted by:
Date: Wednesday, July 29th, 2015, 08:28
Category: Hack, News, Software

macos_601_on_amiga_500_550_413

This is one of the cooler old-school projects out there.

And it seems to have worked.

Apparently, Reddit and imgur user “wowbobwow” was able to get Mac OS 6.0.1 running on an Amiga 500 computer. This was achieved by using an emulator called “A-Max” that allowed Mac ROM chips to be run on the Amiga.

(more…)

Developer adapts Apple Watch to run Mac OS 7.5.5

Posted by:
Date: Tuesday, June 23rd, 2015, 08:32
Category: Apple Watch, Fun, Hack, News, Software, Wearables

macos755applewatch

I’m not sure how he did it, but developer Nick Lee managed to get Mac OS 7.5.5 running on his Apple Watch.

The developer started by updating his Apple Watch to the developer version of watchOS 2, and then ported the Mini vMac emulator so it would run on the device.

The icons are really too small to use, the screen is hard to see, but it works. And that’s all that matters.

(more…)

Starbucks app compromised, hackers using auto-reload feature, weak passwords to siphon funds

Posted by:
Date: Friday, May 15th, 2015, 07:11
Category: Hack, News, Software

starbucksapp

If you’re going to use the Starbucks mobile app, have a strong password behind it.

This seems to be what’s necessary as thieves have begun accessing users’ Starbucks mobile apps and siphoning money from their credit cards, bank and PayPal accounts. The Starbucks app, which ties into a rewards account, also lets you reload the account by automatically drawing off your bank account, credit card or PayPal account. Once a Starbucks account has been accessed, hackers can add a new gift card, transfer funds over and repeat the process every time the original card reloads.

(more…)

Hacker offers proof of concept of web browser running on Apple Watch

Posted by:
Date: Tuesday, May 12th, 2015, 07:41
Category: Apple Watch, Hack, iOS, News, Software

applewatchbrowser

It’s hard to say whether you’ll want a web browser on your wrist, but the hack’s been sorter out.

iOS developer Nicholas Allegra, better known by his handle “comex” within the jailbreaking community, presented a short video that shows a web browser running on the Apple Watch. The fifteen-second clip shows Allegra tapping, panning and zooming on the Google homepage on the Apple Watch, but the functionality is limited as to be expected because of the small screen size and lack of an on-screen keyboard.

(more…)

Security researcher demonstrates Thunderbolt firmware hack proof of concept at Chaos Computer Congress

Posted by:
Date: Monday, January 5th, 2015, 10:15
Category: Hack, Hardware, News, security, Thunderbolt

thunderstrike

As great as Thunderbolt is, there are vulnerabilities to consider.

Per 9to5Mac, a security researcher speaking at the Chaos Computer Congress in Hamburg demonstrated a hack that rewrites an Intel Mac’s firmware using a Thunderbolt device with attack code in an option ROM. Known as Thunderstrike, the proof of concept presented by Trammel Hudson infects the Apple Extensible Firmware Interface (EFI) in a way he claims cannot be detected, nor removed by reinstalling OS X.

Since the boot ROM is independent of the operating system, reinstallation of OS X will not remove it. Nor does it depend on anything stored on the disk, so replacing the hard drive has no effect. A hardware in-system-programming device is the only way to restore the stock firmware.

(more…)

iFixit programmer drills 60 small holes in MacBook Pro to help resolve overheating issues

Posted by:
Date: Tuesday, December 30th, 2014, 11:35
Category: Hack, Hardware, MacBook Pro, News

mbpspeedholes

This is somewhat psychotic.

And it just might work.

Per 9to5Mac, a programmer over at iFixit was able to resolve an overheating problem with a MacBook Pro notebook by drilling a ring of holes under each of its fans.

With a 1/16” bit, the group drilled holes in the bottom case, under the fans (they figured out where the blades of the fan were exposed based on the dust pattern stuck to the inside of the bottom case). The speed holes worked: The boot chime rang. The screen glowed. The fans blew.

(more…)