O'Grady's PowerPage » Hack

Security researchers to demo 30-pin dock connector hack/malware injection at Black Hat next month

Posted by:
Date: Friday, June 7th, 2013, 07:57
Category: Hack, iPad, iPhone, iPod, News, security, Software

dockconnector

You’re not going to like this.

Per Senor O’Grady over on the Apple Core, a group of researchers from Georgia Tech have discovered a way to hack into an iPhone or iPad in less than a minute using a “malicious charger.” The group plans to present its findings at the Black Hat conference in Las Vegas on July 27, 2013.

Billy Lau, Yeongjin Jang and Chengyu Song are presenting a session is called “Mactans: Injecting Malware Into iOS Devices Via Malicious Chargers” at the popular security conference next month. The name “Mactans” comes from Latrodectus Mactans, the highly venomous (and deadly) black widow spider.

According to the synopsis on the Black Hat website, the Mactans session will describe how USB capabilities can be leveraged to bypass Apple’s defense mechanisms built into the iPhone.

Jason’s got the full details, so head on over, take a gander and get ready to never completely trust your iOS device’s 30-pin dock connector again…

Hack: How to use your old ADB keyboard with your current USB-equipped Mac

Posted by:
Date: Monday, April 15th, 2013, 07:46
Category: Hack, Hardware, News

Ok, this could prove to be awesome.

And it’s one of the many reasons I believe the mighty Topher Kessler doth rock on a regular and efficient basis.

Over on CNET, Kessler’s penned a cool hack to use your old Apple Desktop Bus (ADB) keyboard with your current USB-equipped Mac.


adbkeyboard

The hack centers around tech hobbyist Scott Vanderlind’s find that by adding a small USB controller to the keyboard, he could tap into the device’s ADB connection and send it over USB to any modern device, where it works quite well.

For hobbyists, adapters like the Griffin 2001-ADB iMate are not the only options for converting your ADB keyboard to USB. Granted, there’s a small amount of soldering, a Teensy USB controller, and a quick flash of the keyboard’s firmware to enable the ADB-to-USB conversion of the keyboard’s output.

Still, the process seems to work pretty well with the only hiccup being the need to continually hold the Num Lock key for the number pad to work.

Head on over, take a gander and if you’ve found a cool hack of your own that you’d like to share, please let us know in the comments.

Advertising-based trojan goes into wild on Mac OS X, Windows platforms

Posted by:
Date: Thursday, March 21st, 2013, 07:55
Category: Hack, News, security, Software

The available list of Mac malware (and jerks creating it) just grew a bit.

Per MacNN, a new Mac trojan is inserting ads into Safari, Chrome, and Firefox, says a Russian security firm, Doctor Web. Nicknamed “Trojan.Yontoo.1,” the malware is so far being distributed through movie trailer pages, which prompt people to download a browser plugin, a media player, a video enhancer, or a download accelerator. When launched, the malware asks to be installed under a name such as “Free Twit Tube.”

In reality, the installer inserts a plugin into the aforementioned browsers, which transmits data about the websites a person visits to a remote server, and inserts ads into places in sites where they wouldn’t otherwise exist. Visiting the official Apple page for the iPad mini, for instance, may trigger an ad for unrealistically low iPad discounts. Doctor Web notes that the attackers could potentially swap out the plugin for different or updated code.

The malware is targeting Windows systems as well, but Doctor Web comments that hackers are increasingly targeting Mac owners, and that such ad schemes generate money regardless of the platform they’re on. The hackers likely receive money for each ad impression, and more if a person actually clicks on an ad. There doesn’t appear to be any defense against the trojan in OS X at the moment, short of rejecting the installation; Apple may, however, be able to create a safeguard by updating the OS’ blacklist.

Stay tuned for additional details as they become available.

Second lockscreen bypass exploit discovered in iOS 6.1, data vulnerable via USB connection

Posted by:
Date: Tuesday, February 26th, 2013, 07:07
Category: Hack, iOS, News, security, Software

Apple either needs to assign its iOS security people some business hammocks or take their current ones away…

A second iOS 6.1 bug has been discovered that gives access to contacts, photos and more. The vulnerability uses a similar method as the one disclosed previously, though it apparently gives access to more user data when the phone is plugged into a computer.

Per MacRumors and Kaspersky’s Threatpost, the exploit involves manipulating the phone’s screenshot function, its emergency call function and its power button. Users can make an emergency call (911 for example) on the phone and then cancel it while toggling the power on and off to get temporary access to the phone. A video posted by the group shows a user flipping through the phone’s voicemail list and contacts list while holding down the power button. From there an attacker could get the phone’s screen to turn black before it can be connected to a computer via a USB cord. The device’s photos, contacts and more “will be available directly from the device hard drive without the pin to access,” according to the advisory.

Apple was expected to fix the lock screen bug in iOS 6.1.2, but that small release fixed a different bug. Instead, it appears a fix for at least one of the lock screen vulnerabilities will be coming in iOS 6.1.3, currently in the hands of developers.

Stay tuned for additional details as they become available.

Apple’s iOS 6.1.3 beta could fix security holes, disable Evasi0n jailbreak

Posted by:
Date: Tuesday, February 26th, 2013, 07:02
Category: Hack, iOS, News, security, Software

evasi0n-icon

It was awesome while it lasted.

Per Forbes,

Late last week Apple released an update for iOS to developers in beta that prevents the use of the popular jailbreak software evasi0n, according to one of evasi0n’s creators who tested the patch over the weekend, David Wang.

Wang has stated that he’s analyzed the 6.1.3 beta 2 update and found that it patches at least one of the five bugs the jailbreak exploits, namely a flaw in the operating system’s time zone settings. The beta update likely signals the end of using evasi0n to hack new or updated devices after the update is released to users, says Wang, who says he’s still testing the patch to see which other vulnerabilities exploited by the jailbreak might no longer exist in the new operating system.

That impending patch doesn’t mean evasi0n’s time is up, says Wang. Judging by Apple’s usual schedule of releasing beta updates to users, he predicts that it may take as long as another month before the patch is widely released.

When evasi0n hit the Web earlier this month, it quickly became the most popular jailbreak of all time as users jumped at their first chance to jailbreak the iPhone 5 and other most-recent versions of Apple’s hardware. The hacking tool was used on close to seven million devices in just its first four days online.

Apple already has a more pressing security reason to push out its latest update. The patch also fixes a bug discovered earlier this month that allows anyone who gains physical access to a phone to bypass its lockscreen in seconds and access contacts and photos.

When Apple’s update arrives, the team of jailbreakers known as the evad3rs may still have more tricks in store. Wang has stated that the group has discovered enough bugs in Apple’s mobile operating system to nearly build a new iOS jailbreak even if all the bugs they currently use are fixed.

Stay tuned for additional details as they become available.

disableEmergency app available through jailbreak, helps bypass iOS 6.1 lockscreen exploit

Posted by:
Date: Monday, February 18th, 2013, 08:52
Category: Hack, News, security, Software

The hackers get the last laugh this time around.

Per The Mac Observer, the jailbreak community has beat Apple to the punch with its own solution to an iOS 6.1 bug that could give someone access to your iPhone without knowing your passcode. The app, dubbed “disableEmergency”, removes the Emergency Call button from the lock screen, which effectively removes one of the steps needed to break into your iPhone.

The security flaw requires several steps involving swipes, taps and button presses in the right order, afterwhich your contacts, schedule, and email are acessible.

Removing the Emergency Call button from the lock screen means calling for police or fire assistance will require dialing the emergency number yourself, so hacking your iPhone just to avoid a difficult to perform process may be a little extreme, especially since Apple has promised that a fix is on the way.

disableEmergency is free and available through the Cedia installer.

If you’ve tried the disableEmergency app and have any feedback to offer, please let us know in the comments.

Lockscreen bypass available in iOS 6.1, contacts vulnerable through hack

Posted by:
Date: Thursday, February 14th, 2013, 05:54
Category: Hack, iOS, News, security, Software

Ok, they’re probably going to need to fix this.

Per The Verge, a security flaw in Apple’s iOS 6.1 lets anyone bypass your iPhone password lock and access your phone app, view or modify contacts, check your voicemail, and look through your photos (by attempting to add a photo to a contact).

The method, as detailed by YouTube user videosdebarraquito, involves making (and immediately canceling) an emergency call and holding down the power button twice. Tests confirmed that the hack worked on two UK iPhone 5s running iOS 6.1 and can be seen below:



Similar instances had occurred – and were patched – in iOS 4.1, and was fixed in iOS 4.2.

Apple has yet to reply to requests for comment regarding this situation.

Evasi0n hack now over 7 million downloads, updated version available for iOS 6.1.1

Posted by:
Date: Wednesday, February 13th, 2013, 08:16
Category: Hack, iOS, iPad, iPhone, iPod Touch, News, Software

evasi0n-icon

You can’t knock a good hack.

Per Redmond Pie, the Evad3rs team on Tuesday rolled out an update for the Evasi0n untethered jailbreak tool, fixing bugs found in the initial software while adding support for the Apple’s iOS 6.1.1 mobile operating system just one day after its release.

After launching last week, version 1.3 of the Evasi0n jailbreak is now available to the public, allowing iPhone, iPad and iPod touch owners to liberate any device running iOS 6, 6.1 and 6.1.1.

Multiple reports noted that Evasi0n was downloaded over seven million times in four days, making the so-called liberation tool the most popular in iOS history.

Apple’s release of iOS 6.1.1 on Monday broke compatibility with the software hack, but version 1.3 brings back support for all iOS devices, including the iPhone 5 and iPad mini. Apple’s iOS release targeted battery life and 3G issues seen by some iPhone 4S users, and was not meant to patch the Evasi0n exploit.

Available on OS X, Windows and Linux, the untethered hack allows users to jailbreak their devices without having to connect to a computer.

It should be noted that the process of jailbreaking is legal, but will void the supplied Apple warranty as it leverages exploits in the iOS software to run unauthorized code.

If you’ve run the Evasi0n hack on your iOS device and have any feedback to offer, please let us know via the comments.

Evasi0n hack arrives, allows jailbreaking of iOS 6.1 devices

Posted by:
Date: Tuesday, February 5th, 2013, 07:09
Category: Hack, iOS, News, Software

The perpetual arms race between Apple and the hacker community continues.

Per AppleInsider, hackers on Monday released a long-awaited untethered software “jailbreak” of Apple’s iOS 6.

For the first time ever, iPhone 5 and iPad mini owners can jailbreak their device with the release of Evasi0n, the new jailbreak for Apple’s iOS 6 mobile operating system. The software hack is available to implement via OS X, Windows, and Linux.

The new jailbreak is untethered, which means users will not have to reconnect their device to a computer to restart it. The hack is compatible with all iPhone, iPad and iPod touch models running iOS 6.0 through iOS 6.1.

Users are advised to backup their device through iTunes or iCloud before beginning the jailbreak process. It’s also recommended to disable any passcode locks on an iOS device, as they can cause issues.

Jailbreaking is a legal but a warranty-voiding process that utilizes exploits in the iOS software to allow users to run unauthorized code. By jailbreaking an iPhone or iPad, users can add features and software not allowed by Apple, such as custom themes or user interface tweaks.

Apple advises against jailbreaking iOS devices, as the unauthorized modification could lead to system instability, compromised security, shortened battery life, and other potential issues.

If you’ve tried the Evasi0n hack and have any feedback to offer about it, please let us know in the comments.

Hack discovered, Verizon iPhone 5 apparently unlockable for use on GSM networks

Posted by:
Date: Monday, September 24th, 2012, 07:58
Category: Hack, Hardware, iPhone, News

Ok, this is interesting.

Hours after the iPhone 5 hit store shelves across the U.S. on Friday, it has reportedly been discovered that the CDMA Verizon version of the device can be used on AT&T and T-Mobile’s networks with a simple GSM micro SIM card modification.

Per the iDownloadBlog, it’s apparently possible to trim down and install a micro SIM card into the new Verizon iPhone 5, which was purchased under contract, and connect to AT&T’s HSPA+ “4G” network.

The publication contacted a Verizon representative who confirmed the handset is indeed unlocked, meaning it can use SIM cards from other carriers even under contract. This is encouraging to travelers who own a CDMA Verizon iPhone 5 but need to hop onto international GSM networks from time to time.

While the installation is anything but elegant, in this case requiring a paper clip and a piece of tape to hold the card in place rather than the supplied tray, AT&T and T-Mobile nano-SIMs are likely to have a better fit.

With the iPhone 5, Apple is implementing new nano-SIM cards that bring a 40 percent reduction in size compared to last-generation micro SIM cards.

Stay tuned for additional details as they become available.