Georgia Institute of Technology security researchers prove App Store security flaw via “Jekyll and Hyde” attack

Posted by:
Date: Tuesday, August 20th, 2013, 07:18
Category: iOS, News, security, Software

The good news is that it’s getting a bit harder to sneak malware into the App Store.

The bad news is that it can still be done and Apple might need to invest in more security/screening features.

Per 9to5Mac and Ars Technica, researchers from the Georgia Institute of Technology managed to get a malicious app approved by Apple and included in the App Store by using a ‘Jekyll & Hyde’ approach, where the behaviour of a benign app was remotely changed after it had been approved and installed.

It appeared to be a harmless app that Apple reviewers accepted into the iOS App Store. They were later able to update the app to carry out a variety of malicious actions without triggering any security alarms. The app, which the researchers titled “Jekyll,” worked by taking the binary code that had already been digitally signed by Apple and rearranging it in a way that gave it new and malicious behaviors.

The researchers presented their findings in a paper at the USENIX Security Forum.

“Our method allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process. Once the app passes the review and is installed on an end user’s device, it can be instructed to carry out the intended attacks. The key idea is to make the apps remotely exploitable and subsequently introduce malicious control flows by rearranging signed code. Since the new control flows do not exist during the app review process, such apps, namely Jekyll apps, can stay undetected when reviewed and easily obtain Apple’s approval.”

An Apple spokesman stated that changes have been made to iOS as a result of the exploit, but it’s not yet clear whether the change is to iOS 7 or the older iOS 5 and 6 versions that had been attacked. The researchers only left their app in the store for a few minutes and said that it was not downloaded by anyone outside the project in that time.

Apple Senior Vice President Phil Schiller tweeted back in March about a study revealing the rising incidences of malware on Android. The study showed that Android accounted for 79 percent of all mobile malware in 2012, while iOS came in at less than 1 percent.

Stay tuned for additional details as they become available.

Rumor: Apple to release iOS 7 Golden Master to partners, employees on September 5th

Posted by:
Date: Thursday, August 15th, 2013, 07:47
Category: iOS, Rumor, Software

ios7logo

Apple’s long-awaited iOS 7 release is getting that much closer to a ship date.

Or at least there’s now a Golden Master date.

According to Boy Genius Report, Apple is preparing to release the final beta release of iOS 7, beta 6, sometime next week followed by a final Gold Master release ahead of Apple’s expected September 10th iPhone event. This time frame would mark two weeks from the release of beta 5, and Apple was on a two week schedule prior to the Developer Center outages. BGR is also claiming that Apple plans to seed a final GM version of the software on September 5th to employees and partners and release it to developers after the event early next month:

“After iOS 7 beta 6, Apple will be seeding a GM (gold master) version for its employees and partners to test starting around September 5th. This will mostly likely be the software that is released to the public later on in the month of September, barring any major bugs or problems that might be discovered… After Apple and its partners are comfortable with the gold master build, the company will release it to developers on September 10th, the day of the company’s iPhone event.”

It’s not hard to predict that a GM is just around the corner, as Apple would clearly want to have it ready for its reported September 10th iPhone event. No specific source has been identified as having provided a specific source of the information, but a release of the final iOS 7 version on September 10th to developers is a given if Apple continues in the tradition of years past.

02 reveals UK pricing tiers ahead of long-anticipated 4G LTE network launch

Posted by:
Date: Wednesday, August 14th, 2013, 07:52
Category: iPhone, News

If you’re over on the other side of the pond, this might be useful.

Per iMore, UK wireless carriers are about to turn on their 4G LTE networks on the same day of August 29th. O2 has released their price structure, and confirmed that the tariffs will begin at £26 per month on a SIM-only basis:

O2’s 4G SIM only packages start at £26 for 1GB of data and go up to £36 a month for 5GB of data. If customers need additional data, they will be contacted about bolt-ons, which will be available at £6 for 500MB and £10 for 1GB.

O2 is offering a minimum of 1GB of data on all their 4G LTE tariffs, but until October 31 the carrier will be offering extra data on top of the regular allowance for the duration of the contract. £27 usually gets a 3GB allowance but will be boosted to 5GB, and for £32 the 5GB limit gets increased to 8GB.

Initially iPhone owners will be out of luck, since O2’s 4G LTE is incompatible with the current UK iPhone 5. However, with an event just around the corner on September 10, and an anticipated hardware launch well before the October 31 special offer cut-off, there’s a good chance to get a deal on the next iPhone.

If you’re in the UK and can offer any feedback on this, let us know.

Apple releases Mavericks Developer Preview 5, OS X 10.8.5 build 12F33 to developer community

Posted by:
Date: Thursday, August 8th, 2013, 06:14
Category: News, Software

maverickslogo

Mavericks is coming that much closer to fruition and bringing iBooks for the Mac with it.

Per AppleInsider, Apple on Wednesday released the latest beta versions of OS X 10.9 Mavericks, allowing developers for the first time to test its iBooks software for Mac.

OS X 10.9 Mavericks Developer Preview 5 comes a little over two weeks after the fourth preview was made available at the end of July. Due to an eight-day downtime after Apple’s Developer Center was affected by an intruder, the timing of the latest Mavericks release is slightly off from the two-week cycle Apple had kept until Developer Preview 4.

Notable in the latest preview is the inclusion of iBooks for OS X, which was announced at this year’s Worldwide Developers Conference in June. Like Apple Maps, iBooks will make the crossover from iOS to OS X when Mavericks launches this fall.

As with previous version of Mavericks, Developer Preview 5 contains minor backend changes. Release notes from a previous Developer Preview suggested changes were made to bring support for iCloud Keychain.

Apple’s maintenance update for the current OS X 10.8.5 Mountain Lion, dubbed build 12F33, comes with no known issues and once again requests developers focus on graphics, Wi-Fi and wake from sleep functionality. Prior to the temporary Dev Center shutdown, Apple was releasing builds of 10.8.5 on a weekly basis.

Both Mavericks and the Mountain Lion update are slated to launch this fall.

Leaked image shows possible 8 megapixel camera for rumored low-cost iPhone

Posted by:
Date: Friday, August 2nd, 2013, 08:17
Category: Hardware, iPhone, photos, Rumor

It may feature a plastic backing, but it should have a pretty nifty camera.

Per IT168 and MacRumors, a supposed “iPhone Lite” or “iPhone 5C” rear camera image was published on Thursday. The part is claimed to be a camera module for Apple’s anticipated low-cost iPhone.

The original report claims that the part is the same 8-megapixel lens already found in Apple’s iPhone 5, and even features the same sapphire crystal scratch-resistant cover.


camera-130801

Previously, it was also claimed that the “iPhone Lite” will feature the same A6 processor and 1 gigabyte of RAM as the existing iPhone 5. With largely the same internals, the exterior rear shell of the device is expected to be plastic, and come in a variety of colors.

Apple’s alleged production schedule for the low-cost iPhone is expected to have the device ready for launch as soon as early September, according to well-connected analyst Ming-Chi Kuo of KGI Securities. He expects that the device will cost about the same as the current iPhone 4S, between US$450 and US$550, and will be easy for Apple to manufacture, as it will recycle many parts from the iPhone 5.

The same was not said by Kuo of the so-called “iPhone 5S,” which the analyst expects will be in short supply when it launches this fall. In particular, Apple’s next-generation iPhone is rumored to feature a fingerprint sensor beneath the home button for securely identifying users.

As for the camera on the “iPhone 5S,” one rumor from earlier this year claimed Apple would bump the internal sensor up to 12 megapixels. It’s also been said that the camera will take better nighttime photos with improved sensitivity, while dual LED flash is expected to improve illumination capabilities in low-light situations.

Stay tuned for additional details as they become available.

Child Labor Watch points toward initial low-cost iPhone production at Pegatron factory

Posted by:
Date: Monday, July 29th, 2013, 10:14
Category: iPhone, News

It’s the iPhone, but at a lower cost…and plasticky.

Per AppleInsider and China Labor Watch, a new plastic iPhone is currently being tested Apple supplier Pegatron, and will soon go into mass production and hit the market, one factory worker claims.

Details of Apple’s anticipated low-cost iPhone were revealed in a report published by China Labor Watch on Monday. A section of the report details “A day in Pegatron,” with a worker detailing their activities on July 9.

On that day, the worker’s job was “to paste protective film on the iPhone’s plastic back cover to prevent it from being scratched on assembly lines.” The worker revealed that the plastic iPhone will “soon be released on the market by Apple.”

“The new cell phone has not yet been put into mass production, so quantity is not as important,” the worker wrote. “This makes our job more slow paced than in departments that have begun mass production schedules.”

In addition, China Labor Watch’s company profile notes that Pegatron is responsible for building “low-priced plastic iPhones” for Apple, in addition to the iPhone 4, iPhone 4S and iPhone 5.

The report accuses Pegatron of violating labor regulations in China, as well as international labor laws and Apple’s own standards. Specifically, Pegatron is said to have work weeks that exceed Apple’s 60-hour limit, while some employees have allegedly had their pay withheld for working short shifts.

The details also come as an image published over the weekend claimed to show the retail packaging for a product called the “iPhone 5C.” Some have speculated that the “C,” if the name is accurate, could refer to “color,” as the device is expected to come in a range of colors.

Well-connected insider Ming-Chi Kuo revealed last week that Apple is on track to launch its so-called “iPhone Lite” in early September. The device is expected to be essentially a slightly thicker iPhone 5 with a plastic body.

Stay tuned for additional details as they become available.

Apple advises Chinese customers to avoid counterfeits, opt for genuine Apple products after charger-related incidents

Posted by:
Date: Thursday, July 25th, 2013, 06:40
Category: Hardware, iPad, iPhone, News

applelogo_silver

Sometimes it’s best to stick with the genuine article.

After a pair of iPhone-related electrocutions in China allegedly caused by unauthorized third-party chargers, Apple has added a section to its Chinese website helping users identify official iOS device chargers as well as advised users to charge its devices with genuine Apple chargers according to CNET.

The page offers a look at official charger designs for the iPhone 4, iPhone 4S, iPhone 5, iPad mini, iPad with Retina display, and iPad 2.

The website notes that Apple “always” puts the safety of its users first, and that products are “subject to stringent safety and reliability testing.” The official chargers that come packaged with new iPhones and iPads are also designed to meet government safety standards from around the world.

The site comes after a pair of dangerous charger-related incidents occurred in China this month. In the more serious example, a woman died while using an iPhone 5 that was plugged into the wall to charge with a non-Apple adapter.

In the second incident, a man ended up in a coma after he was accidentally electrocuted using a third-party charger with his iPhone 4. It was said that the man was using a “counterfeit” adapter.

Stay tuned for additional details as they become available.

Top three Russian wireless providers drop iPhone over subsidies, other costs

Posted by:
Date: Wednesday, July 17th, 2013, 07:29
Category: iPhone, News, retail

russianflag

If you’re headed to Russia and need to pick up an iPhone, your options may have become a bit more limited, comrade.

According to Fortune, three major Russian wireless providers have stopped carrying Apple’s iPhone, with the largest telecom, MTS, dropping the handset due to the high subsidy costs associated with being an Apple partner carrier.

As reported last week, Russia’s largest provider by subscribership, MTS, announced that it would be dropping the iPhone from its lineup, saying subsidies and marketing costs were to blame.

“Apple wants operators to pay them huge money, subsidizing iPhones and their promotion in Russia,” said MTS CEO Andrei Dubovskov. “Now it’s not beneficial for us. It’s good we stopped selling the iPhone as these sales would’ve brought us a negative margin.”

Fortune’s Philip Elmer-Dewitt speculates three factors played a part in the “big three’s” decision to ditch Apple’s handset. First, Russian carriers are limited by the federal agency Rospechat, which does not allow subsidies on the same level as seen in the U.S. For example, MTS is not able to offer an iPhone 5 for US$199.

Duties and taxes are also higher than normal for Europe, with an unlocked 16GB iPhone 5 selling for roughly US$925 on on the just-opened Russian Online Apple Store, or US$276 more than an identical U.S. variant. Apple says US$140 goes to Russian VAT, while the remaining US$129 is for foreign exchange rates, import duties, and channel mark-up.

Finally, Apple’s contract requirements, specifically those pertaining to marketing, are said to be extremely stringent. Because the contract terms are unknown, it is impossible to tell whether Russian carriers are subject to any special clauses.

The future of the iPhone in Russia is unclear, though estimates from IDC suggest that demand for the handset was already on the decline, dropping to 8.3 percent in the second quarter of 2013, down from 9 percent in 2012.

Stay tuned for additional details as they become available.

Apple vows to aid investigation surrounding electrocution of 23-year-old woman using charging iPhone 5

Posted by:
Date: Tuesday, July 16th, 2013, 07:55
Category: Hardware, iPhone, Legal, News

applelogo_silver

It’s hard to say where this will go.

Per Reuters, Apple has said it will aid in the investigation of the death of a Chinese woman who was allegedly electrocuted when she answered a charging iPhone 5.

Apple announced the company is “deeply saddened” by the “tragic incident” that killed 23-year-old Xinjiang woman Ma Ailun. Apple vowed to “fully investigate and cooperate with authorities in this matter.”

Police say Ma was killed when she answered a call on her charging iPhone 5. The story gained traction when her sister wrote on the microblog Sina Weibo to warn other users to be careful.

Prior to the incident in China, there have been no widespread claims about faulty charging with the iPhone 5. Apple did recall iPhone 3G power adapters back in 2008 over a shocking risk that affected just a “very small” number of adapters.

Negative publicity in China regarding warranty policies prompted Apple to issue a formal apology in April. Since then, the company has been more aggressive in publicly responding to negative reports from the Chinese media.

Stay tuned for additional details as they become available.

Beta code hints at 120 frames-per-second camera feature for iOS 7

Posted by:
Date: Wednesday, July 10th, 2013, 06:42
Category: iOS, News, Software

This could lead to something really interesting.

Per 9to5Mac, a new camera feature referred to as “Mogul” was allegedly discovered in the third beta of iOS 7. Tests suggested that the new software feature will allow video recording of 120 frames-per-second (fps) at an unknown resolution.

The addition of 120fps video would allow a future iPhone to offer crisp detail when playing videos back in slow motion. Such functionality is popular with sports cameras such as the wearable GoPro Hero3.

While the 120fps feature remains a secret, Apple has already revealed to developers that iOS 7 will give them the ability to record 60fps video with their iPhone applications.

There are currently applications on the iOS App Store, such as SloPro, which simulate high framerates in recording. However, in iOS 6, developers are not able to capture raw video at anything greater than 30 frames per second.

The addition of 120fps video in this year’s anticipated iPhone upgrade would allow Apple to stay on par with Samsung’s latest flagship handset, the Galaxy S4. That handset also offers super-slow-motion video capture capabilities with 120fps recordings.

This year, Apple has run an ad touting the fact that the iPhone is the most used camera in the world. And last year, the company promoted the new panorama capture feature that debuted in iOS 6.

However, hints of 120fps support in iOS 7 are not necessarily proof that the feature will appear in the next iPhone. For example, elements of an unfinished panorama feature were discovered in iOS 5 in 2011, more than a year before Apple would actually add it.

Stay tuned for additional details as they become available.