Tag Archives: iOS

Grand Theft Auto: San Andreas coming to iOS ,Android and Windows Phone

Rock Star Games has announced that very soon it will release the classic Grand Theft Auto: San Andreas on mobile platform. Not just on iOS and Android but also on Windows Phone. No release date or pricing is provided yet, but it is expected to be released this December. So get ready to live in the early 90’s in the gangster world of Carl Johnson.

GTASA

DoS attack on iOS and OSX for WebKit engine.

A new exploit in Apple iOS and OSX has been found which crashes any application which contains certain characters of Arabic text.It crashes applications running on iOS and OSX that uses WebKit engine. But I have seen that same character set does not crash WebKit application on different platform. So we can be assured that the bug is of Apple not WebKit engine as a whole. (I tested Google Chrome on Linux)

Versions effected are, iOS 6 , 7 beta and iOS< 6 ,Mac OS X 10.8

Version not effected Mac OSX 10.9 beta and OSX<10.8

This fatal error can be reproduced if

  • You send text message to your iPhone with the set of characters.
  • You sen iMessage to Mac of iPhone.
  • Those set of characters are displayed on applications like browser.
    On Mac,I tested on Safari which crashed the whole Safari browser, but while on Google Chrome it only crashed the tab where the link was opened. In case you were wondering Firefox did not crash.If you are feeling adventurous and want to test which applications will crash the you can head to this link. Note this may crash your browser, if it does not then you will see the set of arabic characters.

Google Chrome crash

Exploit Link: http://zhovner.com/tmp/killwebkit.html (Warning it may crash your WebKit browser) , copy paste the link I have deliberately not hyperlinked as to stop people from accidentally clicking it.

 

My thoughts on WWDC 2013 Keynotes.

iOS 7, is it really Designed by Apple?

Apple showed off their latest iOS version on WWDC 2013. Well while I love the functionality of the new OS, I am not happy with the design process.

I mean the icons looks as if its designed by a kid with a box by crayons. It has too much of colour and it no way looks like its made by Apple. It seems that someone has installed a Cydia Theme in iOS.

I am sharing some pictures of the new iOS7 do comment your thoughts about it. Do you like it or hate it?

 

iOS7

 

iOS7

 

iOS7

 

Mac OS X Mavericks uses Windows file sharing by default. Why?

OS X Mavericks

As you already know that Apple OS X uses AFP (Apple Filing Protocol) and Windows uses SMB (Server Message Block), the new Mac OS X uses SMB2 over AFP !

Ok, I know you will say that how does it matter? or You would say it would be easier to share with Windows based computers. Well yes, but one of the most like feature of the Mac OS X, Time Machine over LAN relies on AFP. Third party Time Machine manufacturers have to reverse-engineer AFP to keep it working with the new version of OS X. What more bothering me is that who selected SMB2 ? OS X prior to OS X 10.7 uses open source implementation of SMB , called Samba. (used in popular Linux distro too) With OS X 10.7 , Apple replaced it with their own implementation SMBX.

 

Really Apple needs Steve Jobs.

 

Source: Apple Core Technologies Overviews. (PDF link)

A charger that can install malware on your iOS device,including non-Jailbroken devices.

iphone5-black

 

Yes, you read it correct. A modified charger that can install malwares onto your iOS devices like iPhones and iPads, even though its not jailbroken, it does not even needs your interaction. And it takes less than a minutes of charging to get it infected.

Recently researchers will show a prototype of this charger in BlackHat Security Conference in late July. The prototype of the charge is named “Mactans” which is build on open-source single-board computer called the BeagleBoard,availavle at $45 from Texas Instruments.

Brief description by the researchers Billy Lau,Yeongjin Jang,Chengyu Song.

Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software. All users are affected, as our approach requires neither a jailbroken device nor user interaction.

In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms. To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications.

To demonstrate practical application of these vulnerabilities, we built a proof of concept malicious charger, called Mactans, using a BeagleBoard. This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish. Finally, we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks we describe substantially more difficult to pull off.

 

 

iOS 6.1 bug enables attacker to bypass Passcode Lock to access your phonebook.

If you have an iPhone I would ask you not to update to iOS 6.1 if you haven”t done it already. And if you have already updated it, the I would suggest don”t let your iPhone out of your sight as a new bug has been found that helps attacker to bypass the Passcode Lock and access your Contacts.

iphone5-black

Here is how to bypass the iPhone lock screen and access the Contacts on iOS 6.1

1. Lock device
2. Slide to unlock
3. Tap emergency call
4. Hold sleep button until the power down prompt shows. Click cancel, you will notice the status bar turn blue. Type in 911 casino online or your emergency number and click call then cancel it asap so the call dosen’t go through.
5. Lock your device with the sleep button then turn it on using the home button.
6. Slide to unlock then hold the sleep button and in 3 seconds tap emergency call. This will spazz out the phone and cause it to open.

[Make sure to continuously hold the sleep button until you are done looking in the phone]

 

 Update 1:

This bug only works with “simple passcode” option is enabled. It does not work if you disable “simple passcode” option. Thanx to  @andrewbway for sharing this info

Ubuntu comes to your phone.

Ubuntu have been the most favourite Linux distro, now Ubuntu is launching a mobile OS to take on iOS, Android and Windows Mobile.

Ubuntu Phone OS 1

 

 

Ubuntu Phone OS 2

 

 

 

System Requirements Entry Level Ubuntu smartphones High-end Ubuntu smartphones
Processor architecture 1 Ghz Cortex A9 Quad-core A9 or Intel Atom
Memory 512MB to 1GB Minimum 1GB
Storage 4 to 8GB eMMC+SD Minimum 32GB eMMC+SD
Multi-touch Yes Yes
Desktop convergence No Yes

 

Apps will be made by HTML5 and it seems that Ubuntu will be providing a dedicated SDK.  Along with that it seems that the apps available on Ubuntu Software Centre will be available on the Ubuntu phone OS too. So will be the Ubuntu One cloud service.

If it give a full blown Linux Desktop environment, along with Terminal and able to apt-get install , then I am very much sure all the geeks will ditch Android and iOS and jump to Ubuntu phone OS.

It is to be showcased in CES as the website says “If you are going to CES, stop by booth 30659 in LVCC South Hall 3 (Upper Level) or, contact us to arrange a meeting.”  Click the source link for more details, and official news. Do let us know if you visit CES will get in touch with you to get more info, or share your comments below.

Source: Ubuntu

12 Million Apple device UDID stolen from FBI.

FBI Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team had 12 million Apple device UDID[to e specific 12,367,232 UDID ] in one single CVS file NCFTA_iOS_devices_intel.csv [not only UDID along with that Full Name, Address, Zip Code, Cell Number,etc were stored] on a Dell Vostro laptop which was stolen by using Java vulnerability exploit.[ AtomicReferenceArray vulnerability on Java. ]

 

 

UDID stored by FBI

 

 

Before we debate about was Apple right or wrong in implementing UDID. I really don”t understand how did FBI got hold of so many UDID ? Well I am sure that not all 12 million UDID belonged to criminals whom FBI have captured and noted down there devices UDID. So was Apple selling the info to FBI? Nope if that was the case the leaked file wont contain 5 UDID belonging to late Steve Und dazu konnen Sie sogar noch wahlen, ob sie im normalen Modus casino spiele n oder zu Expertenmodus wechseln mochten, ganz nach Ihrem eigenen Tempo – Cashapillar wird Ihnen auf jeden Fall stundenlang Spa? bereiten! Wir haben hier ein paar Tipps fur diejenigen von Ihnen zusammengestellt, die ihre Gewinnstrategie ausarbeiten mochten. Jobs. So how did FBI got such a huge volume of data, did they got it in a legitimate and legal way? Last time I checked UDID should not be sold or shared without users permission. And FBI was the organization to stop person from doing illegal things not do illegal things themselves.

And even if FBI has some strange power which given to them which allow to do them what they feels is correct, while a sensitive data of millions of people are getting stored in a digital format, one should apply enough security to store it in a secure way.

Along many common people few significant UDID stolen belong to famous people.

  • 5 UDID of Steve Jobs
  • 3 UDID of Bill Gates
  • 1 UDID of John Ive

The fact that FBI was storing UDID of common people was brought to light by the famous hacker group Anonymous. I would like to thank them to letting us know this fact, which we would not have known otherwise.

[Note: Me or this site is no way linked with Anonymous , this blog gives only my personal views]

Do share your thoughts on what do you think. How did the FBI got hold of so many UDID? What did they not protect their computer from Java Vulnerability?

 

 

Apple App Store’s First Malware.

Apple’s App Store is known to be very rigorusly check every app before it makes to the App Store. But the Worlds First App that contain trojan confirmed by Kaspersky made it to Apple’s App Store, it steals users phonebook and uploads it to remote server, without users permission.iOS users dont need to worry the app has been removed from the store by Apple. The name of the app is “Find and Call”.

 

The same app also made it to Google Play Store , but now Google has removed it. This kind of apps are generally made to get large number of phone numbers for massive SMS scams.

 

Kaspersky says

“… the application steals data from the device (phone book and cellphone numbers) which are uploaded to a remote server to be used for SMS spam campaigns. Each phone book entry will receive SMS spam message offering to click on the URL and download this ‘Find and Call’ application. It is worth mentioning that the ‘from’ field contains the user’s cellphone number. In other words, people will receive an SMS spam message from a trusted source.”

 

World First Malware App that made it to Apple App Store

Google Chrome comes to iOS

The popular browser on desktop on Windows, Mac and Linux, has made its way to iOS. And its supported on iPhone, iPad ad iPod Touch. After Safari Chrome is no doubt the best browser on iOS devices, although we had many other browsers for iOS but Chrome is undoubtedly the best one.

Some of the features of Chrome for iOS

Sync (yes you can sync it with the Chrome on your desktop)

Super Fast Page Load

You can send pages from your Chrome on computer to your iOS device and you can even read those pages when your are offline.

What I liked the best is the over all UI, opening multiple tabs (more than Safari) and managing them can be done very swiftly.

 

 

 

You can download Google Chrome for iOS from the App Store for free. click here

Apple releases iOS 5.1.1 Software Update and fixes some security vulnerabilities.

Apple releases its latest iOS update the iOS 5.1.1 with some fixe and patches. The iOS 5.1.1 is supported in the following devices

  • iPhone 4S
  • iPhone 4
  • iPhone 3GS
  • iPad 2
  • iPad
  • iPod touch (4th generation)
  • iPod touch (3rd generation)

The updates include.

  • Improves reliability of using HDR option for photos taken using the Lock Screen shortcut
  • Addresses bugs that could prevent the new iPad from switching between 2G and 3G networks
  • Fixes bugs that affected AirPlay video playback in some circumstances
  • Improved reliability for syncing Safari bookmarks and Reading List
  • Fixes an issue where ‘Unable to purchase’ alert could be displayed after successful purchase

The security issues that were fixed in this release are :

  • Address bar spoofing.
  • Cross site scripting
  • Remote code execution.