iPhone hacker Nicholas Allegra AKA Comex Hired By Apple

Apple just hired Nicholas Allegra, the world-famous hacker known as "Comex" who created JailbreakMe.com, the easiest way to "jailbreak" your iPhone.
Allegra posted on Twitter last night that he's starting an internship at Apple in two weeks.

Apple is no stranger to hiring members of the iPhone hacker community, but they seem to have hit the jackpot this time. Allegra is one of the most prolific and well known iPhone hackers.
JailbreakMe.com made the act of jailbreaking, which Apple hates, accessible to anyone who knows how to use the web browser on an iPhone. While Allegra has received mostly encouraging responses on Twitter, it's undoubtedly a huge blow to the iPhone hacking community at large. More than 175,000 people follow his Twitter account, which is more than many A-list celebrities can claim. In related news, in June Apple hired Peter Hajas, an iPhone hacker known for creating an elegant new notifications system for jailbroken iPhone.
If you can't beat em, hire em?

-News Source (Business Insider)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iPhone hacker Nicholas Allegra AKA Comex Hired By Apple"https://www.voiceofgreyhat.com/2011/08/iphone-hacker-nicholas-allegra-aka.html</a>

Apple Releases iOS 6 With 200+ New Features & Mountain Lion 10.8.2 With Facebook Integration & Game Center

Apple Releases iOS 6 With 200+ New Features & Mountain Lion 10.8.2 With Facebook Integration & Game Center

As expected, here comes double bang from Apple. Apple has also released  iOS 6 along with OS X Mountain Lion 10.8.2 and made available for public. In case of users of recent iPad, iPhone, and iPod touch models can obtain the update either by connecting their devices to iTunes and clicking the "Check for Update" button or checking for over-the-air updates on their devices. iOS 6 adds over 200 new features, including Apple's own Maps app, Facebook integration, Siri improvements, Apple's new Passbook digital wallet app, and more. iOS 6 is compatible with the third-generation iPad, iPad 2, iPhone 4S, iPhone 4, iPhone 3GS, and fourth-generation iPod touch. It will also ship on the iPhone 5, which launches on Friday, and on the fifth-generation iPod touch launching next month. The operating system arrives as the golden master build 10A403 for existing devices, and Apple has also posted a special 10A405 build for the iPhone 5 and a 10A406 build for the upcoming fifth-generation iPod touch.

With iOS Apple quietly pushed out 10.8.2, the second minor update to Mountain Lion since it was released in July. The update is currently available via the Software Update functionality in the Mac App Store. The update includes a number of enhancements, most notably Facebook integration and Game Center. It also includes support for several features integrating with iOS 6, such as Passbook passes and  iMessage/FaceTime access via phone number. 

This update is recommended for all OS X Mountain Lion users, and includes new features and fixes:

Facebook 

• Single sign on for Facebook

• Adds Facebook as an option when sharing links and photos

• See Facebook friends' contact information and profile pictures in Contacts

• Facebook notifications now appear in Notification Center

Game Center

• Share scores to Facebook, Twitter, Mail, or Messages

• Facebook friends are included in Game Center friend recommendations

• Added Facebook "Like" button for games

• Challenge friends to beat your score or achievement

Other new features

• Adds Power Nap support for MacBook Air (Late 2010)

• iMessages sent to your phone number now appear in Messages on your Mac

• You can now add passes to Passbook (on your iPhone or iPod touch) from Safari and Mail on your Mac

• FaceTime can now receive calls sent to your phone number

• New shared Reminders lists

• New sort options allow you to sort notes by title, the date you edited them, and when you created them

• Dictation now supports additional languages: Mandarin, Cantonese, Spanish, Korean, Canadian English, Canadian French, and Italian

• Dictionary app now includes a French definition dictionary

Sina Weibo profile photos can now be added to Contacts

* Requires iOS 6

General fixes

The OS X Mountain Lion v10.8.2 update also includes general operating system fixes that improve the stability, compatibility and security of your Mac, including the following fixes:

• Adds an option to discard the changes in the original document when choosing Save As 

• Unsent drafts are now opened automatically when launching Mail

• Receive Twitter notifications for mentions and replies from anyone

• URLs are shortened when sending tweets from Notification Center

• Notifications are disabled when AirPlay Mirroring is being used

• Adds SSL support for Google searches from the Smart Search Field in Safari

• Adds a new preference to have Safari launch with previously open webpages

• Resolves an issue that may cause the "Enable Autodiscover" checkbox to always remain checked

• Enables access to the Mac App Store when Parental Controls are enabled Support for @icloud.com email addresses

• Resolves a video issue with some VGA projectors when connected to certain Mac notebooks

• Addresses an issue that may prevent Active Directory accounts from being locked out

• Resolves an issue that may cause the policy banner to re-appear prior to logging in

• Improvements to SMB

• Addresses an issue with NIS users when auto-login is enabled

• Addresses an issue in which the Keychain may not be accessible

• Ability to pre-authenticate a FileVault protected system

• Addresses an issue that may cause Xsan to not automatically start after migrating from Mac OS X Snow Leopard 

Direct downloads of OS X 10.8.2 is also available through Apple's site form the following links-

OS X Mountain Lion Update v10.8.2 

 OS X Mountain Lion Update v10.8.2 (Combo) 

-Source (Apple & MacRumors)                             

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple Releases iOS 6 With 200+ New Features & Mountain Lion 10.8.2 With Facebook Integration & Game Center"https://www.voiceofgreyhat.com/2012/09/Apple-Releases-iOS-6-and-Mountain-Lion-10.8.2.html</a>

iPhone 4S Hacked By Dutch Researchers During Pwn2Own Contest

iPhone 4S Hacked By Dutch Researchers During Pwn2Own Contest & Won $30,000 Prize

 

So called fully patched and secured iPhone 4S have fall into victim in-front of hackers. Two Dutch clever minds during a Pwn2Own contest were able to hack a fully patched iPhone 4S to gain a slew of information from the device. The hackers, Joost Pol and Daan Keuper, were able to find vulnerability in WebKit that allowed them to hi-jack photos, videos, address book contacts, and browsing history right from the phone. The two earned a $30,000 cash-prize for performing what they call “a clean hack.” 

That was the intellectual challenge that drove a pair of Dutch researchers to start looking for an exploitable software vulnerability that would allow them to hijack the address book, photos, videos and browsing history from a fully patched iPhone 4S. 

"It took about three weeks, starting from scratch, and we were only working on our private time," says Joost Pol (photo left), CEO of Certified Secure, a nine-person research outfit based in The Hague. Pol and his colleague Daan Keuper used code auditing techniques to ferret out the WebKit bug and then spent most of the three weeks chaining multiple clever techniques to get a "clean, working exploit." "We really wanted to see how much time it would take a motivated attacker to do a clean attack against your iPhone. For me, that was the motivation. The easy part was finding the WebKit zero-day," Pol said in an interview.  Once the vulnerability in WebKit was found, the hackers said they put many things together in about three weeks to write an exploit to hack the iPhone 4S. The two found that the exploit developed also worked for iOS 6 (released today) and all previous versions of iOS devices.

Although the successful attack exposed the entire address book, photo/video database and browsing history, Pol and Keuper said they did not have access to the SMS or e-mail database. "Those are not accessible and they're also encrypted," Keuper explained.

While Pol and Keuper could use the hack for harm, the two said the exploit has already been destroyed. Pol told : ”We shredded it from our machine. The story ends here, we’re not going to use this again. It’s time to look for a new challenge.” They further added that iOS is definitely the most secure mobile platform around thanks to Apple’s strict guidelines. 

-Source (ZDNet)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iPhone 4S Hacked By Dutch Researchers During Pwn2Own Contest"https://www.voiceofgreyhat.com/2012/09/Pwn2Own-Contest-iPhone4S-Hacked-By-Dutch-Researchers.html</a>

iPhone Event October Will Be Held On Apple Campus

Apple intends to host the October 4th media event on their own campus in Cupertino, California, according to a new report from WSJ’s AllThingsD. The event is expected to be headlined by the iPhone 5 (or iPhone 4S), in addition to introducing the next iPod touch, iOS 5, iCloud, and Mac OS X 10.7.2 update. This is a change to Apple’s tradition of hosting larger event sat San Francisco’s Yerba Buena Center. Although AllThingsD isn’t sure as to why the events location is different, they propose a few theories. The other side to not booking the YBCA is that it has kept the event date hidden from the public, something that was relatively easy to guess due to the public accessibility of the Yerba Buena Centers event calendar. Few details on any new hardware have surfaced, and there is an ongoing debate as to whether a true iPhone 5 will be revealed or if the iPhone 4S will be the next-gen iPhone. While there is plenty of speculation in the tech world as to the specifics of the next phone, it’s important to remember that Apple goes to incredible lengths to keep products secret, as demonstrated by the immense security precautions surrounding the iPad when it was in testing prior to public launch.

According To Apple:-

"Perhaps the release date was too much of a moving target to risk booking a large space like Yerba Buena Center for the Arts (YBCA), which has hosted a number of big product unveils in the past. Perhaps, the company felt a more intimate venue was best for newly installed CEO Tim Cook’s first media event. Perhaps YBCA was simply already booked. Whatever the reason, the world will get it’s first look at the next iPhone at Apple’s Town Hall Auditorium in early October."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iPhone Event October Will Be Held On Apple Campus"https://www.voiceofgreyhat.com/2011/09/iphone-event-october-will-be-held-on.html</a>

Apple releases iOS 5 beta 3

 

Apple on Monday released a new build of its iOS 5 beta software to developers. The new build — iOS 5 beta 3 — is available for all applicable iOS devices including the iPhone 4, iPhone 3GS, iPad 2, iPad, Apple TV, and third and fourth-generation iPod touch devices. Apple also released the third beta of iTunes 10.5 alongside the new iOS release of course, and it will be necessary for developers to install iTunes 10.5 beta 3 in order to load the new iOS beta on their devices. Hit the break for the full change log included with this release.

Notes and Known Issues

The following issues relate to using the 5.0 SDK to develop code.

Accounts

• When creating an iCloud account you can use any Apple ID provided it is a full email address and not a MobileMe account. If you have a MobileMe account, you can copy data from that account to an iCloud account to use during testing. You can find more information on iCloud at: http://developer.apple.com/icloud
• When setting up an iCloud or MobileMe account using the setup assistant and leaving Find My iPhone on, it might actually turn Find my iPhone off after the setup. Please verify in Settings/Mail, Contacts, Calendar/YourAccount that Find my iPhone is toggled On after leaving the setup assistant.
• There is a problem finding a device using Find My iPhone on the MobileMe website (www.me.com) when switching from iCloud back to MobileMe. To workaround this issue:
  • On the device go to Settings->Mail, Contacts, Calendar-><your_account>@me.com and Toggle Find My iPhone off and back on. Now the device should show up on MobileMe website.
• It is recommended that you disable Bookmarks on multiple accounts. If they are enabled, the results might be undefined.
• NEW: In this beta the option of “Choosing a security question” is not working during an iCloud account setup.

Air Play

• Starting in iOS 5, video content in applications and websites are AirPlay-enabled by default.
• iOS 5 supports AirPlay of video via AV Foundation.
• FIXED: The Apple TV screen saver may degrade mirroring performance over AirPlay. The screen saver can be disabled in Apple TV settings.

Apple TV

• Apple TV Software beta enables users to mirror the contents of an iPad 2 to an Apple TV (2nd generation) using AirPlay. This beta software also enables Photo Stream on Apple TV so users can access photos stored in iCloud. Apple TV Software beta is being provided to test the latest AirPlay functionality with your iOS 5 apps and web sites. If you wish to install Apple TV Software beta on your device, you must first register your device UDID in the iOS Developer Program Portal.

Audio

• Using voice chat in iOS 5 requires setting the kAudioSessionMode_VoiceChat mode on the Audio Session, or setting the AVAudioSessionModeVoiceChat mode on the AVAudioSession object.

CalDav

• FIXED: After creating a recurring event locally on the device, the device stops syncing after hitting an error on merge. Removing and re-adding the account acts as a workaround for this.

Calendar

• All MobileMe calendars were duplicated after turning calendar syncing off and back on.
• If you launch or manually refresh Calendars on an iPad, your calendars might disappear and you will have to tap “Show All Calendars” to display them again.
• NEW: Restoring from a Seed 1 backup or earlier will cause MobileMe/iCloud calendars not to sync. Subscribed calendars will show up in Calendars but none of your event calendars will appear in MobileCal. To workaround the problem please remove and re-add the account.

Game Kit

• Match data for turn based matches is currently limited to 4 KB of data.

Game Center

• If you have an existing Game Center account which has not yet gone through the first-time Game Center flow in iOS 5, you will encounter a crash when signing into a game’s login alert directly. The workaround for this is to launch Game Center to complete the first-time flow.

i-Books

• iBooks 1.2.2 may fail to display some text or images in books. Please update to iBooks 1.3 in the App Store.

i-Cloud Backup

• As this is beta software, it is recommended that you do not use the iCloud services to store any critical data or information. If you enable iCloud Backup, automatic backup with iTunes when syncing will be disabled. We suggest you also manually back up your device with iTunes.
• In the iOS 5 beta, support for data protection in iCloud Backup is unavailable. Apps that have protected files will not have any of their data or metadata backed up as a result.
• After restoring, you may not be able to back up again because the device still thinks it’s restoring. To workaround this issue try syncing apps or media that are missing form iTunes or try deleting your iCloud account and adding it back.
• If you delete your backup, the feature will be disabled but settings may still indicate that it is enabled and you will have to toggle the BackUp to Cloud switch in Settings.
• For compatibility reasons, this version of the iOS 5 beta requires that all files be backed up again, instead of only those files that have changed since your last backup. This may cause a warning that your account is over quota. In case the warning occurs, you can delete your oldest backup to free up space and then initiate a backup.

i-Cloud Storage

• During the iOS 5 beta period, any documents stored on the servers might be purged periodically before GM. Therefore, it is highly recommended that you do not store any critical documents or information on the servers.
• If your application is using the NSMetadataQuery class, you must set a predicate, even though the predicate itself is ignored.
• The Foundation framework doesn’t include the team ID when looking for an app’s mobile documents container. The Team ID must be included at the beginning of the identifier string passed to theURLForUbiquityContainerIdentifier: method.
• In this beta, the setSortDescriptors: method of NSMetadataQuery is not supported.
• In this beta, if you want to use iCloud, you have to manually specify various container identifiers (your application’s Display set) within an Entitlements file for both of your Mac OS X and iOS projects.
• There are issues using the Cloud Storage document API in conjunction with protected data which can lead to data corruption.
• In this beta, document-based applications cannot always detect when files change, move, or are deleted out from underneath them.
• NEW: In this beta, file presenters (objects that adopt the NSFilePresenter protocol) do not receive some of the messages that they’re supposed to receive, especially:
  • presentedItemDidChange
  • presentedSubitemDidAppearAtURL:
  • presentedSubitemDidChangeAtURL:
  You can workaround this by implementing the relinquishPresentedItemToWriter: method and checking to see if the writer actually wrote when your file presenter reacquires. You can also use FSEvents to observe file system changes
• In this beta, messages about changes to files in a directory are not getting delivered to objects that adopt the NSFilePresenter protocol.
• While reporting a bug related to the iCloud storage interfaces, please include the logs collected during your debugging session. To generate these logs, you must install a special debug profile on your device.The debug profile can be obtained from http://connect.apple.com. This profile enables the generation of debug logs that are needed to diagnose any problems using iCloud storage. The instructions to collect the logs are:
  1. Install the profile. (The easiest way to do this is to mail it to yourself and open the attachment on their device.)
  2. Reproduce the bug.
  3. Sync with iTunes to pull the logs off your device.
  4. Attach the logs to your bug report. You can find the logs in ~/Library/Logs/CrashReporter/MobileDevice/DeviceName/DiagnosticLogs.
  These logs can grow large very quickly, so you should remove the profile after you have reproduced the problem and pulled the logs for the bug report.

i-Message

• NEW: i-Message beta 3 will be unable to communicate with iMessage users on beta 1. It works between beta 3 and beta 2.
• NEW: Modal alerts don’t appear for iMessages.

iTunes

• The version of iTunes that comes with beta 3 cannot sync devices that have the beta 2 software installed. To avoid this problem, do the following:
  1. Sync any devices that have beta 2 installed to the version of iTunes that came with beta 2.
  2. Upgrade iTunes to the version that comes with beta 3.
  3. Connect the device and install the beta 3 software. (Understand that you might see a failure to sync error when you first connect the device.)
  4. After installing the beta 3 software, restore from your the backup you made in step 1.
• Videos purchased from the iTunes Store do not play on a 2nd generation AppleTV over AirPlay with iTunes 10.5.

MMS

• Sending an MMS of large videos does not work.

Photo Adjustments

• If you apply red-eye adjustments in iOS, and import your image into the iPhoto seed build, the red-eye adjustments will not appear on that image in iPhoto. As a result, subsequent syncing of your image back to the iOS device from iPhoto will not show the red-eye adjustments.

Reminders

FIXED: The Reminders application does not send notifications for reminders that are based upon the entry (and/or exit) of a location if there is no date associated with the reminder.

Settings

• The “Back Up Now” button is enabled without the backup data class being enabled for the account.
• FIXED: If you bring up the keyboard of the terms in Settings->General->Software Update, you cannot dismiss it. You have to force quit Settings to get out.
• NEW: In this beta FaceTime icon is missing in Settings on the iPhones.

Simulator

• NEW: Location services are not functional in iOS 4.3 simulator running on Mac OS 10.7 with Xcode 4.2.

Springboard

• Push and local notifications for apps appear in the new Notification Center in iOS 5. Notification Center displays notifications that are considered “unread”. In order to accommodate push and local notifications that have no “unread” status, developers can use their application badge count to trigger a clearing of notifications from Notification Center. When an application clears its badge count (by setting it to zero), iOS 5 will clear its notifications from Notification Center.

Twitter

• NEW: When tweeting your location from Safari and exiting before the location can be established, the location arrow will stay in the status bar. The arrow can be removed by killing Safari from the task switcher.

UI Automation

• NEW: In iOS 5 beta 3, the first execution of a script after a reboot or erase install will likely fail. Subsequent attempts should succeed until the device is rebooted again.
• The play and record buttons in the Automation instrument script editor may not work properly after targeting an application that was launched by a trace session and has ended. They may also not work if you target an application that was suspended. If you run into this problem and it persists, you may need to close and reopen the trace document to get back into a functional state.
• When capturing actions into a script using the Automation instrument, interfaces with web views or table cells that contain a high number of off screen elements may take an extremely long time before returning with an expression.
• The lock() and unlock() functions of UIATarget have been replaced with the lockForDuration(<seconds>) function.
• Instruments overwrites the loaded automation script, even if another program is editing it.
• Starting iOS 5 beta 2, you can now trigger the execution of an UI Automation script on an iOS device from the host terminal by using the instruments tool. The command is:
  • instruments -w <device id> -t <template> <application>

UIKit

• NEW: Starting in iOS 5 beta 3, the exclusiveTouch property of UIControl has returned to its original default value of NO.
• Returning nil from the tableView:viewForHeaderInSection: method (or its footer equivalent) is no longer sufficient to hide a header. You must override tableView:heightForHeaderInSection: and return0.0 to hide a header.
• In the iOS 5 beta, the UITableView class has two methods to move one cell from one row to another with defined parameters. These APIs are:
  • moveSection:toSection:
  • moveRowAtIndexPath:toIndexPath:
• Using the UIWebView class in Interface Builder, setting transparent background color is possible in iOS 5. Developers compiling against the new SDK can check their XIB for the UIWebView transparent setting.
• In the iOS 5 beta, the UINavigationBar, UIToolbar, and UITabBar implementations have changed so that the drawRect: method is not called on instances of these classes unless it is implemented in a subclass. Apps that have re-implemented drawRect: in a category on any of these classes will find that the drawRect: method isn’t called. UIKit does link-checking to keep the method from being called in apps linked before iOS 5 but does not support this design on iOS 5 or later. Apps can either:
  • Use the customization API for bars that in iOS 5 and later, which is the preferred way.
  • Subclass UINavigationBar (or the other bar classes) and override drawRect: in the subclass.
• The indexPathForRow:inSection:, section, and row methods of NSIndexPath now use NSInteger instead of NSUInteger, so that these types match with methods defined on UITableView.
• There is a known issue with presenting a UIVideoEditorControllerobject where it doesn’t show the selected video, which appears blank instead. In certain cases it may also crash.
• Touch events are not getting forwarded to the view in the cameraOverlayView property of UIImagePickerController.
• The imagePickerController:didFinishPickingMediaWithInfo: method of UIImagePickerController is not returning a URL to the video when recording is complete.
• NEW: When creating a new appointment in calendar app on a device using 24 hr clock, you cannot select an hour value greater than 12. The date-time picker value sets current weekday to be the same as previous day (e.g: a An appointment on Tuesday will be set as Monday).
• FIXED: We have changed the behavior of scrollToRowAtIndexPath:atScrollPosition:animated: such that UITableViewScrollPositionTop and UITableViewScrollPositionBottom now adjust for the top and bottom portions of the contentInset property.

WebKit

• NEW: In iOS 5 beta 2, a new inherited CSS property, -webkit-overflow-scrolling: value, is available. The value touch allows the web developer to opt in to native-style scrolling in an overflow:scrollelement. The default value for this property is auto.
• The WebKit framework has picked up a newer WebKit engine, which closely matches Safari 5.1. Some areas to be aware of with the new WebKit framework on iOS:
  • There is a new HTML5-compliant parser.
  • Text layout width may change slightly because word-rounding behavior now has floating-point-based precision.
  • There is improved validation of the <input type=number> form field, which includes removing leading zeros and number formatting.
  • Touch events are now supported on input fields.
  • window.onerror is now supported.
  • There is a new user agent that does not have locale information in the User Agent string.

WiFi Syncing

• In iOS 5 beta 2, wireless syncing is available for the Mac. It requires iTunes 10.5 beta 2 and OS X 10.6.8 or Lion. You will see an option to enable wireless syncing when you connect your device to iTunes with the USB cable. It is recommended you perform your initial sync with a cable after restoring your device.
  • Wireless syncing is triggered automatically when the device is connected to power and on the same network as the paired computer. Or, you can manually trigger a sync from iTunes or from Settings -> General -> iTunes Sync (same network as paired computer required). Be sure your device is plugged into a power source when performing wireless syncs.
  • If you find issues with apps, media and/or photos synced to your device, you can reset then resync. From Settings -> General -> Reset, choose Erase all Content and Settings. Then reconnect to iTunes and sync again.
• FIXED: In this beta, iTunes may incorrectly report Photos as “Other” in the capacity bar. Photo syncing otherwise works as expected.
• NEW:In some cases, your device may fail to sync contacts, calendars and account settings, or back up to iTunes. If this happens, reboot your device and re-sync.
• NEW:In some cases, syncing photos may result in only thumbnails on your device. If this happens, unsync Photos then re-sync again.

Xcode

• In this beta, device restores using XCode are disabled. Please use iTunes only to back up and restore your device.
• In some cases, Xcode 4.2 Organizer does not display a device that is in restore mode. As a workaround you can use iTunes to restore.
• FIXED: On some desktop machines, Xcode’s memory usage inflates incredibly fast while restoring a device or copying an IPSW. As a workaround use iTunes to restore.
• FIXED: In this beta, crash logs (either unsymbolicated or symbolicated) do not appear in Xcode Organizer. To make them appear in the Xcode Organizer, you will have to rename the device.
• In iOS 5 beta 2, the iOS Simulator is not compatible with previous releases of the iCloud Developer Seed for OS X. It is highly recommended that you update to the latest iCloud Developer Seed to ensure compatibility.

iOS 5.0 SDK supports both iOS 4.3 and iOS 5.0 simulators.
 

-News Source (BGR)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple releases iOS 5 beta 3"https://www.voiceofgreyhat.com/2011/07/apple-releases-ios-5-beta-3.html</a>

New Browser-based iOS 'jailbreak' (Based on PDF exploit)

Hackers have once again released a "jailbreak" for iOS devices that can be completed through the Mobile Safari Web browser, taking advantage of an exploit found in the operating system's PDF reader.
The hack can be accomplished by visiting the website jailbreakme.com on an iPhone, iPad or iPod touch. It is compatible with all of Apple's current iOS-powered mobile devices, including the iPad 2 and iPhone 4. The hack was developed by "comex," Grant "chpwn" Paul and Jay "saurik" Freeman, and is compatible with iOS 4.3 through 4.3.3 on all iPads, the iPhone 3GS, GSM iPhone 4, and third- and fourth-generation iPod touch. It also works with iOS 4.2.6 through 4.2.8 for the CDMA iPhone 4.
The official site tells visitors they can jailbreak their iOS device to experience the software "fully customizable, themeable, and with every tweak you could possibly imagine." Jailbreaking is the term used to describe hacking iOS to allow users to install custom software and tweaks not approved by Apple.
The site also refers to jailbreaking as "safe and completely reversible," as users can restore their iPhone or iPad to the original, unaltered iOS software by restoring with iTunes. But jailbreaking is also a warranty-voiding process that Apple has warned users carries security risks. In 2009, a worm spread only on jailbroken iPhones that had enabled SSH for file transfer and did not change the default password.

Last July, the U.S. government affirmed that the process of jailbreaking is considered legal, though Apple is under no obligation to support users who have issues with hacked software.
The new "jailbreakme" site also asks users: "Please don't use this for piracy." While software can be legally downloaded or even sold through the jailbreak-only "Cydia" store, jailbreaking can also be used to pirate software that is sold on Apple's App Store.

This week's new jailbreak method is the second time hackers have exploited a PDF-related security hole in the Mobile Safari browser. The previous hack, issued last August, relied on a corrupt font to crash Safari's Compact Font Format handler.
Ironically, hackers who exploited the PDF security hole in iOS last year also delivered their own security fix to address the very same issue on jailbroken devices. The patch aimed to ensure that dishonest hackers would not be able to utilize the exploit for malicious purposes.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">New Browser-based iOS 'jailbreak' (Based on PDF exploit)"https://www.voiceofgreyhat.com/2011/07/new-browser-based-ios-jailbreak-based.html</a>

New Exploits For iOS 5 By Chronic Dev Team

Chronic Dev Team Has 5 Userland Exploits For iOS 5. The news is huge for anyone eager to get their hands on an iPhone 5. Userland jailbreaks refer to an exploit found in the software (iOS 5) rather than a hardware exploit. These are easily patched via an iOS update (ie. 5.0.1, etc).
The record breaking 5 (read: five) exploits will work on both the iPhone 5, iPad 2(only 1 currently exists – jailbreakme 3.0) as well as iOS 5. The reason we haven’t seen any of these exploits in action as of right now for iOS 5 beta is because it will give Apple plenty of time to patch the vulnerability before the Master release. But good news for us, as long as Apple doesn’t find any of these, we’ll have that untethered jailbreak sooner rather than later.
The Chronic Dev Team have been quiet lately, not releasing a tool since the greenpois0n release earlier this year that gave iOS 4.2.1 the pwnage of it’s life. Tweets have surfaced claiming they have been actively working on jailbreaking iOS 5 which has proven to be successful with these 5 exploits.
Of course we’ll keep you up to date on any release info as soon as we see something surface. My bets are on that they won’t release any of the exploits until the iPhone 5 is released just to give them the upper hand. If they release something when iOS 5 is release (if it is before the iPhone 5) it will easily be patched for the iPhone 5 debut – Apple will just patch the software and release the iPhone 5 with an updated iOS.5

-News Source (Gadgetsteria)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">New Exploits For iOS 5 By Chronic Dev Team"https://www.voiceofgreyhat.com/2011/09/news-exploits-for-ios-5-by-chronic-dev.html</a>

i-Phone Users are in Risk

Millions of iPhone users are at risk of having their devices hacked as they are picking up password combinations that are highly predictable, a new study has revealed. According to a research conducted by iPhone developer Daniel Amitay, 10,000 possible passwords are available for the device and15 percent of users choose one of ten four-digit combinations that are highly predictable.

Amitay conducted the experiment by tracking the passwords entered by users of the Big Brother Camera Security application he developed, the Daily Mail reports. He collected 204,508 passwords in the process, making the assessment using the logic that the password set-up to the application and the iPhone lock screen are nearly identical. “Because Big Brother's passcode setup screen and lock screen are nearly identical to those of the actual iPhone passcode lock, I figured that the collected information would closely correlate with actual iPhone passcodes,” Amitay said.

His findings show roughly ten percent of iPhone users use 1234 or 0000.

Amitay determined the high frequency of 199* could represent the 1990s, indicating a birth year or the year of graduating college. His findings showed the least used numbers are seven and six.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">i-Phone Users are in Risk"https://www.voiceofgreyhat.com/2011/06/i-phone-users-are-in-risk.html</a>

Apple Releases iOS 6.0.1, Serious Flaws in Kernel, Passcode Lock & WebKit Patched

Apple Releases iOS 6.0.1, Serious Flaws in Kernel, Passcode Lock & WebKit Patched

Couple of moths ago we got iOS6, where Apple added over 200 new features, including Apple's own Maps app, Facebook integration, Siri improvements, Apple's new Passbook digital wallet app, and more. iOS 6 is compatible with the third-generation iPad, iPad 2, iPhone 4S, iPhone 4, iPhone 3GS, and fourth-generation iPod touch. With such tremendous features there also several security bugs have been spotted in the wild, which is affecting millions of iOS users across the globe. Among those bugs the most serious seems to be a kernel flaw discovered by researcher Mark Dowd of Azimuth Security and Eric Monti of Square that affects iPhone 3GS and later, as well iPod Touch and iPad2 and later. An attacker exploiting the vulnerability could essentially bypass address space randomization layout (ASLR) protections using a malicious application, and could determine addresses in the kernel, Apple’s advisory said. The researchers said the vulnerability, which could expose data to an attacker, occurs in the way iOS handles application programming interfaces in relation to kernel extensions. 

Apple has released updates for iOS 6 which include security fixes. The iOS 6.0.1 update includes security fixes for the kernel, passcode locking and WebKit. The WebKit issues were also fixed in an update of the Safari web browser for Mac OS X. “Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection,” Apple said. “This issue was addressed by unsliding the addresses before returning them.” 

A vulnerability in iOS’ Passcode Lock was also addressed in the latest update that could allow someone with access to the iOS device to access Passbook passes without entering a passcode. “A state management issue existed in the handling of Passbook passes at the lock screen. This issue was addressed through improved handling of Passbook passes,” Apple said. Finally, a pair of WebKit vulnerabilities were patched.

The first involved how iOS handled JavaScript arrays, and could allow an attacker to remotely execute code if a user visited a malicious site and was infected. Apple said it addressed the matter through additional validation of JavaScript arrays. The other WebKit flaw is a use-after-free issue in the handling of SVG images. Scalable vector graphics (SVG) are file formats for static or animated graphics. A user visiting a website hosting a malicious graphic could experience application crashes or worse, an attacker could remotely execute code.  

The iOS 6.0.1 software update also includes fixes for the iPhone 5 to allow it to install over the air updates and to make it work better with WPA2 Wi-Fi networks. There are also corrections for bugs which flashed horizontal lines over the keyboard and stopped the camera flash going off. The two WebKit issues were also the only issues apparently fixed in the Safari 6.0.2 update. Safari 6.0.2 is available through Software Update for Mac OS X 10.7 Lion and the Mac App Store for Mac OS X 10.8 Mountain Lion.

-Source (Apple, threat post & The-H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple Releases iOS 6.0.1, Serious Flaws in Kernel, Passcode Lock & WebKit Patched"https://www.voiceofgreyhat.com/2012/11/iOS6.0.1-Kernel-PasscodeLock-WebKit-Flaws-Patched.html</a>

iPhone passcodes got hacked by Russian security firm

Apple devices running the latest iOS version 4 are now susceptible to having their passcodes hacked. This would allow someone complete access to your stored data.
Russian security firm ElcomSoft claims to be the first company to have cracked the encryption system used to protect the iPhone, iPod touch and iPad. Alarmingly, it plans to sell the software to the highest bidder.
The hack, which requires direct access to the mobile device, involves a combination of brute force attack (trying out every likely combination of a password) and breaking the encryption system itself.
ElcomSoft admits that "explaining what we did to break this encryption is not exactly easy", but it basically involved decrypting security keys which are generated as a combination of the unique device ID and the user's passcode.
The hack somewhat relies on user reluctance to implement strong passwords. iOS devices allow the use of four-digit passcodes, akin to PINs, which are fairly easy to remember and enter on the touchscreen. As there are only 10,000 available combinations, finding the code shouldn't take long.
It's also possible to use longer passwords, but they require use of the on-screen keyboard in portrait mode, and can become a pain to enter every time the device needs to be unlocked. As with all password choices, using longer, non-dictionary words make Apple's mobile devices virtually uncrackable. This is particularly true if the backups stored in iTunes are also protected.
ElcomSoft is planning to sell its cracking software, but promises it will only distribute to "established law enforcement, forensic and intelligence agencies." We'll resist the urge to get political, and leave it to your imagination who might end up with this software. That's assuming it's not already on BitTorrent.
What isn't clear is whether the Apple's "nuke" function, which can be set to wipe data after a number of failed authorisation attempts, kicks in or if that has somehow been sidestepped.
Our advice? Don't put sensitive stuff on your iPhone or iPad. If your iPhone is stolen or confiscated, you should remotely wipe it.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iPhone passcodes got hacked by Russian security firm"https://www.voiceofgreyhat.com/2011/05/iphone-passcodes-got-hacked-by-russian.html</a>

Finally Facebook Released Their Application for iPad

One year, six months, and seven days after the iPad first went on sale, Facebook has at last released its app for Apple's tablet. "Many of you have been asking about Facebook for iPad," the company said in an understated blog post Monday. "Today, it's finally here." The long-delayed app has the subject of much Silicon Valley chatter. Some rumors suggested that a rift between Facebook CEO Mark Zuckerberg and Apple's executive team over Apple's Ping social network was to blame for the delay. Others claimed that Facebook preferred a Web-based application that bypassed Apple's strict app store rules.
Former Facebook developer Jeff Verkoeyen, the lead engineer on the the iPad app, wrote on his blog recently that he quit the company after Facebook continually delayed the release of the iPad app. It had been in the works since October 2010 and was essentially completed in May, Verkoeyen said.
"For reasons I won't go into details on the app was repeatedly delayed throughout the summer," Verkoeyen wrote. "Needless to say this was a frustrating experience for me. The experience of working on this app was a large contribution to the reasons why I left Facebook, though that doesn't mean it wasn't a difficult decision."
Verkoeyen, who now works for Google, later updated his blog post to strip out his criticism of Facebook and his comments about the app's delay.
If Verkoeyen's timeline is correct, that means that the Facebook iPad app was stuck in limbo longer than the Apple's notoriously delayed white iPhone 4.

But like the white iPhone, Facebook's iPad app has finally appeared. The application showcases many of the familiar Facebook features, integrating gestures and swipes to help users navigate the social network.
"With the iPad app, you get the full Facebook experience, right at your fingertips," Leon Dubinsky, a Facebook mobile engineer, said in a blog post that he wrote "from the comfort of his couch."
Games, apps, groups and lists appear in a menu on the left-hand side, giving users quick access to their most-frequently used tasks. Messages and notifications appear at the top of each screen, so Facebook users can chat with friends and view updates without jumping back and forth between screens.
The app also allows lets users play full-screen games, watch and record HD videos and stream them to other devices using Apple's Airplay technology.
The app had been noticeably absent from Apple's iTunes app store, considering that Facebook had been among the first to debut an iPhone application in 2007. The social network also said Monday that it made several improvements to the iPhone app and Facebook's mobile site, giving users simplified navigation, faster search and access to more games and apps. 

For more information and to get the application click Here

-News Source (CNN)

 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Finally Facebook Released Their Application for iPad"https://www.voiceofgreyhat.com/2011/10/finally-facebook-released-their.html</a>

iPhone Can Be Used As Spyware & Can Snoop Desktop Typing

A team of researchers at Georgia Tech have demonstrated how they were able to spy on what was typed on a regular desktop computer's keyboard via the accelerometers of a smartphone placed nearby. Normally when security researchers describe spyware on smartphones, they mean malicious code that can be used to snoop on calls, or to steal the data held on mobile phones.

In this case, however, researchers have described how they have put software on smartphones to spy on activity outside the phone itself - specifically to track what a user might be doing on a regular desktop keyboard nearby. It sounds like the stuff of James Bond, but the researchers paint a scenario where a criminal could plant a smartphone on the desk close to their target's keyboard and use specialist software to analyse vibrations and snoop on what was being typed. It's a quite beautiful twist on how bad guys could use microphones to "hear" keystrokes and spy on your passwords.

Patrick Traynor, an assistant professor in Georgia Tech's School of Computer Science, admits that the technique is difficult to accomplish reliably but claims that the accelerometers built into modern smartphones can sense keyboard vibrations and decipher complete sentences with up to 80% accuracy.

"We first tried our experiments with an iPhone 3GS, and the results were difficult to read," said Traynor. "But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack."

Indeed, a photograph of the researcher shows him posing with what appears to be an Android smartphone.

The study's authors also determined that because the smartphone had to be within a range of just three inches from the keyboard, phone users who left their phones in their pockets or purses, or simply moved them further from the keyboard would be well defended.

The researchers admitted that the likelihood of an attack of this nature "right now is pretty low", and I'm not planning to lose any sleep over the threat. Nevertheless, if you manage to get the chance do take some time to read the paper: "(sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers"

-News Source (NS, Computer World, Georgia Tech's School)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iPhone Can Be Used As Spyware & Can Snoop Desktop Typing"https://www.voiceofgreyhat.com/2011/10/iphone-can-be-used-as-spyware-can-snoop.html</a>

Apple Brings iOS 7.0.4 [Includes New Features, FaceTime Bug & App Store Purchase Flaw Fixed]

Apple Brings iOS 7.0.4 & iOS 6.1.5 Includes New Features, FaceTime Bug  & App Store Purchase Flaw Fixed

California based tech giant Apple Inc has released a new update on their popular iOS software running on iPhone, iPad, and iPod touch devices. This release of of iOS 7.0.4  includes bug fixes and improvements, including a fix for an issue that causes FaceTime calls to fail for some users. iPods that are not able to upgrade to iOS 7 have their own version to upgrade to, iOS 6.1.5. The release of iOS 7.04 marks the third update of the iPhone operating system in the short time since Apple pushed out iOS 7 in September. The new OS represented a major change from the older operating systems, both in the look and feel of the software and in its functionality.  There’s much zooming in and out and all about in iOS 7, as well as a blurry background that has drawn quite a bit of criticism. iOS 7 also was a major security release, fixing issues with the iPhone’s certificate trust policy as well as remote code-execution vulnerabilities in the CoreGraphics and CoreMedia components. 

The new update improves iCloud Keychain, which was introduced in iOS 7.0.3, and the latest version of the desktop software, OS X Mavericks. The cloud-based technology keeps the Safari browser's passwords and credit card data in sync across all your Apple devices. Secondly, in Spotlight, the device's internal search engine, Apple has brought back the ability to search Google and Wikipedia from the results. The two services were removed when iOS 7 was first released in mid-September. 

Also on Thursday, Apple released a corresponding update to its Apple TV, updating the set-top box to version 6.0.2.  Users can update to the latest version by accessing the device's Settings, selecting General, then Software Update. In spite of the relatively small size of the update, it's recommended that users use Wi-Fi when updating. To avoid security vulnerabilities every Apple users are highly recommended to update their software. 

-Source (Apple, ZDNet & Threat Post) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple Brings iOS 7.0.4 [Includes New Features, FaceTime Bug & App Store Purchase Flaw Fixed]"https://www.voiceofgreyhat.com/2013/11/apple-brings-iOS-7.0.4-and-6.1.5.html</a>

AT&T Locker: Offering Free Cloud Storage For iOS & Android Users

AT&T Locker: Offering Free Cloud Storage For iOS & Android Users

AT&T a leader in telecommunication services, announced a brand new service which calls "AT&T Locker" that will allow iPhone and Android smartphone customers of AT&T to store 5GB worth of videos and photos for free in AT&T's cloud. The most interesting thing is that, the service is available through a free app in the Apple App Store or the Google Play store. And it allows users to store roughly 5,000 average sized photos in the cloud. The app requires subscribers use either an iPhone 3GS or newer device. And Android users must be on version 2.1 or higher of the Android OS. Users can choose to upload new photos and video via Wi-Fi, AT&T's cellular network or both. Customers can manage those photos and share them through the app on the smartphone or on the AT&T Locker web page. AT&T plans to incorporate additional features in future versions of AT&T Locker. And the company didn't say whether higher storage options will be available.

This service is exactly similar to Apple's iCloud service also allows up to 5GB of free storage. And it also offers Photo Stream, which allows its iPhone users to automatically store photos in Apple's cloud and share them across multiple iOS devices as well as share them with other people. The service stores up to 1,000 pictures automatically and this storage doesn't count against the iCloud storage limits. Google also offers storage in its Google Drive service. This service also offers up to 5GB of free storage. You can store anything here from pictures to documents to music. Of course there are also other options for storing photos and other digital content including Dropbox and Microsoft's SkyDrive which is also a very handy option. 

Brief Description:-

AT&T Locker™ allows you to Store, sync and share your photos, videos and documents in one convenient place. AT&T Locker is an app that lets you store, sync and share your data in one safe, convenient place. Your content is easy to access on your computer and phone from virtually anywhere. Photos and videos can be backed up automatically from your phone. It's also easy to share to email, Facebook and Twitter. First 5 GB of storage is free. Additional storage is available for the low monthly price of just $3.99 for 30GB or $9.99 for 100GB.

• Photos and videos can be automatically uploaded to your AT&T Locker from your phone

• Easily access your photos, videos and documents from your phone and computer

• Easy to share to email, Facebook and Twitter

• First 5 GB of storage is free. Additional storage is available.

• Your content is secure and backed up in the cloud

• Store your favorite memories in a safe and convenient place

• Store music from your computer to your AT&T Locker

-Source (AT&T, Cnet)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">AT&T Locker: Offering Free Cloud Storage For iOS & Android Users"https://www.voiceofgreyhat.com/2012/11/ATnT-Locker-Free-Cloud-Storage-For-Smartphone-Users.html</a>

iOS is Still Vulnerable

Apple's recent security patch for iOS is a lot more critical for users of iPhone, iPad, and iPod Touch devices to install than was initially suspected, according to Chester Wisniewski, a Sophos senior security advisor.

Apple's mobile operating system is vulnerable to an updated version of a tool called sslsniff, that "allows users to easily perform man-in-the-middle attacks against SSL/TLS connections," Wisniewski wrote Wednesday on Sophos' NakedSecurity blog.

What's more the new version of sslsniff can apparently "identify vulnerable Apple devices and allows anyone to snoop on secure communications."

"This patch should be applied immediately if you log in to any service on your device, especially things like your bank or PayPal," Wisniewski writes. "Users are particularly vulnerable to this attack if they frequently use public/open WiFi."

The vulnerability is present in iOS versions 4.3.4, 4.2.9, 5.0b, and earlier. Unfortunately for users of Apple devices even just a couple of generations old, there is no fix, according to Wisniewski.

"If you are using an iPod Touch generation one or two, or an iPhone older than the 3GS, you will be perpetually vulnerable," he writes. "Owners of these devices should not use them for any purpose for which security or privacy is required."

And like a number of recently identified security vulnerabilities in Apple's Mac OS X operating system, the latest iOS vulnerability has a documented history—as a flaw originally seen in Microsoft software.

"Oddly the flaw in iOS was a widespread flaw in WebKit and Microsoft's CryptoAPI nine years ago," Wisniewski writes. "It allows any valid certificate purchased from a Certificate Authority to sign any other certificate, which the client device will then consider valid.

"This allows anyone who can capture traffic from your iPhone, iPad or iPod Touch with man-in-the-middle techniques to intercept and read any and all encrypted SSL traffic silently and without notification to the user."

Security researchers at Recurity Labs have created a website, https://issl.recurity.com, which iOS users can surf to with their devices to see if they are vulnerable. Tests by Betanews on a variety of iOS devices not using the most current version of iOS verified that the site is a reliable method for testing.

                                                                                                                                                                       -News Source (NakedSecurity)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iOS is Still Vulnerable"https://www.voiceofgreyhat.com/2011/07/ios-is-still-vulnerable.html</a>

Apple releases iOS 5 beta 2, With Wireless Syncronization

Apple today released the second beta version of its iOS 5 mobile operating system to its iOS developer website, as well as the second beta of iTunes 10.5, which is needed to test one of iOS 5′s biggest new features: wireless syncing. And so far, the developer’s reviews give the new feature two big thumbs up. The build number of iOS 5 beta two is listed as 9A5248d. Apple has released a total of nine separate builds of the beta OS: three for iPad 2 (WiFi-only, GSM, CDMA), one for the original iPad, two for iPhone 4 (GSM, CDMA), one for iPhone 3GS and two for the iPod touch (third and fourth generation). No other devices will be able to run iOS 5 when its official release. (Sorry iPhone 3G users).
To use the new wireless syncing features, users must have the newest iOS 5, iTunes 10.5 beta 2, and a Mac running Mac OS X 10.6.8 or OS X Lion. Users must then connect their device to their Mac with a USB cable for the the very last time. This will allow them to choose the wireless sync option. Once that’s done, the USB can be stored safely away.
The iOS 5 beta 2 release also now allows any Apple ID to be used to create an iCloud account. (The beta 1 version required a MobileMe account.) A new version of iMessage is included in beta 2. And that version is not backward-compatible with the iMessage version in beta 1. Also, developers must take note that once the beta 2 version of iOS 5 is installed, they can only update to newer beta versions, and cannot revert back to the first beta version.

In addition to iOS 5 beta 2 and iTunes 10.5 beta 2, Apple also released a second beta version of AppleTV 2.0 software and a developer preview of XCode 4.2.

Apple will officially release iOS 5 to the public sometime this fall.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple releases iOS 5 beta 2, With Wireless Syncronization"https://www.voiceofgreyhat.com/2011/06/apple-releases-ios-5-beta-2-with.html</a>