Showing posts sorted by relevance for query jailbreak. Sort by date Show all posts
Showing posts sorted by relevance for query jailbreak. Sort by date Show all posts

Latest iPad Jailbroken Immediately After Release

Posted by Avik Sarkar On 3/21/2012 04:26:00 am

Latest iPad Jailbroken Immediately After Release 
The new iPad tablet was released by Apple on Friday but yet again the same history repeated. Though in this release Apple forbids installing applications it has not approved, but hackers have found ways to "jailbreak" devices, or modify the code to allow unauthorized programs from alternative application stores such as Cydia.  But  fail to stop the hacker. The much-awaited device. Reportedly, the next-generation iPad was jailbroken within three hours of its market release on March 16. "Musclenerd," a member of the iPhone Dev Team, posted a screenshot on Twitter on Mar. 16 showing how he got root access on the latest Apple tablet. Another member, Stefan Esser, or @i0nic, posted a video showing an untethered jailbreak for his third-generation iPad. Finally, Grant Paul, or @chpwn, disclosed a third method to get root on the new iPad. There are three different methods to jailbreak the latest Apple iOS 5.1 software, and videos and screenshots posted over the weekend showed the hacks, according to the Dev-Team, which developed the first jailbreak tool.
In January, the tool Absinthe A5 was released, which could jailbreak both the iPhone 4S and iPad running software versions just before iOS 5.1. It took about 10 months to develop due to the difficulty the hacking group GreenPois0n found in trying to find a way to exploit the A5 processor. On the other hand, Apple is very strict about the control it exerts over its products, and iOS device owners have no choice but to buy and use software and content through Apple’s channels without a jailbreak. So it comes down to each users’ preferences: is it better to break the control and run the risk, or stay within Apple’s relatively safe walled garden with fewer choices?




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

New Browser-based iOS 'jailbreak' (Based on PDF exploit)

Posted by Avik Sarkar On 7/07/2011 11:49:00 am


Hackers have once again released a "jailbreak" for iOS devices that can be completed through the Mobile Safari Web browser, taking advantage of an exploit found in the operating system's PDF reader.
The hack can be accomplished by visiting the website jailbreakme.com on an iPhone, iPad or iPod touch. It is compatible with all of Apple's current iOS-powered mobile devices, including the iPad 2 and iPhone 4. The hack was developed by "comex," Grant "chpwn" Paul and Jay "saurik" Freeman, and is compatible with iOS 4.3 through 4.3.3 on all iPads, the iPhone 3GS, GSM iPhone 4, and third- and fourth-generation iPod touch. It also works with iOS 4.2.6 through 4.2.8 for the CDMA iPhone 4.
The official site tells visitors they can jailbreak their iOS device to experience the software "fully customizable, themeable, and with every tweak you could possibly imagine." Jailbreaking is the term used to describe hacking iOS to allow users to install custom software and tweaks not approved by Apple.
The site also refers to jailbreaking as "safe and completely reversible," as users can restore their iPhone or iPad to the original, unaltered iOS software by restoring with iTunes. But jailbreaking is also a warranty-voiding process that Apple has warned users carries security risks. In 2009, a worm spread only on jailbroken iPhones that had enabled SSH for file transfer and did not change the default password.
Last July, the U.S. government affirmed that the process of jailbreaking is considered legal, though Apple is under no obligation to support users who have issues with hacked software.
The new "jailbreakme" site also asks users: "Please don't use this for piracy." While software can be legally downloaded or even sold through the jailbreak-only "Cydia" store, jailbreaking can also be used to pirate software that is sold on Apple's App Store.
This week's new jailbreak method is the second time hackers have exploited a PDF-related security hole in the Mobile Safari browser. The previous hack, issued last August, relied on a corrupt font to crash Safari's Compact Font Format handler.
Ironically, hackers who exploited the PDF security hole in iOS last year also delivered their own security fix to address the very same issue on jailbroken devices. The patch aimed to ensure that dishonest hackers would not be able to utilize the exploit for malicious purposes.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

iOS 4.3.3 Patches Jailbreak Tethering Loopholes?

Posted by Avik Sarkar On 5/06/2011 09:25:00 pm


Real (read: free tethering) and truly unlimited data are soon to be extinct. This is a given. However, as for how carriers spy on users and determine exactly how they consumer their data has remained a mystery. The general consensus is that cellular carriers will go off of bulk data usage along. But a brief account by Alex over at iPhoneDownloadBlog sheds some new light on the free tethering cat and mouse saga.
After Alex received an alert from AT&T about tethering — he uses the popular MyWi — he decided to give AT&T a call and play dumb. In short, his fact finding mission netted him some potential damming evidence concerning iOS 4.3.3. According to the AT&T rep Alex spoke with, iOS 4.3.3 contains several new security/bug fixes that plug some “illegal” tethering loopholes. While we haven’t heard of widespread broken tethering after upgrading to iOS 4.3.3, we must admit that most of the people we talk to whom also jailbreak wait until the latest jailbreak is available before upgrading.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

JailbreakMe Security Flaws Will be Patched by Apple

Posted by Avik Sarkar On 7/10/2011 03:10:00 pm


Shortly after the JailbreakMe hack that uses Mobile Safari to jailbreak iPhones, iPads and the iPod touch hit the Web, Apple announced that it will be patching the potential security flaw the hack takes advantage of, according to Yahoo! Finance
Jailbreaking is a process that hacks iOS so third-party apps that aren’t available through Apple’s iTunes-based App Store can be installed. Unlike other jailbreak tools, JailbreakMe doesn’t require a computer to handle the hacking process. Instead, users only need to go to the JailbreakMe Web site on their iPhone, iPod touch or iPad, and the security flaw the hack takes advantage of is exactly what Apple plans to patch. 
While patching the flaw will take away the ease of use that JailbreakMe offers, it will also block a security flaw that could potentially be used for more nefarious deeds. The flaw takes uses specially crafted PDF documents to install software on user’s iOS devices, potentially without their permission or knowledge. So far, there aren’t any reports of malicious uses of the flaw, only the JailbreakMe hack.
Bethan Lloyd, a spokesperson for Apple, said the company is “aware of this reported issue and developing a fix that will be available to customers in an upcoming software update.” There isn’t any word yet on when to expect the security update to be released

-News Source (Mac observer)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

Posted by Avik Sarkar On 10/07/2012 07:39:00 pm

BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

Now a days users of tablet is increasing everyday. Millions of people across the globe are using tablet for both personal and professional purposes. While the number of users and purposes of using tablet are rising, besides the matter of privacy and security arises. There are many companies who are manufacturing tablet, but before choosing, we should know which one is secured than others. According to a recent report by Context Information Security -the PlayBook of BlackBerry is the only device among three top tablets that gives users a good, safe division between their work and personal computing, a recent technology audit concluded.  The report faulted the PlayBook, as well as the Apple iPad and the Samsung Galaxy Tab, for default settings that don't automatically encrypt backups, and for not offering complementary and compatible tools for IT teams to manage a large number of devices at the business level. According to Jonathan Roach, Principal Consultant at Context and author of the report "While the iPad and BlackBerry PlayBook performed better, both still have security deficiencies -- including desktop software that fails to encrypt backups by default." He also said "Context found the PlayBook to be the most work-ready personal tablet of the three, due to its Bridge application's excellent support of barriers between work and personal profiles," 
According to report by contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its "robust data protection and damage limitation facilities," but said on its news page that the device was still vulnerable to jailbreak attacks and "ineffective disk encryption unless a strong passcode policy is applied." 
The report also found the Galaxy Tab's security features to be the least work-play ready, with weak disk-encryption support. The Galaxy Tab's lack of tools tailored to enterprise use makes it "very difficult to manage more than a small number of Galaxy Tabs in an enterprise environment," a point Apple also falls short on. The report criticized the Galaxy Tab's encryption as well. Even with encryption enabled, the report found that Samsung's device still "allows badly-written apps to store sensitive information on the unencrypted SD card." The report also praised all three tablets for their support of Exchange ActiveSync, a feature that allows crucial security settings to be managed from a central server running Microsoft software. But the study noted important differences among the devices that may make some tablets more appropriate for dual use in both the home and the office.
"Despite that security advantage, RIM only managed to ship 130,000 tablets last quarter. By contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its 'robust data protection and damage limitation facilities,' but said on its news page that the device was still vulnerable to jailbreak attacks and 'ineffective disk encryption unless a strong passcode policy is applied" -Jonathan added


To Download the full Report Click Here


-Source (Context Information Security & NBC News)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DingleBerry A Tool To Jailbreak BlackBerry Playbook

Posted by Avik Sarkar On 12/04/2011 04:41:00 pm



Three developers have reportedly bypassed Research In Motion's security, gaining root access to the BlackBerry Playbook. The trio -- currently known as xpvqs, neuralic and cmw (Chris Wade) -- demonstrated the feat in a few videos this week. In one of the clips, neuralic fiddles with the backlight and LEDs through a command prompt.

Video Demonstration :-



The hackers will release their discovery next week in the form of a tool amusingly dubbed "DingleBerry," allowing fellow tinkerers to jailbreak their PlayBook. RIM was quick to respond to the claims, vowing to investigate the exploit. "If it is determined that the claim is accurate, RIM will follow its standard response process to develop and release a software update that is designed to minimize adverse impact to our customers or carrier partners," the company said.
The exploit could dent RIM's reputation because the BlackBerry brand prides itself on security. The company has been two steps behind Apple and Google when it comes to consumer smartphones and tablets, so it has attempted to distinguish itself in the enterprise market by harping on BlackBerry's superior security.
For instance, the PlayBook is the only tablet cleared for use by the US federal government after receiving a FIPS certification earlier this year. On the bright side, "DingleBerry" will not affect the company's mobile phones, which run on a different operating system (the PlayBook is powered by a QNX-based OS).



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

iOS 5 beta hacked within 24 hours after release

Posted by Avik Sarkar On 6/08/2011 06:02:00 pm


The next major version of Apple's iOS has been exploited less than a day after its beta release to developers. A member of the iPhone Dev Team--a group of hackers that targets Apple devices and is not to be confused with Apple's group that designs the iOS software--announced through a tweet last night that the developer beta release of iOS 5 was susceptible to limera1n, an exploit that targets a vulnerability in the iOS boot software.
As a result, iPhone Dev Team member "MuscleNerd" said that it was possible to install third-party application installer Cydia, which lets users download applications not offered through Apple's App Store. The device used was a fourth-generation iPod Touch running the beta of iOS 5, software Apple offered up to developers following yesterday's WWDC keynote address and iOS 5 unveiling. For proof, MuscleNerd has posted two photos of the jailbreak, one of which includes the iPod's home screen, which prominently feature the Cydia logo. Another is a screenshot from the third-party SSH iOS application, iSSH, which shows that root level access to the iPod's file system has been obtained. As ReadWriteWeb notes, the jailbreak technique that was used results in a tethered solution, meaning users are required to go through the process each time their phone reboots. The more advanced solution--and what has been offered for previous versions of iOS--is untethered, which sticks around until the next software update from Apple is manually applied. That Apple's brand new iOS build would be jailbroken so soon should not be too surprising. The gold master version of iOS 4, which was the same version of the software to ship on the iPhone 4, as well as to be delivered to customers as an update, was jailbroken a day after its release to developers.
Apple has said it intends to release a final version of iOS 5 to customers this fall. In the meantime, it's offering registered iOS developers a crack at testing out the software and working on making sure apps are compatible with its new features and APIs. When readying iOS 4 for customers, it took Apple four separate beta builds for developers before reaching golden master status and a final release. During that time, numerous changes are made, including bug and security fixes, giving Apple time to fix vulnerabilities ahead of a public release.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Hole in Amazon's Kindle Touch Allowing Attacker to Execute Arbitrary Shell Commands As root

Posted by Avik Sarkar On 7/17/2012 05:08:00 pm

Security Hole in Amazon's Kindle Touch Allowing Attacker to Execute Arbitrary Shell Commands as root
Yet again another major security hole found in Amazon's Kindle Touch which could lead a attacker to run malicious codes and even can get root privilege. This hole has been found into the built in browser of Kindle Touch. The vulnerability is something follows - when a user navigates to a specially crafted web page, the Kindle will execute arbitrary shell commands as root. This allows attackers to access the eBook reader's underlying Linux system at the highest privilege level and potentially steal the access credentials for the Amazon account linked to the Kindle, or purchase books with the Kindle user's account.
Though Amazon have a solid excuse while saying  the Kindle browser has been considered to be in "beta" for more than a year, this status doesn't reduce the risk for inquisitive users as the software is installed on each device by default.  
We would like to give you reminder that, this security issue was publicly documented about three months ago but hasn't attracted much attention – except in the jailbreak community. The issue doesn't appear to affect any other Kindle models. Amazon's security department told heise Security that they are working on a patch. 


-Source (The-H)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

New Exploits For iOS 5 By Chronic Dev Team

Posted by Avik Sarkar On 9/19/2011 05:27:00 pm


Chronic Dev Team Has 5 Userland Exploits For iOS 5. The news is huge for anyone eager to get their hands on an iPhone 5. Userland jailbreaks refer to an exploit found in the software (iOS 5) rather than a hardware exploit. These are easily patched via an iOS update (ie. 5.0.1, etc).
The record breaking 5 (read: five) exploits will work on both the iPhone 5, iPad 2(only 1 currently exists – jailbreakme 3.0) as well as iOS 5. The reason we haven’t seen any of these exploits in action as of right now for iOS 5 beta is because it will give Apple plenty of time to patch the vulnerability before the Master release. But good news for us, as long as Apple doesn’t find any of these, we’ll have that untethered jailbreak sooner rather than later.
The Chronic Dev Team have been quiet lately, not releasing a tool since the greenpois0n release earlier this year that gave iOS 4.2.1 the pwnage of it’s life. Tweets have surfaced claiming they have been actively working on jailbreaking iOS 5 which has proven to be successful with these 5 exploits.
Of course we’ll keep you up to date on any release info as soon as we see something surface. My bets are on that they won’t release any of the exploits until the iPhone 5 is released just to give them the upper hand. If they release something when iOS 5 is release (if it is before the iPhone 5) it will easily be patched for the iPhone 5 debut – Apple will just patch the software and release the iPhone 5 with an updated iOS.5

-News Source (Gadgetsteria)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Sony Hacked Again, 1 Million User Data Compromised

Posted by Avik Sarkar On 6/03/2011 07:35:00 pm


A group of hackers that recently gained notoriety for hacking PBS.org’s home page with an image of NyanCat, announced Thursday that it has stolen data from Sony. It’s yet another in a seemingly endless string of embarrassing security incidents for the company, but what’s shocking is just how exposed the data was to begin with.
In a press release posted to their Web site, LulzSec claims to have broken into SonyPictures.com and “compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts.”
The theft included 75,000 “music codes” and 3.5 million “music coupons,” according to the group. LulzSec has posted segments of data they claim to have taken from Sony’s server to serve as proof of their accomplishment.
There are two astonishing twists to this story - one is that LulzSec was apparently able to access the information fairly easily, using what they describe as “a very simple SQL injection, one of the most primitive and common vulnerabilities.” Secondly, “every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it.”
If true, it’s devastating news for Sony, which is just getting back on its feet after shutting down access to its PlayStation Network and Sony Online Entertainment servers after hackers made off with personal information on more than 100 million user accounts.
The PlayStation Network, which controls PlayStation 3 and PlayStation Portable users’ ability to connect to one another to play online games, was down for more than three weeks through the last half of April and first half of May as Sony struggled to secure the system.
And only in the past 24 hours has Sony brought back its PlayStation Store, which serves as a way for PS3 and PSP users to download games and content for their systems.
Sony hasn’t even yet initiated its “Welcome Back” package for consumers affected by the PSN blackout - a collection of about $100 worth of games and content, as well as access to the company’s premium “PlayStation Plus” service.
SonyPictures.com isn’t directly related to the PlayStation 3 or PlayStation Network - it’s Sony’s consumer-facing Internet site for information on their movies, television and home entertainment offerings on Blu-Ray Disc and other formats. But Sony’s many Web sites and servers have been on the receiving end of security probes and hack attacks for some time, exacerbated by the company’s legal proceedings against George “Geohot” Hotz, a programmer who sought to “jailbreak” or enable the PlayStation 3 console to support Linux operating system software - a feature Sony once supported itself, but later removed in a firmware update. Since the widely-publicized outage of the PlayStation Network, hackers have stepped up their attempts to break into Sony’s systems.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

JailbreakMe 3.0 Exploit for ipad 2 Leaked out

Posted by Avik Sarkar On 7/04/2011 03:56:00 pm


The long-awaited JailbreakMe 3.0 exploit has finally been released but not officially according to a report a beta tester for the software leaked the exploit online the last night. Suffice to say the Dev team nor Comex came forward to validate its authenticity 

According to the News Source:- 
"..Supporting iOS 4.2.1-4.3.3, in short, we don't recommend you to use the exploit, until it has been officially verified. If you want to see it in action however to prove its existence we have got a short in less-than 2 minutes look at JailbreakMe 3.0 right after the break. 

[Update] - Reader Dave (@Dave Flash) notes that the leaked exploit was also available for iPad earlier today, using a different .PDF file from the site mentioned. However, this now appears to have been pulled.
@razorianfly also worked om my 1st gen iPad.
@razorianfly Well, you have to use a different PDF from that site http://rfly.co/m2kz5H
… but it appears to have been pulled.

[update 2] 9to mac that the exploit only appears to work on Wi-Fi Only iPad 2 models, offering up the screen shot below as proof of the jailbreak method.  



[update 3] success stories coming in. @Baisarro notes...
@razorianfly hey Arron! it worked for me with ipad 2 wi-fi iOS, no problems "


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

iPhone hacker Nicholas Allegra AKA Comex Hired By Apple

Posted by Avik Sarkar On 8/29/2011 05:46:00 pm


Apple just hired Nicholas Allegra, the world-famous hacker known as "Comex" who created JailbreakMe.com, the easiest way to "jailbreak" your iPhone.
Allegra posted on Twitter last night that he's starting an internship at Apple in two weeks.

Apple is no stranger to hiring members of the iPhone hacker community, but they seem to have hit the jackpot this time. Allegra is one of the most prolific and well known iPhone hackers.
JailbreakMe.com made the act of jailbreaking, which Apple hates, accessible to anyone who knows how to use the web browser on an iPhone. While Allegra has received mostly encouraging responses on Twitter, it's undoubtedly a huge blow to the iPhone hacking community at large. More than 175,000 people follow his Twitter account, which is more than many A-list celebrities can claim. In related news, in June Apple hired Peter Hajas, an iPhone hacker known for creating an elegant new notifications system for jailbroken iPhone.
If you can't beat em, hire em?

-News Source (Business Insider)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Sony pegs loss of PlayStation Network and Qrirocity service to an ‘external intrusion’

Posted by Avik Sarkar On 4/25/2011 10:42:00 pm

sony-psn-playstation-network
Sony officially confirms that the loss of service on PlayStation Network and Qrirocity is the result of an "external intrusion," though hacker group Anonymous denies any involvement.
Sony has a bit of a problem on its hands. For a few days now, users have experienced a total blackout on the company’s PlayStation Network and Qrirocity online services. The loss of access is largely believed to the work of the hacker group Anonymous, which has pledged to keep the pressure on the Japan-based company in the wake of a very public legal dust-up with PlayStation 3 jailbreak hacker George “GeoHot” Hotz.
Sony’s online gaming and music streaming networks both went down in the middle of last week. The cause hasn’t been specified until today, with a new post on PlayStation Blog which pegs the loss of service to a Sony-initiated shutdown prompted by an “external intrusion.”
Sony senior director of communications and social media Patrick Seybold writes:
“An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share.”
Don’t hold your breath, account holders. This is a significant event, and a pretty widespread one. Sony will certainly fix it as quickly as possible, and no doubt has a full team in the office this weekend to work on just that, but here are two subscription-driven services that had to be taken completely offline. You can almost hear the disgruntled masses gathered and throwing around words like “class action lawsuit.”
Interestingly, Anonymous is taking no credit for the service outage, and actually stepped forward to distance itself from the situation before Sony admitted to an “external intrusion” being the cause. The hacker group’s web-based news & updates outlet AnonNews features a post entitled “For Once We Didn’t Do It,” which pretty much says it all, doesn’t it? Anonymous admits that individual members may be responsible for the action, but the loss of service is not a group-wide initiative.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search