Search n00bz.net

Entries in Iphone (9)

Monday
Aug022010

Jailbreak iPhone over web

Thanks to the EFF jail breaking your iPhone is legal. Head over to http://jailbreakme.com.

Thursday
Jul082010

Flash on the iPad

I have an iPad and don't see the need of Flash on it.  However, I have also hacked/moded so many things just because I could so having a need isn't really a requirement.

http://www.engadget.com/2010/07/07/how-to-install-flash-on-your-jailbroken-ipad-for-real/

Wednesday
Jul072010

iPhone FaceTime and Firewalls

As some may have discovered, showing off FaceTime on your new iPhone while on your corporate network resulted in the demo fail! 

Apple has posted on their support site that to use FaceTime on a restricted Wi-Fi network, port forwarding must be enabled for ports 53, 80, 443, 4080, 5223, and 16393-16472 (UDP).

http://support.apple.com/kb/HT4245

Packetstan has done some analysis of the FaceTime protocol using WireShark.

http://www.packetstan.com/2010/07/special-look-face-time-part-1.html

Tuesday
Jun152010

iPhone 4 Order Security Breach (Again AT&T?)

From Gizmodo

 

Apple's iPhone 4 pre-ordering has been a total disaster, but it gets much worse: An AT&T insider claims that this iPhonecalypse may be related to "a major fraud update that went wrong." The bug is exposing AT&T users' private information.

So far there have been at least three accounted cases of mistaken identities sent by Gizmodo.com readers. This is how it happens: A customer tries to log into their AT&T account to order a new iPhone 4 upgrade. Despite entering their username and password, the AT&T system would take them to another user account. This gives access to all kinds of private information about the mistaken customer: Addresses, phone calls, and bills, along with the rest of private information, becomes exposed to random strangers.

The latest case comes from reader John King:

From: john king
Date: Tue, Jun 15, 2010 at 2:04 PM
Subject: ATT WEBSITE LOGS ME IN AS ANOTHER CUSTOMER
To: tips@gizmodo.com

I LOGGED IN AS ME AND IT BROUGHT UP A MARY ???? BIG PROBLEM
-JPK

iPhone 4 Order Security Breach Exposes Private Information

But according to an AT&T insider, there could be a lot more happening which are not being reported. These login problems, according to the source, are probably linked to an AT server software update that went wrong this weekend [Emphasis added]:

I work at a 3rd party order processing facility—what AT&T refers to as a 3CC. We process business-to-business, business-to-customer Wireline Indirect, and ACME/PAC (what AT&T calls their iPhone program internally). Agents use AT&T programs called Phoenix, Telegence, Compass, Ordertrack and myCSP to process orders.

Over the weekend there was a major fraud update that went down on all of AT&T's systems, from Saturday overnight to Sunday early morning. All systems were down and agents were unable to use any systems.

The issues people are seeing at AT&T stores and online are most likely related to this update that went wrong.

I do know that there was absolutely NO TESTING of this system done before the launch of the new iPhone. I know it's just heresay at this point, but I can confirm that there was a major outage over the weekend that impacted all ordering systems and programs, and I can confirm that there were multiple systems being upgraded/updated, with some updates being related to fraud.

At this point, I can say that the system that AT&T uses to send automated orders to be processed is as of this very moment down completely. Our facility is unable to process any orders by phone or by automation.

[Regarding the identity problem] Whenever we see people who are logging in and seeing other customer's account info, it is an issue with the databases that contain customer information. Orders that contain any information like this can cross customer information, and cause a customer be able to see other accounts by logging out and logging back in. This means that when they log in a few times, it gives them different customer account info every time. It's a rare occurrence, but it has happened in the past.

You might want to advise people to not get the upgrade at this point as it may be a doorway to a major privacy breach.

 

Unfortunately it appears that even if you don't upgrade your private information could be exposed as other people try to upgrade, allowing accidental access to your account. After we reported on the initial security breaches this morning, AT&T took down their account online system completely.

At this time (3:34PM EDT), the account system is back online, but the iPhone 4 eligibility page is still down.

AT&T and Apple have not issued any statement about this security problem or the nationwide pre-order disaster.

Friday
Apr092010

IPhone 4.0 = Jailbreak

Is it just me or does it seam that IPhone 4.0 is just all the features of Jailbreaking your phone? If you don't want to wait for 4.0, get blackra1n or Pineapple Pwnage.