PainMeds - Slashdot User

Submission + - Waterboard: An Open Source iOS Forensic Acquisition Tool (zdziarski.com)

Submitted by PainMeds on Wednesday June 12, 2013 @11:47AM

PainMeds writes: Waterboard is an open source iOS forensic imaging tool, capable of performing an advanced logical acquisition of iOS devices by utilizing extended services and back doors in Apple’s built-in lockdown services. These service can bypass Apple’s mobile backup encryption and other encryption to deliver a clear text copy of much of the file system to any machine that can or has previously paired with the device. Acquisition can be performed via usb, or across any wireless network where the device can be reached. Additionally, if you’re a federal law enforcement agency, you may also have the technical ability
to skirt around a mobile carrier’s firewall, and acquire your target over cellular, possibly without their knowledge. (NOTE: device pairing must still first be performed via usb, so there is not a widespread security risk, however could be used for ill through malicious juice jacking and such).

Submission + - OnStar Begins Spying on Customers' GPS For Profit (zdziarski.com)

Submitted by PainMeds on Tuesday September 20, 2011 @11:32AM

PainMeds writes: This article by author Jonathan Zdziarski reveals that OnStar has recently updated their terms and conditions to allow the company to sell customer GPS coordinates (the whereabouts of your vehicle), vehicle speed, and other information to third party marketers and analytics companies, where it could be used for a number of nefarious purposes.

Submission + - Microsoft Sync Will Kill You (zdziarski.com)

Submitted by PainMeds on Tuesday March 23, 2010 @11:24AM

PainMeds writes: Author Jonathan Zdziarski posted an article about his experience with Microsoft Sync, and a recording demonstrating what appears to be a grueling process to set a simple destination using a vehicle Navigation system. From the article, "I was forced to take my eyes off the road several times to read numerous lists of possible voice matches for city, street name, and more. Every time you hear, “Please say a line number” in the recording, I’m actually reading through a list instead of watching where I’m driving." Zdziarski then compares this experience with that of a Motorola Droid. You can hear the difference for yourself.

Submission + - Rejected by Apple, iPhone Developers Go Undergroun

Submitted by PainMeds on Thursday August 06, 2009 @02:44PM

PainMeds writes: Apple's stepped up rejections are helping to foster competition in the app store marketplace. According to an article by Wired, developers aren't taking AppStore rejection lying down, but are turning to the hacking community's repository system for the iPhone to launch an app store of their own. The Cydia store is yielding notably higher sales for some application developers than Apple's AppStore, and is reportedly running on over 4 million Apple iPhone devices. In this store, developers are distributing applications they've written that push the limits of Apple's normal AppStore policies, with software to add file downloads to Safari, trick applications into thinking they're on WiFi (for VoIP), and enhance other types functionality. You'll also find the popular Google Voice application, which was recently rejected by Apple. Third party application development has been around since 2007, when the iPhone was originally introduced, and became so popular that a book was published by O'Reilly Media specifically geared toward writing applications before an SDK was available. The Cydia store acts as both a free package repository and commercial store front to third party developers.

Submission + - UK national ID card cloned in 12 minutes (computerweekly.com) 1

Submitted by

Death Metal

on Thursday August 06, 2009 @01:04PM

Death Metal writes: "The prospective national ID card was broken and cloned in 12 minutes, the Daily Mail revealed this morning.

The newspaper hired computer expert Adam Laurie to test the security that protects the information embedded in the chip on the card.

Using a Nokia mobile phone and a laptop computer, Laurie was able to copy the data on a card that is being issued to foreign nationals in minutes."

Submission + - Latest iPhone Beta Adds Butt Scanning Security 1

Submitted by PainMeds on Wednesday April 01, 2009 @12:09PM

PainMeds writes: According to data forensics expert Jonathan Zdziarski, the latest beta of iPhoneOS 3.0 includes a new security mechanism. Building on top of Apple's "swipe to unlock" feature, the new beta includes a toplogical scanning mechanism using the proximity sensor's firmware to perform geometric scans of the owner's buttocks. From the article, "The early betas don't require the device to actually need to come into contact with the owner's buttocks to be unlocked; this would become problematic in everyday public. Instead, the owner will only need to use their actual buttocks during the initial training phase." Butt scanning is not a new technology, per se, and it has been widely speculated among the technology world that one day it would become the norm in security. The author has posted alleged patent photos of the new technology.

Submission + - iPhone App Helps Find Missing Kids

Submitted by PainMeds on Tuesday March 10, 2009 @04:19PM

PainMeds writes: Want to put that iPhone to better use than scheduling farts and lighting up your room in the dark? The National Center for Missing and Exploited Children has released AMBER Alert for iPhone. Available as a free download, this application not only provides data to the user, but "has the potential to revolutionize how missing children sightings are reported. The iPhone's GPS is used to include your current GPS position with your sighting report, allowing NCMEC to directly interface your report with geographical information systems (GIS). This can be used to build an accurate collaborative picture of sightings and, based on various patterns in locations, quickly notify law enforcement personnel. You'll also be able to include your iPhone's phone number in the information you send to the National Center so they can call you to follow up." This comes after nearly a month of waiting by the application's author, and an Open Letter to Apple, Inc. over the matter. Within a 48 hours of many news articles, the application was suddenly approved by Apple. Definitely worth having around on your phone in the event of an alert in your area.

Submission + - Is Apple Abandoning the Consumer?

Submitted by PainMeds on Thursday February 26, 2009 @05:12PM

PainMeds writes: Author and longtime iPhone hacker Jon Zdziarski has written an article predicting that Apple will soon abandon the consumer. He cites the recent loss of AppStore developers for more open platforms, such as Android, and Apple's abandonment of Macworld as the beginnings of a cycle that will eventually end in a "big box" retail strategy for Apple. From the article, "I predict that Apple is headed in the direction of distancing themselves from both consumers and developers in exchange for the benefits that come from the volume sales generated by cheap equipment sold into cookie-cutter markets.". Towards the end of the article, Zdziarski suggests that Apple has lost its sense of innovation and has stagnated, re-selling the same products in different cases. His final prediction suggests that competitors will eventually overtake the company's mobile dominance and that Apple might lose the edge that make their hardware more "appealing" to the consumer.

Submission + - How AppStore Authors Are Faking Reviews

Submitted by PainMeds on Thursday February 05, 2009 @08:51AM

PainMeds writes: iPhone hacker and author Jonathan Zdziarski brings us a blog entry explaining how AppStore authors are using promo codes to fake as many as 50 iTunes reviews per release. From the article, "Isn't it strange how dozens of customers can report serious bugs in an application, only to be met with a sudden burst of reviews praising a product's eternal greatness? ... A small loophole allows [reviews] to be exploited as people who have downloaded software with a promo code can also leave a review. All the author needs to do is sign up 50 new iTunes accounts, and boom..." With recent articles showing the music industry's dependence on iTunes' popularity ratings, how much of an affect will fake reviews have on AppStore software? Zdziarski is asking for Apple to limit reviews only to people who have paid for an application.

Submission + - Is Apple Abandoning Their Consumer/Developer Base?

Submitted by PainMeds on Monday January 05, 2009 @06:43PM

PainMeds writes: After struggling for months to get an application approved in the AppStore, I was referred to this brief essay by long time iPhone hacker Jonathan Zdziarski. It seems that, even after several books on the iPhone, even he is suspicious of Apple's motives and makes the bold prediction that Apple is moving in the direction of distancing themselves from their consumer and developer bases. The article hit on all cylinders in describing the frustration I (and likely other) developers are going through with the AppStore, and gives a brief parallel of what's in store. From the Article, " In spite of Jobs' recent claims that Macworld was all about his health, Apple's initial reasons for withdrawing from Macworld spoke volumes as to their attitude toward the many avid Apple fans who are also the foundation of their consumer market. Apple appears to be headed in the direction of selling out this following, or is at least tired of entertaining them, and might be going after the larger audience that Apple fans (and deep down, likely much of Apple) always thought were mindless consumer cattle." Definitely worth a read, and it may help explain what's been going on lately.

Comment Re:Bad US Army Intel. (Score 1) 320

by PainMeds on Sunday October 26, 2008 @03:30PM (#25519581) Attached to: US Army Sees Twitter As Possible Terrorist "Operation Tool"

The reasoning behind this is that otherwise semi-private communication, such as email and encryption, reveals the existence of a conversation, and hence a relationship. The idea of using a social networking tool like Twitter is to hide both the conversation as well as proof of the relationship. Using something like lexical steganography, two malicious parties can communicate with each other in plain sight, without any connection linking them together. This is paramount when you're talking about building isolated terrorist cells; if one cell goes down, the bad guys don't want the government being able to connect it to other cells. Something like Twitter, which is mostly anonymous, is ideal for this kind of operation.

Submission + - A Star That Bursts, Blinks and Disappears (spacefellowship.com)

Submitted by

Matt_dk

on Wednesday October 01, 2008 @06:55AM

Matt_dk writes: "Astronomers are reporting on a strange case where one of the littlest of stars "twinkled" with gamma rays, X-rays, and light — and then vanished.

The story began on June 6, 2007. That's when a spike of gamma-rays lasting less than five seconds washed over NASA's Swift satellite. But this high-energy flash wasn't a gamma-ray burst — the birth cry of a black hole far across the universe. It was something much closer to home."

Submission + - AmigaOS 4.1 reviewed and Ready to ship (hyperion-entertainment.biz)

Submitted by

*no comment*

on Tuesday September 30, 2008 @12:26PM

*no comment* writes: "Hyperion Entertainment and PowerPC motherboard makers Acube have announced that you will soon be able to run the AmigaOS 4.1 on the sam440 line of PPC motherboards through an OEM deal that was reached. Acube says in their press release that users wishing to beta test the 4.1 release will be provided with the full version. Amiga OS 4.1 was recently reviewed over at Are Technica."

Submission + - SPAM: Software improves airdrops by 70%

Submitted by

coondoggie

on Tuesday September 30, 2008 @11:55AM

coondoggie writes: "When it comes to airdropping tons of water on a huge forest fire or loads of food to flood survivors, dropping things from an airplane to a precise spot on the ground in the face of wind and nasty weather can be a black art. National Oceanic and Atmospheric Administration (NOAA) scientists have developed wind-forecast software that promise to improve aircraft airdrop target accuracy up to 70%. The US Air Force is already using they system for dropping Army cargo and paratroopers into Iraq and Afghanistan, but the package can be used for releasing almost any cargo from an airplane into a target area: water over a blazing wildfire, food to a famine-stricken population, or supplies, tanks, and Humvees into a war zone, NOAA said. [spam URL stripped]"
Link to Original Source

Submission + - App Store Bans iPhone App. Developer Goes Beta (computerworld.com)

Submitted by

CWmike

on Friday September 19, 2008 @04:27PM

CWmike writes: "A week after Apple Inc. rejected his iPhone application and barred it from selling on the App Store, developer Alex Sokirynsky has turned to a little-known, but still Apple Inc.-approved, distribution channel — its beta test mechanism — to sell his Podcaster app. He was miffed: "I was very surprised," Sokirynsky said. He cited several examples of similar overlap — calculator applications, for example, as well as other music-playing applications — where Apple has allowed third-party developers to sell their wares on the App Store. But not as much as other iPhone developers. One said he was through with Apple. "You have to wonder if Apple wants the App Store to be a museum of poorly designed nibware written by dilettante Mac OS X/iPhone OS switcher-developers and hobbyist students," Fraser Speirs said. "That's what will happen if companies who intend to invest serious resources in bringing an original idea to the App Store are denied a reasonable level of confidence in their expectation of profit.""

Slashdot Top Deals