A Russian hacker has uncovered a serious breach in Apple's iOS App Store in-app purchase model that allows anyone to get access to pretty much any in-app purchase content completely for free. Surprisingly easy to set up, the model just requires the installation of two security certificates, followed by you entering a different DNS server in your Settings app on your iPhone, iPad, or iPod touch. That's it.
In this episode we give you a look at a bunch of cool Siri hacks you can perform on your iPhone 4S. All you need to do is jailbreak the smartphone using the latest version of greenpois0n, Absinthe A5, and then search for and apply the hacks. A hacked Siri can perform a bunch of new tasks and functions that were previously unavailable. Things like language translation, launching any app you have installed on your iPhone 4S, engaging in a conversation with you, and even search and display YouTube results! We give you a full demo in this episode. Oh, and don't forget, you can also install Siri on non-iPhone 4S iOS devices!
Big thank you to GoToMeeting and JackThreads for sponsoring the show - be sure to check them out! GoToMeeting provides rich, super-simple collaborative virtual meetings. As for JackThreads, we've got exclusive invite codes that give you $5 to use towards anything you'd like on the site.
According to McAffee CTO George Kurtz the cyber-attacks that occurred in January targed a small number of employees who controlled source code management systems. These source code management systems handle the myriad changes that developers make as they write software, the breach of which can have a cascade effect across multiple levels of Google and as many as 30 other business targeted in the January attacks. Aside from being awesome and using ‘cyber-attack’ in a sentence, I also have some valuable source-code for sale at rock-bottom prices; check out my store at ‘CyberNinjaAssassinCassanova138’ on eBay.
Read More | ComputerUser
Kent Sutherland, developer and brainchild behind the fine iChat add-on Chax just released his newest OS X powertoy: Warp. Warp enhances Leopard‘s Spaces (a virtual screen technology) by letting you glide between spaces with the flick of your mouse. Warp creates hot zones on the sides of your screen so sliding your mouse to the left of the screen switches to the space that is to the left of your current screen. Featuring options to enable the switch only with a hotkey if you want to avoid accidental activation, as well as options to automatically warp your mouse over to the other side of the screen (leaving it where it would naturally be if you had two real monitors rather than two virtual ones) Warp is already a polished software even now with it’s initial 1.0 release.
Warp is free, but donations are requested and well deserved.
Read More | Ksuther.com
Apple announced today that starting in February they will be offering an SDK to allow developers to create applications for the iPhone and the iPod touch. The announcement comments that Apple is being conscious of the need to protect the iPhone from viruses as well as to keep the platform stable, however opening up the multi-touch platform to developers will result in a new wave of revolutionary mobile applications. Although many in the hacking community have grumbled about the recent lockouts with the 1.1.1 version of the iPhone/iPod touch software this should appease them, as well as provide richly documented API’s to allow for easier development that will hopefully utilize the full potential of the platform. Why do we need to wait until February?
It will take until February to release an SDK because we’re trying to do two diametrically opposed things at once—provide an advanced and open platform to developers while at the same time protect iPhone users from viruses, malware, privacy attacks, etc. This is no easy task.
It would have been nice to have the SDK available from launch, but better late than never. Expect to see a flood of highly polished and engaging applications appearing on an iPhone near you sometime early next year.
Read More | Apple Hot News
Reports in Taiwan indicate that Nintendo may be altering the circuit board layout of the Wii to make mod chips more difficult to install. According to Digitimes, however, new modchips to deal with the changed layout may be less than a month away. While these changes probably won’t be difficult to work around, other mod chip installers believe that there are more complex methods available to Nintendo to block modifications for a longer period of time.
Read More | Digitimes
The following is a ReviewMe Sponsored Post:
I am sure many of us have experienced the horror (or heartache, if you want to look at it that way) of a dropped, smashed, or otherwise broken gadget. The folks at iFixit aim to soften the blow somewhat, at least if your destroyed gadget is an iPod or Mac computer. They sell just about every part imaginable for almost all iPods that have ever been released, from the 1st generation model all the way up to the newest iPod 5th generation. In fact, the only iPod parts they don’t sell are for the second generation iPod shuffle. We expect that will change soon enough.
The Bugtraq mailing list recently published the details of an unsigned code execution security hole on the Xbox 360. The timeline of the security hole would seem to make this vulnerability the same one demonstrated at last year’s 23C3 Hacker Congress, as seen in this excerpt:
Oct 31, 2006 - release of 4532 kernel, which is the first version
containing the bug
Nov 16, 2006 - proof of concept completed; unsigned code running in
Nov 30, 2006 - release of 4548 kernel, bug still not fixed
Dec 15, 2006 - first attempt to contact vendor to report bug
Dec 30, 2006 - public demonstration
Jan 03, 2007 - vendor contact established, full details disclosed
Jan 09, 2007 - vendor releases patch
Feb 28, 2007 - full public release
The public demonstration date is key; that would be the same date of the anonymous Xbox 360 hacker video release. Further, the overview of the vulnerability claims:
We have discovered a vulnerability in the Xbox 360 hypervisor that allows
privilege escalation into hypervisor mode. Together with a method to
inject data into non-privileged memory areas, this vulnerability allows
an attacker with physical access to an Xbox 360 to run arbitrary code
such as alternative operating systems with full privileges and full
According to the release, Microsoft has patched the vulnerability as of January 9th, but then Sony thought they had patched the Grand Theft Auto: Liberty City Stories security hole as well. The existence of such a vulnerability indicates that the security of the Xbox 360 isn’t as bulletproof as Microsoft intended, and it would seem a mere matter of time before another exploitable hole is found to enable homebrew development on the system.
One of the mods for the Gamecube has resurfaced for the Wii. Gamers were originally able to internalize the receiver for the Wavebird controller on their Gamecubes to get the dongle out of site. With the sleek lines of the Wii, the wireless receiver can be even more of an eyesore. Now, the classic mod has been updated to work with the Wii, thanks to foobar2k at the MaxConsole forums. The mod does require the disassembly of the Wavebird receiver and some soldering, and of course will void your Wii warrantee; in fact, foobar2k managed to break the DVD drive cable on the Wii while trying this mod. Still, those with a little soldering skill and a lot of caution can internalize the wireless receiver while keeping the ability to use the first wired port as well.
Read More | MaxConsole Forums
A couple of modchips for the Nintendo Wii have surfaced on the web lately; the first would be the Wiinja chip, a bare chip mod. The second is a little more interesting, promising more in its featureset. Maxconsole reports that the CycloWiz mod solution for the Wii may be arriving as early as this week. The developers at Teamcyclops promise support for Wii backups, Gamecube Backups, and Gamecube homebrew games in an easy to install quicksolder package. The chip itself doesn’t seem to have a method to update it, and it doesn’t currently support Wii import gaming. Overall, though, the chip is an interesting start if hack does what it promises.
Read More | Maxconsole