Skip to main content

hack

See All Stories

Apple updates Safari web plugin blocker to disable new Java vulnerability

Site default logo image

Apple has informed AppleCare representatives and Apple Retail that it has updated the Safari web browser’s built-in plugin blocker to disable older versions of Oracle’s Java 6 and 7 software.

In recent days, a new Java vulnerability was discovered. The latest issue is described on the National Vulnerability Database:


Expand
Expanding
Close

Site default logo image

Apple broke PlexConnect Apple TV hack with this morning’s update

UPDATE: Workaround now available to restore access

Thanks to an easy DNS hack called PlexConnect, non-jailbroken Apple TV users have been able to unofficially run the popular media server Plex on the second and third gen Apple TV since we first told you about it back in June. The hack, which required users to run an app on their Mac or PC that masquerades as the Trailers app, appears to be blocked in the latest Apple TV update pushed out this morning.

Earlier today Apple rolled out an update to the Apple TV that introduced new apps for Vevo, The Weather Channel, Smithsonian, Disney Channel, and Disney XD. The update didn’t require users to initiate a firmware update, so many users are reporting waking up to the PlexConnect app no longer working through the Trailers hack. A growing number of users on the Plex forums confirmed that PlexConnect is unable to connect following this morning’s update.

It’s unclear if Apple is intentionally blocking the popular Plex hack or whether its possibly a result of tweaks to the Trailers app delivered with the update. Plex isn’t the only app that takes advantage of the hack. We reported earlier this year that a Russian subscription TV service was using a similar method.

Two minute SIM card hack could leave 25 percent of phones vulnerable to spying

Site default logo image

Image: joyenjoys.com

A two minute SIM card hack could allow an intruder to listen to your phone calls, send text messages from your phone number and make mobile payments from your account. The vulnerability, discovered by a German security researcher, is present in an estimated 750 million SIM cards – around one in four of all SIM cards.

Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it … 
Expand
Expanding
Close

Site default logo image

Tweak enables free iOS hotspot tethering on T-Mobile without jailbreak

A new tweak available without a jailbreak claims to enable free hotspot tethering on devices running iOS 6 and 7 for at least T-Mobile in the US. It comes to us from iTweakiOS, the same people providing hacked carrier profiles enabling features such as wideband audio and faster data speeds for various US carriers. In theory the hack could work for other GSM carriers, but there is still some work to be done to get it up and running on AT&T. On it’s website the guys explained exactly how the tweak works:

Many of you may remember a story I put out awhile back talking about how CommCenter blocks edited carrier.plist files and I may have found a work aroun to get things like personal hotspot enabled. Well, I’ve found the solution, but first, let’s talk about why CommCenter blocks plist editing. This happens because of the very thing we’re doing right now, which i suspect will likely be patched quickly by iOS 7 GM release time. People were enabling tethering by modifying the original carrier.plist files and this stopped entirely when Apple implemented signatures into the carrier.plist files and creating what we all know as CommCenter which is the process that checks these signatures. So, the challenge was finding a way to enable hotspot without CommCenter checks and verifications. After months of research and digging, I’ve finally found a genuine workaround to enable this great feature and its quite simple, really.

Step-by-step instructions are available through the iTweakiOS website now, but the process is a little more in-depth than some of the other hacks released through the website in the past. The post warns that the tweak has only been tested on T-Mobile and that AT&T users “will need to tinker around and test a bit to get it operational.” If you’re up for a bit of .plist editing and likely some trial and error if you’re on AT&T, you can find the full instructions here.

Hack brings Russian subscription TV service ‘UnliMovie.tv’ to Apple TV, no jailbreak required

Site default logo image

Russian blog iGuides.ru points us to a new hack for Apple TV users that brings Russian subscription TV & movie service Unlimovie.tv to the device with no jailbreak required. The service, which is currently in beta, requires users to manually change the DNS on their device (easily accessible from within Settings) in order to access its digital TV service directly through Apple’s own Trailers app.

It isn’t the first hack of its kind: Just a couple weeks back, one of our favorite media servers, Plex, arrived on Apple TV without a jailbreak through what appeared to be a similar hack of the stock Trailers app.

The Unlimovie.tv service is currently in beta, allowing users to access a number of Russian digital TV channels for free, but the creators plan to officially launch the service in September through its paid subscriptions. That is, of course, if Apple doesn’t put an end to it in the meantime.
Expand
Expanding
Close

Site default logo image

Here’s how to enable Chat Heads and Stickers in the new Facebook app right now

When Facebook released their brand-new iOS application today, some were disappointed to find that the highlight features of Chat Heads (from Facebook Home) and Stickers were not present. Facebook says that the two features, like many other of Facebook’s recently released products, will be released via a staggered rollout.

For those who truly want to enable Chat Heads and Stickers before Facebook wants it on your iOS device, iMore‘s Nick Arnott has put together a thorough tutorial on how to enable the features. Follow the steps, grab an app called PhoneView (no jailbreak required), and a Plist editor (like the one included in Xcode), and you should be good to go. We’ve tested the Chat Heads trick, and it works well.


Expand
Expanding
Close

Site default logo image

Russian hacker is doing Mac apps too

After Apple rolled out temporary fixes, and promised a permanent fix for the in-app purchase hack in iOS 6 earlier today, it looks like the same Russian hacker now offers a similar hack for in-app purchases in the Mac App Store. The Next Web has the full story

Developer gets iOS 6 Maps with Flyovers and turn-by-turn running on iPhone 4

Site default logo image

[youtube=http://www.youtube.com/watch?v=XArIjKcSMZg&feature=player_embedded]

With the introduction of iOS 6 this fall, many iOS users will be left out on some of the new operating system’s flagship features. We already covered Apple’s official list of compatibility for iOS 6 features, and by far one of the most disappointing for iPhone 4 users was the news that they would not have access to the Flyover and turn-by-turn navigation features in Apple’s new in-house Maps app. Today, we have news from Russian website iGuides (via SlashGear) that iOS developer Anton Titkov found a way to get Apple’s new 3D maps up and running on the iPhone 4:

After yesterday’s release of jailbreak iOS 6 developer, well known to all users iGuides Anton Titkov (iTony) decided to dig a little bit in the new firmware, and became the first man in the world, who managed to get working 3D card on the iPhone 4. New tweak from Anton Titkova called 3DEnabler , and at the moment we can confidently say that it adds support for 3D cards on the “old” devices, but it is possible that the “unavailable” Turn-by-turn navigation will be defeated by our talented developer.

iGuides offers instructions for the hack on its website, while another video of 3DEnabler running on iPhone 4 is below:

Expand
Expanding
Close

Developer hacks his Samsung Series 7 to run OS X Lion

Site default logo image

[youtube=http://www.youtube.com/watch?v=YdDrAWxkscM&feature=player_embedded]

Samsung’s Series 7, originally intended for Windows 7, has been hacked to run a Hackintosh version of OS X Lion, a user on the tonymacx86 forums highlighted today. Awkward, considering the whole Samsung vs Apple fight. As you can see in the video above, the version of Lion runs relatively smoothly, but the big issue is an external monitor is needed to display the video. The user highlights the tools needed:

8GB USB KEY, mini-HDMI to HDMI cable/adapter, USB Keyboard and mouse. After you make a UniBeast USB key you have some space still left on it so I made a folder and downloaded MultiBeast 4.1.0: Lion Edition.

If you’ve got a Series 7 laying around and are tired of the bleh Windows, you should definitely try this hack out (if you’ve got the technical know-how). With specs close to the MacBook Air — an 11.6-inch display, 64GB SSD, and i5 processor — this device seems pretty perfect to run full on OS X in a mobile setting. It also gives you a little more horsepower than an iPad 2, though that’s like comparing Apples and Oranges.

For all of the technical details, hit up the tonymacx86 forums. We’ve already shared our thoughts on the Hackintosh community, and we’re certainly proponents of what they’re doing. We’re going to keep an eye out as this project gets more bug fixes, specifically the screen issue. Luckily, the developer says he is committed to working on this project.

New iOS security exploit lets apps read users’ information by executing unsigned code

Site default logo image

[youtube=”http://www.youtube.com/watch?v=ynTtuwQYNmk&feature=player_embedded”]

Security expert Charlie Miller has found a flaw in code signing on iOS devices (via Forbes) that allows developers to sneak malware apps onto the App Store without Apple’s detection. The malware can then be used to read user’s contacts, make the phone vibrate or sound a ringtone, steal user’s photos, and more whenever the developer chooses. Sketchy!

To shed more light on the exploit Miller is giving a talk at the SysCan conference in Taiwan next week, but he does a good job in showing it off in the video above. Miller isn’t a novice to iOS and Mac security by any means. In 2008 Miller broke into the MacBook Air in two minutes through Safari and more.

Users would definitely be taken by surprise, seeing as we’re all pretty comfortable with how secure Apple keeps the App Store with the company’s review process. Sadly, it looks like any app could be used to harm users. For now, we suggest you keep away from lesser-known apps and developers until Apple issues a fix for the exploit.

Miller’s app has been both removed from the App Store and his developer account has been closed. At any rate, this was definitely a nice find.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications