h4x the planet!

If you’ve been living under a rock (or not interested) the latest jailbreak has been released for all devices running all firmwares!

The jailbreak is performed via the browser, no laptop or downloads are required and is as simple as going to a website and selecting unlock, tutorial and more information here:
iClarified Linky

It seems the jailbreak makes use of an exploit in the PDF application to execute the exploit code:
f-secure Article

The more worrying fact is that a malicious user could craft a PDF to pull down malware onto your device and from there they could recover contacts,emails,pictures they could even pull down tcpdump and grab any plain text web traffic etc etc. As the iPhone loads PDFs by default there is absolutely no protection for the user as they visit websites, however if you have jail-broken you iPhone someone has released a patch which prompts the user before loading a PDF:

If you haven’t already jail-broken your device i would strongly recommend you do and install the patch, at least until apple address the issue. There are no reports of the exploit in the wild but it will only be a matter of time! It would be quite interesting to compromise a corporate iPhone to access the internal network/exchange servers…….if it hasn’t already happened!

Nino

I was messing around with the FaceTime app to see how it sets up and disconnects calls. To view the traffic I set the phones proxy to a Paros session, which replaces any SSL certs with its own. On previous versions of the IPhone firmware when it received a self signed/out of date certificate it would present the user with a generic accept decline option and not give a lot of detail.

It seems apple are pulling their finger out and the error is much more verbose allowing the user to see exactly what’s wrong.

I have my iPhone plugged into the A5 using the Audi AMI function but it seems that the between the mighty Apple and Audi none of them thought of normalising the audio tracks.  The result being bleeding ears as the audio levels jump from a low to high track!

No problem to fix tho if your using Linux, literally 5 commands ( 4 if you don’t want to screen it ):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

user@host:~$ apt-cache search mp3 | grep volume
normalize-audio - adjusts the volume of WAV, MP3 and OGG files to a standard volume level
user@host:~$ sudo apt-get install normalize-audio
[sudo] password for user:
Reading package lists... Done
Building dependency tree
Reading state information... Done
....snip....
ldconfig deferred processing now taking place
user@host:~$ normalize-audio --help
Usage: normalize-audio [OPTION]... [FILE]...
Normalize volume of multiple audio files
....snip....
Report bugs to chrisvaill@gmail.com.
user@host:~$ screen -S mp3_normal
user@host:~$ find /media/storage/music/ -iname \*.mp3  -exec  normalize-audio {} \;
Computing levels...
 Chocolate.mp3      99% done, ETA 00:00:00 (batch  99% done, ETA 00:00:00)
Applying adjustment of -4.82dB to /media/storage/music/Snow Patrol/Final Straw/Chocolate.mp3...
find: ânormalize-audioâ terminated by signal 11ch   0% done, ETA 00:00:00)
Computing levels...
 Tiny Little Fract  99% done, ETA 00:00:00 (batch  99% done, ETA 00:00:00)
Applying adjustment of -5.55dB to /media/storage/music/Snow Patrol/Final Straw/Tiny Little Fractures.mp3...
find: ânormalize-audioâ terminated by signal 11ch   0% done, ETA 00:00:00)
Computing levels...
 Gleaming Auction.  61% done, ETA 00:00:02 (batch  61% done, ETA 00:00:02)
[ctrl+a+d]
user@host:~$ echo $profit

Job done!

I can see the advantages to apple’s app store, all the applications are code reviewed (I don’t know how well) to ensure that your iPhone experience is as seamless and smooth as possible. Poorly coded apps are refused until they are brought up to the required standard. Another advantage is the added security of knowing that the apps will not have any malicious code etc…. we would like to think!!

Jailbreaking the device allows you to install 3rd party apps that do not go through the same testing and could have malicious code. This has always been a worry of mine (yes I need to get out more) to the point of turning off the GSM data of the phone forcing it to use wifi and analysing the traffic over a 24 hour period to ensure my email and contacts were not being uploaded to china/russia!!

The iPhone firewall app in the cydia app store hooks into all the apps and when a connection is made the user is prompted to allow or deny the connection like a standard firewall. At the minute it looks like it only blocks GUI apps and any commands executed on the BSD under system are free to do what they want which is a little off putting. Then again I did say that we can’t trust 3rd party apps……. the firewall app is a 3rd party app….. Perhaps it’s time for the tin foil hats?

Nino

I’ve had a few emails about the mplayer control/script and the “stop” button not working as well as a few random issues.

I’ve sorted that issue and added the OSD button to toggle the on screen display as well as repackaged the script with the folder icons.

  Mplayer Control V0.2b (16.3 KiB, 180 hits)

As before enjoy and email me with any issues!