Archive

Archive for the ‘Hacking’ Category

CyanogenMod 7.1 Releases. 24 Phones Added. Includes Xperia.

October 11, 2011 Leave a comment

“All it took was a little love from Sony Ericsson and now CyanogenMod’s latest official release includes support for a happy cohort of 2011 Xperias as well as the X8.

The same goes for Samsung, which doled out a free GSII and some employment and now finds that the Galaxy smartphones are on version 7.1’s list too.

Wondering if your particular Droid, Optimus or Incredible can run the cyan shade of Gingerbread and its attendant perks?”

These are the phones that have been added to the list that can now run CM 7.1:

  • HTC Desire S
  • HTC Incredible S
  • HTC Incredible 2
  • LG Optimus 2X and T-Mobile G2x
  • Motorola Backflip (Motus)
  • Motorola Cliq / Cliq XT
  • Motorola Defy
  • Motorola Droid 2
  • Motorola Droid X
  • Samsung Captivate
  • Samsung Fascinate
  • Samsung Mesmerize
  • Samsung Showcase
  • Samsung Vibrant
  • Samsung Galaxy S
  • Samsung Galaxy S2 (multiple carriers)
  • Sony Ericsson Xperia X8
  • Sony Ericsson Xperia Mini
  • Sony Ericsson Xperia Mini Pro
  • Sony Ericsson Xperia Neo
  • Sony Ericsson Xperia Play
  • Sony Ericsson Xperia Ray
  • Sony Ericsson Xperia Arc
  • ZTE V9

 

The New Theory of Security By Obscurity

October 2, 2011 Leave a comment

“A recent research paper tackles the idea of security by obscurity. The basic idea is that you can improve system security by making it hard to find out how it works…

As a code protection principle, obfuscation has always seemed obvious, but there are two general principles of security that suggests it is probably a waste of time.

  • Kerckhoffs’ Principle that there is no security by obscurity,
  • Fortification Principle that the defender has to defend all attack vectors, whereas the attacker only needs to attack one.

These two principles are more generally applied to systems, and not just software, but it gives us a cause for concern – after all systems are mostly accumulations of software…

The new research suggests that security is a game of incomplete information and you can learn a lot by examining your attacker’s behaviors and algorithms – his “type” and that obscuring your game really does bring an advantage and improves your odds of winning. In short, obfuscation is a good general principle – i.e. make it hard for your attacker to find out how best to attack you.

The paper, which is well worth reading for its presentation of the general security problem, presents a “toy” security game of incomplete information where the best strategy is to try to characterize the attacker’s type while giving away as little as possible about the defender’s type. The idea of logical complexity is also used to characterize the amount and nature of the obscurity involved.”

Samsung Epic 4G Touch Already Rooted!

September 21, 2011 Leave a comment

“Since you can’t upgrade the GPU or add more RAM to your smartphone, there’s really only one way to improve upon an already impressive handset like the Epic 4G Touch — root it.

It hasn’t been on the market for very long, but the crafty hackers over at XDA forums have already figured out how to open up the phone to your every whim.

The crack is “experimental” at this point, so proceed with caution.

You’ll also need to have both Kies and Odin 3 up and running, which makes this a Windows-only treatment at the moment.”

Convert Your Jailbroken iPhone to a Mac OS X Desktop

September 20, 2011 Leave a comment

“If you’ve ever wished iOS was a little more like OS X, your wish has come true. Ultimatum is a new beta iOS mod for jailbreakers that attempts to bring the Mac desktop experience to your mobile.

Ultimatum isn’t just a fancy, Lion-like theme. Because it actually seeks to replicate much of OS X user interface, you get a bunch of features along with the look.

Among them are fully usable Finder menus, stacks, launchpad, a scrollable dock, draggable windows, mission control, dashboard, and a customizable lock screen.

While we haven’t had a chance to test it out yet, we’re pretty psyched about the possibilities.

Currently you need to make a donation of $3.50 to the developer if you want beta access, but eventually it will be available to everyone once the kinks have been worked out.”

The BEAST Breaks SSL Encryption

September 20, 2011 Leave a comment

“Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser.

The vulnerability resides in versions 1.0 and earlier of TLS, or transport layer security, the successor to the secure sockets layer technology that serves as the internet’s foundation of trust.

Although versions 1.1 and 1.2 of TLS aren’t susceptible, they remain almost entirely unsupported in browsers and websites alike, making encrypted transactions on PayPal, GMail, and just about every other website vulnerable to eavesdropping by hackers who are able to control the connection between the end user and the website he’s visiting.

At the Ekoparty security conference in Buenos Aires later this week, researchers Thai Duong and Juliano Rizzo plan to demonstrate proof-of-concept code called BEAST, which is short for Browser Exploit Against SSL/TLS.

The stealthy piece of JavaScript works with a network sniffer to decrypt encrypted cookies a targeted website uses to grant access to restricted user accounts. The exploit works even against sites that use HSTS, or HTTP Strict Transport Security, which prevents certain pages from loading unless they’re protected by SSL.”

Teagueduino: Arduino For Dummies

September 11, 2011 Leave a comment

“Teagueduino is an open source electronic board and interface that allows you to realize creative ideas without soldering or knowing how to code, while teaching you the ropes of programming and embedded development (like arduino).

Teagueduino is designed to help you discover your inner techno-geek and embrace the awesomeness of making things in realtime — even if you’ve only ever programmed your VCR…

Just plug in a sensor to one of the input ports (for example, a knob), hook up an output device (a speaker, perhaps?), and use the awesomely simple Teagueduino user interface to make it work (a single line of code can map the knob’s rotation to a musical tone on the speaker)!

And since everything changes in realtime, there’s no waiting for things to compile or the device to reset.”

How To Jailbreak iOS 4.3.5 , 4.2.10 and iOS 5 Beta 6

September 1, 2011 Leave a comment

“Few Minutes ago the iPhone Dev-team has just released Redsn0w 0.9.8b7 for Windows and Mac to jailbreak iOS 5 beta 6 , iOS 4.3.5 and 4.2.10 to fix some issues.

Unfortunately this jailbreak is tethered which mean that it will require you to connect the phone to a computer running Redsn0w whenever you power up the phone and  in this post a guide to how to jailbreak iOS 5 beta 6 ,iOS 4.3.5 and 4.2.10 .”