comex-iphone-hacker

iPhone hacker loses Apple internship because he forgot to reply to an email

By on October 19, 2012 at 6:28 PM.

iPhone hacker loses Apple internship because he forgot to reply to an email

Former iPhone hacker extraordinaire Nicholas Allegra, better known as “Comex,” is no longer an Apple (AAPL) intern. After leaving the jailbreak scene a year ago to pursue an internship at Apple, Allegra tweeted on Thursday: “As of last week, after about a year, I’m no longer associated with Apple.” Allegra told Forbes his internship with Apple was terminated because he forgot to reply to a company email that requested his continued employment. Having not received an email response from Allegra, Apple proceeded to end their relationship. Allegra says he was “unable to fix it” and that “it wasn’t a bad ending.” Does this mean Allegra is back to his old jailbreaking ways? Not exactly. The 20-year-old hacker says he will continue his studies at Brown University for the time being.

More →

No Comments

Hurt Locker producers file suit against 2,514 BitTorrent users

By on April 23, 2012 at 2:35 PM.

Hurt Locker producers file suit against 2,514 BitTorrent users

Voltage Pictures, the production studio behind the Oscar-winning film The Hurt Locker, has filed a new lawsuit in a federal court in Florida, according to TorrentFreak. The studio’s latest complaint targets at least 2,514 alleged BitTorrent users, whom Voltage Pictures claims pirated the film and cost the studio millions. The company last year filed a joint lawsuit against more than 30,000 alleged BitTorrent users who illegally downloaded the film. The case closed this past December, with Voltage Pictures collecting an undisclosed number of settlements. The studio’s latest suit looks to obtain a subpoena that will order ISPs to reveal the identities of the defendants. The alleged pirates will then be offered a settlement of about $3,000, the report claims. All of the defendants allegedly downloaded the film in 2010 and are Charter Communications subscribers. More →

No Comments

‘Anonymous’ plans bigger and more serious attacks on Chinese government

By on April 9, 2012 at 3:15 PM.

‘Anonymous’ plans bigger and more serious attacks on Chinese government

The hacker group “Anonymous operations” plans to launch further attacks on Chinese government-run websites to protest what it believes to be strict and unfair laws. The loosely knit group launched various cyberattacks on China’s goverment last week and warned that further attacks were on the horizon. “First we want to alert the Chinese government that we aren’t afraid, and we are going to show the truth and fight for justice,” Anonymous hacker “f0ws3r” said to Reuters, adding that more serious attacks are coming against Chinese websites. “Yes, we are planning more attacks, a few at a time,” the hacker said. The group is looking to “take down the Great Firewall of China,” which blocks access to Twitter, Facebook, YouTube and many other websites. The Anonymous China team consist of 10 to 12 hackers, most of whom are not based in China, and has “hundreds” of translators who have helped the group hack various Chinese websites, f0ws3r said. The hacker declined to give further details on the next round of attacks, although he did say the group may hit bigger targets this time around. More →

No Comments

Selling used Android phones poses huge identity theft risk, expert says

By on March 30, 2012 at 1:25 PM.

Selling used Android phones poses huge identity theft risk, expert says

Android users who are looking to sell their old devices should be wary of the possible consequences. McAfee identity theft researcher Robert Siciliano warned that personal data from Android devices is not completely removed after a user activates the built-in wipe option, The Los Angeles Times reported on Friday. “What’s really scary is even if you follow protocol, the data is still there,” Siciliano said. If you have a BlackBerry or Apple device, Siciliano said your data can be fully deleted by following the manufacturer’s directions. As for smartphones running the Android operating system and computers running Windows XP, Siciliano recommends that people don’t bother with selling them at all. “Put it in the back of a closet, or put it in a vise and drill holes in the hard drive, or if you live in Texas take it out into a field and shoot it,” he said. “You don’t want to sell your identity for 50 bucks.” To test the security of various platforms, Siciliano purchased 30 smartphones and computers from Craigslist. The researcher was able to access personal data from 15 of the 30 devices through his own hacking efforts and the help of a forensic expert. The data obtained included bank account information, Social Security numbers, child support documents and credit card account log-ins. More →

No Comments

Google Wallet hacked again; new exploit doesn’t need root access [video]

By on February 10, 2012 at 8:10 AM.

Google Wallet hacked again; new exploit doesn’t need root access [video]

A new exploit has been discovered that allows unauthorized access to a user’s Google Wallet account with a simple hack that can be performed by anyone in a matter of minutes. A security firm recently exposed a Google Wallet vulnerability that allowed hackers to bypass PIN protection, but the vulnerability is only present on rooted Galaxy Nexus handsets. This new exploit, however, does not require a handset to be rooted, which leaves all Google Wallet users exposed. Read on for more. More →

1 Comment

Kindle Fire’s Silk browser hacked to run on other Android devices

By on January 4, 2012 at 2:00 PM.

Kindle Fire’s Silk browser hacked to run on other Android devices

Amazon’s Silk Web browser has received mixed reviews from the media and from consumers. In our review of the Amazon Kindle Fire, we noted that loading Web pages in the cloud-assisted browser on the tablet seemed to stall at first but once content finally began downloading, it indeed seemed to move very quickly. Other reviews found Silk to be much slower than other comparable browsers, however. Curious Android device owners who aren’t among the millions who purchased the Kindle Fire ahead of the holidays can now install Amazon’s Silk browser on a variety of rooted handsets and tablets thanks to the work of an xda-developers forum member. Results are mixed so far, and the port will not work on the Galaxy Nexus, among other handsets. Many users have successfully installed the browser on a variety of devices including the Motorola ATRIX and the Samsung Galaxy Tab, however. More →

No Comments

All GSM phones vulnerable to major security flaw, hacker says

By on December 27, 2011 at 7:00 PM.

All GSM phones vulnerable to major security flaw, hacker says

All GSM phones, such as those that run on T-Mobile and AT&T in the United States, are vulnerable to a major security flaw that could allow hackers to send text messages or place phone calls remotely using a new security flaw, one hacker said recently. Speaking to Reuters ahead of a hacking convention in Berlin, Karsten Nohl, the head of Germany’s Security Research Labs, said the attack could be initiated on a large scale, too. “We can do it to hundreds of thousands of phones in a short timeframe,” Nohl explained. “None of the networks protects users very well.” Nohl didn’t provide details on how hackers could take advantage of the flaw, although Reuters said it’s likely that those attending the conference will try to recreate it themselves. Nohl also explained that carriers can easily patch the security hole and that some simply need to update their software. “Mobile network is by far the weakest part of the mobile ecosystem, even when compared to a lot attacked Android or iOS devices,” Nohl said, noting that Germany’s T-Mobile and France’s SFR wireless carriers are the most secure against hackers. More →

No Comments

Skype security flaw leaves user locations vulnerable

By on December 8, 2011 at 9:30 PM.

Skype security flaw leaves user locations vulnerable

New York University’s Polytechnic Institute has discovered a Skype security flaw that leaves Skype users’ locations and P2P sharing activity accessible to hackers. The security hole was discovered while NYU scientists monitored 10,000 Skype users and 20 volunteers during a two-week period. “A hacker anywhere in the world could easily track the whereabouts and file-sharing habits of a Skype user – from private citizens to celebrities and politicians – and use the information for purposes of stalking, blackmail or fraud,” professor Keith Ross from computer science NYU-Poly’s computer science program said. Hackers can also keep track of a Skype user’s movements as he or she places calls from various locations. The scientists were able to follow a Skype user during a vacation from New York to Chicago and then all the way home to France, Financial Post explained. “A fairly straightforward and inexpensive fix would prevent hackers from taking the critical first step in this security breach – that of obtaining users’ IP addresses through inconspicuous calling,” the scientists said. Skype chief information officer Adrian Asher said his company will work to improve the security of Skype’s software.  More →

No Comments

Apple plugs huge security hole with iOS 5.0.1

By on November 11, 2011 at 1:35 PM.

Apple plugs huge security hole with iOS 5.0.1

Apple has addressed a major security vulnerability with the latest version of its iOS software. Just released on Thursday afternoon, iOS 5.0.1 was welcomed with open arms by iPhone users plagued by poor battery life. Apple promised that this new build addresses issues causing the lackluster battery performance — though its effectiveness remains in question — and it also addresses a much more serious problem. Security expert Charlie Miller revealed a major security flaw in iOS last week that allowed developers to sneak malicious apps past Apple’s App Store review process. Once installed by an end user, a hacker was able to use the vulnerability to steal data or perform any number of other unauthorized functions. IOS 5.0.1 addresses the vulnerability, Forbes reports, preventing apps from receiving malicious payloads. Apple credits Miller with having discovered the bug — he reported it to Apple nearly a month before going public — though the company has yet to restore his developer account, having banned him from its developer program after he planted an app in the App Store in order to demonstrate the vulnerability. More →

No Comments

Hacker uncovers major iOS security flaw [video]

By on November 8, 2011 at 10:00 AM.

Hacker uncovers major iOS security flaw [video]

A major security flaw in Apple’s iOS operating system that could allow hackers to remotely gain unauthorized access to an iPhone, iPod touch or iPad has been uncovered by a security expert. Described by Forbes as a “serial Mac hacker,” Accuvant LABS computer security researcher Charlie Miller has uncovered a security flaw that allows hackers to build apps that look legitimate and pass through Apple’s App Store approval process. Using a code-signing vulnerability, however, the malicious apps will automatically connect to a remote server following installation and download new unapproved code that might grant hackers access to system files, personal data and a host of unauthorized functionality. Read on for more. More →

No Comments

Hacker group Anonymous now targeting child porn sites

By on October 24, 2011 at 12:00 PM.

Hacker group Anonymous now targeting child porn sites

Anonymous, the “hacktivist” group that waged war on the U.S. government and large companies such as Apple, has shifted its focus from cracking corporations to fighting online pedophilia. The group is now targeting web host Freedom Hosting and is accusing it of knowingly hosting child pornography. “The owners and operators at Freedom Hosting are openly supporting child pornography and enabling pedophiles to view innocent children, fueling their issues and putting children at risk of abduction, molestation, rape, and death,” Anonymous said in a statement. “Our demands are simple. Remove all child pornography content from your servers. Refuse to provide hosting services to any website dealing with child pornography. This statement is not just aimed at Freedom Hosting, but everyone on the internet. It does not matter who you are, if we find you to be hosting, promoting, or supporting child pornography, you will become a target.” Read on for the full statement against online child pornography from Anonymous.  More →

102 Comments

Massachusetts Attorney General to demand answers from Apple after iTunes breach

By on September 21, 2011 at 7:10 PM.

Massachusetts Attorney General to demand answers from Apple after iTunes breach

Massachusetts Attorney General Martha Coakley recently said her iTunes account was compromised by identity thieves and that she will press Apple for answers. It is unclear how the thieves gained access to Coakley’s account, perhaps through an application, but the hackers stole credit card information and made fraudulent purchases, ThreatPost said. Coakley brought up the attack during a speech for the launch of the Massachusetts Advanced Cyber Security Center. She noted that Dell blocked her credit card when the hackers tried to purchase a computer, believing the purchase to be fraudulent. Apple, however, did not. Coakley said she would reach out to the iPhone maker and demand information. ThreatPost argued that Coakley might have been speaking so strongly in an effort to build support for Massachusetts’ state data privacy, data protection and data breach notification laws. Coakley believes companies such as Apple should be held liable when in violation of the aforementioned laws. The Massachusetts Attorney General’s office said any company that has had a breach which “creates a substantial risk of identity theft or fraud against a resident of the commonwealth,” should publicly disclose the attack. More →

40 Comments

OS X Lion security flaw allows anyone to change your password

By on September 19, 2011 at 3:25 PM.

OS X Lion security flaw allows anyone to change your password

Security blog Defense in Depth has found a glaring security flaw in OS X Lion that enables hackers to change the password of any user on a machine running Lion. “[While] non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data,” Patrick Dunstan from Defense in Depth explained in a recent blog post. The result is that anyone could use a simple Python script, created by Dunstan himself, to discover a user’s password. It gets worse. Reportedly, OS X Lion does not require its users to enter a password to change the login credentials of the current user. That means typing the command: “dscl localhost -passwd /Search/Users/Roger” will actually prompt you to set a new password for Roger. As CNET points out, a hacker could only take advantage of the known bug if he or she has local access to the computer and Directory Service access. CNET suggests disabling automatic log-in, enabling sleep and screensaver passwords and disabling guest accounts as some preventative measures to keep your Mac secure. More →

68 Comments