Web-based jailbreak tool Jailbreakme.com is back, and jailbreaking your iPhone, iPad or iPad touch has never been easier. How easy is it, you ask? Simply navigate to jailbreakme.com in Safari on your iOS device and then follow the on-screen instructions. Within seconds, you’ll be on your way to sporting an open iDevice. What’s more, JailbreakMe 3.0 is the first widely available tool to feature support for the iPad 2 (running iOS 4.3.3), so tablet owners will undoubtedly be excited about that. The service also supports every other iOS device other than Apple TV: iPad (iOS 4.3+), iPhone 3GS (iOS 4.3+), GSM iPhone 4 (iOS 4.3+), CDMA iPhone 4 (iOS 4.2.6+) and third or fourth-gen iPod touch (iOS 4.3+). Developer betas of iOS 5 are not supported. Remember to back up with iTunes before jailbreaking and, of course, proceed at your own risk. More →
It seems that an AR-like capability within Mobile Safari has gone pretty much unnoticed (or at least unimplemented by a third party) until now. Occipital, a company that has developed a panoramic photo iPhone app, has come across the new feature in Safari for iOS 4.2 devices, and it’s related to the gyroscope. If you have an iOS device with a gyropscope (iPhone 4, latest iPod touch) you can try a live demo for yourself. It’s ridiculously impressive, and by using the gryoscope and a panorama image, you can deliver an augmented reality type of experience right in the Web browser itself. Hit up
from your iOS browser directly to check out the demo.
Goatse Security, the firm who blew the lid off of an exploit that allowed the names and email addresses of over 114,000 iPad owners to be farmed, is speaking out. In a blog post, Goastse team member Escher Auernheimer writes:
I released a semantic integer overflow exploit for Safari through Goatse Security in March– it was patched on Apple’s desktop Safari but has yet to be patched on the iPad. This bug we crafted allows the viewer of a webpage to become a proxy (behind corporate and government firewalls!) for spamming, exploit payloads, password bruteforce attacks and other undesirables. The kicker is that this attack cannot be detected by any current IDS/IPS system. We released this in March, mind you, and Apple still hasn’t got around to patching this on the iPad! I know through personal experience that the patch time for an iPad vulnerability is over two months and counting. Given that, the number of parties which probably have active iPad exploits likely numbers in the hundreds, if not the thousands. The iPad simply is not a safe platform for those that require a secure environment.
And it doesn’t stop there. Addressing some of the verbiage in AT&T’s apology letter, Auernheimer goes onto say:
AT&T had plenty of time to inform the public before our disclosure. It was not done. Post-patch, disclosure should be immediate– within the hour. Days afterward is not acceptable. [...] AT&T says the person responsible for this went “to great efforts”. I’ll tell you this, the finder of the AT&T email leak spent just over a single hour of labor total (not counting the time the script ran with no human intervention) to scrape the 114,000 emails. If you see this as “great efforts”, so be it.
Auernheimer closes with: “We love America and the idea of the Russians or Chinese being able to subvert American infrastructure is a nightmare. We understand that good deeds many times go punished, and AT&T is trying to crucify us over this. [...] We did the right thing, and I will stand by the actions of my team and protect the finder of this bug no matter what the cost.” Amen, Escher, Amen. Your move Apple/AT&T. More →
If anyone knows how to make a browser powerful, but user-friendly, it’s Mozilla. Fennec is going to be no different in terms of their end goal for the mobile browser. First, they intend to use every last bit of screen real-estate to the browser, removing all controls, tabs, and buttons that would take away from the body of the page. Sullivan says they want to “give over the entire screen of the device to the Web content, removing all user-interface controls entirely.” How will a user navigate, you ask? Certain screen controls and finger swipes (for touchscreens) will activate the UI controls in a snap. If that isn’t cool enough for you, future versions may also include support for haptic feedback. While this is all cool and snazzy, Fennec has its work cut out because the others (Safari, Opera, Blackberry, Symbian) have established themselves and are still making progress. For more info on Fennec and what its future holds, hit the link!