Sunday, 29 December 2013

Germans Hack Apple's iPhone 5S Touch ID?

Germans Hack Apple's iPhone 5S Touch ID?



A respected German hacking group has claimed that it has, in two mere days, broken Apple's new fangled Touch ID. As you can see in their video above the whole process looks to be very complicated and anything but convenient for your average iPhone thieve.

One thing that some people have noticed was how the person who supposedly did the hack had to first program the phone to recognize his own print and then, without turning the phone off, he had to go through a very complicated series of steps to break into the phone. Had he turned the phone off he most likely would have had to use the passcode to get into the phone as well which is why some commenter's, like StephanosSavvakis, commenting on Engadget, stated:


"..... This video can be easily a scam. Plus, with a complicated process like that, you can be sure that fingerprint reading is one of the best security options you have."

In same Engadget thread another commenter, JamesO, added:

"Well unless the mugger is carrying round a fully lit photographic studio with a top of the range DSLR and accompanying macro lens on his back, and gets you to willingly hold still while he takes some shots of all 10 of your digits, I'll assume it's still secure."

Two other comments by StephanosSavvakis once again and Majipoor, also commented:


"@t0m I don't see how this method is considered easy. I also don't see why people believe that one day there will be a hack-proof security method :S Considering how demanding this method is, I'd say this is one of the most secure technologies out in the market yet."

"@t0m "like allowing for a secondary password or letting users set the period of time (say 4 or 8) hours when a password is required"

Which is exactly what Apple did: you need your password after restarting the iPhone or after 48h (a value which Apple could obviously easily modify if necessary).

http://www.iclarified.com/34057/about-touch-id-fingerprint-sensor-security-on-the-iphone-5s"


In conclusion, as far as my 2 cents goes I'm still on the fence about this hack until Apple officially responds itself. Many commenter's, like the ones above, think that the whole hack is somewhat questionable and I tend to agree. Then again, this German hacking group is among the very best in the field so I don't think it would be wise to totally discount this supposed hack, but without further proof I have my doubts. However, even if true, the whole hack involves such complexity that I personally wouldn't worry too much of it happening much in the wild.
Posted by at No comments:

Mostly iPhone hacking

Automatic SSH ramdisk creation and loading

runnable JAR archive - works on OS X or Windows; needs 32-bit JRE on Windows.
Supported devices - hopefully everything Syringe supports (devices with A4 chips and lower) plus iPhone 2G, iPhone 3G and iPod Touch 1G.
The tool automatically downloads required files from Apple using @planetbeing's Partial Zip, patches them and sends to the device.
If everything works as it should, the only thing you need is an SSH client.
Credits:

Made possible thanks to Camilo Rodrigues (@Allpluscomputer)

Including xpwn source code by the iPhone Dev Team and @planetbeing
Including syringe source code by Chronic-Dev and @posixninja
syringe exploits by @pod2ggeohot @posixninja
pwnage2 exploit by iPhone Dev Team
Special thanks to @iH8sn0w
code.google.com/p/iphone-dataprotection - EMF tools and kernel patches

To see more verbose stuff, run from command line: java -jar ssh_rd_rev04b.jar
Source on github.
Read more »
Posted by at  314 comments: Links to this post 
Labels: 

Wednesday, July 27, 2011

Lion, Time Machine and AFP feature bits.

Update2: SMB should be supported in _r2 version. Probably not a very good idea unless your network connection is solid. Also remember that you can't restore the whole system from a TM image on an SMB share.. at least not from OS X boot disk.
Update1: Please try updating your NAS firmware first; most manufacturers will be releasing updates that make their devices Lion-compatible in the near future.
These new flags made mandatory in Lion help with AFP session recovery after network connection loss, so you will be at a higher risk of data corruption when using this workaround over spotty WiFi.

'The network backup disk does not support the required AFP features' message means that
Lion's backupd now requires 'TM Lock Stealing' and 'Server Reply Cache' AFP features on all TM destinations.

TMShowUnsupportedNetworkVolumes workaround affects the UI but has no effect on actual daemon behaviour.
So, seeing as how I'm not going to buy a Time Capsule any time soon, an idea was born:
What if we could make backupd work with those unsupported volumes and unleash any potentially data-munching-monster-ish bugs this unsupportedness shall surely entail? Sounds like a plan!

tldrDownload, unzip and run the script.

^^ A dylib that fakes those new shiny AFP feature bits for your old musty half-dead early 20th century NAS-o-saurus.

Disclaimer: Use at your own risk; data-corru¾*{5Ë# may occur!

Boring tech details: just read the source.
Posted by at  72 comments: Links to this post 
Labels: 

Monday, January 17, 2011

Ultrasn0w (with preserved baseband) on 4.3..

NO NEW UNLOCKS HERE! FOR USERS WITH BB VERSIONS CURRENTLY SUPPORTED BY ultrasn0w ONLY! PLEASE RTFM!

4.3 seems to have enabled slidable image address randomization (ASLR). This broke ultrasn0w code naively using 0x1000 as the main executable base address. In addition to that, its FindReference function was using hardcoded offset/xref pairs for slidable images, which means every fw update will break it.
So, I've written a small dylib that works around those issues.
https://github.com/msftguy/ultrasn0w-fixer

Only tested on 3GS; will require changes for next betas.
Posted by at  7 comments: Links to this post 
Labels: 

Saturday, November 20, 2010

Booting SSH ramdisk on new devices

This information is deprecated; please use the new automatic tool here.
Read more »
Posted by at  105 comments: Links to this post 

Sunday, November 7, 2010

Booting 4.2 bundle - instructions

Instructions
  • Download the appropriate tetheredboot binary for Windows or OS X from https://github.com/msftguy/syringe/downloads
    • Update: OS X version does NOT need libUSB from MacPorts any more.
  • Put the device in DFU mode
  • Use the command line tetheredboot -i iBSS.CPUap.RELEASE.dfu -k kernelcache.release.CPU to boot, where CPU is k48 for iPad, n90 for iPhone4
    • These files (iBSS and kernelcache) need to be extracted from custom ipsw you made using the bundle!
    Bundles 
    Read more »
    Posted by at  Links to this post 
    Labels: 

    Thursday, July 8, 2010

    Data recovery: not just for iBoot-pwned devices

    Deprecated: Now you can use greenpois0n to load an SSH ramdisk on any new device.

    Update: wrote a tool to generate upgrade IPSWs automatically
    iPad data recovery!
    If your user data partition is not corrupted, it's possible to get your data back (say, after some Cydia app made your oversized iTouch hang on boot!)

    Should also work for iOS 4.0 new bootrom 3GS iPhones and 3G iTouches.


    Will it work if you were jailbroken with:
    PwnageTool: Not recommended/might work
    SnowBreeze: Not recommended/might work
    Spirit: YES
    redsn0w: YES
    blackra1n: YES
    Not jailbroken: YES


    Other necessary conditions:
    Mountable user data volume - not always the case!

    Other warnings:
    You'll obviously lose your jailbroken state and will have to re-Spirit if using iPad or just back up and restore if using aPwnageTool/SnowBreeze iOS4 jailbreak!

    When should you use this method?
    • You have an iDevice that does not boot (stuck in DFU/on Apple logo) with important data on it (kids pix, financial reports, names of Russian spies)
    • You are not jailbroken with PwnageTool/redsn0w/blackra1n/Sn0wbreeze
      • If you are jailbroken using one of those jailbreak methods, check out SSH ramdisk method first as itguarantees non-destructive recovery.
    • You don't need the device to remain jailbroken/unlocked or can jailbreak/unlock a device that has been restored to latest firmware version.
    Download:
    Windows versionPython source

    Usage:
    Use current firmware version that is still being signed by Apple (4.1 ATM)!
    Drag and drop original unmodified IPSW file over the tool icon, wait for it to generate a UPG_...ipsw file, restore to that using iTunes.
    Make sure you've read the necessary conditions and warnings sections!

    Look at the source code if you want an insight into what exactly happens here.



    Read more »
    Posted by at  Links to this post 
    Labels: 

    Wednesday, July 7, 2010

    iRecovery functionality on Windows without libUSB

    itunnel_mux_rev6.exe <- this unfortunately named tool now supports loading stuff into iBoot, including USB exploit payloads.
    Usage example: 
    itunnel_mux_rev6.exe --ibss iBSS.n88ap.RELEASE.dfu --exploit exploit --ibec
 iBEC.n88ap.RELEASE.dfu --ramdisk  018-6461-399.dmg.ssh --devicetree 
DeviceTree.n88ap.img3 --kernelcache kernelcache.release.n88
    Due to some hardcoded structure offsets still left, will probably only work with iTunes 9.2.


    Read more »
    Posted by 
    Posted by at No comments:

    Apple Releases iOS 7, 7.0.1 A New Jailbreak iOS 7 Utility To Follow

    iOS 7 Jailbreak 7.0.1 Untethered
    Today, following last week’s iPhone 5S and iPhone 5C unveiling event, Apple officially released iOS 7 to the general public. iPhone 5, iPhone 4S, iPhone 4, iPad 2, iPad 3, iPad mini, iPad 4 and iPod touch 5th generation owners can download Apple’s new and exciting update via the device portion of iTunes. Although there isn’t an iOS 7 jailbreak available for 7.0 and 7.0.1 (we’ll get to that in a second) at launch, the evad3rs are hard at work on creating a new utility that will jailbreak iOS 7 on all devices, including Apple’s upcoming iPhone 5S and iPhone 5C smartphones.

    Additionally, iCrackUriDevice recently published a great video (embedded below)   we highly recommend watching it, especially if you’re at all confused or lost when it comes to the status of the next Untethered jailbreak.





    As for iOS 7, users around the world can now download the firmware via either Apple’s over-the-air update option found in the Settings app (General > Software Update) or through iTunes 11.1, which can be obtained here.
    In addition to offering users a complete and system-wide graphical redesign, iOS  7 also brings exciting new features like Control Center, iTunes Radio, a significantly revised version of Notification Center and more. If you’re interested in learning more about iOS 7, check out our detailed review and in-depth analysis.
    Preceding the public release of iOS 7.0, it was discovered through various logs that new iPhone 5S and iPhone 5C owners will be welcomed this Friday by a prompt to update to 7.0.1, suggesting Apple has plans for another unifying firmware following 7.0.1 – likely 7.0.2.
    Posted by at No comments:

    Easy Steps to Download & Install Cydia iOS 7 :

    Easy Steps to Download & Install Cydia iOS 7 :

    Soon after the release of iOS 7 Beta , Jailbreakers started working on developing Cydia iOS 7 . iPhone 5 users note that iOS 7 Cydia is ready for release with final testing going on before the final release of iOS 7 BootROM Jailbreak from Team Evad3rs .
    Cydia for iOS 7 can be tested and installed on your iOS 7 device . You can find the tutorial[both video and step by step instructions] in our blog and install iOS 7 Jailbreak on your phone . If you come across any problem , visit out Help Forum for quick troubleshooting.
    Follow our site and the latest updates and more information on downloading and installing cydia iOS 7 apps on your favorite iOS device .

    Recent Stories :

    Cydia iOS 7 Jailbreak

    Posted on - 27 August 2013 by - 127 comments
    cydia ios 7 small
    On September 10th Apple are reportedly holding a media event. This will be to announce their new line-up for the upcoming season and will include the iPhone 5S, the 5C and an official release date for iOS 7. On the same day, it’s also thought that Apple will seed the iOS 7 GM version to developers in preparation for

    iOS 7 Jailbreak

    Posted on - 21 August 2013 by - 108 comments
    ioS 7 Jailbreak evasion
    With iOS 7 well on the way to being released publicly next month, it’s time to turn our attention to the iOS 7 jailbreak. Let’s break the subject down a little and take a look at what’s happened in the past and what’s going on now. iOS 7 – To Jailbreak or Not ? Work
    POPULAR STORIES :

    Latest Posts :

    Download Cydia on iOS 7

    Posted on - 28 June 2013 by - 257 comments
    iOS-7-Cydia-download small
    Sometime in September or October it is hoped that we will have a untethered jailbreak utility for iOS 7. Apple is expected to release the firmware publicly alongside the new iPhone and shortly afterwards the hackers should be able to give us more information on when we can expect to be able to download Cydia

    Download Cydia on iPad Air – Retina Mini running iOS 7

    Posted on - 23 December 2013 by - 15 comments
    ipad ios 7 cydia download
    News on the jailbreak front has been a little quiet just recently but that doesn’t mean that things have come to a standstill.  Evad3rs are still busy working away on the untethered iOS 7 utility and, for those waiting for the untethered iOS 6.1.3/4 utility, we are still expecting that to be released before the end of

    How to Download Cydia on iPhone 5S

    Posted on - 20 December 2013 by - No comment
    iphone 5s cydia icon
    All across the jailbreak community people are patiently waiting for no less than two different jailbreaks to be released.  First up, evad3rs are diligently working away on the iOS 7 untethered tool while those on iOS 6.1.3/4 are eagerly awaiting the release of their untethered jailbreak. Image : Cydia on iPhone 5S The only jailbreak that has

    iOS 7 Jailbreak Hunt Causes Split in Jailbreak Community

    Posted on - 13 December 2013 by - 3 comments
    ios 7 jailbreak hunter
    A few days ago a controversial new website appeared on the internet. It’s called iS iOS 7 Jailbroken Yet and is run by a company called Threshold, owned by Elizabeth Start.  The website has been set up as a kind of bounty or reward for the first person or team who comes up with an untethered, open-source

    Why there is No iOS 7 Jailbreak till Now

    Posted on - 13 December 2013 by - 3 comments
    ipad-mini-2-jailbreak ios 7 iphone 5 code small
    Things have been a little quiet on the jailbreak front recently until a few days ago. A new website has appeared, offering a reward for any team or individual that comes up with the iOS 7 untethered jailbreak. The reward is made up entirely of donations and the fund currently stands at $7270. The reward

    How to Improve Touch ID Sensor Efficacy on iPhone 5S

    Posted on - 11 December 2013 by - 4 comments
    iOS-7-jailbreak-iPhone-5s-Status-620x505
    The fingerprint sensor that made its debut on the iPhone 5S has certainly caused a bit of a stir. Despite a few teething problems it is fast becoming one of the most popular features that Apple has ever implemented on one of their devices. Image : iPhone 5S Touch ID Sensor Not Functioning Properly iPhone

    How to Jailbreak Using RageBreak on iOS 7

    Posted on - 1 December 2013 by - 10 comments
    apple logo ios 7 iphone 5 tethered
    As iOS users wait patiently for evad3rs to release their untethered jailbreak, a brand new one has appeared by the name of RageBreak.  However, no need for people to jump up and down for joy because it’s a tethered jailbreak that will only work on the iPhone 4, GSM and CDMA models. Image : Ragebreak

    RageJailbreak for iOS 7 can Brick your Phone

    Posted on - 1 December 2013 by - 8 comments
    iphone 5s bricked small
    Just recently, we told you about a new jailbreak tool for iOS 7. RageBreak has just been released as a tethered jailbreak for iOS 7.0+.  However, it only works on the iPhone 4, both GSM and CDMA models. Image : iOS 7 bricked iPhone using Ragebreak Jailbreak Tool Just briefly, for those who are not

    Download RageBreak for iOS 7 Jailbreak

    Posted on - 30 November 2013 by - 43 comments
    ragebreak ios 7 small
    While we all wait for the new iOS 7 untethered jailbreak to be completed and released, those of you with an iPhone 4 might be interested in this.  A couple of days ago, a jailbreak tool called RageBreak surfaced on the internet to jailbreak iOS 7.0.4 (or any full version of iOS 7). Image : Ragebreak Jailbreak

    RageBreak can Jailbreak iOS 7

    Posted on - 28 November 2013 by - No comment
    rage
    Some news has appeared on the jailbreak scene in the last couple of days – a jailbreak for iOS 7+ has been released.  Before you all get too excited though, it’s a tethered jailbreak and is only for the iPhone 4. Image : RageBreak Jailbreak Tool for iOS 7 The tool is called RageBreak and

    Leaked Document shows White-House in Favor of Banning iOS 7 Jailbeak

    Posted by at No comments:

    Download Evasi0n iOS 7 – 7.0.4 Jailbreak For iPhone 5s, 5c, 5, iPad, iPod touch [Windows / Mac]

    Surprise surprise. This is just in. Team Evad3rs has just released untethered Evasi0n iOS 7 – 7.0.4 jailbreak for the latest iPhone, iPad and iPod touch devices.
    Available for both Windows and Mac users, Evasi0n iOS 7 jailbreak works on all iPhone, iPad and iPod touch models running iOS 7.0, 7.0.1, 7.0.2, 7.0.3 and 7.0.4.
    iOS 7 jailbreak iPhone
    This includes:
    • iPhone 5s
    • iPhone 5c
    • iPhone 5
    • iPhone 4S
    • iPhone 4
    • iPad 2
    • iPad 3
    • iPad 4
    • iPad Air
    • iPad mini
    • iPad mini 2
    • iPod touch 5
    We will be back with full how-to tutorials. Those of you who want to jailbreak right away can do so by downloading Evasi0n from official website at Evasi0n.com or through the links given below.
    ios7 jailbreak
    evasi0n ios 7 jailbreak
    Download Evasi0n for Windows
    Download Evasi0n for Mac
    Update x1: This release has also caught Saurik, the founder of Cydia, by surprise. He has clarified it on Twitter that the Cydia build included in version 1.0 of Evasi0n 7 isn’t official, and hence will be prone to bugs. Tweaks relying on Substrate will have issues with this early release of Evasi0n. This issue will be fixed in later versions of Evasi0n 7.
    Update x2: Evasi0n 7 is also compatible to work with iOS 7.1 beta 2.
    Update x3: Our full step by step video tutorial is up and embedded below! For full written instructions, check out: Jailbreak iOS 7 – 7.0.4 Untethered On iPhone 5s, 5c, 5, 4s And More With Evasi0n 7 [Video Tutorial]
    Subscribe to our YouTube channel for more videos.
    Update x4: Make sure you check out: List of iOS 7 Compatible Jailbreak Tweaks And Apps In Cydia.
    Update x5: Evasi0n has been updated to version 1.0.1, removing the TaiG App Store completely. The download links above have been updated.
    Update x6: Evasi0n 7.x Untether 0.2 update now available on Cydia, bringing Evasi0n 1.0.1 features to Evasi0n 1.0 users.
    You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the web.
    Posted by at No comments:
    Subscribe to: Posts (Atom)