Category Archive

A presentation and paper on Reverse engineering JTAG at the 26th Chaos Communication Congress is now available to download here:

http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/3670.en.html

Other Hacking and reverse engineering papers and talks from the conference can be found here:

http://events.ccc.de/congress/2009/Fahrplan/index.en.html

The hacking track is here:

http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/index.en.html

This report concerns the theoretical and practical issues with automatically populating mobile devices with reference test data for use as reference materials in validation of forensic tools.

It describes an application and data set developed to populate identity modules and highlights subtleties involved in the process. Intriguing results attained by recent versions of commonly-used forensic tools when used to recover the populated data are also discussed. The results indicate that reference materials can be used to identify a variety of inaccuracies that exist in present-day forensic tools.

The Paper can be downloaded in PDF format from here:
http://csrc.nist.gov/publications/nistir/ir7617/nistir-7617.pdf

More on the paper here:
http://www.testandmeasurement.com/article.mvc/NIST-Develops-Experimental-Validation-Tool-0001?VNETCOOKIE=NO

The tool itself can be downloaded from here:
http://csrc.nist.gov/groups/SNS/mobile_security/mobile_forensics_software.html

The tool is called SIMfill, and it’s a java application that populates Subscriber Identity Modules (SIMs) with reference data and can be used to assess the data recovery capabilities of forensic SIM tools. The package includes an initial set of reference data for use with SIMfill, the source and compiled code, a readme file, a user’s guide, and a video demonstration. It can be downloaded free from:
http://csrc.nist.gov/groups/SNS/mobile_security/mobile_forensics_software.html

The research team, which included Edith Cowan University of Australia and BT, revealed some early results yesterday in news reports by the BBC and British television affiliates.

To read more about the research go here:
http://news.bbc.co.uk/2/hi/uk_news/wales/8036324.stm
and here:
http://www.darkreading.com/security/storage/showArticle.jhtml?articleID=217400054&cid=nl_DR_DAILY_H

A forensics toolkit for the Xbox gaming console is described by US researchers in the International Journal of Electronic Security and Digital Forensics. The toolkit could allow law enforcement agencies to scour the inbuilt hard disk of such devices and find illicit hidden materials easily.

Link:
http://www.sciencedaily.com/releases/2009/04/090430101445.htm

Having a rooted phone means you can do tricks like setting up a 3g/wifi bridge. The process starts by using a rooting app to revert the phone to the rc29 build. then using the “android stupidly executes everything you type” exploit to launch telnetd and upgrade the bootloader. After that, the upgrade process is fairly easy. Just flash a new baseband and build. once you’ve got your new custom firmware, you can do future updates using an app from the android market.

Read More here:

http://hackaday.com/2009/05/05/easy-g1-rooting/

Having downloaded the latest beta of the iPhone yesterday (seen above), I started using it today and when a friend of mine asked to use it to dial a phone number, all they saw was this:

I restarted the phone and I got the proper dial screen shown below.

This happened to me again today… So I decided to post it on the inter web

Growth projection for the mobile sector does not look good

Read More Here:

http://www.iphonestalk.com/new-survey-results-bring-good-and-bad-news-for-the-mobile-sector/

We acquired the domain names AndroidForensics.com and AndroidHack.com . Both domain names should take you to MySecured.com for now. We might dedicate the Android Forensics domain in the future to a website catering specifically to the Forensics of Android-Based Cellular Phones. The Android Hack domain name will be probably dedicated to the Hacks and Mods for the Android Based mobile phones and other devices such as netbooks and laptops.

Try the domain names now:
http://www.androidforensics.com
http://www.androidhack.com

A new site dedicated to the Palm Pre Mobile Phone and its WebOS operating system and Application Catalog. Visit it at:
http://www.PreMobilePhone.com

I don’t know if this is true or not yet but here it goes! There seems to be a vulnerability that affects Nokia Series 60 phones, including N95 and N73 handsets that blocks all SMS and MMS from reaching the phone, hense the name “Curse of Silence”. attacker in this case sends a specially designed SMS message to the target phone. What’s worrying is that the recipient will receive no indication that they got the message.

The only way to get the target phone to recieve messages again is to factory reset it. Even after the factory recet, the phone still remains vulnerable to future silent curses. The attack will only work on phones running version 2.6, 2.8, 3.0 or 3.1 of Symbian S60.

Source: http://www.dialaphone.co.uk/blog/?p=2505

It can be done!

An in-depth look at the new Palm Pre Mobile Phone:

@ Engadget.com

I love how fast it is and how they allow you to have “pages’ of applications running at once… Look at the videos to see what I mean. What I hate is the numbers on the keyboard are Orange just like punctuation marks on the T-Mobile G1… I can’t see them at all! But that’s just me…

Related:

Plam stocks are up.
Google Finance on Palm, Inc.

Official Website.

Is it going to be the iPhone killer? or will it suck like the Google Android did before it? Give it six months and we’ll see

Modding Education for iPhone users AKA ModEdiPhone.com is a new website for all iPhone users who would like to jailbreak their iPhones or SIM unlock them whether they are using a first generation iPhone or the 3G iPhone. It provides guides and step-by-step videos and advice on how to do each hack or mod without any complications. It includes software, firmware, and hardware mods and hacks. It also contains the last five posts from the most popular iPhone blogs and news sites. It is a must visit and subscribe-to website so make sure you add it to your favourites

Here is the link:
http://www.modediphone.com/

Windows will run soon on the iPhone using Citrix Receiver, a remote screen software that connects to a PC and enables you to run Microsoft’s Windows Apps remotely over the wi-fi or 3g network.

More info here:
http://community.citrix.com/pages/viewpage.action?pageId=51937665

As predicted, it did take a long time to unlock the 3G version of the iPhone as compared to the 1st generation iPhone. It is never the less a great achievement for the Dev-Team. So, if you are still using a SIM proxy to unlock you iPhone 3G, then this unlock is for you. For all others, this makes no difference at all

For those who do require the SIM unlock I give you this warning: never upgrade you phone to 2.2 as it will unpgrade your modem software making it impossible to unlock with the SIM unlocking solution from the dev-team.
So: NEVER UPGRADE OR RESTORE YOUR IPHONE IN ITUNES

For more information, please visit the dev-team’s website at:
http://blog.iphone-dev.org/

On October 6th AccessData sent a letter to Guidance Software expressing its interest to acquire all of the outstanding stock of Guidance Software at $4.50 a Share. Read more below:

http://www.itbusinessnet.com/articles/viewarticle.jsp?id=569441

Here is a sample video of Noise Alert:

For more videos visit the website:
http://www.androidapps.com/

For Apple iPhone App reviews, visit AppVee’s iPhone website at:
http://www.appvee.com/

Your iPhone can not delete or forward SMS Messages? Yes it can! Use MySMS to do that!

Your iPhone can not forward a contact number to another one? Now it can! Just use MySMS

You want more options such as:

- landscape typing
- punctuation keys at the right side of typing window
- sms forwarding (even conversations)
- single / individual sms or conversation deletion
- character counter (to know if your text will be sent as one or multiple SMS messages)
- send contacts through sms
- Use message templates
- set password on app loading/launch
- Easy contact list search!
- disable auto correction in SMS typing (very useful if you are typing in other languages)
- skins (downloaded from the dev’s repo: isoftru.ru/repo/)
- set mySMS as the default SMS app
- Option to Tap return key twice to send message

For more information go to:
MySMS
and to see more screen shots and instructions on how to downlad the application from Cydia, go to:
http://iphonehelp.in/2008/11/13/mysms-ultimate-sms-app-for-the-iphone-3g-2x-via-cydia/

http://www.Securify.Me

We have secured the domain name Securify.Me and we are in the process of forwarding it to MySecured.com. MySecured.com has been getting positive feedback from visitors and the financial gain from Google Ads is great. So, we are investing the money form the advertisements into buying cool domain names! Our overhead for the website is very low, so getting traffic through clever web domains has served us well so far

If the domain name sounds familiar, it is because of two parts of the domain:

- Securify: Packet Storm Security’s domain name used to be http://packetstorm.securify.com . Takes you back ages ago doesn’t it!
In fact, this is how it used to look like from 1999-2001:
http://web.archive.org/web/*/http://packetstorm.securify.com

Thanks to the Way Back Machine

- Me: It is the new Top Level domain name. It is also a previous version of Windows: Windows Me. More recently, Apple Computers used it for the replacement of the .MAC Cloud Computing service. It is now known as MobileMe or Mobile Me.

Keep visiting the websites and keep those suggestions coming Visit our sponsors while you are at it… it is what keeps us going after all….

contribute (at) My Secured DOt Com!

BTW: If you are interested in ANY of our domains, let us know… We might just sell it to you for the right price

A new book with companion DVD by Jesse Varsalone. Expected retail price is AUD 79.00.

Key Features include:

- Companion DVD Contains Custom Materials That Can Be Used in a Real Digital Forensic Investigation
- Includes Unique Information about Mac OS X, iPod, iMac, and iPhone Forensic Analysis Unavailable Anywhere Else
- Authors Are Pioneering Researchers in the Field of Macintosh Forensics, with Combined Experience in Law Enforcement, Military, and Corporate Forensics

Sounds good? Then for more information go to:
http://www.elsevierdirect.com/product.jsp?isbn=9781597492973

People living in Australia can get their hands on a T-Mobile G1 via eBay.com. They will be able to use the 3G HSDPA fuctionality on Carriers other than Telstra though. For 3G connectivity, the G1 will work only if the carrier’s network uses the 2100MHz frequency band. Currently those carriers include Vodafone, Optus and Three. Telstra’s Next G network runs on the 850MHz frequency so it’s not supported.

For more information, read on:
http://www.theage.com.au/news/technology/biztech/google-phone-hits-australia-via-ebay/2008/10/29/1224956120782.html

The first ever Android was released in the USA in November but as in the previous post here on Mysecured.com, there were no people linening up outside of shops there!… The T-Mobile G1 was released in the UK yesterday (October 30th), with about the same results as the US launch… No one seems to be interested in it so far.

The week the same still holds even after reports show that the phone has been unlocked as shown in the video below:

Is this about to change here in Australia? Well, I’ve asked around and it seems like people were holding back on buying the US version of the G1 because they though it was using different 3G bands than the ones Australian telecoms use. But they thought that UK version will use the same frequencies as the Ausie carriers but so far there are no UK version T-Mobile G1s on sale on eBay UK.

Buyers here in Australia might be more interested in buying the UK version of the G1 but for now they have no choice but to wait for some of them to be either available on eBay. There is another choice however which is to buy an proprietary Android phone from an Australian technology company Kogan Technologies which will start selling their in house Chinese manufactured Android based phones that will go on sale on December 15 for $199 AUD.

For more details on that story go to:
The Age.

In other reports, people just don’t see that the G1 is either open source nor ground breaking. Wired Magazine notes that the phone has restricted use of VOIP technology as in this article:
http://blog.wired.com/gadgets/2008/09/g1-android-phon.html

On the G1, T-Mobile customers will be the first to check out about 50 available applications. T-Mobile says that all apps are free until 2009. Here is a look at the top 15 out of those.

The one that scares me is the sex offender warning application. It tells you where your G1-carrying daughter or grandma are and how far and in which direction is the nearest registered sex offender to them!

See what I mean by watching the demo here:
http://www.freefamilywatch.com/demo.html

Follow the link for the story and pictures:
http://www.pcworld.com/article/152384/in_pictures_15_killer_android_apps_for_the_g1.html

As you might know, the iPhone 3G comes either on a contract which means that it is locked to the provider or Unlocked via iTunes on pre-paid plans or through a special arrangement with the service provider for a small fee. Locked phones however can be unlocked via hardware SIM attacments such as TurboSIM (discussed in detail in my paper) or other cheaper alternatives such as Universial SIM. What you might not know is that some sellers sell iPhones as if they are officially or leagally unlocked but in actuallity they are unlocked with alternative SIM attachments as shown in the pictures below:

SIM insertion slot showing extension wires

The actual Universal SIM attachment

To find out if the iPhone you are buying is unlockable by its carrier or not, ask the seller for the phone’s serial number and then visit:
http://support.apple.com/kb/HT1937

Buying a fake-unlocked iPhone could mean that your phone might be illegal to use in some countries because it violates usage laws. Also, it means a degration and sometimes the denial of service when it comes to data services and the quality of phone calls.

Pictures and Story from the Arabic source iPhone Islam. The only source for Arabisation of iPhone.

The people behind modmyi.com have an Android Forum but it doesn’t seem to have as much interest as the iPhone:
http://www.modmygphone.com/forums/index.php
I won’t judge the Android Platform yet though, I’ll give it six months

app.ifonetec.com: http://app.ifonetec.com/cydia/
cake.mapleidea.com: http://cake.mapleidea.com/cydia/
BigBoss & Planet-iPhones: http://apt.bigboss.us.com/repofiles/cydia/
Hack&Dev.org: http://iphone.hackndev.org/apt/
Hackers.nl: http://apt.hackers.nl/
iClarified: http://cydia.iclarified.com/
iPhone-notes.de Repo: http://apt.iphone-storage.de/
ispaziorepo.com: http://ispaziorepo.com/cydia/apt/
ModMyiFone.com: http://apt.modmyifone.com/
Niklas Schroder: http://apt.paperclipsandscrambledeggs.com/
RichCreations: http://www.richcreations.com/iphone/apt/
SaladSoft: http://nickplee.com/cydiasource/
Ste Packaging: http://repo.smxy.org/cydia/apt/
Steffwiz: http://steffwiz.webs.com/iphone/repo
Telesphoreo Tangelo: http://apt.saurik.com/
urbanfanatics.com: http://urbanfanatics.com/cydia/
WeHo.ru: http://weho.ru/iphone/
www.iacces.com: http://www.iacces.com/apt/
ZodTTD: http://www.zodttd.com/repo/cydia/

NEW Cydia Language Sources

comcute&gecko (Estonian): http://gecko.pri.ee/cydia/
CZ&SK: http://csid. tym.cs/repo/
iPhone-patch (Bulgarian): http://mspasov.com/
iphone.freecoder.org (Chinese): iphone.freecoder.org/apt/
iphonehe.com (Hebrew): http://iphonehe.com/iphone
Marcin Laber (Polish?): http://cydia.i-apps.pl/

Sources for Installer 4.0

Big Boss: http://apptapp.thebigboss.org/repofiles/installer4/
iPhone-notes.de: http://i.phone-storage.de/
iSpazio: http://repo.neolinus.org/ispazio/
ModMyiFone.com: http://i.modmyifone.com/
Rip Dev: http://i.ripdev.com
Ste Packaging: http://repo.smxy.org/installer4/
German: http://sendowski.de/iphone

Sources for Installer 3.1

Community Sources for Installer 3.11

iSpazio Official: http://repo.ispazio.net
ModMyiFone.com: modmyifone.com/installer.xml
RiP Dev (Kate, formerly Caterpillar): http://repository.ripdev.com/
Ste Packaging:http://repo.smxy.org/iphone-apps/ (make sure you include the last /)

Other Sources for Installer 3.11

aka.Repository: akamatsu.org/repo.xml
AlliPodHax Source: ihacks.us/index.xml or allipodhax.3host.biz/index.xml
AlohaSoft 1.0.2 - homepage.mac.com/reinholdpenner/102.xml
AlohaSoft 1.1.1: homepage.mac.com/reinholdpenner/111.xml
AlohaSoft 1.1.2: homepage.mac.com/reinholdpenner/112.xml
Apple (not really Apple): applerepo.com
Apple Daily Times: www.appledailytimes.com/installer
AppTapp Official: repository.apptapp.com
Apogee LTD: apogeeltd.com
Blaze Official: blazecompany.googlepages.com/
BigBoss Beta: sleepers.net/iphonerepobeta
BlackWolf: m8an.de/ownrisk.xml (Extended Preferences)
Byooi Digicide: byooi.com/iphone/digicide.plist (Jiggy Apps)
CedSoft (iSnake/Bounce): prog.cedsoft.free.fr
Chris Miles Repository (iSolitare): iphone.rustyredwagon.com/repo
Conceited Software Beta: http://conceitedsoftware.com/iphone/beta/
Conceited Software: http://www.macminicolo.net/conceited/iphone/cache.plist
CopyCoders: homepage.mac.com/hartsteins/copycoders/copycoders.xml (Network Apps)

dajavax: dajavax.googlepages.com/repo.xml
databinge: repo.databinge.com
DavTeam: davteam.com/repo.xml
Death to Design: iphone.deathtodesign.com
Digital Agua: repo.digitalagua.com
Dlubbat’s Apps: www.dlubbat.com/iphone.xml
Ettore Software Ltd: ettoresoftware.com/iphone/beta/ty.iphone
Fight Club: dezign999.com/repo
FreeMyiPhone: pxl.freemyiphone.com/
Fring: fring.com/iphone.xml
Gogosoft Source: www.blackblack.org/gogobeta.plist
GravyTrain ’s Vault: iiispace.com/installer2.xml (Includes user submitted themes)
Hijinks Inc.: hijinksinc.com/i/installer.xml
hitoriblog Experimental Pack: hpcgi3.nifty.com/moyashi/ipodtouch/repository.cgi
HighTymes: hightymes.org/iphone/plist/index.xml
iApp-a-Day: iappaday.com/install
Imagine09: home.twcny.rr.com/imagine09/Imagine09.xml
iBlackjack: iphonefanclub.com/native
iClarified: installer.iclarified.com
iFoneTech: app.ifonetec.com
Intelliborn: intelliborn.com/repo
Intelliborn (Cydia Source): intelliborn.com/cydia
iPhone Cake: iphonecake.com/src/all
iPhoneDevDocs: idevdocs.com/install
iPhone For Taiwan (SummberBoard Themes): iphone4.tw/showme
iPhoneFreakz: iphonefreakz.com/repo.xml
iPhoneIslam: apps.iphoneislam.com
iPlayful: iplayful.com/r
i.Marine Software (Caissa): caissa.us
imimux Repository (Real Artist): imimux.com
iPod Touch Fans: www.touchrepo.com/repo.xml
iPod Touched: ipodtouched.net/repo.xml
iPod-Touch-Themes.de: www.ipod-touch-themes.de/installer/repo.xml
iSwitcher (old): web.mac.com/iswitcher2/list.xml
iSwitcher (new) = MeachWare: meachware.com/list.xml
Jeremie Engel: rep.visuaweb.com
Jiggy Main Repository (Jiggy): jiggyapp.com/i
lazyasada: lazyasada.xeterdesign.com/repo.xml
Limited Edition iPhone: limitededitioniphone.com/lei.xml
Loring Studios: loringstudios.com/iPhone-schnapps/index.xml
McAfeeMobile Dev Repository: ipkg.mcafeemobile.com
MarcoGiorgini.com: marcogiorgini.com/iPhone/plist.xml
Makayama Software (CameraPro): tinyurl.com/2t8cax
MaomaLand: maomaland.com/iphone/repo.xml
Mateo (BeatPhone): bblk.net/iphone
McCarron’s Repo: patrickmccarron.com/irepo
MeachWare (new iSwitcher): www.meachware.com/list.xml
Mkv iPhone Repository: repo.mkv.mobi
Mobile Stacks: mobilestack.googlecode.com/svn/repository/internal.plist
ModMyApple.it (iBirthday): www.serverasp.net/chiafa/MMA/repo.xml
Moyashi: hpcgi3.nifty.com/moyashi/ipodtouch/repository.cgi
MTL Repository: home.mike.tl/iphone
MyApple.pl: i.myapple.pl
newATTiPhone.com: newattiphone.com/repo.xml
NPike.net: http://apps.npike.net/repo.xml
Nuclear Design: nucleardesign.net/repository
Planet-iPhones: planet-iphones.com/repository
Polar Bear Farm: www.polarbearfarm.com/repo/
Polleo Limited: source.polleo.no
Private Indistury: brandonsgames.com/chriss/index.xml
Pyrofer’s Projects: pyrofersprojects.com/repos/repos.xml
R4m0n (iPhysics): iphone.r4m0n.net/repos
Robota Softwarehouse: iphone.robota.nl
Sanoodi Repository: sanoodi.com/iphone
Saurik’s Coding Toolbox (Cydia): apptapp.saurik.com
ScoresPro: www.scorespro.com/iphone/repo.xml
scummVM: urbanfanatics.com/scummvm.xml
sendowski.de (MobileChat)sendowski.de/iphone
Shai’s Apps: ride4.org/shai.xml
Simek’s Graphic: simek.ddl2.pl
sipgate repository: iphone.sipgate.com
Skrew: i.danstaface.net
Slezak’s Stuff: www.spencerslezak.com
Smart-Mobil: www.smart-mobile.com/beta
Soneso Repository: soneso.com/iphone
SOS iPhone (ContactFlow): rep.sosiphone.com
Spiffyware: spiffyware.net/iphone
Studded: studded.net/installer/index.xml
Surge: iphonesurge.com/iphonesurge.xml
Swell: lyndellwiggins.com/installer/Swell
Swirlyspace: swirlyspace.com/SwirlySpace.xml
Touchmod Team: touchmods.net/rep.xml
Trejan: trejan.com/irepo
Trivialware: mazinger.cs.yale.edu/iphone-apps/index.xml
Unlock.no: i.unlock.no
weiPhone (weTools/weDict): app.weiphone.com/installer
Wiki2Touch: 168weedon.com/i/
Wizdom on Wheels (Common Website Links): iphoneapps.wizdomonwheels.com
XK72 Repository: http://xk72.com/iphone/repos/
ZodTTD.com Releases: zodttd.com/repo

Language Sources for Installer 3.11

Arabic: apps.iphoneislam.com
Czech: repo.iphone.cz
Chinese: iphone.org.hk/repository.plist
Danish: iphone.vildmedmac.dk/install
French: rep.sosiphone.com
FrenchIphone: rep.frenchiphone.com
German: sendowski.de/iphone
German aXP: lostsoul.aeroxp.org/iphone/index.xml
Greek: greekrepo.com
Hebrew ?????: ihebrew.net
Hungarian: ifhone.hu/install.xml
Norwegian - iFon: install.ifon.no
Polish - iPolish: krzak.net/iphone
Polish - iPolish(1.1.2): wakoman.ovh.org/iphone
Português-Brasil(1.1.2): iphonemod.com.br/forum/repo/installer.xml
Russian iPhone.RU: iphones.ru/r
Russian iPhone ??-??????: russianiphone.ru/beta
Russian Tools (in English): russianiphone.ru/beta/en
Spanish Phyros iPhone-ES: iphone.frickr.es/index.xml
Swedish iFun.se: ifun.se/swe
Taiwanese: iphone4.tw/unlock
Thai: pradt.net/iphone
Turkish: niffob.com/triphone.xml
Vietnamese: iphone.billydragon.net

———————————-
Source:
http://sleepers.net/2008/10/23/compiled-source-list-for-2xfw-1xfw-cydia-installer/

OLDER LIST FOUND HERE:
http://www.mysecured.com/?p=201

MyPhone2008.com

An interesting news article about the work of BT (formerly British Telecom), Glamorgan University, Australia’s Edith Cowan University and Sim Lifecycle Services where researchers recovered data from handsets from mobile phone recycling companies:

Mobile phones can never be totally wiped clean of data

To get more information on the research at Edith Cowan University and its upcoming conferences please visit SECAU Security Research Centre’s website:

http://www.secau.org/

Here are some published refereed journal and conference papers to give you an idea of what to expect for the Edith Cowan University conferences in December:

- Valli, C. and A. Jones (2008). A study of 2nd Hand Blackberry for sale - World class security foiled by humans. Proceedings of the 2008 World Congress in Computer Science, Computer Engineering, and Applied Computing - SAM 2008 - The 2008 International Conference on Security & Management., Las Vegas, USA.

- Al-Zarouni, M. (2007, 3rd December, 2007). Introduction to Mobile Phone Flasher Devices and Considerations for their Use in Mobile Phone Forensics. Paper presented at the The 5th Australian Digital Forensics Conference, Edith Cowan University, Mount Lawley Campus, Western Australia.

- Yap, L. F., & Jones, A. (2007, 3rd December, 2007). Profiling Through a Digital Mobile Device. Paper presented at the The 5th Australian Digital Forensics Conference, Edith Cowan University, Mount Lawley Campus, Western Australia.

- Yap, L. F., & Jones, A. (2007). Deleted Mobile Device’s Evidence Recovery:. Paper presented at the Media and Information-War Conference 2007, Kaula Lumpur, Malaysia.

You can register to attend Edith Cowan University’s conferences here:

http://conferences.scis.ecu.edu.au/

Hope to see you there

According to the article below, iPhone 2.2 beta which was provided to developers contained an Android-like Street View capability within the Google Maps App.

I Don’t know about you, but to me, it seemed like the street view feature was one of the most attractive features that Google used in selling the Android platform to consumers. I personally see a great potential in Android for app development but I still think that the iPhone will keep on keeping on especially after the dropped the NDA requirement for app developers

http://blogs.pcworld.com/staffblog/archives/007891.html

I’ve had my iPhone 3G with MobileMe for a while now but it didn’t seem like the push service from mobile me was working at all. This changed starting from yesterday though It is working now and I am happy with it so far.

Ideally the emergency dial screen should allow ONLY EMERGENCY NUMBERS to be dialed out on a passcode locked phone. The iPhone however allows for ANY NUMBER to be dialed when it is passcode locked! This bug is not new, it was present in iPhone 2.0.2 as well!

Here is a video demonstrating the issue:

I discovered this bug in 2.0.2 just a couple of days before 2.1 came out. So, it was too late for me to give a heads up to Apple. So, I waited for 2.1 to come along to see if it was fixed. I did that today and found out that it wasn’t fixed.

This of course could be an Auatralia-only issue or even an Optus-only issue. Nevertheless it is a security issue with the iPhone and should be addressed.

UPDATE 18 Sep 08:

There is some debate on whether it is a bug or feature! Look at the following link for some more information on the issue:
http://www.macrumors.com/iphone/2008/09/17/iphone-2-1-emergency-call-anyone-bug-or-feature/

–
About the author:

Marwan Al-Zarouni CISSP is currently pursuing a Doctor of Information Technology award at Edith Cowan University. He is a member of the Security Research Centre at Edith Cowan University in Perth, Western Australia.

Even though the iPhone doesn’t officially support Arabic yet, Google Translator includes it in 24 languages it supports for the web based software. You can use it by pointing the iPhone browser to: http://translate.google.com.

WOLF claims to forensically extract the information from the internal memory of the iPhone without altering the device.

WOLF claims it can obtain the following information from devices:

The price, training and other information can be obtained from Sixth Legion LLC, a division of IDFS LLC on:
http://www.hex-dump.com/wolftest/index.html
or
http://sixthlegion.com.

PwnageTool 2.0 MACOSX version is released.
For more details, please visit:

rlslog.net
also see:

dev team blog

UPDATE: Don’t have a Mac? You can do it in Windows as well. For instractions, go here:

Step-by-Step Guide to Pwn first generation iPhone running firmware 2.0 using Windows

When: April 17, 2008 at 17:00 GMT
Who: Jonathan A. Zdziarski.
Details: While some of a suspect’s data can be viewed using the direct GUI interfaces in the iPhone’s software, much hidden and deleted data is available as well, which may provide for more thorough evidence gathering. Existing commercial forensic tools are sadly lacking their ability to perform deep raw disk level recovery, and so Jonathan will demonstrate how to install his custom forensics toolkit on any existing model iPhone and send a raw disk image to a desktop machine. He will also show you how to recover files specific to the iPhone including deleted keyboard caches, photos, web objects, and much more. Jonathan’s custom forensics toolkit and his accompanying forensic manual will be available free to forensic investigators in law enforcement.

Read More here:
http://www.oreillynet.com/pub/e/949?CMP=ILC-orm_webinars&ATT=iphone-forensics

Instructions in Arabic can be found here:

http://www.iphoneislam.com/?p=62

Instructions and download in English can be found here:

http://iphone.unlock.no/

If you get error “The application failed to initialize properly (0xc0000135)” you need to install .NET Framework 2.0. The executable unzips the GUI executable to “Program Files\ziphone”

Now you can unlock new iphones that are OTB 1.1.2 and 1.1.3 (bootloader version 4.6) with just software and no need for special microchips that go behind your SIM card. Here is a link to the guide:

http://iphone.unlock.no/OTB112unlock.htm

 To see it in action, check out this youtube video:

http://www.youtube.com/watch?v=8SXnAUa6f0s

An Arabic keyboard has been developed for the iPhone. Now you can write Arabic SMS messages on you iphone

For more information and to update you iphone to support arabic typing please visit:
http://www.iphoneislam.com/?p=20

Also, make sure to bookmark their site for the latest islamic and Arabic related links and stories about the iPhone:

http://www.iphoneislam.com/

All you have to do is place a font file in the direcotry:

system/library/fonts/cache

It can be downloaded from here:
http://rapidshare.com/files/70430782/arialuni.ttf.html

And your safari browser will be able to ready arabic in the correct direction this time! As shown below

Credit for this one goes to Mishary.

Thanks

For more information go to:

http://www.threeskypephone.com.au/

Finally, someone did something for the iPhone and the iPod touch that enables users to get full disk level access with read/write prevliges on the iPhone’s disk via AFP.  The AppleTalk Filing Protocol makes the iPhone show up on the Mac desktop as a disk with full read/write access. For more from the “Core” click the link:

http://wickedpsyched.net/iphone/afp/