I was brought an iPad 2 today that was on and running, but for some reason the power and home buttons were not working right. Pressing or holding the power button did nothing. Hitting the home button would not take you back to the desktop, but oddly enough it seemed to take you back a screen in the settings page. So it seemed that the Home button was still functioning at some level.
Searched the internet and found that this has happened on many iPads. One person suggested to hold the Home button, then rotate the tablet from portrait to landscape mode. Though it seemed to work for many people, it did nothing on this one.
Finally I had to hit and hold both the Power and Home buttons for like 15 seconds and the unit finally returned to the desktop. I hit the Home button twice to see what was running. There were about 20 programs open!
I closed them all and rebooted the iPad.
Simply opening a specially crafted e-mail on a Mac, iPhone or iPad could allow a remote attacker to hack your network, according to security specialist Bogdan Calin.
In the video above Calin shows a feature that Apple products have enabled by default that a hacker could manipulate to gain access to your computer’s IP address. With this information, a script can be written that automatically attacks your router’s DNS settings. Doing so would allow a hacker to control what websites that you see when you are surfing the internet.
All from an imbedded script hidden in an innocent looking e-mail:
“I got the idea for these tests after I noticed that Apple devices load remote images in emails by default. This can cause privacy issues and it is not a recommended practice. A malicious user can send you an email with an embedded 1×1 pixel image with the background colour of your email client, so it is not visible. The email client will load this image from a remote server and by doing so, it discloses your IP address and email client banner, and possible your identity. In some situations, such behaviour can have catastrophic consequences.”
The attack works by inserting several DNS change commands with default router usernames and passwords inside the e-mail. These are executed silently when the e-mail is read. If the included username and password matches your router, it could change your DNS settings.
These settings tell your computer where to go to find correct internet addresses for website names. If these settings were set to a malicious server, the hacker could send you to a bogus page that looks like a real one, but could harvest your credentials or account information.
The author recommends changing the “download remote image” Mail settings on Apple products to off or changing your router password to something complex. Using a long complex router password is always good advice.
Apparently iPhone passwords may not be as secure as one might believe. According to German security researchers from the Fraunhofer Institute Secure Information Technology (Fraunhofer SIT), if you have physical access to the phone, passwords can be recovered from a locked Apple iPhone in six minutes.
But how is this possible? According to documentation on Fraunhofer’s site:
When an iOS device with hardware encryption capabilities is lost or stolen, many users believe that there is no way for a new owner to access the stored data — at least if a strong passcode1 is in place. This estimation is comprehensible, since in theory the cryptographic strength of the AES256 algorithm used for iOS device encryption should prevent even well equipped attackers. However, it was already shown2 that it is possible to access great portions of the stored data without knowing the passcode.
Tools are available for this tasks that require only small effort. This is done by tricking the operating system to decrypt the file system on behalf of the attacker. This decryption is possible, since on current3 iOS devices the required cryptographic key does not depend on the user’s secret passcode. Instead the required key material is completely created from data available within the device and therefore is also in the possession of a possible attacker.
From the video above you can see the jailbreaking tool and script that Fraunhofer uses in action to access the secrets stored on the iPhone.
Big deal, one might say, they can read my text messages. Well, with smart phones becoming a standard enterprise network client, theoretically one could retrieve the passwords used to access corporate networks with this utility.
According to the researchers site, all current iPhones and iPads are vulnerable to this attack.
It would seem that the dangers of leaving your laptop lying around now pertain to your smart phone too.
Interesting new product developed by InteraXon:
“Touchscreens? So two years ago. Gesture recognition? How 2010. Everyone knows the future lies in thought-controlled interfaces.
At least that’s what InteraXon, a tiny Toronto startup, is hoping to convince attendees of at this year’s Consumer Electronics Show. The company, which made waves at the 2010 winter Olympics by allowing users in Vancouver to control the lights on the CN Tower in Toronto with mere thought, will be showing off two new applications for its mind-control technology at the upcoming Consumer Electronics Show (CES) in Las Vegas.”
Very cool, just sit back, relax and sensors in the InteraXon headphones allows you to control iPad apps via brain waves. Great, just what we need, take away the little exercise we get using a keyboard and mouse! 🙂