Archive | Original Site

iPhone SMS Vulnerability: Should You be Scared?

Posted by Jason Meserve on July 29, 2009 at 10:25 am

iPhone ScreamRun for the hills! That’s the message iPhone owners are receiving after multiple reports say security researchers will tomorrow unveil an iPhone vulnerability that could allow the popular device to be taken over via simple SMS (or text) message.

The bug, discovered by iPhone hacker Charlie Miller, will be outlined during a presentation at the Black Hat security conference in Las Vegas on Thursday. Miller’s presentation will supposedly show, as Forbes’ headline screams, “How To Hijack ‘Every iPhone In The World’”. To do so, attackers only need to send a series of specially-formatted SMS messages to an iPhone in order to take over functions such as dialing and turning on the camera and microphone, as well spreading the attack via an affected iPhone’s contact list.

Apple, which Miller notified about the bug six weeks ago, has not commented on the vulnerability and as of this writing has not released a patch for the problem. What can iPhone owners do in the meantime? Miller tells Forbes about the only thing that will surely protect the device is to turn it off.

Miller’s talk isn’t the only centered around SMS vulnerabilities. Other talks will show a somewhat similar flaw in Windows Mobile that would allow for complete control of a device to be achieved through a SMS hack. A third Black Hat talk will center around how an SMS flaw that affects both iPhone and Google Android devices could be used to knock impacted phones off a carrier network for upwards of ten seconds via a blast of SMS messages.

Should you be scared of these newest flaws and really turn off your iPhone in anticipation of an attack? I don’t think so. The SMS attack vector is not all that new. This past spring, CSO Online did a video demonstration of such an attack against various smart phones (see parts one and two of the video).

While the various Black Hat presentations this week will show SMS as being a newer vector for attacking popular smartphone platforms, the odds are still relatively low that any one device will be hit. Most likely (or hopefully), device makers like Apple and carriers will come up with a patch for the SMS flaws well before any mainstream attacks occur. You have a greater chance of being bitten by a Twitter-based hack than an SMS attack.

5 comments

Deal to Sell The Pirate Bay Appears Dead

Posted by Ed Oswald on July 29, 2009 at 10:15 am

the_pirate_bay_logo.jpgIt looks like The Pirate Bay will likely not be sold after all, as it appears the site it was sold to will not be able to raise the necessary capital to complete the transaction, TorrentFreak is reporting.

The P2P community was shocked to hear the news late last month that The Pirate Bay had been sold to Global Gaming Factory for a cool $7.8 million. In all likelihood, the deal had a lot to do with keeping the site afloat, especially in lieu of the judgement against it in Swedish courts.

According to TorrentFreak, GGF appears to have problems paying its bills. It added Grokster ex-CEO Wayne Rosso to the The Pirate Bay effort to attempt to bring record studios on board two weeks ago, but he’s already left.

Rosso claims that he and his partners weren’t paid, and on top of that GGF has no plans on exactly what to do with the popular BitTorrent site and was misinformed, further complicating matters. This poor communication has trickled down to the very investors who are supposed to foot the bill for the site.

The Pirate Bay is not allowing things to drag on any further — GGF has received an ultimatum which states either you figure out how to pay up, or the deal’s off. Knew this sounded too good to be true, eh?

No comments

Two Very Brief Things About the Microsoft/Yahoo Deal

Posted by Harry McCracken on July 29, 2009 at 10:09 am

BinghooIt won’t be a truly done deal until it gets regulatory approval, but Microsoft and Yahoo have finally agreed to a partnership which, among other things, will make Bing the search engine on Yahoo and have Yahoo selling ads on Bing. The two companies’ explanation of why this is a good idea is summed up in the name of the microsite about the deal which they’ve launched: ChoiceValueInnovation.com.

Thing 1:

In Microsoft’s press release, CEO Steve Ballmer explains why this is a good idea for everyone concerned:

Through this agreement with Yahoo!, we will create more innovation in search, better value for advertisers and real consumer choice in a market currently dominated by a single company.

Setting aside the question of whether this’ll turn out to be good for consumers–it might–isn’t it bizarre to see the CEO of Microsoft arguing that a market being dominated by one company is bad for consumers?

Thing 2:

Back in 2004, Yahoo dumped Google as its search engine in favor of its own homegrown engine–the one it now plans to ditch for Bing. Back then, its press release explained the benefits thusly:

The combination of a world-class engineering team and proprietary search technologies, together with Yahoo!’s global reach, breadth and depth of content and leading network assets, uniquely positions Yahoo! to change the game in search.

That was Yahoo Senior VP Jeff Weiner. Here’s current Yahoo CEO Carol Bartz on the Microsoft deal:

This agreement comes with boatloads of value for Yahoo!, our users, and the industry. And I believe it establishes the foundation for a new era of Internet innovation and development. Users will continue to experience search as a vital part of their Yahoo! experiences and will enjoy increased innovation thanks to the scale and resources this deal provides.

In 2004, being proprietary was supposed to provide the scale and resources that would change search for the better; now it’s outsourcing search to Microsoft that’s supposed to accomplish the same results. Oddly enough, nobody ever issues a press release about a deal quoting an executive explaining why it’s a bad idea…even though many deals turn out to be disappointing. (McCracken’s third law of tech-company press releases: Any news described in any press release will always lead to increased innovation…)

5 comments

SugarSync Comes to Android

Posted by Harry McCracken on July 29, 2009 at 5:00 am

SugarSync LogoSharpcast is serious about putting its SugarSync file-syncing-to-the-cloud service on devices of all sorts. It’s already available on Windows, OS X, iPhone OS, BlackBerry, and Windows Mobile–and, as of today, on Android. As with SygarSync’s other versions, the idea is simple and the implementation is elegant: You can use an Android phone to browse through folders and files on a Windows or Mac PC (even if it’s turned off, since SugarSync continuously syncs files to its servers) and download them. You can also upload files from the phone, and browse files stored locally.

I chatted with Sharpcast CEO Laura Yecies about the new version; she told me that she thinks Android netbooks will be a thriving product category (even if Google’s Chrome OS takes off) and that SugarSync will be useful on them, both for local file management and for getting at documents stored on a netbook owner’s primary computer.

SugarSync offers a free version with 2GB of storage, which is enough to give it a try; paid accounts start at $4.99 a month or $49.99 a year for 30GB of space.

Here are a couple of screen images from the new Android client:

Sharpcast

SugarSync

2 comments

Booyah Society Treats Life Like a Game, Sort Of

Posted by Jared Newman on July 28, 2009 at 6:59 pm

booyahlogoIn the same way that Booyah Society is rooting for me, I’m really hoping the new iPhone app can do better than it has.

It’s an idea with a lot of promise, which is why I was excited to meet with one of the creators, Keith Lee, for lunch last week. The “social game,” as he bills it, offers “achievements” — like the accolades you get within Xbox 360 or Playstation 3 games — but for real-life accomplishments.

In other words, instead of getting a symbolic pat on the back for becoming a Level 40 Sword Master or scoring five headshots in 10 seconds, you’re congratulated for going to the gym or eating organic food. Or so it goes in theory.

Continue Reading →

No comments

Twitter Finally Explains Itself

Posted by Harry McCracken on July 28, 2009 at 6:46 pm

Twitter has launched a revised home page–one that replaces the one that the site has had for as long as I can remember in essentially unchanged form. It only appears if you aren’t logged into Twitter, and therefore is of most importance to people who aren’t Twitter users–yet. It’s where Twitter has the opportunity to tell newbies what it is and why they should use it.

Here’s the new home page:

New Twitter home page

And here’s the old one (which I pulled up in Google’s cache–hence the highlights):

oldtwitter

I’m struck my how utterly different the two explanations of what Twitter is are. The old home page says it’s a place to tell friends, family, and co-workers what you’re up to. The new one doesn’t mention anyone you know, or talk about treating Twitter as a personal status update. It says that Twitter is a place to engage in conversations with people you might not know who could be anywhere, on topics of all sorts.

The old home page did a good job of explaining what Twitter’s founders thought they had created back in 2006; the new one explains what Twitter’s users decided the service was. As with everything on the Web, it’s really the users who get to decide what a service does–in a real sense, Twitter was less invented than discovered. And it’s great to see Twitter finally acknowledge in a coherent fashion what it is today.

6 comments

What if…Microsoft Had a Windows App Store?

Posted by Harry McCracken on July 28, 2009 at 6:18 pm

Windows 95I continue to think of my iPhone not as a phone but as a personal computer. Which is why I continue to be so nonplussed about Apple’s barring of some applications on the grounds that they compete with its own apps, and others at (reportedly) the behest of AT&T. The moves may well serve Apple’s short-term goals. Long term, though, I think they’ll make the iPhone a weaker, less useful platform. That’s not in the interest of iPhone owners, Apple, AT&T, or (come to think of it) anyone except Apple’s competitors.

All of which got me wondering: What if an Apple-like App Store had been the been the only sanctioned way to acquire software for other major computing platforms? Like, for instance, Microsoft Windows? And what if, in this alternative universe, Microsoft’s policies and actions had mirrored those of Apple today?

It would have changed everything–and not for the better. After the jump, a speculative FAQ about the Windows App Store.

Continue Reading →

29 comments

Yahoo-Microsoft Deal: It’s Nearly Official. Thank Heavens.

Posted by Harry McCracken on July 28, 2009 at 5:07 pm

BinghooMultiple reliable sources are reporting that Microsoft and Yahoo have finalized a deal to work together on search and advertising, and it’ll be announced tomorrow. It’s not the merger that Microsoft wasted an immense amount of time on last year, and it’s apparently not as sweeping an arrangement as some folks thought the company would strike. But it’s still a big deal.

For consumers, the major net effect will apparently be that Bing (or some variant thereof) will power Yahoo’s search. Unless you love Yahoo’s current engine or hate Bing, that’s nothing to fear, and it won’t have a major impact on your life. (Or any impact at all if, like the majority of folks, you do your searching at Google.)

For Yahoo, it’s yet another new search strategy. (Once upon a time, the company outsourced search to Google, then decided it was a core part of its business and built its own search engine; now it’s once again something it’s decided it can outsource.) For Microsoft, it helps scratch the must-take-on-Google itch that the company’s had trouble taking care of.

I still think that when the history of Microsoft is written ten or twenty years from now, it’ll be obvious that  search engines and Web advertising  were distractions that kept the company from focusing on its real businesses–operating systems, programming tools, productivity software, and a few other related related areas. For now, though, both Microsoft and Yahoo can end their odd tango and move ahead with a partnership. And we tech journalists who have spent a year and a half writing about all this get more time to devote to other, more concrete matters. Like, for instance, the existence or nonexistence of an Apple tablet that’ll be released either in September or sometime next year…

4 comments

Why Twitter Didn’t Conquer Comic-Con

Posted by Harry McCracken on July 28, 2009 at 3:25 pm

Action Comics #1Contrary to current received wisdom, Twitter doesn’t change everything. At least it appears not to have changed the venerable San Diego pop culture extravaganza known as Comic-Con very much. Variety’s Marc Graser is reporting that the Hollwood moguls who thought the con would be all a-Twitter with discussion of the blockbusters previewed to audiences of thousands were disappointed by the volume of movie-related tweetage that actually happened. Unlike South by Southwest Interactive, Comic-Con remained a largely real-world event.

I’ve been attending the convention off and on for more than twenty years, including this year’s edition, and I’m not surprised that it didn’t turn out to be that much of a tweetfest. Here’s why:

Comic-Con isn’t necessarily rife with technogeeks. Movie and comics geeks, yes. But in three days of con, I was the only person I spotted using a laptop in any of the panels and previews. Actually, I saw only about three or four computers, period. It’s true that the overlap between fantasy fans and Web addicts is large, but perhaps even Web-savvy congoers weren’t in technonerd mode last week.

Comic-Con itself isn’t that tech-savvy an event. Thanks to sponsorship by iGoogle, it did offer free Wi-Fi this year, but that fact wasn’t widely promoted. (Last year, Wi-Fi was pricey, and in years past the rates were designed to gouge exhibitors.) As far as I know, the con doesn’t do things like offer an iPhone application or send out the sessions as an RSS or iCal feed. It’s just not an event that puts the Internet front and center.

Comic-Con is incredibly jam-packed with stuff to do. There are dozens of things going on at any given moment, and the pace is far faster than the laid-back SxSW atmosphere. If you attend every preview, panel, and party you find enticing, there’s no time left to tweet.

Comic-Con doesn’t involve breaks. The previews and panels run back-to-back, and if you’re going to one of the most crowded events–which includes all the major movie previews–you’re lucky if you get in at all. You can’t tweet while you’re rushing down a hallway from one end of the convention center to another.

Actually, standing in one place at Comic-Con long enough to tweet is hard, period. The show floor, in particular, is one of the most bustling places I’ve ever been–if you stop moving, you’re likely to be flattened by a squadron of Stormtroopers.

Tweeting at the movie previews is tricky. They’re held in darkened halls, and the illumination of your phone might tick off nearby fellow attendees. The previews are also accompanied by repeated stern warnings about the prohibition of phototaking and audio recording; I’m paranoid, but I tend to keep my phone in my pocket for fear of being mistaken for a pirate and getting dragged off by San Diego Convention Center security goons.

Comic-Con is a sensory experience. South by Southwest Interactive is mostly conversational. Comic-Con involves movies and comics and people dressed as Batgirl and Boris Badenov, plus the opportunity to meet folks such as Ray Bradbury and Stan Freberg–neither of who, I’m guessing, spend much time on Twitter. It’s possible to tweet about it (I did some of that myself) but less satisfying than being there.

Will Twitter have more of an impact at Comic-Con next year? Maybe so–I’m guessing that we still haven’t seen the service peak as a cultural phenomenon. But the convention, at its best, is a pretty wonderful event even sans Twitter. Hollywood may be disappointed, but the low-volume tweeting may simply have been evidence that those 120,000 congoers were having a really, really good time.

8 comments