Daily Archives: October 26, 2010

iOS 4.1 Bug Allows Access to Contacts, Photos – iPod touch, iPhone, and iPad news

Posted on by
Reply

A nasty glitch in iOS 4.1 lets anyone easily access both the phone and photos app on every model of the iPhone. The bug was found by a MacRumors forum member last week, but has just recently received major attention.

To bypass the password protected lock-screen, all you have to do is tap “Emergency Call”, enter a random number and hit call, then quickly press the lock / power button. You will then be booted to the phone app, where you can access contacts, recent calls, and even dial a number. If you tap a contact’s picture ID, you will be taken to the Photos app, where you have full access to view any picture. In this state, neither the home button nor the lock button do anything, and to exit you will have to make and end a call – at which point you will be brought back to the lock-screen.

via iOS 4.1 Bug Allows Access to Contacts, Photos – iPod touch, iPhone, and iPad news – Multi-Touch Fans.

Firesheep Sniffs Out Facebook and Other User Credentials on Wi-Fi Hotspots

Posted on by
Reply

Firefox: Firesheep sniffs out and steals cookies—and the account and identity of the owner in the process—of popular web sites (like Facebook and Twitter) from the browsing sessions of other users on the Wi-Fi hot spot you’re attached to.

Firesheep is a proof-of-concept Firefox extension created by Eric Butler to show how leaky the security many popular web sites (like Facebook, Flickr, Amazon.com, Dropbox, Evernote, and more) employ is. The problem, as Firesheep shockingly demonstrates, is that many web sites only encrypt your login. Once you are logged in they use an unsecured connect with a simple cookie check. Anyone from your IP address (that of the Wi-Fi hotspot) with that cookie can be you. When using Firesheep on a public hot spot any session it can intercept is displayed in the Firesheep pane with the user’s name and photograph (when available). Simply click on their name to intercept the session and start browsing the website as though you are them.

via Firesheep Sniffs Out Facebook and Other User Credentials on Wi-Fi Hotspots.