Users are reporting that a new update to Apple Inc.’s iPhone is making previously unlocked iPhones unusable.
The iPhone 1.1.1 update, released Thursday, breaks phones that have been hacked so that they work with providers other than AT&T Inc., the only U.S. provider Apple has allowed to carry its mobile phones.
In recent months, a number of software tools have been developed which allow iPhone users to break free of Apple’s AT&T-only restriction, but Apple has said that it would fight any attempts to unlock the iPhone. Earlier this week the company released a warning that unlocked iPhones “will likely result in the modified iPhone becoming permanently inoperable when a future Apple-supplied iPhone software update is installed.”
Shortly after the Thursday update was released, users of unlocked iPhones began reporting problems.
Security researcher Tom Ferris said the new software disabled a phone that had been unlocked using the open-source anySIM software in order to work on T-Mobile USA Inc.’s wireless network. After the update, the iPhone was stuck with an error message and apparently unusable. “It kept saying ‘unsupported SIM card,’ even with the AT&T SIM card in it,” he said. “You can turn the phone off or on, but we just can’t figure out how to get past this ‘SIM card not supported’,” he said.
SIM (Subscriber Identity Module) cards contain account information and are used to authenticate devices on certain types of mobile networks. Unlocked iPhones can use SIM cards from non-AT&T networks.
Others were reporting similar problems on Thursday.
The update also appears to disable the ‘Jailbreak’ hack which allows users to install unsupported software on the iPhone, Ferris said. After the 1.1.1 patch was installed it wiped out all of the third-party applications he had installed on a second iPhone, he said.
The new software is Apple’s biggest iPhone update to date, and it fixes a number of security flaws in the mobile phone’s browser, mail client and Bluetooth networking server.
The majority of the flaws do not appear to be critical, but the update fixes a larger number of bugs than the first iPhone update, released July 31.
Hackers have said that the iPhone’s browser and mail clients are the most likely sources of software flaws and this release bears that out. Apple fixed seven flaws in the Safari browser, two in the iPhone’s mail client and one Bluetooth bug with the release.
The Bluetooth flaw could be the most serious – Apple said that it could allow an attacker to run unauthorized code on the iPhone – but because Bluetooth works over a range of just a few feet, the attacker would have to be standing near the victim for any exploit to work, said Andrew Storms, director of security operations with nCircle Network Security Inc.
Noted hacker HD Moore agreed that the Bluetooth flaw was serious. “The only bad issue here is the Bluetooth flaw,” he said via e-mail. “I will start working on this tonight.”
Though there may be some technical limitations to what an attacker could do by exploiting this bug, it “could be a nasty remote exploit,” he added.
Earlier this week, Moore added iPhone hacking capabilities to the Metasploit hacking tool that he develops.
Mobile phone users typically cannot update their own software, but Apple introduced this capability in the iPhone, which uses the update mechanism in the phone’s iTunes music player.
iTunes checks for these updates once per week, so it may take up to seven days for all iPhone users to see these updates. Apple advises users to install the update immediately.
Source: PC World
Activision isn’t pulling punches when discussing its plan for the racing genre following its buy-up of Bizarre Creations, promising a show-stopping racing game from the developer.
“It’s true there is a lot of competition out there but Bizarre Creations is not just a studio – it’s one of the very best studios in the world, and we will be able to deliver an outstanding racing game to the market,” Activision Europe boss Joerg Trouvain has told MCV.
News that Bizarre is developing a racing game for Activision accompanied the suprise announcement earlier this week that the publisher had acquired the UK studio.
The acquisition means that Bizarre will no longer develop games in the Project Gotham Racing series. It also means that Activision now has got itself an excellent developer to spearhead a thrust into the racing genre.
Singing to a similar hymn sheet to Trouvain, Activision’s exec VP of publishing Robin Kaminsky has said the coupling of the publisher and Bizarre “should enable us to take the racing genre beyond where it is today.”
A silent update that Microsoft deployed widely in July and August is preventing the repair feature of Windows XP from completing successfully.
Ever since the Redmond company’s recent download of new support files for Windows Update, users of XP’s repair function have been unable to install the latest 80 patches from Microsoft.
Accounts of conflicts with XP’s repair option came to our attention after Microsoft’s “silent install” of Windows Update (WU) executable files, known as version 7.0.600.381, was reported in the Sept. 13 and 20 issues of the Windows Secrets Newsletter.
The trouble occurs when users reinstall XP’s system files using the repair capability found on genuine XP CD-ROMs. The repair option, which is typically employed when XP for some reason becomes unbootable, rolls many aspects of XP back to a pristine state. It wipes out many updates and patches and sets Internet Explorer back to the version that originally shipped with the operating system.
Normally, users who repair XP can easily download and install the latest patches, using the Automatic Updates control panel or navigating directly to Microsoft’s Windows Update site.
However, after using the repair option from an XP CD-ROM, Windows Update now downloads and installs the new 7.0.600.381 executable files. Some WU executables aren’t registered with the operating system, preventing Windows Update from working as intended. This, in turn, prevents Microsoft’s 80 latest patches from installing – even if the patches successfully downloaded to the PC.
Most ordinary Windows users might never attempt a repair install, but the problem will affect many administrators who must repair Windows frequently. Anyone who runs XP’s repair function will find that isolating the cause of the failed updates is not a simple matter.
Beginning in July, it is not possible for Windows users to install updates without first receiving the 7.0.6000.381 version of nine Windows Update support files. If Automatic Updates is turned on, the .381 update will be installed automatically. If AU is not turned on, you’ll be prompted to let Windows Update upgrade itself before you can installing any other updates. Consequently, users are forced to get the silent update before they can attempt to install Microsoft’s latest security patches.
The problem apparently arises because seven of the DLLs (dynamic link library files) used by WU fail to be registered with Windows. If files of the same name had previously been registered – as happened when Windows Update upgraded itself in the past – the new DLL files are registered, too, and no problem occurs. On a “repaired” copy of XP, however, no such registration has occurred, and failing to register the new DLLs costs Windows Update the ability to install any patches.
Registering DLL files is normally the role of an installer program. Unlike previous upgrades to WU, however, Microsoft has published no link to an installer or a downloadable version of 7.0.6000.381. Strangely, there’s no Knowledge Base article at all explaining the new version. The lack of a KB article (and the links that usually appear therein) makes it impossible for admins to run an installer to see if it would correct the registration problem.
One possible fix is to install an older version of the Windows Update files over the newer version. This involves launching the installer from a command line using a switch known as /wuforce.
That corrects the registration problem, although even in this case you must still accept the .381 stealth update (again) before you can get any updates. The fact that the /wuforce procedure solves the problem suggests that the installer for .381 is the source of the bug.
Source: Windows Secrets
Search engine and internet giant Google has announced a new kind of video advertising format for YouTube to begin next year.
Google acquired the video sharing website last year for $1.65 billion, predicting that video would be the next big thing in internet advertising.
Now Google’s Patrick Walker has revealed that the company is working with content providers to produce 30-second advertisements that will run before content is viewed on YouTube, VNUnet reports.
The revenue produced would then be shared between YouTube and the broadcaster. This will see “real money coming in” from video advertising, he said.
It is unclear how YouTube’s users will react to adverts before the clips, but the announcement signifies the immense popularity of internet advertising and comes soon after Google’s acquisition of online advertising firm DoubleClick for $3.1 billion.
DoubleClick will give Google a massive presence in the display ad market, traditionally dominated by rival Yahoo!.
Display ads allow users to click through to corporate websites in order to make online purchases. The more links there are to a certain site, the more prominence it gains on search engines such as Google.
As the BBC points out, “essentially, the web is a collection of pages, all linking to each other One of the most important factors in deciding how relevant particular sites are is to count how many other sites link to it”.
Source: Direct Traffic
Right on cue, Microsoft has made available the long-awaited Service Pack 1 for Windows Vista to a private group of beta testers. One lucky user actually goes on to describe the update and note a number of positive changes, some of which include a much snappier logon experience, a new option in the Disk Defragmenter “allowing you to choose which volumes you would like to defragment,” improvements in responsiveness when resuming from Hibernation/Sleep mode, and interestingly enough, slightly improved battery life on a tested laptop.
Furthermore, “select members of the community” are also getting to give five new reliability packages a whirl, which are all slated to be available to the public before SP1 is released en masse. Click here for more information.