Category Archives: Labs

[iPhone] iPhone 3G allegedly unlocked using SIM Adapter

1 Reply

[Update] Aug/25th/2008: read here, everything you gotta know about Proxy SIM solutions.

The Brazilian based company DesbloqueioBr.com.br claims to have unlocked the 3G iPhone. The whole procedure is like a deja-vu. It is said it works almost the same like with TurboSIM for the “old” iPhone. The difference is they say they make use of a faked IMSI test card, while Bladox’ TurboSIM solution emulated an AT&T card.

The Theory behind

The guys at DesbloqueioBr claim that the iPhone 3G only checks on first card detection (means after hot-swapping or after reboot) for the type of SIM. It is said it checks the IMSI code. During card-detection, the IMSI test card emulation now returns that it is a test card. The next requests to the card will then be answered by the normal SIM card. Same working like with the TurboSIM, except that the TurboSIM was coded to emulate an AT&T card during card detection stage.

Empiricism

Since this has not been confirmed on forums and the video provided (see below) doesn’t show the unlock procedure, this is likely to be a rip-off. Anyway for proving the theory the iPhone Dev Team already provided a sample application for the TurboSIM, that does exactly what the theory requires: emulating a test IMSI at card detection stage. As of now there is no feedback. For legal reasons we cannot link the application, as we are located in Germany. During the next 24 hours google will index the page that contains the link, search for lamesaft-0.1.zip then.

Limitations

The video provided does not clarify how the unlock is performed. It simply shows a call being made from one iPhone to the other. It does not show the SIM adapter to be taken out. Moreover you still need to have the iPhone 3G activated. Currently there is no application available to do this. People on forums report that the DesbloqueioBr guys seem not to be willing to answer concrete questions.

Since there is no prove: we currently classify the DesbloqueioBr SIM adapter as SCAM. Update: at 00:29 the video shows the model as MB046LL, which could be identified as a U.S. american AT&T locked iPhone 3G (see model list here). This model obviously works with a different carrier (not AT&T, but TIM) in a different country (not the US, but Brazil).

Here’s the video that shows calls being made from one iPhone to another. The guy is talking portuguese, a translation is not available.

empty line for distance to the text.

[iPhone] Factory Unlocked 3G List (“Locked to Carrier” List) (update)

14 Replies

[Update] Sep, 26th: News from Hong Kong added (details here)
[Update] Aug, 25th: Apple’s list update included.

Almost unnoticed on july, 11th 2008 Apple also published a list of carriers offering the iPhone. The interesting thing with this list is, it also contains information about the status of the SIM lock in specific countries.

Apple’s official “Locked to Carrier” list

This is an extract from the official Apple list found here:

Country Carrier SIM Lock Available without Agreement
Italy Vodafone No Yes (499€/8GB, 569€/16GB)
Italy TIM No Yes (499€/8GB, 569€/16GB)
Hong Kong 3 No No (375€/8GB, n.a.€/16GB)
Hong Kong (Apple Store) No Yes (476€/8GB, 547€/16GB)
Greece Vodafone No No (Details here)
Czech Republic O2 No Yes (490€/8GB, 570€/16GB)
New Zealand Vodafone No Yes (470€/8GB, 535€/16GB)
Singapore SingTel No No (490€/8GB, 570€/16GB)
Slovakia Orange No No? (Details)
Macao 3 No No? (Details)

It is rumored, the unlocked iPhones need to be activated aswell, but in this case it can be done at home using iTunes. No matter how often you change your carrier, it seems you can always re-activate.

Forum reports

In addition to the offical Apple list, this is what people report in forums:

Country Carrier SIM Lock Available without Agreement
Belgium Mobistar No Yes (n.a.€/8GB, 615€/16GB)
France Orange Yes (100€ Unlock fee) Yes (509€/8GB, 609€/16GB)

This list may not be 100% accurate and refers to reports on forums, like hackint0sh. Feel free to add more details like pricing and how to obtain unlocked devices elsewhere as comments below. Thanks!

The cheapest iPhone 3G

For people living in Switzerland, Swisscom offers the iPhone 3G for beating prices between 519 CHF (=510 US$, =325€) for the 8GB version and 619 CHF (=610US$, =385€) for the 16GB version. This includes a prepaid tariff with no obligations. Disadvantages: 1. iPhone 3G is simlocked to Swisscom. You currently cannot unlock, since Proxy SIMs have heavy (legal) disadvantages (read here), 2. This offer is limited to people living in Switzerland. Your citizenship and rights of residence are checked in Swisscom stores. Tourists (=foreigners) not living in Switzerland cannot buy it.

[Anonymity] How To Protect Email Addresses against Spam

1 Reply

The Novel

Since the very beginning of the internet in its occurence as the world wide web (www) in the mid of the 1990s there were bad guys.Those bad guys rapidly realized how to make a quick buck out of the technological inexperience of the new inhabitants of the www. It was the days when people had their first contact with HTML. First projects were showing the people’s dogs and the family and looked kinda ugly – from nowadays view.

So people began to show parts of their privacy to the masses almost without fully realizing that their website from now on was visible all over the world. And they added a contact @ character, hoping that other cool people would send them emails and telling them how cool the website about their dog is. But the people didn’t anticipate the guys who knew how to make money from pulling a fast one on others.

One of the first things the bad guys noticed was the fact that the principle of bulk mails could be easily transferred to the internet. So the bad guys began to manually collect email addresses from the websites of the dogowners and all the others. But what to advertise via email? We nowadays know how this question was answered. Those bad guys began to setup porn websites. They often used illegally copied photos of naked women or sex scenes from magazines.

They sent the dogsowners and all the others invitations for porn- or erotics-sites and appealed to their sexual drives. Many of the early days’ porn site operators were email address collectors themselves. They knew porn would sell till the end of mankind.

It didn’t take long and someone improved the way of collecting email addresses. He coded a robot (spam spider) who was able to scan the websites and search for those two HTML tags:

  • <a href="http://www.linktonextsite.org">Link To Next Site</a>
  • <a href="mailto:mymailaddress@mywebsite.org">Send me a Mail</a>

I bet you can already smell how the story went on. The email addresses were written automatically into databases. And while the internet was growing and the amount of websites escalated virtually thru the roof the amount of people who understood to make a living from sending porn, erotic and viagra mails to the people also increased.

Although the novel above may not be 100% historical accurate, the problem of spam nowadays has become even worse.

Today it is estimated that 90% of the emails sent around the globe are spam.

What can we do about it?

Fight Spam Technically

As we’ve seen how the system works. Bad guys use automated robots to search the www for exploitable email addresses and write them back into their databases. So as a website operator the one and only question to take into consideration is: how to hide the email addresses?

Some time ago we’ve found a very nice way, that we are using for quite some years. We don’t know where we found it – otherwise we would credit the guy who wrote it.

Instead of using

  • <a href="mailto:mymailaddress@mywebsite.org">Send me a Mail</a>

we slightly obfuscate the email address by using Javascript. Every webbrowser nowadays perfectly understands Javascript, Ajax and even more. See here what we do:

  • <a href="#" onclick="mp='@';mp='mymailaddress'+mp;mp+='mywebsite.org';this.href=mp;">Send me a Mail</a>

So what’s happening here?

This integrated javascript reacts after you clicked on the “Send me a Mail” link. It then uses the temporary variable mp to reassemble your email address. By not putting the email address as a string into your HTML source of your website this scripts prevents (almost) any spam robot to recognize your email address. As a matter of course we recommend to use this technique from the first day a website is on the internet.

You can easily modify this javascript by changing the variable to another name or by changing the order.

We hope you had some fun in this lesson and appreciate your feedback.

[MacOS] HowTo Update to MacOS X 10.5.4

3 Replies

Abstract

Just four weeks ago Apple released update 10.5.3. It seems it didn’t hold too long, since 10.5.4 has been released two days ago. Features of 10.5.4 include Apple’s recent security updates, RAW image support for many cameras, Airport bugfixes, iCal bugfixes, Safari bugfixes, Spaces and Exposé bugfixes (read all details here). To sum things up: Apple recommends to apply this update as soon as possible.

So the most unanswered question for us white-box OS X users: how to update my Hackintosh? There are two different ways, depending which revision you’re running currently. If you are on 10.5.3 update is fairly easy. If you are on a revision below 10.5.3 you need to apply some more steps when using the combo update. Follow our short instructions and your are finished virtually before you even started ;-)

Update from 10.5.3

You can simply use the auto-updater from within MacOS X’ Software Update (see picture).

Apple Software Update


Update from 10.5.2, 10.5.1 or even earlier

Get yourself the comboupdate from here: Download,
then apply the instructions we already described here. Because the instructions for updating to 10.5.2, 10.5.3 or using the 10.5.4 combo update are the same.

Enjoy and tell us about your experiences.

[MacOS] Root Exploit in Apple Remote Desktop (ARD)

1 Reply

Update 26.06.2008: read latest news about this exploit here

Abstract

Intego reports (read details here) a “bug” in Apple’s Remote Desktop (ARD) application. In short: the ARD Agent runs AppleScripts always with root privileges. Now, when you put shell-commands into that AppleScript they are executed as “root”. ARD doesn’t require any admin/root password to do so.

An Example

Heise.de (read here – german only) has prepped a simply example to show us where we are… open a console and simply enter:

  • mymacbox$ osascript -e 'tell app ARDAgent to do shell script whoami';

The answer will be:

  • root

We won’t delve into this too deeply, but in the meantime there have already been posted several ways to use this exploit. One shows how to open a root-shell on TCP port 9999, which is really scary simple. At first it was expected people need physical access to the machine, but it is confirmed that is also works if being applied on a OS X server where a user got an account with limited rights.

How to fix this

Two ways have been reported to circumvent this issue. One way might be enabling “Remote Management”:

  • Open System Preferences
  • Open Sharing
  • Enable Remote Management

The other way – which we recommend – is to manually repair permissions of ARDAgent.app via

  • mymacbox$ chmod u-s /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent

Conclusion

Get yourself a Mac virusscanner (consider our premium sponsors). Viruses for MacOS X are chomping at the bit…

[Anonymity] Anti Spam Strategy

1 Reply

As seen in the past, the spammers steal our valuable life time with sending us porn, drugs and software offers, that we would never have dreamed of. The question is: where do those spammers get the email addresses from? And there are two simple answers.

First being the problem that anyone having a website, mostly also has provided a valid email address for contact purposes. Here in germany in most cases we are even legally obliged to provide such an address as imprint (Impressum). So spammers send robots to the net and harvest all those email addresses and write them back into databases and let them grow and grow. And after a while honorable databases have been generated with lots of email addresses.

Second being the problem that many administrators of forums offer their user databases as well to spammers, although they are not allowed to. Anyway it happens much too often.

At least for the second problem a solution has evolved. It is called “one time email addresses” or “trash email addresses”. Those addresses are valid for a particular amount of time and will cease to work after that.

One of those websites offering such services is http://www.guerrillamail.com/. They provide us with an email address that is working at least for 15 minutes. If that is too short you can manually prolong that address for another 15 minutes by simply clicking a button. We did not try to prolong for the maximum possible amount of time – so we don’t know. But we suspect there may be a time limitation.

When will you actively stop distributing your real email address on the net?



Kaspersky

[PS3] Infectus Chip downgrades Playstation 3 Firmware

Leave a reply

The first mod chip has been released a couple of days for the Playstation 3 (PS3). It allows installation of any firmware revision you prefer for your best gaming experience, means you can up- and downgrade to whatever firmware you like (see video below). And no: it does not allow playing backups of your games. Even if you could afford a blu ray burner you cannot backup PS3 games currently.

The interesting point is: this chip is platform independent and can also be installed into Nintendo’s Wii or Microsoft’s XBOX 360. Since we don’t know for sure about the legal situation for such a mod chip in our beloved Germanistan, we will not include any links in this article. You know how to find, otherwise you would not be here ;-) Thanks for your understanding.

[MacOS] HowTo Update to MacOS X 10.5.3

2 Replies

Update 02.07.2008: MacOS X 10.5.4 is out now. See our notes here.

I. Abstract

Three days ago (May, 28th) Leopard update 10.5.3 has been released. It solves several security issues and application issues (read details here). So sumed up: you should update. Being on a Hackint0sh we need to take some things into consideration because we cannot use the built-in auto update.

The following article shows how to upgrade your Intel based Hackintosh to version 10.5.3. The approach is pretty much the same like updating to 10.5.2 and can be applied to both updates.

One limitation: the whole update process is currently only applicable to close-to-original-mac-hardware and is being done manually. Note: we did not test this on AMD based Hackintoshs.

Note to first timers: after having installed the update. The updater asks you to reboot. Do not hit the restart button eventually, instead read on. Some more steps need to be applied before you are allowed to reboot. Don’t say, we didn’t warn you!

II. Enable root user

In case you did not enable root user access to your system yet, this is a good time to do that. This has been described a thousand times elsewhere, so we won’t delve into this too deep:

  • Open Directory Utility.app
  • click the Lock to allow changes (!)
  • then Edit > Enable root user > supply password of your choice

III. Obtain update package

For manual update we need to get the updater.

IV. Back up important data and custom kexts

Backup important data like

  • documents
  • emails
  • muzaq
  • videos
  • downloads etc.

Don’t say we didn’t warn you in case anything goes wrong for whatever reason. After having done the backup of your personal data, do the backup for your system specific kexts.

Most simple way is using a terminal. Do the following:

  • hackint0sh$ su
    (provide root password)
  • hackint0sh$ cp -r /System/Library/Extension/KEXT-I-WANNA-BACKUP /TARGET/FOLDER/KEXT-I-WANNA-BACKUP

That kexts might be:

  • Audio
  • LAN
  • WLAN
  • Graphics Adapter etc.

This highly depends on your hardware. I am running an ASUS P5LD2 VM DH with a Sapphire HD 2600 XT. In my case I only need to backup my Natit.kext device driver and dsmos.kext, because history taught me a strange lesson once.

V. Use monitoring script

Since AppleIntelCPUPowerManagement.kext would simply kill our systems we need to make sure it does not become loaded into the kernel. So netkas supplied a little command line, which monitors the install of that file and if found removes it. You need to be logged in as root:

  • hackint0sh$ while sleep 1 ; do rm -rf /System/Library/Extensions/AppleIntelCPUPowerManagement.kext ; done

This command line must run until the end of the update.

VI. Process the update

Just mount your downloaded MacOSXUpdCombo10.5.3.dmg and begin your update. When the update process is complete

! ! ! ! _ d o n ‘ t _ i n s t a n t l y _ c l i c k _ r e s t a r t _ ! ! ! !

Instead of restarting, stop the while command line from step V. Stop it by hitting CTRL and C and read on, but don’t restart your system, until we say it.

VII. Modify startup script

Sadly, we are not running OS X on original hardware. The consequence is we are missing a chip for the fan control that holds a specific key (Alexander Graf told about the details here – german only). This key is necessary to run the graphical interface Aqua of Mac OS X (in fact: this key decodes the binaries – details about the binary protection are provided by Amit Singh here).

To make a long story short: we don’t want the operating system to look for that specific chip and key, we can supply it easier (via emulator). Netkas provided the emulator called dsmos.kext (kernel extension) for that problem as well.

Simply do the following (I assume you know how to use nano, you can also use vi or whatever you prefer).

  • hackint0sh$ nano /System/InstallAtStartup/scripts/1

In that 1 file there must be a line of code like this (old)

  • /System/Library/Extensions/Dont Steal Mac OS X.kext

This needs to be changed to this (new):

  • /System/Library/Extensions/dsmos.kext

Then save and exit. Using nano simply click CTRL and X, you will be asked if you wanna save before exiting.

VIII. Restoring kexts

We highly recommend you are logged in as root on a command line. In step IV. you saved your specific kexts. Now is the time to recover them to this folder:

  • /System/Library/Extensions

We will not explain how to use the copy command: this is the learning curve for today 8-))

IX. Reboot your machine

After having restored your system specific kexts. You reboot your machine. On first reboot, screen will not show the GUI but will show a black screen for about 3 minutes. It will then reboot again and it will take about 3 minutes again to show you the GUI (in our case the login window).

Shouts fly out to Netkas who’d better call himself +netkas and to Davil Elliott ;-) Live long and prosper, dudes!

And finally a word by our sponsor, who reduces our costs for this project at least a bit. Take them advertisments into consideration, would you? Thanks in advance!


[Soccer] Spielplan EM 2008

Leave a reply

Spielplan

Es ist wieder soweit. Die WM ist schon wieder zwei Jahre her und da beginnt auch schon wieder die EM. Im Folgenden der Spielplan mit Uhrzeiten und TV Sendern. Aktualisierungen inbegriffen. Bei schönen Wetter kann man die EM natürlich auch draußen mit Freunden auf einer Public-Viewing Veranstaltung (Liste hier) genießen, ist eh schöner als zu Hause.

Übrigens kann man bei unserem Sponsor (auf dieser Seite oben Links) vermutlich noch Karten für die Spiele bekommen, um Live und Vorort unserer 11 die Daumen zu drücken…

Spiele der Gruppen

Samstag, 07. Juni 2008
Gruppe A 18.00h ZDF Schweiz – Tschechische Republik 0:1
Gruppe A 20.45h ZDF Portugal – Türkei 2:0
Sonntag, 08. Juni 2008
Gruppe B 18.00h ZDF Austria – Kroatien 0:1
Gruppe B 20.45h ZDF Deutschland – Polen 2:0
Montag, 09. Juni 2008
Gruppe C 18.00h ARD Rumänien – Frankreich 0:0
Gruppe C 20.45h ARD Niederlande – Italien 3:0
Dienstag, 10. Juni 2008
Gruppe D 18.00h ARD Spanien – Russland 4:1
Gruppe D 20.45h ARD Griechenland – Schweden 0:2
Mittwoch, 11. Juni 2008
Gruppe A 18.00h ZDF Tschechische Republik – Portugal 1:3
Gruppe A 20.45h ZDF Schweiz – Türkei 1:2
Donnerstag, 12. Juni 2008
Gruppe B 18.00h ZDF Kroatien – Deutschland 2:1
Gruppe B 20.45h ZDF Österreich – Polen 1:1
Freitag, 13. Juni 2008
Gruppe C 18.00h ARD Italien – Rumänien 1:1
Gruppe C 20.45h ARD Niederlande – Frankreich 4:1
Samstag, 14. Juni 2008
Gruppe D 18.00h ARD Schweden – Spanien 1:2
Gruppe D 20.45h ZDF Griechenland – Russland 0:1
Sonntag, 15. Juni 2008
Gruppe A 20.45h ZDF Schweiz – Portugal (nicht im dt. TV) 2:0
Gruppe A 20.45h ZDF Türkei – Tschechische Republik 3:2
Montag, 16. Juni 2008
Gruppe B 20.45h ARD Polen – Kroatien (nicht im dt. TV) 0:1
Gruppe B 20.45h ARD Österreich – Deutschland 0:1
Dienstag, 17. Juni 2008
Gruppe C 20.45h ZDF Niederlande – Rumänien (nicht im dt. TV) 2:0
Gruppe C 20.45h ZDF Frankreich – Italien 0:2
Mittwoch, 18. Juni 2008
Gruppe D 20.45h ARD Griechenland – Spanien 1:2
Gruppe D 20.45h ARD Russland – Schweden 2:0
|

Eine kurze Werbeunterbrechung…


|
Viertelfinale

Donnerstag, 19. Juni 2008
Viertelfinale 20.45 ARD 1. Gruppe A (Portugal) –
2. Gruppe B (Deutschland)		 2:3
Freitag, 20. Juni 2008
Viertelfinale 20.45h ARD 1. Gruppe B (Kroatien) –
2. Gruppe A (Türkei)		 1:3 (Elfmeterschießen)
Samstag, 21. Juni 2008
Viertelfinale 20.45h ARD 1. Gruppe C (Niederlande) –
2. Gruppe D (Russland)		 1:3 (nach Verlängerung)
Sonntag, 22. Juni 2008
Viertelfinale 20.45h ARD 1. Gruppe D (Spanien) –
2. Gruppe C (Italien)		 4:2 (Elfmeterschießen)
|

|
Halbfinale

Mittwoch, 25. Juni 2008
Halbfinale 20.45h ZDF Sieger 19. Juni (Deutschland) –
Sieger 20. Juni (Türkei)
Donnerstag, 26. Juni 2008
Halbfinale 20.45h ZDF Sieger 21. Juni (Russland) –
Sieger 22. Juni (Spanien)
|

|
Finale

Sonntag, 29. Juni 2008
Finale 20.45h ARD Sieger 25. Juni – Sieger 26. Juni

|
Alle Angaben ohne Gewähr!!!
|
Wenn Sie die Informationen hilfreich finden, könnte das folgende Angebot auch interessant für Sie sein:

[MacOS] Integrate Mac Address Book into Thunderbird

3 Replies

I. Abstract

Mozilla Thunderbird 3 alpha has been released on May 13th. It’s got a wonderful (terrible) working title: “Shredder Alpha 1”. Anyway, there are two features that we Mac users definitly appreciate to read:

  • Thunderbird’s address book is now compatible with OS X’s system Address Book.
  • Thunderbird now is a native Cocoa application…

Well to be serious, we don’t really care if it is a native Cocoa app or whatever app it is, if it is running stable in the end. But we do care about the address book integration. For all iPhone users this is really good news. We never had the chance to use Thunderbird and have the email addresses synchronized with our beloved iPhone.

But there are disadvantages at this very moment. First being the integration. Integration of the address book is a one way street only. Currently we can only synchronize our iPhone with our Mac and have the addresses, phone numbers and mail addresses available in Thunderbird. But you still won’t be able to add new contacts, phone numbers or email addresses to your OS X Address Book using Thunderbird. Thunderbird 3 alpha has read access only. To change entries you need to use the OS X Address Book application. Second disadvantage is, the address book integration has been disabled by default, simply because this compatibility module is under heavy development. In this article we’re gonna show you how to enable it in simple steps.

As note: although we didn’t experience any problems while testing during the last week, we have to point out that this is an alpha release that is not intended for productivity use.

II. Requirements

  • Intel Mac or Intel Hackintosh (Power PC has not been tested, sorry)
  • Download and install Thunderbird 3 alpha (Shredder alpha 1) here.

III. Thunderbird’s Config Editor

We assume you already have Thunderbird 3 alpha installed. Follow these steps:

  • start Thunderbird
  • open Preferences menu
  • click the Advanced menu
  • in tab General you will find the Config Editor... button – click it

You will see a picture similar like that:

Since you know what you are doing, otherwise you would not be here reading this article, just click the “I'll be careful, I promise” button.

IV. How to add new values

After having promised that you won’t destroy your own system, you will see a new window, which is titled “about: config“. The window will look similar like this:

Some more instructions here: with a click on the right mouse button (or ctrl+left mouse button!) you open the context menu in the Config Editor.

V. Add the description tag

As shown add a New > String value. You will be asked to Enter the preference name, then. Enter this:

  • ldap_2.servers.osx.description
  • click on OK

After clicking OK a new box will ask you to Enter the string value. Enter this:

  • System Address Book
  • click on OK

VI. Add the dirtype tag

As shown add a New > String value. You will be asked to Enter the preference name, then. Enter this:

  • ldap_2.servers.osx.dirtype
  • click on OK

After clicking OK a new box will ask you to Enter the string value. Enter this:

  • 3
  • click on OK


VII. Add the uri tag

And again friends: as shown add a New > String value. You will be asked to Enter the preference name, then. Enter this:

  • ldap_2.servers.osx.uri
  • click on OK

After clicking OK a new box will ask you to Enter the string value. Enter this:

  • moz-abosxdirectory:///
  • click on OK

You’re almost done.

Just restart your Thunderbird and you will have entries of your OS X’s Address Book available in Thunderbird.

VIII. Conclusions

We found no problems with our system configuration during testing. But as said: Thunderbird 3 is alpha status. Problems and issues may occur on your system and alpha status also means there will be changes to the final version.

If you find this article helpful, please consider visiting our non-offensive sponsor (Google-Adsense). Thanks for paying attention.