Monthly Archives: June 2008

[e-Biz] Sony to offer Copy Protected DivX Movies online

1 Reply

Sony – one of the leading companies in nowadays media world – announced to offer movies for direct download. Sony Pictures and Television International (SPTI) will use the DivX codec in combination with a copy protected container. Currently it is not known in which countries this service will be established.

Wait a sec… can this really be true?

It is 2008 and movies are getting (illegally) copied thru the internet using p2p technology for the last 10 years. No copy protection, no laywer and no law suit ever stopped the majority of people from copying content.

It seems like the movie companies did not really learn their lessons by heart. We really like Sony (Pictures) a lot. Sony is the leading company behind the Bluray disc and the Playstation 3 is a console of its own kind.

But using copy protections on movies in this situation may be very risky. Consumers are willing to pay for content but we would not expect the mass of consumers to be tolerant of copy protected content that cannot be played on home DVD players but on PC only.

iTunes for example is only tolerated by the masses because it has the well known loophole that allows to create unprotected audio CDs. These audio CDs can then be re-ripped hassle free and converted to any unprotected format.

The guys behind the music portal Bleep (http://www.bleep.com) for example got that imponderability in their heads from the very beginning and therefore they are offering music as unprotected mp3’s and in lossless FLAC. There is no other music portal that we are aware of that got such a huge catalogue and offers lossless compressed music.

Concepts containing DRM (Digital Rights Management) are the past, wake up ol’ boys, kick the lawyers and invest into your company’s future.

[MacOS] Trojan horse uses MacOS X ARD vulnerability

Leave a reply

Last week we reported about the vulnerability of the Apple Remote Desktop (read here). Now Brian Krebs of the Washington Post (read here) found out that readymade scripts are available yet on the net.

The scripts are compiled into an exploit tool called “Applescript Trojan Horse Template”. The scripts allow any user to run programs without having legitimate privileges. The template is designed to be bundled with any software. This means by downloading software from dark places on the net you may be in danger of being attacked stealthy.

After installation a keystroke logger (keylogger) is installed and and a VNC (virtual network computing) server is installed, that allows attackers to remotely access a victim’s computer. Moreover a PHP shell gets installed that allows tracking the victim’s computer using dynamic DNS services.

Our recommendation: get yourself a Mac virus scanner as soon as possible. The virus free time is almost over. Apple gains market shares and hackers become more and more interested in Mac based machines…

[MacOS] Rumors about EFI-X Prices and Shipping date

1 Reply

The EFI-X thing turns into quite a never ending story (see our recent reports here and here). So although june, 23rd – originally announced EFI-X release date – has passed by without any astonishing news on the EFI-X website, there have been some rumors in forums.

Forums tell EFI-X will be priced at 80€ (~125USD). EFI-X will not sell to consumers. See a privisional list of countries selling EFI-X here – though yet no retail stores have been named either. They want to start shipping in about 4 weeks (end of july).

Moreover it seems like only Gigabyte motherboards are fully supported by that device. We hope to receive an NFR copy of EFI-X soon to keep you updated with details.

[Berlin] Big Brother is Watching us Berlin People

1 Reply

In Germany the Berlin Police admits having wiretapped 1,100 telephone mainlines in 2007, thus they listened to 1million phone calls. In 2006 only 540 mainlines have been tapped. The main entertained suspicion for eavesdropping was drug related crime.

The police explains that a large number like 1,100 mainlines was necessary, because the 500 assumed suspects are  using more than one phone. One question remains: can police decide what reasonable suspicion is – or who does?

[e-Biz] Nokia strikes back

Leave a reply

Nokia – the market leader in cell phone industry – is about to challenge Google. Wait a sec? Google? Yes, Google. The keyword is “mobile internet”. It is expected that in the near future more people will go online using their mobile devices than using a computer at home. Google therefore heavily pushes their cell phone operating system Android. With Google entering the cell phone market another new competitor emerges for Nokia. Last year it’s been the iPhone and now it is Google’s Android.

The only way out of this attack is to strike back. In mid 2007 Nokia announced to restructure Nokia into an internet company. Since then Nokia bought companies in the field of online advertisments, music downloads, games, digital mapping and eventually they presented Ovi (Ovi translates in english to “door”). Ovi is a portal that integrates all Nokia’s efforts to metamorphose.

But one problem still remained: the open source operating system Android. Nokia now announced to take over Symbian. Together with Sony-Ericsson, Motorola, LG, Vodafone, AT&T, NTT Docomo, ST Microsystems and Texas Instruments Nokia will set up a foundation to further improve Symbian OS – as license fee free open source operating system for mobile devices.

The german Handelsblatt today reports that the Symbian foundation in the meantime announced to release their open platform during the next two years. Well, two years is quite a long time for striking back forceful against Apple and Google…

[Muzaq] iPod as Digital Recorder

1 Reply

The iPod is (one of) the best sold portable music devices. Consumers are very glad about the easy to use interface, though music professionals are not. The iPods simply lacks recording features… Lacks? No lacked… Because this is now over due to Alesis’ ProTrack announcement.

The Alesis ProTrack is a “stereo handheld digital recorder for the iPod”. It securely mounts the iPod into and adds the benefit of having recording features. It can capture audio whereever you are and it records directly to the iPod.

It is equipped with two hq condenser microphones, but also provides XLR inputs. Four AAA batteries allow up to five hours of recording. It is planned to be available from audio dealers somewhere in Q3/2008. Prices have not been disclosed yet.

Update: the german technews Golem.de got a picture of that device (click here).

[MacOS] EFI-X.com releases compatibility list

7 Replies

Update jan 01, 2009: EFI software solution called EPOS available for free…
Update june 26, 2008: read latest news about EFI-X here

We yet reported the rumors about an EFI emulator being put into a USB boot device (read here). The project is called EFI-X.com and the guys behind announced to open their shop tomorrow. Anyway they updated their website already and released some more details about “their” products. Though there are no information about pricing yet.

EFiX seem to start with two products (see here)

EFiX USB V1

  • EFiX interactive system boot selector
  • allows to install MacOS X from retail DVD (and online updates)
  • installed into internal USB (this is quite vague still)

EFiX USB Deluxe / Sound

  • EFiX interactive system boot selector
  • allows to install MacOS X from retail DVD (and online updates)
  • includes USB Soundcard
  • USB Hub
  • installed into internal USB (this is quite vague still)

Supported Hardware (see here)

EFI-X supports the following CPUs:

  • Intel Core 2 Extreme
  • Intel Core 2 Quad
  • Intel Core 2 Duo
  • Intel Pentium dual-core (E2xx0)
  • Intel Celeron dual-core (E1200)
  • Intel Celeron (420, 430, 440)
  • Intel Multi Core CPU

and graphic adapters using these chipsets:

  • nVidia Geforce 7300 GS / GT
  • nVidia Geforce 7600 GT
  • nVidia Geforce 7800 GT / GTX
  • nVidia Geforce 7900 GS / GT
  • nVidia Geforce 7950 GT
  • nVidia Geforce 8600 GTS / GT
  • nVidia Geforce 8800 GS / GT / GTS / GTX / Ultra
  • nVidia Quattro FX 5600
  • ATI Radeon 2600 XT
  • ATI Radeon HD 3870

and these motherboards:

  • Gigabyte GA-P35-DS3P (rev. 2.0)
  • Gigabyte GA-EP35-DS3P (rev. 2.1)
  • Gigabyte GA P35-DS3R
  • Gigabyte GA P35-DS3L

What (we) the people think

Many endusers will welcome this product. Endusers won’t need to download illegal distributions of adjusted and custom hacked/packed install DVDs (like Kalyway or iAtkos). People who where following the Brazil-Mac’s way will also like it. It simply seems to make the installation of MacOS X on whitebox PCs hassle-free, because we all will be able to use original retail DVDs. People will tend to buy those DVDs rather than just downloading from dark torrent sites. This is a strong position to like this product. Apple might like it aswell since it may help their propable guerilla strategy to silently undercut the PC market.

Anyway in the meantime several things have been mentioned that might detain people from buying it. First being the question of the legal status of EFiX. There has been a strong dispute about if EFI-X is legal or if it might contain parts of code that have been released under Apple’s open source license (like Dave Elliot’s Darwin Bootloader or the EFI emulaton Chameleon), which would require to release the source code of EFi-X as open source aswell. Second being something we’re gonna tell when we got enuff information…

[iPhone] iPhones to be sold without contracts in Italy

Leave a reply

Rumors tell Vodafone will sell the iPhone without having the customer to sign a contract there. Prices vary between 499€ (8GB version) and 569€ (16GB). Seems like the new iPhones will be exported from Italy into the rest of the world then. Or better: get yourself a connection to Italy. We expect first prices on eBay in Germany at about 1,000€…

[MacOS] Root Exploit in Apple Remote Desktop (ARD)

1 Reply

Update 26.06.2008: read latest news about this exploit here

Abstract

Intego reports (read details here) a “bug” in Apple’s Remote Desktop (ARD) application. In short: the ARD Agent runs AppleScripts always with root privileges. Now, when you put shell-commands into that AppleScript they are executed as “root”. ARD doesn’t require any admin/root password to do so.

An Example

Heise.de (read here – german only) has prepped a simply example to show us where we are… open a console and simply enter:

  • mymacbox$ osascript -e 'tell app ARDAgent to do shell script whoami';

The answer will be:

  • root

We won’t delve into this too deeply, but in the meantime there have already been posted several ways to use this exploit. One shows how to open a root-shell on TCP port 9999, which is really scary simple. At first it was expected people need physical access to the machine, but it is confirmed that is also works if being applied on a OS X server where a user got an account with limited rights.

How to fix this

Two ways have been reported to circumvent this issue. One way might be enabling “Remote Management”:

  • Open System Preferences
  • Open Sharing
  • Enable Remote Management

The other way – which we recommend – is to manually repair permissions of ARDAgent.app via

  • mymacbox$ chmod u-s /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent

Conclusion

Get yourself a Mac virusscanner (consider our premium sponsors). Viruses for MacOS X are chomping at the bit…

[Muzaq] Experiences with In-Earphones AKG K 324 P

1 Reply

The problem with the manufacturer equipped iPod earphones

You know the situation: you got an iPod, but the earphones sound so horrible that you wonder why Apple still includes them in the packages. So you go to the store and buy some very nice in-earphones – like the AKG K 324 P ones.

AKG’s K 324 P in-earphones

Everybody who’s into (making) music uses AKG. AKG simply assembles the best head- and earphones. Overall the K 324 P in-earphones sound outstanding clear. It in no way a comparison to the original Apple equipped earphones. Those simply sound horrible. In the case of the K 324 P the sound is a bit too much bass-accentuated, but this is typical for in-earphones and it can simply be adjusted from within the iPod.

For people who are not used to use in-earphones this is quite new, but after finding out how to plug them into the ears, you will never miss that amazing sound again. The K 324 P comes equipped with three different sizes of earpads (l=large, m=medium and s=small) to match the actual size of your acoustic meatus.

In the end: we would say there are no better in-earphones for less than 50€ like the K 324 P.

The issue with the earpads

The good thing is: you can apply those earpads who actually match your acoustic meatus, but this also means you can easily detach them. The thing is they sometimes detaching by themselves. For instance when having put the earphones into your backpack or bag and you try to get take them out in a hurry. Of course AKG anticipated this issue and included a little box for the earphones, but you know it: you don’t always use such a box. And after a while it comes you have lost one of the earpads.

How to obtain substitute earpads

Now you got two choices: go to Thomann and try to buy them (they are getting sold for 2,50€/item – which really can only be a joke for this little plastic) or try something else.

We tried something else. We simply called the german distributor Audio Pro (helpdesk for AKG products +49.(0)7131.2636-492). And a very polite woman named Heike Kubicki asked us how she may help us. We really wondered since politeness is not too typical for Germany. We told her, we lost one of these earpads and how to obtain substitutes. And guess what she said: “No problem, I will send them to your place FOR FREE. Please tell me your address and I will send you 2 pairs of your actual size”…

And what do you think? We think this is grade A++ for one of the best support hotlines having had to call during the last years. We swear we’ll never buy any other head- or earphones but AKG!!! Outstanding…