[News] Pirate Bay Court Hearing Ends

Leave a reply

With the final speech of the defense the court hearing ended today. The Pirate Bay guys have the public opinion on their side. As expected the defence negated responsibility for copyright infringement and continued to argue that Pirate Bay is basically a search engine, that provides torrent index files. The court is expected to take several weeks to rule in this highly complicated case.

According to the german newspaper TAZ, seven in eight newspaper articles in Sweden reporting in a positive or neutral style. A PR counsel for the music industry is quoted to be saying “We lost the fight for public opinion”.

In the meantime the media industry is trying to make the European Parliament push governments to persecute web services providing indexes of copyrighted material.

Because of the unknown illegal status here in Germany we cannot link directly to the trial page, that has been set up by the PirateBay team. You may use google.com to find it. It is linked from their main site.

[iPhone] Kali DRM Protection Layer on sale

2 Replies

Protect the Devs

The well known RipDev has announced to offer a sophisticated protection addition to limit software piracy. It is called Kali. As copying of iPhone apps has become sort of simple by using “Crackulous” some developers are confronted with decreasing sales.

RipDev says their own products like iPref, Kate and Installer are already protected using Kali. And they still seem to have not been cracked (properly).

What does Kali do?

Too make a long story short: it does nothing new. It simply uses runtime encryption and server sided authentication for decryption. Whenever parts of the program have been decrypted properly they can be executed otherwise the CPU tries to execute the still encrypted code and thus a program just crashs. Disabled error handling and code design beyond the standards is a must.

History Lessons

Runtime encryption has a long history. From the middle to the end of the 1990’s some talented protection defeaters like fravia (all the power to you bro’) organized annual cracking competitions within the Higher Cracking University (HCU+). In the 1980’s people were printing deadlistings of assembly code and were studying protections to find ways to circumvent them. the motivation was: interoperability and fun. Cracking protections is said is like playing chess. Easy games (thus easy protections) are not interesting. Complicated games are challenging.

Anti-Debugging checks are well known to Win32 experts for years. Also automized cracking programs are not new. Some people may still remember the masterpiece ProcDump. ProcDump allowed automized dumping of runtime encrypted programs (by also fixing the headers with import tables and so on).

Nowadays tons of automizer scripts that allow convenient unpacking of generic runtime encrypted Windows programs are available for assembly debuggers like Olly Debug. Generic protection wrappers don’t live long until getting defeated. On the other hand it seems specific protections (like the one used in Ableton’s Live Mac version) are very challenging to be cracked, since they are designed to be used in only one single program and not in tons of programs.

What do we learn from this? Decide for yourself.

101 of Digital Economy

There are people who say that an operating system like Windows 95 or 98 could only reach such a high societal penetration and thus make Microsoft dominating the market because it was so easy to copy. And nowadays? Almost every user who had an illegal Windows 95 back in the days nowadays uses legally bought Windows XP or Windows Vista. The consumers are trained to use Windows. In the long run this strategy has proved to be successful. Almost the same applies to Adobe’s Photoshop: almost every computer user knows how to use the basic functions, but almost nobody has ever bought it. But Photoshop has become the standard. There is no real competitor. In the long run Adobe’s strategy has proved to be successful aswell. Anyway we really doubt companies’ officials would admit those strategies.

And Apple? Apple knows about the concept of (religion and) market penetration. They are interested in selling their devices. It’s additional business for them to sell software for the iPhone, but their primary intention in the ongoing stage is to extend market penetration. Easily available software for their devices makes the device even more attractive to consumers. They will not be too interested in prosecuting teenage crackers.

What devs can also do

There are many options.

  1. Design an own protection layer.
  2. Bug the crackers with updates. As every update needs to be unpacked again this will be boring for half a millions apps every month.
  3. Check the price for your app. What’s better: earning 100 x 15USD or 500 x 4USD? What did we say about market penetration?
  4. Think about introductory offers (for every new version)
  5. Think about free demos with limited functionality

The time is over when developers sold 200,000 apps in one week. This was only possible in the beginning of Apple’s AppStore. Now it is usual software business.

Final Words

Kali is a good idea for the average developer with no knowledge of protections. Anyway as history shows it will have a limited degree of efficiency. As crackers like challenges a lot, they will really like to defeat Kali (I bed they are right now sitting analyzing RipDev’s Kali protected apps). Another thing might be unforeseeably: some developers are also crackers. They might apply for the Kali offer just for fun to get a better understanding.

Moreover although RipDev’s programs seem to have not been cracked until now this does not imply that this comes from the protection. The market’s demand for his programs might also be just too little.

[e-Biz] Steve Jobs in Hospital

Leave a reply

Yesterday january 14th, 2008 Steve Jobs sent an eMail to his employees explaining that his health-related issues seem to be more complex than expected last week. He will take a medical leave of absence until the end of June. In the meantime Tim Cook will be responsible for Apple’s day to day operations.

Stock exchanges suspended trading Apple shares after they went down 10%.

» Read Apple’s Media Advisory here

[iPhone] Jailbird for Windows to Replace WinPwn

1 Reply

There seems to be a new kid on the block called Jailbird. Jailbird is an independent implementation of exploits the iPhone Dev Team found in order to

  • activate,
  • jailbreak and
  • sim-unlock
  • all firmware revisions 2.x

As WinPwn has not been updated for a while this is amazing news for the Windows users among us.

See Jailbird’s Website for further information…

jailbirdss31.png

[iPhone] iPhone Dev Team’s lecture on the CCC in Berlin

Leave a reply

As recently reported the iPhone Dev Team held a lecture about the security systems in both the iPhone 2G and the new iPhone 3G here in Berlin at the Chaos Communication Congress 2008.

The lecture is very interesting and comprises known and some unknown facts about vulnerabilities of the iPhone.

Downloads:

» Video for iPhone
» Video for all other devices

In case the download is too slow. You may pick your own mirror from this list.

[MacOS] Parallels Desktop 4.0 released

Leave a reply

As of january 4th, 2008 Parallels released Parallels Desktop 4.0 . It now comes with a bunch of new functions like:

  • Experimental support for Mac OS X 10.6 Snow Leopard as host operating system
  • Experimental support for Microsoft Windows 7 as guest operating system
  • DirectX 9 + shader model 2 supported
  • faster suspending and resuming of virtual machines
  • virtual mounting of CD/DVD drives from remote Mac computers thus allowing to install Microsoft Windows on a Mac Book Air by having the Windows CD inserted on an iMac
  • improved CPU usage thus longer battery running time

Parallels Desktop also includes Parallels Internet Security (which is in fact Kaspersky Internet Security) and Acronis True Image Home – both for Microsoft Windows.

» Parallels Desktop

[e-Biz] Steve Jobs is healthy as ever

1 Reply

Steve just released an open letter, describing he’s healthy as ever. His loss of weigth is caused by a hormon imbalance that is currently getting treatment. He will regain his original weight at the end of spring.

Apple shares increased 3%.

P.S. All the best for you Steve. Just continue with your major lifework called Apple. You’re doing almost everything right. But please would you just lower the prices of the Mac Pro’s to the half ;-)

[iPhone] iPhone 3G Unlock “yellowsn0w” on Distribution

Leave a reply

… by the iPhone Dev Team. You guys really rock. The unlock tool requires a jailbroken iPhone 3G and either Cydia or the Installer installed to download the unlock program called “yellowsn0w” from the Dev Team’s repository.

The tool gets distributed for free. Anyway some code-thieves are obviously already selling it by saying it is their work. Find further information about yellowsn0w on the Dev Team’s blog.

And yes: happy new year guys. We’re back from vacation and Berlin is full of “white snow” :-))

[MacOS] EPOS I. – EFI Post Install for White-Box PCs

11 Replies

We were working quite some time on this. Now here is EPOS I. – the “EFI Post Install” Script for white-box PCs that are almost hardware compatible with Apple’s devices

“EPOS I.” is an “EFI Post Install” Script

What does it do?

EPOS helps installing retail DVD’s of Apple’s Mac OS X 10.5 Leopard on white-box PC’s. EPOS is SlimBuild-Preboot compliant. And as such it makes installation very easy. Grab a copy of a SlimBuilt-Preboot CD image that matches your hardware (motherboard and graphics), then install Leopard and after installation run EPOS.

Technically EPOS I. automates the necessary steps of preparing MacOS’ native EFI partition and the installation of (legacy-) kexts to this EFI partition. The whole shebang was first discovered and described by Munky (all shouts fly out to him!). You may find his article here on the InsanelyMac forums.

Installation and Usage:

  • unplug ethernet cable from your white-box PC
  • copy EPOS I.zip to USB drive for instance
  • install Leopard from retail DVD using a SlimBuild-Preboot standard compatible CD (find links to tested disks below
  • boot installed Leopard using the SlimBuild-Preboot CD again
  • on first boot provide all the registration information required from Apple
  • see desktop for the first time
  • unpack EPOS I. and run it as ROOT from a terminal (have your SlimBuild-Preboot CD mounted)
  • EPOS takes about a minute to install everything
  • remove SlimBuild-Preboot CD from drive, reboot and let Apple’s autoinstaller grab the newest updates
  • enjoy a white-box Mek

Habit:

  • EPOS must be executed from the disk that will hold the EFI bootloaders.
  • If you are unsure what this means: better make sure you only have your DVD drive and your OS X harddrive connected.
  • I recommend using this script on a clean and fresh installed system, no other operating systems on the same disk!
  • prefers mounted SlimBuild-Preboot CD’s for getting kexts and the com.apple.Boot.plist
    (looks for /Volumes/SlimBuild-Preboot/initrd.img and /Volumes/SlimBuild-Preboot/com.apple.Boot.plist)
    if no SlimBuild-Preboot CD is found, EPOS tries to find Extensions in EPOS’ own Extensions folder

Supports:

  • autoextraction kexts from SlimBuild-Preboot CD
  • kexts in own Extensions folder
  • autoextraction com.apple.Boot.plist from SlimBuild-Preboot CD
  • com.apple.Boot.plist in own Plist folder
  • internally pretested with Leopard retail DVD’s 10.5.0, 10.5.1, 10.5.4 and 10.5.5

Notes:

  • Munky’s EFI Boot 6.1 included (found here)
  • compatible to Galaxy’s SlimBuild-Preboot creator 2.0 (Kudos!) found here
  • Tested with ximekon’s (Kudos, aswell) Gigabyte GA-EP35-DS3 SlimBuild-Preboot CDs found here

Error handling:

  • integrated for a bunch of common errors, anyway it remains an ugly script

Todo:

  • code cleanup / rewrite ;-)
  • autoinstallation of custom kernels
  • GUI is in the works, but don’t ask for timelines, we all got jobs to feed our families

License & restrictions:

  • This script is freeware but may NOT be used for commercial purposes!
  • It may NOT be included in SlimBuild-Preboot Disks that contain original / modded Apple kexts.
  • that means until not everything is self enabled via homebrew or legacy kexts you may only include it in your private SlimBuilds but don’t distribute them, please.
EPOS 0.95 running on a sample system :


Feedback

You are welcome to leave a note here in the comment’s section or on the insanelymac forums.

Download EPOS

Please download from the version history overview below. Did you know our sponsors yet? No we neither. Because it’s just Google adds. Anyway these premium sponsors really got the coolest offers and moreover by considering them you help us in return maintaining this site free… :-)

Version history:

  • 0.5 semi automatic really much too ugly one day rapid prototype (not released)
  • 0.6 rewrote using functions (not released)
  • 0.7 autodetermining of EFI partition (not released)
  • 0.8 improved error handling for common errors we experienced (not released)
  • 0.9 included autoextraction for SlimBuild-Preboot images (not released)
  • 0.95 included com.apple.Boot.plist extraction (released) –
    » Download EPOS 0.95 here…
  • 0.95.1 (cosmetic) bugfixes (not released)
  • 0.97 com.apple.Boot.plist bugfix (released) –
    » Download EPOS 0.97 here…
  • 10.0 “the got rich as bill from writing even uglier code” version (will definitly be released) ;-)

[iPhone] Issues with iPhone DFU mode in MacOS 10.5.6

Leave a reply

According to forum reports the iPhone DFU mode, which is required to install custom firmware with PwnageTool, does not get detected properly after updating Mac OS X to 10.5.6.

That means you cannot Jailbreak or Unlock the iPhone currently. The iPhone Dev Team has investigated in to this issue and comes to the conclusion that this is not a countermeasure by Apple, but a bug in the new kernel.

The Phone Dev Team names possible fixes for 10.5.6. As always: you do this at your own risk!

1. Replace the following plugin kexts from within IOUSBFamily.kext with the ones from 10.5.5 and then rebuild kextcache (if you don’t understand this, then you shouldn’t attempt it!)

/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBHub.kext

/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBCompositeDriver.kext

2. Use a USB hub in-between the DFU device and the Mac and insert/reinsert the iPhone’s USB cable.

3. Use a PwnageTool created .ipsw on Windows! Oh the irony!

If you did not update yet to 10.5.6 better don’t do it and wait for a fix or for 10.5.7 to be released.