Oct 03

Hacker claims third-party iPhone apps can freely transmit UDID, pose serious threat to privacy

Posted in: Apple, AppleIphone, gps, ios, iPhone, privacy, Today's Chili

When Apple addressed a congressional inquiry on privacy in July, the company claimed that it couldn’t actually track a particular iPhone in real time, as its transactions were anonymous and thoroughly randomized. Bucknell University network admin Eric Smith, however, theorizes that third-party application developers and advertisers may not have the same qualms, and could be linking your device to your name (and even your location) whenever they transmit data. Smith, a two-time DefCon wardriving champ, studied 57 top applications in the iTunes App Store to see what they sent out, and discovered that some fired off the iPhone’s UDID and personal details in plaintext (where they can ostensibly be intercepted), including those for Amazon, Chase Bank, Target and Sam’s Club, though a few were secured with SSL. Though UDIDs are routinely used by apps to store personal data and combat piracy, what Smith fears is that a database could be set up linking these UDIDs to GPS coordinates or GeoIP, giving nefarious individuals or organizations knowledge of where you are.

It’s a scary idea, but before you direct hate Apple’s way, it’s important to note that Cupertino’s not necessarily the one to blame. iOS is arguably the best at requiring users to opt-in to apps that perform GPS tracking; transmitting the UDID and account information together publicly is strictly against the rules; and we’d like to think that if users provide their personal information to an application developer in the first place, they’d understand what they’re doing. Of course, not all users monitor those things closely, and plaintext transmission of personal details is obviously a big no-no.

Smith’s piece opens and closes on the idea that Apple’s UDID is like the unique identifier of Intel’s Pentium III processor, which generated privacy concerns around the turn of the century, and we wonder if ths story might play out the same way — following government inquiries, Intel offered a software utility that let individuals manually disable their chip’s unique ID, and removed it from future CPUs.

Hacker claims third-party iPhone apps can freely transmit UDID, pose serious threat to privacy originally appeared on Engadget on Sun, 03 Oct 2010 19:51:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourcePSKL  | Email this | Comments

No Comments | Tags: , ,
Sep 23

Orb MP-1 music player pulls Sonos-like tricks for way less than a Benjamin

Posted in: AndroidApps, Apple, AppleIphone, ios, iPhone, IphoneApps, logitech, media streamer, MediaStreamer, sony, streaming, Today's Chili, wifi, Wireless

Streaming music from a computer to all manner of home audio devices is an area Sonos, Logitech, and Apple have been competing in for years. The recently-released MP-1 music player from Orb, though, is a surprise contender that can perform a host of streaming duties for less than $70. Like the competition, it works by connecting to a powered audio device via an in-line jack, and can play music stored locally, on a network, or from services like Pandora when streamed over 802.11b/g/n WiFi through its companion Orb Caster media server software. To sweeten the package, the company is also throwing in their Orb Controller app for iOS devices — which normally costs $10 — for a low price of free, and apparently has plans to release an Android version of the remote sometime in the near future. Sure, it’s a little strange for us to see a company known for their free media streaming software jump in the hardware game so abruptly, but the MP-1’s mixture of functionality for the price is a pretty enticing first step. Plus, if the move ignites a price war to the bottom with the aforementioned competition, who are we to complain?

[Thanks, Tom]

Filed under: , ,

Orb MP-1 music player pulls Sonos-like tricks for way less than a Benjamin originally appeared on Engadget on Thu, 23 Sep 2010 20:11:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceOrb  | Email this | Comments

No Comments | Tags: , , , , , ,
Sep 15

Did iOS 4.1 introduce in-car USB playback problems for you?

Posted in: Apple, AppleIphone, ios, iPhone, ipod touch, IpodTouch, issue, problem, Software, Today's Chili, update, usb

As with almost any software update, Apple has seemingly introduced a few new issues while ironing out a couple of others. Automotive forums around the web are ablaze with talk that iOS 4.1 has introduced any number of playback problems, with the bulk of complainers citing scratching, crackling or random disconnects when piping audio from their device to their vehicle via the dock connector. We’ve tested two iOS 4.1-equipped iPhone 4 handsets in two separate vehicles here at Engadget HQ, and we saw no quirks whatsoever, but we’ve no doubt that the issue is real to some extent. Prior firmwares have caused permanent incompatibilities between our iPods and vehicles before, and we’re about at our wit’s end. We know it’s impossible for the software engineers at Cupertino to test new builds on every car adapter out there, but we’re starting to wonder if they bother to plug ’em into any vehicles at all. Tell us below if you’ve pulled any hairs out in recent days, won’t you?

[Image courtesy of Murphy5156 / TiPb]

View Poll

Did iOS 4.1 introduce in-car USB playback problems for you? originally appeared on Engadget on Wed, 15 Sep 2010 10:01:00 EDT. Please see our terms for use of feeds.

Permalink iLounge  |  sourceApple, Prius Chat  | Email this | Comments

No Comments | Tags: , , , ,
Aug 27

How would you change Apple’s iPhone 4?

Posted in: Apple, AppleIphone, att, Features, HowWouldYouChange, HWYC, ios, iPhone, problem, smartphone, Today's Chili

We know, half of you aren’t even going to read past the headline before you start angrily banging away about Apple’s admitted antenna gaff and the still-not-totally-fixed proximity sensor, but we’re urging you to look deeper. Think harder. Critique your criticisms. In all seriousness, Apple’s iPhone 4 garnered more attention (negative or otherwise) than any other phone released this calendar year, and for good reason — in fact, Apple itself had to hold an emergency press event just to announce what could’ve been announced in a PR blast: everyone’s getting a free case. That said, Cupertino has still managed to move millions of units in just a few months, and that demand doesn’t seem to be dropping off at any significant rate. If you’re one of the lucky (or unlucky) ones that have managed to procure Apple’s latest iPhone, we’re overly anxious to hear your thoughts on changing it. How would you have addressed the antenna issue? Would you have preferred a less drastic departure from the 3GS form factor? Would you have offered more colors than white and black? Thrown in Bluetooth 3.0 for kicks? Go ahead, the floor’s yours — just don’t abuse it, cool?

How would you change Apple’s iPhone 4? originally appeared on Engadget on Fri, 27 Aug 2010 22:58:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

No Comments | Tags: , , , , , ,
Aug 26

Qualcomm job listing for iPhone dev guru sets internet absolutely aflutter

Posted in: Apple, AppleIphone, cdma, iPhone, qualcomm, rumor, rumors, Today's Chili

“The iPhone has no secret for you? Well, that’s what you think… join us and develop the most challenging product of your life!” So reads a now-removed job listing on Qualcomm’s website for an “iPhone Developer Guru” (still cached, thanks to Google). Responsibilities will include “iPhone software design and development but not restricted to it” as well as some Android and… oh, you’ve already jumped to conclusions, have you? The forerunners of CDMA technology asking for iPhone software engineering? Teasing with the most challenging product of your life? We wouldn’t fault for Qualcomm for a bit of boasting, and for all we know this could be much ado about nothing. Then again, we really don’t know anything, and this isn’t exactly some super clue in some giant mystery. Sorry, Encyclopedia Brown; don’t get your hopes up.

Qualcomm job listing for iPhone dev guru sets internet absolutely aflutter originally appeared on Engadget on Thu, 26 Aug 2010 19:54:00 EDT. Please see our terms for use of feeds.

Permalink Apple Insider, Slash Gear  |  sourceQualcomm (cached)  | Email this | Comments

No Comments | Tags: , , ,
Aug 21

Apple attempts to patent kill switch that roots out unauthorized users, detects jailbreaks

Posted in: Apple, AppleIphone, ios, iPhone, patent, patent application, PatentApplication, patents, remote, security, Today's Chili

Just about every mobile operating system manufacturer can remotely delete apps from the smartphones they help provide, but if a recent patent application is any indication, Apple’s looking to lock down the whole enchilada on future devices. The basic concept is as simple as the diagram above — certain activities trigger the phone to think it’s in the wrong hands — but the particular activities and particular remedies Apple suggests extend to audiovisual spying (to detect if a user has a different face or voice than the owner), and complete remote shutdown. While the patent mostly sounds targeted at opt-in security software and would simply send you an alert or perform a remote wipe if your phone were stolen or hacked, jailbreaking and unlocking are also explicitly mentioned as the marks of an unauthorized user, and one line mentions that cellular carriers could shut down or cripple a device when such a user is detected. Sounds great for securing phones at retail, sure, but personally we’d rather devices don’t determine our authority by monitoring our heartbeat (seriously, that’s an option) and we’re plenty happy with the existing Find My iPhone app.

Apple attempts to patent kill switch that roots out unauthorized users, detects jailbreaks originally appeared on Engadget on Sat, 21 Aug 2010 20:58:00 EDT. Please see our terms for use of feeds.

Permalink AppleInsider  |  sourceUSPTO  | Email this | Comments

No Comments | Tags: , ,
Aug 13

Square mobile payment readers now shipping again to tiny transaction tycoons

Posted in: Apple, AppleIphone, iPhone, Today's Chili

The Square payment system hasn’t exactly had a smooth road to availability, with deliveries put on hold back in June due to an ominous “credit processing and risk issue.” If that didn’t scare you away from accepting small payments from the company’s tiny credit card swipers, rejoice, because they appear to be shipping again — at least to some. Sally over at the Square support forums posted that she was sent the following message:

We started rolling out Square card readers and one is now coming your way from our fulfillment center in Saint Louis. It will arrive on your doorstep in the next few days.

A few others it seems have also received the same note. How about you? Is your little, different credit card reader on the way?

[Thanks, Sam]

Square mobile payment readers now shipping again to tiny transaction tycoons originally appeared on Engadget on Fri, 13 Aug 2010 10:44:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceSquare  | Email this | Comments

No Comments | Tags: , ,
Aug 08

Flash ported to iPhone 4, available for download (video)

Posted in: Apple, AppleIphone, flash, hack, Hacks, iPhone, mod, mods, Today's Chili, video

Cydia is a great place to hang out, and we’re sure unlocking is pretty swell, but it’s quite possible you and your freshly-rooted iPhone 4 have already run out of fun things to do. In that case, might we suggest giving Frash a try? That’s right, Comex’s Strong Bad-inspired port of Adobe Flash 10.1 has been compiled once again, and though it’s still an alpha build there’s nothing keeping you from experiencing the joys of animated advertising on your iOS 4 device. Instructions are exactly the same as in our Flash how-to for iPad — jailbreak, download the .deb, upload it to a folder deep inside your phone via SSH, restart and you’re done — but if that sounds like too much work or you’re worried about your phone asploding prematurely, you can watch from a safe distance as Homestar Runner struts his stuff. You’ll find that and more in a video after the break, and a pre-compiled alpha build is available at our source link.

Continue reading Flash ported to iPhone 4, available for download (video)

Flash ported to iPhone 4, available for download (video) originally appeared on Engadget on Sun, 08 Aug 2010 16:33:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceGrant Pannell, Frash (Github)  | Email this | Comments

No Comments | Tags: , , , ,
Aug 04

Hacker reveals how Apple artificially restricts iPhone chargers (video)

Posted in: Apple, AppleIphone, charger, charging, iPhone, ipod, Today's Chili, video

Most cell phone manufacturers have charging standards these days, even if they can’t always agree on which version of USB to use, but as the hair-tearing message above shows, third-party renditions of Apple’s proprietary dock connector haven’t always been universal solutions for iPods and iPhones. Now we know another important reason why — secret resistors placed on the data lines in connectors for each iDevice. Minty Boost creator ladyada recently reverse-engineered the chargers for a variety of Apple gadgets, and discovered that iPhones in particular don’t draw electricity until they detect 2.8V and 2V signals when they attempt to charge. At that voltage, the handsets suck down about one amp, leading to a rapid filling of your device’s Li-ion belly, but by adding additional resistance to drop the voltage further, the iPhone can be coerced into accepting 500mA instead — perfect for the set of AAA batteries you stashed away in that Altoids tin. Video after the break, full explanation at our source link.

Continue reading Hacker reveals how Apple artificially restricts iPhone chargers (video)

Hacker reveals how Apple artificially restricts iPhone chargers (video) originally appeared on Engadget on Wed, 04 Aug 2010 21:50:00 EDT. Please see our terms for use of feeds.

Permalink Slashdot  |  sourceMinty Boost  | Email this | Comments

No Comments | Tags: , , , , ,
Aug 04

Apple slyly enables background iDisk music streaming in iOS 4

Posted in: Apple, AppleIphone, cloud, ios, iPhone, ipod touch, IpodTouch, itunes, Music, stream, streaming, Today's Chili

Well, would you look at that? The v1.2 update to MobileMe iDisk that Apple pushed out last month has a secret — er, did have a secret. One of the concealed new features of the app is background streaming, or as Apple puts it, the ability to “play audio from your iDisk while using another app.” For starters, it’s pretty fantastic just to have this functionality in-hand for your own garage jams, but what’s more is that any licensed music on your iDisk still streams perfectly fine. Only time will tell if any record labels (or that mean, mean RIAA) step forward with a grievance, but this could very well be the beginning of iTunes in the cloud. Or a reason for buying Lala. Or a mysterious combination of the two.

Apple slyly enables background iDisk music streaming in iOS 4 originally appeared on Engadget on Wed, 04 Aug 2010 16:14:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceMichael Robertson, Apple  | Email this | Comments

No Comments | Tags: , , , , , , ,