Facebook app rips off the MySpace experience
Thanks to faithful Macenstein reader Aimee for the tip!
How easy is it to stalk celebrities with just an iPhone and Wikipedia? Pretty damn easy, actually
Looks like the iPhone might be the budding paparazzo’s new best friend.
Last month I reviewed Background Check App for the iPhone, the app that lets you perform on-the-spot background checks on virtually anyone, anywhere. It being right before Christmas at the time, I mentioned that I planned to have a little fun by looking up all my family and friends at upcoming holiday parties and blowing their minds with the power of the iPhone.
Well, as it turns out, my family and friends are REALLY boring. Guess what I found when I looked them up? Their addresses, ages, and relatives, all of which I already knew. While I could see the benefit of an employer looking up a prospective employee, or a parent running a quick check on a new babysitter, I soon realized that the app would probably soon end up getting pushed to the last page of apps on my iPhone, and then ultimately end up deleted. However, that all changed yesterday when Read more
Prepare to freak out! iPhone developers are using apps to pass your phone number to telemarketers
Filed under: Apple Bashing, Rumors, Security, iPhone
Our good friends over at the French Mac site Mac4Ever have alerted us to a somewhat alarming development. Apparently a few days after purchasing the Swiss app MogoRoad, a free radar tracking application, users are reporting receiving telephone calls asking them if they’d like to purchase the FULL version of the application. When asked how the caller had obtained their number, the responses vary, but generally the person tells you that Apple sent them their number at the time of purchase.
Obviously this is not the case, as Apple does not forward any information on its customers to third parties, so Mac4Ever did a little testing using the latest iPhone SDK and discovered that it is extremely easy for a developer to send a user’s phone number to their servers without their knowledge. In fact, the hole has been around since the 2.1 firmware.
“But after deep investigation, it appears that programmers are able to retrieve the personal iPhone’s user number, with one unique line of code! This data can then be sent to remote databases, which collect personal information, without notifying the user.
We tried this method quickly with the official SDK: it works !
Readers mostly pointed out mogoRoad , a swiss application that gives traffic information for free. When reading comments on iTunes, it’s clear that a lot of people did receive the famous call as well.
Currently, the buyer explicitly gives its coordinates as Apple. Developer side, Apple is the only interlocutor, and it is impossible to have access to personal data of customers. But the access number is available since firmware 2.1, according to our survey. Moreover, it seems surprising that those responsible for the validation does not check that certain sensitive data, such as phone number, do not pass freely through the internet. This could be the beginning of a real scandal for the firm Iceberg, because nobody knows how many applications currently collecting phone numbers. “
We’ve yet to hear of any reports of this type of data collecting here in the US, but this is exactly the type of thing that tends to freak out privacy advocates (and rightly so, if true), so prepare for this one to spread across the interweb even faster than the usual anti-iPhone news.
Full FileMaker client coming to iPhone – FileMaker 11 coming soon
Despite increased security, a naughty little bird reports from inside the FileMaker conference this weekend giving us a few details about FileMaker 11, as well as news that we can expect a full FileMaker client for the iPhone to drop very soon.
“filemaker for iphone is very near. im at the conference right now. They seem to be very careful n this news and we all had to sign for it too… crazy unlike other filemakers.. also filemaker 11 as well. Some of the new features include grouped layouts, more triggers, and graphs built into filemaker… kinda like bento but much more powerful… we didnt get to play with it yet though… we will see it again I believe the end of conference”
We’ll keep you updated as we learn more.
New Mac Trojan appears in pirated versions of Photoshop CS4 – 5,000 infected so far
I’ve said it before and I’ll say it again, “Just Say No to Torrents, kids!”
Uh oh… another week, another Mac Trojan horse discovered. This time around, it’s folks who are downloading cracked copies of Adobe Photoshop CS4 from BitTorrent sites that are in danger. According to Mac Security Software maker Intego (who discovered last week’s iWork 09 virus) the Photoshop trojan is a new variation on the OSX.Trojan.iServices virus found last week.
Exploit: OSX.Trojan.iServices.B Trojan Horse
Discovered: January 25, 2009
Risk: Serious
Description: Intego has discovered a new variant of the iServices Trojan horse that the company discovered on January 22, 2009. This new Trojan horse, OSX.Trojan.iServices.B, like the previous version, is found in pirated software distributed via BitTorrent trackers and other sites containing links to pirated software.OSX.Trojan.iServices.B Trojan horse is found bundled with copies of Adobe Photoshop CS4 for Mac. The actual Photoshop installer is clean, but the Trojan horse is found in a crack application that serializes the program.
After downloading this version of Photoshop, users will run the crack application to be able to use it. The crack application extracts an executable from its data, than installs a backdoor in /var/tmp/, a directory which is not deleted when the computer is restarted. (If the user runs the crack application again, the Trojan horse creates a new executable with a different name; these random names make it harder to ensure safe removal of the malware.)
The crack application then requests an administrator password, launching the backdoor with root privileges. This copies the executable to /usr/bin/DivX, then creates a startup item in /System/Library/StartupItems/DivX. The program checks to see if it has been launched with root privileges, then saves the root hash password in the file /var/root/.DivX. It listens on a random TCP port, and answers requests such as GET / HTTP/1.0 by sending a 209-byte packet, and makes repeated connections to two IP addresses. Next, the crack application opens a disk image which is hidden in its resource folder, in a folder named .data, and proceeds to crack the Photoshop program, allowing it to be
used.Since the malicious software connects to a remote server over the Internet, the creator of
this malware will be alerted that this Trojan horse is installed on different Macs, and
will have the ability to connect to them and perform various actions remotely. The
Trojan horse may also download additional components to an infected Mac.
(Anyone else filled with a sick sense of “Apple Pride” that more people are pirating the $79 iWork 09 (20,000 infections) than the $700 Adobe Photoshop CS4? (5000))
If you feel you might be at risk of infection, Intego suggests you run their VirusBarrier program, or if you are feeling lucky, you can wait and hope SecureMac saves you by releasing a free Trojan removal tool, like they did last time. Just don’t do any electronic banking for awhile.
SecureMac bails out iWork pirates with its “iWorkServices Trojan Removal Tool”
“OK kids, Mommy’s going to bail you out THIS time, but if we ever catch you downloading pirated version of Apple software again, so help me you will have no iPhone for a MONTH! Do you hear me?
Thus are the words I assume SecureMac was thinking when it decided to release its “iWorkServices Trojan Removal Tool“, a free utility that will remove the iWorkServices Trojan virus which was spread last week via pirated copies of iWork 09 on BitTorrent sites.
It’s actually quite nice of them, and they even made a cute icon for the tool, but the part of me that pays for software (which is all of me) somehow feels anyone “clever” enough to figure out how to use a torrent site to find pirated software should be clever enough to delve into their infected package contents and pull the virus out themselves. Or clever enough to steal $79 from their parents to buy the darn thing. Didn’t anyone ever tell them not to take candy from strangers? Oh well, enough preaching. If you feel you may have been infected, you can download the tool here.
New Mac OS X Trojan Horse found in Pirated iWork ‘09 software
Attention cheapskates and software pirates! At least 20,000 people have downloaded a pirated copy of iWork 09 from BitTorrent sites containing a malicious Mac Trojan Horse virus, according to security software maker Intego. Upon installation, the OSX.Trojan.iServices.A Trojan Horse, which stows away inside the cracked iWork 09 package, gains read-write-execute permissions for root, and then allows for a malicious user to connect to the Mac remotely. From Intego:
Exploit: OSX.Trojan.iServices.A Trojan Horse
Discovered: January 21, 2009
Risk: SeriousDescription: Intego has discovered a new Trojan horse, OSX.Trojan.iServices.A, which
is currently circulating in copies of Apple’s iWork 09 found on BitTorrent trackers and
other sites containing links to pirated software. The version of iWork 09, Apple’s
productivity suite, are complete and functional, but the installer contains an additional
package called iWorkServices.pkg.
When installing iWork 09, the iWorkServices package is installed. The installer for the
Trojan horse is launched as soon as a user begins the installation of iWork, following
the installer’s request of an administrator password (in older versions of Mac OS X,
10.5.1 or earlier, there will be no password request). This software is installed as a
startup item (in /System/Library/StartupItems/iWorkServices, a location reserved
normally for Apple startup items), where it has read-write-execute permissions for root.
The malicious software connects to a remote server over the Internet; this means that a
malicious user will be alerted that this Trojan horse is installed on different Macs, and
will have the ability to connect to them and perform various actions remotely. The
Trojan horse may also download additional components to an infected Mac.
Obviously Intego suggests running their VirusBarrier software (with the latest virus definitions) to catch the Trojan, but we just recommend you actually pay for the real iWork 09 software.
Interview: Examining the seedy world of Mac OS X Forensics
Filed under: Apple Fanboyism, Awesomeness, Hacks, Security
We all know that good guys use Macs, and the bad guys use PCs, right? Well, so do law enforcement agencies, which is why nearly 100% of the training given to law enforcement’s digital forensic specialists has traditionally dealt with how to handle a Windows machine at a crime scene. But what about the one or two “bad Apples” (pun intended) out there? What if you are a first responder to a crime scene and you find a MacBook sitting there amidst all the piles of “Mary Jane” and illegally pirated copies of Beethoven’s Big Break? What do you do? Or worse yet, what if YOU are the Bad Apple, and you want to try to protect your MacBook from the Feds during your next raid? How should you go about it?
Well, luckily for both good and evil Mac users alike, Ryan R. Kubasiak, Dave Melvin, and Reggy Chapman – three Certified Forensic Computer Examiners (and Apple Certified Support Professionals) with some pretty impressive (yet top-secret) law enforcement forensic credentials have started an online resource dedicated to Macintosh digital forensics, and it’s free to the internet community. Mac OS X Forensics aims to arm all of you would-be CSI officers with an overview of the various Mac OS system and security features, and how best to poke around in a system you feel may contain data you need.
“The field of digital forensics is still growing by leaps and bounds,” says Kubasiak, “but the Macintosh side is still quite small. It is very difficult to find qualified and interested individuals when it comes to the Macintosh operating system.”
Technologies such as FileVault, Boot camp, Back to My Mac, and even something as simple as “Spaces” might throw off a newbie to the Mac platform looking to check out your data. As a seasoned Mac user, you may think you know Read more
After a hectic 48 hours, Aurora Feint is back online
Filed under: Awesomeness, Free Stuff, News, Security, iPhone, iPod Touch
Well, it’s been a hectic couple of days for the programmers behind Aurora Feint, the highly acclaimed (and then highly criticized) free RPG puzzle game for iPhone. Earlier this week word broke that Aurora Feint’s “community” feature was copying user’s contact lists, and when used, sending them out to Aurora Feint’s servers, unencrypted. Security buffs panned AF’s 2 young developers, who to their credit admitted their mistake, claiming it was due more to naivete than anything sinister. The next day Apple pulled Aurora Feint from the iTunes App store amid the security concerns, but it appears this morning the game is back online, with a slew of bug fixes, a new intro movie, as well as those annoying security patches.
Despite their amazingly fast work (although AF’s Danielle Cassley told us most of these fixes were near completion by the time the story broke) there is still evidence of the overworked team’s not quite having time to dot every “i” and cross every “t”. Take for example their update page on the App store below, where html syntax is seen leaking into the description.
Still Aurora Feint stands as easily the best free app on the iTunes store, and one of the best apps in general, delivering far more replay value than many of the $9.99 apps we’ve tested.
Is Aurora Feint the iPhone’s first Spyware?
A bit liberal with user’s data?
Definitely.
Spyware?
I doubt it.
There has recently been a bit of a buzz on the internet surrounding the extremely popular iPhone/iPod touch game Aurora Feint. I am a big fan of Aurora Feint, so I was a bit shocked to hear that apparently some people who have gotten SSH running on their iPhones under the new firmware have discovered that Aurora Feint creates a copy of all the e-mail addresses and phone numbers in your contacts list, and stores them in a “secret” directory on your iPhone (of course, unless you’ve jailbroken your iPhone, pretty much all directories are secret). This in an of itself is a bit suspect, but alarm bells really began to go off when someone noticed that AF was sending that information (unencrypted) to the Aurora Feint servers as well.
Above: If you do this, you will be sending all your friend’s e-mail address and phone numbers to Aurora Feint. But do you care?
For clarification on this, I wrote to Danielle Cassley, one of Aurora Feint’s creators, who Read more
