Free cell phones with free shipping every day!

Saturday, September 29, 2007

Sony Ericsson and Vodafone present the Havana collection.

It's amazing what some decent marketing can do. These phones were presented to me as 'the Havana collection' and I immediately fell in love with them. A more objective person might liken the colour pallet to something else altogether, which would have a decidedly less exotic connotations.

All the phones are exclusive to Vodafone. The W880i walkman phone comes in plain old Havana, whilst the W910i is Havana Bronze and the V640i is Havana Gold. Whilst the W880i is an old favourite, the other two are new phones.

source ShinyShiny

Orange and Apple still arguing iPhone details

Orange's exclusive deal to distribute the iPhone in France may not be as solid as claimed, with the handset strangely absent at the Apple Expo in Paris, and a French newspaper reporting that the revenue share details are still under discussion.

The Challenges website reports (in French) that Orange's exclusive is far from a done deal, with the companies still in discussions over how large Apple's pound of flesh will be.
Click here to find out more!

It's certainly hard to explain why there were no iPhones at the Apple Expo otherwise, which could mean the French deal is still on the table, or perhaps Orange will successfully hold out for a more operator-friendly split. That could really annoy T-Mobile and O2, in Germany and the UK respectively, with their deals already inked and announced.

Just when we thought all the secret launches and quiet network-building were done, Apple still manages to keep us guessing... or perhaps that's the idea.

source TheRegister

iPhone's Bluetooth Bug Under Hackers' Microscope

Almost lost in the hubbub over the latest iPhone firmware update and whether it would "brick" unlocked phones was the fact that Apple patched 10 vulnerabilities.


Almost lost in the hubbub over Thursday's iPhone firmware update and whether it would "brick" unlocked phones was the fact that Apple Inc. patched 10 vulnerabilities -- twice the number of fixes issued since the phone's June debut.

The iPhone 1.1.1 update, which like previous upgrades is delivered through Apple's iTunes software, fixes seven flaws in the built-in Safari browser, two in the smart phone's Mail application and one in its use of Bluetooth, the short-range wireless technology.

The seven Safari vulnerabilities include several cross-site scripting (XSS) flaws, one that can disclose the URL of other viewed pages -- an online banking site, say -- and another that lets attackers execute malicious JavaScript in pages delivered by the SSL-encrypted HTTPS protocol. One of the Safari flaws, and an associated vulnerability in Mail, involve "tel:" links, which can be exploited by hackers to dial a number without the user confirming the call.

But it was the Bluetooth bug that got the attention of security researchers. Symantec's DeepSight threat network team pointed out the vulnerability in an advisory to customers Friday. "Reportedly, the Bluetooth flaw occurs when malicious Service Discovery Protocol (SDP) packets are handled; any attacker that is within Bluetooth range can exploit it remotely," wrote DeepSight analyst Anthony Roe in the alert. "Successful exploits are reported to allow the attacker to execute arbitrary code."

According to Apple's security advisory, the Bluetooth bug was discovered and reported by Kevin Mahaffey and John Hering of Flexillis Inc., a Los Angeles-based company that specializes in mobile security development and consulting. Flexillis may be best known for its reverse engineering of the exploit used to hack into several celebrities' T-Mobile cell phone accounts in 2005, include Paris Hilton and Vin Diesel.

The Bluetooth bug may prove to be dangerous to iPhones, Roe speculated, since the potential range of the technology is much greater than most people think. While Bluetooth's potential range -- and thus the maximum distance between attacker and victim -- is about 400 feet, "Several proof-of-concept Bluetooth antennas have intercepted Bluetooth signals at almost a mile," he said.

Roe also pointed out that HD Moore, the driving force behind the Metasploit penetration framework, had recently demonstrated that shellcode could be run on an iPhone. Moore, said Roe, proved that "exploiting security vulnerabilities affecting the iPhone is by no means out of reach."

In a post to his blog -- and to the Metasploit site -- on Wednesday, Moore said that because every process on the iPhone runs as root, and so has full privileges to the operating system, any exploit of an iPhone application vulnerability, such as Safari or Mail or Bluetooth, would result in a complete hijack of the device. Moore also announced that he would add iPhone support to Metasploit, which would make it much easier for hackers to access a vulnerable phone.

Moore acknowledged that he's looking at the Bluetooth vulnerability. "The Bluetooth SDP vulnerability is the only issue I am focusing on," he said in an e-mail Friday.

He also hinted that locating vulnerable iPhones wouldn't be a problem. "The Bluetooth MAC [media address control] address is always one less than the Wi-Fi interface's MAC address," he said. "Since the iPhone is always probing for or connected to its list of known access points, the presence of the iPhone and its Bluetooth MAC address can be determining by using a standard Wi-Fi sniffer.

"Once the Bluetooth MAC address is obtained, the SDP issue can be exploited by anyone within range of the Bluetooth chip, or within range of the attacker's antenna, which can be up to a mile away in some cases," he said.

If Moore manages to craft an exploit and add it to Metasploit, it's probable that criminal hackers will quickly follow. "Once we see something in Metasploit, we know it's likely we'll see it used in attacks," Alfred Huger, vice president of engineering with Symantec's security response group, said in a July interview.

Jarno Neimela, a senior researcher with F-Secure Corp., a Helsinki-based security vendor, also hit the alarm button, but for a different reason. In a posting to his company's blog Friday, Neimela pointed out that there's no security software available for the iPhone, thanks to Apple's decision to keep the device's inner workings a secret.

"The amount of technical information [available about the iPhone] makes it likely that sooner or later someone will create a worm or some other malware," Neimela said. "This will create an interesting problem for the security field as the iPhone is currently a closed system and it's not feasible to provide anti-virus or other third-party security solutions for it.

"So if someone were able to create a rapidly spreading worm on the iPhone, protecting users against it would be problematic."

Although iPhone owners will be automatically notified in the next week that the new patches are ready to download and install, a large number of those who have modified or unlocked their phones will probably forgo the fixes, since the 1.1.1 update apparently also disables unlocked phones and wipes unauthorized third-party applications that have been added with various hacks.

soource PCWorld

Thursday, September 27, 2007

iPhone firmware 1.1.1 released; breaks everything

Today Apple released iPhone firmware version 1.1.1 via iTunes and it appears to be pretty nasty toward unlocked and otherwise hacked iPhones. According to Gizmodo and Engadget the update re-locks unlocked phones and renders the brilliant AppTapp installer and other third-party applications useless.

Features of the 1.1.1 update include:

• iTunes Wi-Fi Music Store
• Louder speakerphone and receiver volume
• Home Button double-click shortcut to phone favorites of music controls
• Space bar double-tap shortcut to intelligently insert period and space
• Mail attachments are viewable in portrait and landscape
• Stocks and cities in Stocks and Weather can be re-ordered
• Apple Bluetooth Headset battery status in the Status Bar
• Support for TV Out
• Preference to turn off EDGE/GPRS when roaming internationally
• New Passcode lock time intervals
• Adjustable alert volume

I’d rather have AppTapp installer over the iTunes WiFi Store any day. I’m going to stick with firmware v.1.0.2, thanks.


source ZDNet by Jason D. O'Grady

Unauthorized iPhone Apps Market Flourishes

There is a vibrant community of developers writing apps to install directly on the iPhone, contrary to Apple's wishes.

Software developer Dylan Schiemann used Steve Jobs' own words against him in a presentation on developing third-party software applications for Apple's iPhone.

"You can write amazing Web 2.0 and Ajax apps that look and behave exactly like apps on the iPhone," CEO Jobs said at an Apple Worldwide Developers Conference in June in San Francisco.

"It depends on your meaning of the word 'exactly,'" Schiemann said Monday at the AjaxWorld 2007 Conference & Expo in nearby Santa Clara.

Jobs says Apple will allow third-party software developers to write applications to run on an iPhone, but not be installed on it. Instead, the apps can only be delivered through the device's Safari Web browser. While an endorsement of Ajax from Steve Jobs is welcome, Schiemann and others at the Ajax conference say there are limitations on how their apps can run on Safari, and there is a vibrant community of developers writing apps to install directly on iPhone, contrary to Apple's wishes.

Schiemann's iPhone has 40 applications running on it, including the ones Apple ships from the factory, but also some unauthorized apps installed directly on the device. Christopher Allen, another AjaxWorld presenter who runs the Web site iPhoneWebDev.com, has 50 apps on his iPhone, including several unauthorized ones.

The Ajax conference, held Sept. 23 to 26 and drawing about 900 people, devoted five breakout sessions to developing iPhone apps using Ajax, a development tool for writing Web-based applications.

Schiemann, CEO of Web-based applications developer SitePen, promoted the Dojo Foundation's open source Dojo Toolkit for writing iPhone applications but says even it can't overcome all the limitations in trying to work with the current iPhone version of mobile Safari. Notably, he said, Web-based apps can't react to the iPhone's signature feature, which is the ability of a person to use finger-touch commands, such as the "pinch" to zoom in on a Web page.

Allen adds: "When the user pinches, the Web-based application is not notified that the end user is doing that . . . because the Web browser does not tell them."

Allen makes a distinction between hackers who add software apps and those who break into the iPhone to avoid using AT&T's wireless service. Jobs says Apple will take action to prevent unlocking.

Asked for comment for this story, an Apple spokeswoman e-mailed a company statement that seems to make no such distinction: "Apple strongly discourages users from installing unauthorized unlocking programs on their iPhones. Users who make unauthorized modifications to the software . . . violate their iPhone software license agreement and void their warranty."

Apple did not reply to attempts to clarify the statement.

Schiemann argues that his adding apps to his iPhone does not constitute "unlocking" it, so he doesn't consider that a violation of the terms of service. "It is, after all, still my iPhone."

The developers hope that Apple improves support for developers and fixes other glitches when it introduces an updated version of Safari, expected in October, and when its long-delayed Leopard operating system is released.

Still, Schiemann and Allen understand why Apple is being protective of its platform. If someone installs an unauthorized application and it breaks some other part of the iPhone, a customer will blame Apple, not the developer. If an iPhone software upgrade somehow disables an unauthorized app, Apple can't have to worry about apps it doesn't support in the first place.

Despite the frustrations, the iPhone app market is worth pursuing, both men say. Given the robustness of the iPhone experience, its expansion into markets abroad and Apple's sales forecast of 10 million units, it is a significant opportunity.

"This is a gold rush, but we're basically in the alchemy stage where we're trying to turn lead into gold," Schiemann says. "We're trying to do all these things with the device because it's so freaking fun to use."

source PCWorld

Nokia, Intel, NSN in sync for WiMax interoperability

In an effort to ensure that mobile WiMAX wireless products work well together and with other products globally, Intel Corporation, Nokia and Nokia Siemens Networks today announced that they are testing interoperability across Intel’s forthcoming WiMAX silicon for laptops and mobile Internet devices, Nokia WiMAX devices and Nokia Siemens Networks WiMAX infrastructure equipment.

Nokia also said it will use Intel’s WiMAX silicon product, which is codenamed "Baxter Peak" and designed specifically for mobile Internet and consumer electronic devices, in its forthcoming Nokia Nseries Internet Tablets. The Internet tablets will be among the very first WiMAX-enabled open Internet devices expected to ship in 2008.

Mobile WiMAX is a broadband wireless technology that provides multi-megabit speed, high throughput for accessing large amounts of such data as movies and multi-media content, and wide range to access the data over long distances. WiMAX devices and equipment that have been tested for compatibility with each other will help make it easier for consumers to roam from network to network with their Internet devices wherever they go for an always-connected, mobile experience.

Raviv Melamed, general manager of Intel’s Mobile Wireless Group said, "WiMAX enables the mobile Internet and makes it possible to get content on a variety of new mobile devices at broadband speed."

Early interoperability testing between multiple industry partners will help to reduce the amount of time required for their respective products to successfully pass through the technical requirements from the WiMAX Forum thus accelerating time-to-market.

Intel, Nokia and Nokia Siemens Networks have already started testing their equipment and devices with dozens of other equipment vendors’ products for interoperability and conformance with industry standards in Sprint’s Herndon, Va. testing labs.

Intel and Nokia will continue to champion efforts with 500 other Forum members to deliver end-to-end specifications for global interoperability of WiMAX devices and infrastructure.

source business-standard