Aussie Hacker cracks Iphone

A clever hacker has managed to trick Apple’s Iphone so that he could place calls on the Australian Telstra network.

The Iphone is not due out in Australia until sometime in 2008, but the hacker, who uploaded a video of the hack to YouTube, managed to place calls on the Telstra network. He was not able to receive phone calls, however, nor send or receive SMS messages. Although Telstra has an EDGE 2.5 network, internet access through EDGE was not possible either.

The video has subsequently been pulled from YouTube, but instructions and an account of what was and was not possible can be found over here.

The user, Ozbimmer, managed the crack by creating a custom sim card with a sim card reader and writer. Information from the AT&T and Telstra sims was combined to create the custom card that was able to allow calls out.

As he said on the forum, “this is not an unlock. The method only trick[s] the iphone [into thinking] that the genuine AT&T sim is used.” The method outlined by Ozbimmer is as follows;

1. Get the required hardware and software: (these are the ones I have used): An Infinity USB unlimited SIM reader/writer, a silvercard, SIM-EMU 6.01, and WoronScan 1.09
2. Get the IMSI, Ki of your carrier using WoronScan (I will call them IMSI-b, Ki-b)
3. Use SIM-EMU and create 2 files (1 Flash and 1 EEPROM) using the ICCID of the AT&T sim (ICCID-a), IMSI-b and Ki-b
4. Then use these 2 files to create a sim using the infinity usb unlimited reader/writer
5. Put this sim into a normal unlocked phone and make some calls/receive calls/data services
6. Then use SIM-EMU to change the IMSI of the original Flash file to IMSI of AT&T sim (IMSI-a)
7. Again write the silvercard with the new flash and eeprom files
8. Put this sim into the Iphone
9. Activate using the Cingular method as descirbe in Hacktheiphone.com

Though not a complete hack, the news is still significant. Wikis and other websites dedicated to unlocking the iPhone have sprung up since the launch of the phone in the United States. The desperation to unlock the phone comes as a result of Apple’s staggered launch of the phone. Europe is supposed to be the next region to get the gizmo.

Source

McDonald’s Strange Menu Around the World

So you think you know the McDonald's menu like the back of your hand? Think again. From McDonald's international, here are some menu items you have probably never tried before.

Good morning, welcome to McDonald's. May I have your order please?

INDIA

In India, there are no Big Macs because the Hindu people don't eat beef.

However, they have the Maharaja Mac, which is a Big Mac made of lamb or chicken meat. There is also a vegetarian burger, the McAloo Tikki.

NORWAY

In fish-loving Norway, they have the McLaks, a sandwich made of grilled salmon and dill sauce.

GERMANY

It's bottoms up in Germany, where McDonald's serves - Beer!

CANADA

In parts of Canada, have a lobster dinner with the McLobster lobster roll. Pardon me - "McHomard" (in French).

JAPAN

Japan totally reinvents McDonald's with its Ebi Filet-O (shrimp burgers), Koroke Burger (mashed potato, cabbage and katsu sauce, all in a sandwich), Ebi-Chiki (shrimp nuggets) and Green Tea-flavored milkshake!

CHILE

In Chile, you can dress your burgers with - not ketchup - avocado paste!

COSTA RICA

In Costa Rica, unsurprisingly, you can order Gallo Pinto, meaning rice and beans.

GREECE

It's not Greek without pita, so when in Greece, have a Greek Mac, a burger made of patties wrapped in pita.

HONG KONG

Rice-loving Hong Kong, has - of course - Rice Burgers, where the burgers are in between, not burger buns, but two patties of glutinous rice.

ISRAEL

In Israel, McDonald's has 3 kosher restaurants where cheeseburger and dairy products are not served because Jewish Law forbids serving "the child [cow/beef] in its mother's milk [dairy]." They have McShawarma, meat in a pita bread roll.

URUGUAY

In Uruguay, they have the McHuevo, which is like a regular hamburger, but it is topped with a poached egg.

Source

Windows Vista: The World's Most Expensive Spyware

By: Marius Oiaga, Technology News Editor (condensed version)

Are you using Windows Vista? Then you might as well know that the licensed operating system installed on your machine is harvesting a healthy volume of information for Microsoft. In this context, a program such as the Windows Genuine Advantage is the last of your concerns. In fact, in excess of 20 Windows Vista features and services are hard at work collecting and transmitting your personal data to the Redmond company.

Microsoft makes no secret about the fact that Windows Vista is gathering information. End users have little to say, and no real choice in the matter. The company does provide both a Windows Vista Privacy Statement and references within the End User License Agreement for the operating system. Combined, the resources paint the big picture over the extent of Microsoft's end user data harvest via Vista.

Microsoft has an additional collection of 47 Windows Vista features and services that collect user data. However, not all phone home and report to Microsoft. Although the data collection process is generalized across the list, user information is also processed and kept on the local machine, leaving just approximately 50% of the items to both harvest data and contact Microsoft. Still, Microsoft underlined the fact that the list provided under the Windows Vista Privacy Statement is by no means exhaustive, nor does it apply to all the company's websites, services and products.

Activation, Customer Experience Improvement Program (CEIP), Device Manager, Driver Protection, Dynamic Update, Event Viewer, File Association Web Service, Games Folder, Error Reporting for Handwriting Recognition, Input Method Editor (IME), Installation Improvement Program, Internet Printing, Internet Protocol version 6 Network Address Translation Traversal, Network Awareness (somewhat), Parental Controls, Peer Name Resolution Service, Plug and Play, Plug and Play Extensions, Program Compatibility Assistant, Program Properties—Compatibility Tab, Program Compatibility Wizard, Properties, Registration, Rights Management Services (RMS) Client, Update Root Certificates, Windows Control Panel, Windows Help, Windows Mail (only with Windows Live Mail, Hotmail, or MSN Mail) and Windows Problem Reporting are the main features and services in Windows Vista that collect and transmit user data to Microsoft.

This extensive enumeration is not a complete illustration of all the sources in Windows Vista that Microsoft uses to gather end user data. However, it is more than sufficient to raise serious issues regarding user privacy.

But is this all? Not even by a long shot. Windows Genuine Advantage, Windows Defender, Support Services, Windows Media Center and Internet Explorer 7 all collect and transmit user data to Microsoft. Don't want them to? Then simply turn them off, or use alternative programs when possible or stop using some services altogether. Otherwise, when your consent is demanded, you can opt for NO.

What Happens to My Data?

Only God and Microsoft know the answer to that. And I have a feeling that God is going right now "Hey, don't get me involved in this! I have enough trouble as it is trying to find out the release date for Windows Vista Service Pack 1 and Windows Seven!"

Could Microsoft turn the data it has collected against you? Of course, what did you think? "Microsoft may disclose personal information about you if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with the law or legal process served on Microsoft; (b) protect and defend the rights of Microsoft (including enforcement of our agreements); or (c) act in urgent circumstances to protect the personal safety of Microsoft employees, users of Microsoft software or services, or members of the public," reveals another excerpt.

Seven Tech World Wonders

As you might know the list of the Seven World Wonders of Antiquity was renewed of late. The new lists features landmarks like The Roman Colosseum and The Great Wall of China and it was announced on 07.07.07. Also it seems that all the fuss about these world marvels made some people think, and a list of the Seven Wonders of the Tech World is now to be found online.

Googleplex

Of course the famous Google HQ in Mountain View, CA is on the list ( if not the first on the list ). Even with the late criticism ( if you can call it like that, considering that all they did is to ‘accuse’ Google of threating their employees too good) from Microsoft’s part, it seems the vast majority of people find Googleplex the perfect place to work. And it’s hard not to love Googleplex considering all that it provides for it’s employees. Besides flexible schedule, extremely creative environment, Google employees get not one but two swimming pools, not one but five restaurants, recreation rooms, game rooms, free laundry and salons with massage and many more recreational feats. So Googleplex is definitely worth being on the list if you ask me.

International Space Station

With projects on the Space Station dating from the early 80’s, the ISS was put on orbit in 1998 and further missions are planned as far as 2010. The ISS is as close to Sci-Fi movies as you’ll ever get at this point. Although recent troubles with computer failure seemed to endanger the future of the ISS, all is now working fine. The goal of the ISS is to serve as a starting points for missions to the Moon and Mars.

Fremont Street Experience

I just have to say Vegas and you’ll know that I’m talking about top notch entertainment. And that’s exactly what the Viva Vision canopy provides. It’s made of 12 mil LED’s that cover more around 1400 feet and if you add to that 220 speakers producing a total of 550,000 watts you’ll get one of the biggest entertainment systems in the world.

Industrial Light & Magic

If you’ve seen movies like Star Wars, Pirate of the Caribbean or Transformers it’s very probable that you’ve heard the name Industrial Light and Magic. They’re the guys behind all the special effects in those movies and many more. But to be on the cutting edge of digital effects you have to be on the cutting edge of hardware processing equipment. Thus we have the ILM datacenter, that shelters more than 3000 processors, 170 terabytes of storage all connected by a 10 GB backbone.

Apple’s Retail Opus

Located in Manhattan, New York this is the first Apple store to stay open 24/7 ( so if you feel to buy an iPhone at 2 A.M in the morning you can just go ahead and do it ). Many say the clean, classy design is the most popular visual representation of what Apple is today. Besides is for sure one of the classiest retail stores in the world. You can get the virtual tour here.

Kryptos

Although is not directly related with the tech world, it’s a mystery that haunted the tech world even since it was placed on CIA ground in 1990. It contains four encrypted messaged of which three were solved. And it is said that when the fourth will be deciphered it will point the location of something of great importance located on CIA grounds.

Hubble Space Telescope

And last but not least the Hubble Space Telescope, that was launched in 1990 and orbits the Earth at five miles per second. It’s position outside Earth’s atmosphere offers a clear view of the stars. Hubble is one of NASA’s most enduring projects and also one of the most productive. Until now Hubble has provided hundred of thousands of photos from the outer space, which helped us unveil some of space’s deepest secrets.

Source

75 year old Woman has world's fastest home broadband

A 75 year old woman from Karlstad in Sweden has been supplied with the world's fastest home internet connection.

Sigbritt Löthberg's has a 40 gigabits per second connection which is the first time ever that a home user had such bandwidth to play with.

Sigbritt, who had never had a computer until now, happens to be the mum of local internet legend Peter Löthberg who, along with Karlstad Stadsnät, the local council's network arm, arranged the connection.

Karlstad Stadsnät network boss Hafsteinn Jonsson said that this was more than just a demonstration. He was trying to get internet operators to invest in faster connections. And Peter Löthberg wanted to show how you can build a low price, high capacity line over long distances.

According to the Local, the silver surfer will be able to flick through 1,500 high definition HDTV channels simultaneously or download a full high definition DVD in just two seconds.

The ultra-fast connection is possible thanks to a modulation technique which allows data to be transferred directly between two routers up to 2,000 kilometres apart, with no intermediary transponders. Apparently the most difficult part of the project was installing Windows on Löthberg's PC.

It is not clear what Löthberg thought about the connection, or if she will even use it.

Source

Spy Shots: 2008 GT-R prototype at Goodwood FOS

Visitors at this month’s Goodwood Festival of Speed were treated with a rare sighting of the 2008 GT-R Prototype, with test drivers doing a couple of laps to entertain the crowd. The Goodwood festival has definitely proven itself to be one of the most exciting car shows of the year, with automotive specials such as world’s fastest production vehicle, the Acabion GTBO, the 1012bhp Bristol Fighter T, the one-off Pininfarina Ferrari P4/5 Enzo and the RUF CT3 all making a showing.

Due to be unveiled at the Tokyo Motorshow later this year, the GT-R will be packing Nissan’s new 3.7L V6 with VVEL technology and a couple of turbochargers to lift output beyond 450hp. Drive will be sent to all four wheels via the latest iteration of the ATTESA ET-S torque-sensing AWD system plus a new sequential manual Gearbox or a possible dual-clutch system.

Nissan is expected to release the GT-R in three different flavors, the standard model, a new GTR V-Spec and a range-topping EVO. The latter will shed up to 100kg over the first two models thanks to carbon-fiber replacements for some panels and mechanicals, and should develop in excess of 500hp.

Source

10 Stunning Facts About Microsoft’s Profits

The VAR Guy has written extensively about Microsoft’s problems. But today, he got a stunning reminder about the company’s power. It takes Microsoft only 10 hours of business to exceed Red Hat’s entire quarterly profit. Skeptical? Check out the math, and nine other facts about Microsoft’s profits.

Microsoft today announced quarterly revenue of $14.4 billion and net income of $4.93 billion. In other words, Microsoft’s daily net income is about $55 million. That’s $55 million in pure profit every 24 hours. Do some quick math and you’ll learn it takes Microsoft only about…

• 10 hours or so (yes, hours!) to exceed Red Hat’s quarterly net income of $20.5 million.
• four days to exceed Research In Motion’s quarterly net income of $187.9 million.
• four days to exceed Starbucks’ quarterly net income of $205 million.
• one week to exceed Nike’s quarterly net income of $350.8 million.
• two weeks to exceed McDonalds’ quarterly net income of $762 million.
• two weeks to exceed Apple’s quarterly net income of $770 million.
• 18 days to exceed Google’s quarterly net income of $1 billion.
• 23 days to exceed Coca-Cola’s quarterly net income of $1.26 billion.
• five weeks to exceed IBM’s quarterly net income of $1.85 billion.
• 10 weeks to exceed Wal-Mart’s quarterly net income of $3.9 billion.

For a dead company, Microsoft’s profits certainly look lively.

Source

Apple's Iphone HACKED

(I found this article from JonLech's blog, Jon Johansen, the 20-something hacker widely known for helping crack the piracy protections on DVDs several years ago)

I’ve found a way to activate a brand new unactivated iPhone without giving any of your money or personal information to NSA AT&T. The iPhone does not have phone capability, but the iPod and WiFi work. Stay tuned!

Update:

Magic iTunes 7.3.0.54 numbers:

Offset 2048912: 33C0C3

Offset 257074: 28

Offset 257013: 33C9B1

Add “127.0.0.1 albert.apple.com” to c:\windows\system32\drivers\etc\hosts

Download Phone Activation Server v1.0 to activate your iPhone for iPod+WiFi use. Note that this application will not do anything unless you understand the magic numbers as well as add the hosts entry. Phone Activation Server (PAS) requires that you have the MS .NET Framework 2.0 installed.

Download PAS v1.0 Source Code.

Source

Google: A Hacker's Best Friend?

When Johnny Long wants information online, he turns to the same tool as most people: Google. But unlike the average Web user, Long isn't usually looking for Paris Hilton news and movie reviews. He's digging for credit card information, Social Security numbers and other private data stashed on corporate servers.

Long isn't a cyber-criminal--he just plays one in his day job, as a researcher for the information technology services company Computer Sciences (nyse: CSC - news - people ). But he is a hacker, one with a talent for innovating new ways to penetrate corporate servers, albeit for testing purposes only. He's also the author of Google Hacking for Penetration Testers, a best-selling book that shows how to use seemingly harmless Google (nasdaq: GOOG - news - people ) searches to uncover surprisingly sensitive information.

Long spoke with Forbes.com about his forthcoming book, a more general kind of "Hacking for Dummies" guide to hacking without technical knowledge, and the tricky question of whether to publicize hacking techniques that require little more than a search engine and two hands.

Forbes: What is "Google hacking"?

Long: Google hacking is really just a subset of something I call "no-tech hacking." You use un-technological methods to break technology. After 10 years of trying, I've discovered a whole pile of ways to do that. Dumpster diving (looking in office trash for security information); tailgating someone into a secured facility; pretending to be a UPS guy or a repair guy or a delivery guy ... these things work almost all the time and require very little technical knowledge.

So where does Google come in?

In the beginning, we'd use Google to case the companies we'd be trying to penetrate. But we discovered that the Google searches we were running were returning more information about the company than they might realize. Just by doing a search on a Web site, we'd find a password or usernames that would grant us access.

Google hacking grew out of that. You perform a Google search looking for sensitive information that either gives direct access to a network, or something subtle that could be used in conjunction with other finds.

What kinds of vulnerabilities in Web sites have you found through Google hacking?

We have examples where you can put in a Google query and immediately get access to part of a site that already has you logged in as an administrator. We discovered that just by searching for certain terms, you could find personal information like credit card numbers, Social Security numbers, anything an attacker would need for identify theft. On some education institution sites, we'd find entire Excel spreadsheets with students' names, Social Security numbers and even grades. But that's low-hanging fruit.

Without getting too technical, what's an example of a more subtle case, where you combine Google hacking with more advanced hacking?

For example, Google can help you find where an SQL server is vulnerable. SQL is basically the language of databases. Just by putting the right terms into a form on the Web, like a registration form on a site, you can do something called "SQL injection." Basically, your input into the form is confused with SQL code, and that can allow you to read data directly from a database, simply by typing into a Web login form.

Google allows you to find those vulnerabilities. If you type "MySQL error with query" into Google, some of the results will tell you which Web sites have had this error message, and that's the first step to an SQL injection. It's a nice way to do reconnaissance. It probes the Web very broadly without interacting directly with any target site, so it's difficult to detect.

Is Google becoming a more powerful tool for hackers?

Search engine popularity in general has been growing. But more importantly, the Web 2.0 movement means that everything is moving out to the Web. There's an absolute explosion of corporate and personal information out there.

Do you worry about the ethics of publicly discussing these tricks?

It's a huge debate in our industry. There are two camps: One camp says that when you talk about vulnerabilities you give bad guys ideas, but another camp says that you're helping good guys protect against bad guys. In the case of Google hacking, certain queries, like credit card queries, are very deadly stuff. So I've never talked about how to do a credit card query, though I've talked about the risk. It's a very fine line. I have to leave out enough information to avoid getting someone into trouble, but give the audience an idea of what's going on. So I always try to think about what it would mean to be on the other side of getting hacked, and I keep my professional clients in mind.

Source