Waisting my time at the Apple Store

I’m at the Apple Store resolving an issue with my iPhone camera.  The same camera Jitter that is already an extended replacement with Apple for the iPhone 6 Plus.  No warranty left and no love for my 6s Plus. They wanted to charge me $80.  After begrudgingly agreeing and waiting an hour for the repair.  i returned to a phone with a completely non-functioning camera.  whoops.

Final iPhone Backup Before Apple Replacement

I hurriedly backed up my phone in preparation for Apple replacing it.  I have now been here for 3 hours.  I spent most of my time waiting for someone.  Now waiting for activation of the new phone.   Then waiting for restore.  In all, my customer service experience was much worse then expected.  After very helpful and accommodating internet support, I received absolutely terrible support from the Apple Store itself.  When i asked to complain to a manager, the “Leader” they brought out was condescending and robotic in his rhetoric.  The 2nd guy, was a lot more understanding, but Apple needs to take a hard look at their customer service.

End of an era! cydia.be3n.com shuttered after 7+ years!

In truth, I haven’t touched it in years.  I haven’t even touched cydia recently. Sadly, all this work would only be useful for someone with an original or 3g iPhone. Apple certainly doesn’t support those devices anymore.  Does anyone still use them?  Unfortunately, my ISP insists that I remove the content.  After 7 years of hosting it, they realized it violates TOS.  I should check the logs.  I wonder if it will even be missed.  People say the internet never forgets.  Sometimes it is quite the opposite. For nostalgias sake, I left the instructions site up: http://cydia.be3n.com/ (at least that does’t violate Dreamhost TOS).  For the record, much of my work continued support well into iOS 4.

cydia.be3n.com site

. . . Maybe it will rise again on S3?

Playing with screenshots & Snapchat

You think you can beat it? (snapchat screenshot detection) Snapchat is a popular multimedia chat app with an allegedly vanishing history. Users can send pics or videos and set an expiration in seconds. After viewing the content for the prescribed duration… poof, it’s gone.  I was bored and playing with my wife when I noticed that the app sends an alert to the sender when their message is captured using iOS’s screen capture function. I was actually impressed with the forethought. Unfortunately, that impression did not last long.  It took me less then 20 minutes and only 3 messages to take advantage of Snapchat’s prebuffering to capture the message permanently without revealing that I had even viewed it. I did this all with the latest Snapchat on the latest iOS on a stock iPhone 6s+ (no jailbreak).  Honestly I find this kind of thing in a lot in applications not designed specifically for security.  Non authenticated data is sent before the authentication for speed or some other performance reason that negatively impacts security.  Kinda like client side authentication, sure there is a reason for it, but that doesn’t make it a good idea.  I am certainly not the only one to figure this out.  It seems that the basics of this method have been known for at least a year.

UPDATE (6-15-16):  Tested again with newest Snapchat app.  still working.

Bizarre FaceTime error could have horrifying security implications!

ios9 facetime iconI just got off a very strange call. Apparently, a complete stranger received a FaceTime request from me. “Butt Dial” right?  no big deal. Not this time.  At the time, i was in the middle of a FaceTime call with my dad.  I am almost certain I know exactly when it happened because i noticed a call-waiting style interruption on our call.  The first strange thing i noticed was that the incoming caller was my dad.  The same dad, I was presently talking to.  I rejected the call, thinking it was my dad accidentally calling from a different device. Then, moments later I get a mobile call from another LA number.  This time from an irate husband demanding to know why I would FaceTime his wife.  Unfortunately, I may have given them the wrong impression by asking questions of them.  The IT guy inside me wanted to figure out what just happened. Needless to say, they didn’t enjoy being grilled.  I barely had time to get out a few apologies, i don’t think they even realized that I hadn’t actually even called them.  I did get some answers.  They were not on a call at the time.  They were not even on the device.  My call history shows no outgoing calls save my dad.  my dad’s history doesn’t show the missed call on my history from him. I am almost certain I will never know what actually happened.  I am guessing that Apple FaceTime system might be a bit more duct tape and spit then we were lead to believe.

TBT: Remembering Hacktivation and some trickery I did 4 years ago. . .

Warning about packageBack in the days of hacked bootloaders and software unlocks, iOS (or was it still iPhoneOS back then) hackers could build custom ispw(s) that could be installed directly upon the device.  This wouldn’t just jailbreak, but it could install any number of 3rd party packages in one awesome sweep.  I prepared just such a custom package.  I wrote a post about it here.  At the time, I hesitated to post the actual packages for obvious reasons.  I do it today because i honestly don’t care and I was highly amused to recently discover that I never stopped hosting the files nor the instructions that I hastily wrote to aid a few friends.

Originally, these instructions were written to the winner of the auction for my phone.  (I promised that i would help him upgrade the software without breaking the soft unlock).  Back in those days, it was possible to sell a hacked and unlocked iPhone for more then the cost of upgrading to the new one.  A helpful way to finance constant hardware upgrades.

iPhone takes another dump!

This morning I woke to see that I hadn’t plugged in my phone overnight. I plugged it in and continued to prepare my breakfast.  I returned to find the boot screen staring ominously at me.  It never booted. So much for my jailbreak.  I tried a few things (force restart, safe mode, no luck).  Oddly enough, my watch was still receiving txt messages- no other iMessage client was working at that time).  Now i am restoring to last year.  (lol – it’s only 2 weeks old)

iphone 6s plus wipeiphone 6s plus restore

Great work Pangu! Jailbreak 9-9.0.2!

Once again, Chinese team Pangu drops a public iOS jailbreak for all the devices presently released including the new iPhone 6s/+. The usual warning about backing up your devices and that most of the software on cydia must be updated to work with the OS.  We know that 9.1 is already in the pipe.  I hope no unnecessary bugs were burned.  Taig did amazing work in iOS 8 to ensure that their bugs were released at the perfect time for maximum effect and user elation.

Only windows app presently.  My windows virtual machine decided to implode this morning, so i used my gaming PC to get it done.  (my new windows VM is still updating)

I was successful jailbreaking my iPhone 6s+ that had been OTA updated to iOS 9.0.2.  Strangely, I received no confirmation screen upon success.  Pangu recommends restoring your device directly to 9.0.2 instead of using the update feature on your device.

Pangu9 Jailbreak start

Continue reading “Great work Pangu! Jailbreak 9-9.0.2!”