It’s no secret that Apple’s been keen to monitor the lot of naughty jailbreakers, but it turns out the company has recently shelved iOS 4.0′s jailbreak detection API with no explanation given. While this has little effect on the average user, Network World explains that this is bad news for enterprise IT and MDM (mobile device management) vendors, who will now have one fewer channel for checking whether a user’s iOS device has been jailbroken and thus become vulnerable to attacks. That said, apparently this isn’t a huge loss for the MDM vendors, anyway; but the real question is why drop the API now? Could its presence alone be a threat? We’ll probably never know.

Fear not, though, as some folks have put jailbreaking to good use. The Register reports that come Tuesday, Stefan Esser of Sektion Eins will demonstrate a tool called antid0te, which reportedly adds ASLR (address space layout randomization) onto jailbroken iOS devices. In a nutshell, ASLR randomizes key memory locations to make it more difficult for certain attacks to locate their target data. According to the famed white hat hacker Charlie Miller, this technique is already present on Windows Phone 7 and desktop Windows since Vista, but Apple’s only dabbled with it on OS X and not on iOS. Now, this doesn’t mean that jailbroken devices will be fully safeguarded, but some protection is better than no protection, right?

[Thanks, wooba]

Apple mysteriously kills jailbreak detection API while hacker boosts iOS security, irony restored originally appeared on Engadget on Sun, 12 Dec 2010 23:59:00 EST. Please see our terms for use of feeds.

Permalink

Well, well, look at what’s been added to a tentative agenda when the FCC meets on December 21st: net neutrality. Here’s how the item reads:

Open Internet Order: An Order adopting basic rules of the road to preserve the open Internet as a platform for innovation, investment, competition, and free expression. These rules would protect consumers’ and innovators’ right to know basic information about broadband service, right to send and receive lawful Internet traffic, and right to a level playing field, while providing broadband Internet access providers with the flexibility to reasonably manage their networks.

Presumably, a draft order is now circulating amongst attendees, the details of which are of the utmost concern for both consumers and wired / wireless providers alike. According to the AP, FCC Chairman Julius Genachowski will outline his net neutrality proposal in a speech on Wednesday, with plans to bring the new rules to a full vote before the end of the year and ahead of the newly elected Republicans taking their seats in the House.

Update: The AP received an advanced copy of Genachowski’s speech. Here are the highlights of the FCC proposal:

• Wired broadband providers will be required to let subscribers access all legal content, applications, and services with the flexibility to manage network congestion and spam as long as they publicly disclose their network management approach. Broadband providers would also be allowed to experiment with dedicated networks to route traffic from specialized services like smart grids and home security systems as long as they “don’t hurt the public internet.”
• Wireless providers would also be required to disclose network management practices and be prohibited from blocking access to web sites or competing applications like cellphone VoIP services. However, they’d be given more flexibility to manage traffic due to relative bandwidth constraints. In other words, wireless networks will still be special under the FCC proposal, just not as special as the plan pitched by Google / Verizon plan (which only required transparency) over the summer.
• The proposal would leave the FCC’s regulatory framework for broadband unchanged as a lightly regulated “information service,” not as a “common carrier” as Genachowski had wanted. Another victory for Comcast.

FCC addressing net neutrality on December 21st (updated) originally appeared on Engadget on Wed, 01 Dec 2010 03:14:00 EST. Please see our terms for use of feeds.

Permalink

Netflix has always been something of a fickle beast, lavishing treats upon just one platform at a time, but now that iOS, Windows Phone 7 and every game console under the sun are streaming its video, the firm’s finally turned its gaze on Android. Come early 2011, Netflix will appear on “select Android devices,” according to the company’s official blog, which also promises a “standard, platform-wide solution” for Android in the unspecified future. What took so long, and why will Netflix be limited to particular handsets when it first rolls out? “The hurdle has been the lack of a generic and complete platform security and content protection mechanism available for Android,” says the blog, stating piracy concerns. Apparently content holders aren’t too keen on making movies available unless devices have DRM baked right in, so the solution is equip new phones with padlocks one at a time. Expect next year’s high-end Android devices to have “Netflix” as a nice big bullet point.

[Thanks, Connor B.]

Netflix headed to ‘select Android devices’ early next year originally appeared on Engadget on Sat, 13 Nov 2010 12:23:00 EST. Please see our terms for use of feeds.

Permalink

Sprint axes Huawei, ZTE telecom bids due to security fears in Washington? originally appeared on Engadget on Sat, 06 Nov 2010 15:33:00 EST. Please see our terms for use of feeds.

Permalink

We just got a quick look at the HTC 7 Surround for AT&T, running that brand-spanking-new Windows Phone 7 OS you’ve been hearing so much about. The phone has a kickstand to help it show off its standout feature: a slide-out “Dolby Surround Sound” speaker. Stand by for more impressions and video, but for now check out the gallery below.

Update: Video is live! Here are some thoughts:

We were impeded by the security device holding the phone down, but from what we could tell the Surround is a quality device — we’d expect no less from HTC. It is built of plastic, but it pulls off that certain premium look and feel. Like we noted in the family post, however, the slide-out speaker seems like an expensive addition when you consider the thickness it’s adding. Once we get a chance to play back some media and be “blown away” by the Dolby Surround we’ll be able to tell if you if it’s truly worth the tradeoff. Somehow we’re in doubt. Overall the phone comes off as a slightly inspired design in a sea of fairly uninspired designs (at least in the US). HTC HD7 this is not.

Continue reading HTC 7 Surround first hands-on! (update: video)

HTC 7 Surround first hands-on! (update: video) originally appeared on Engadget on Mon, 11 Oct 2010 10:52:00 EST. Please see our terms for use of feeds.

Permalink

The latest thrilling installment in BlackBerry’s Middle East saga has turned out not to be so thrilling after all. Having set an October 11 deadline for RIM to comply with its “telecommunications regulatory framework,” the United Arab Emirates is today reporting that the BlackBerry maker has managed to make the necessary changes with plenty of time to spare. Consequently, there’ll be no state-ordained curtailing of email, web, or BBM services within the UAE, which mirrors similar agreements that BlackBerry has managed to finagle with India and Saudi Arabia. Of course, the grand purpose of the UAE’s ultimatum was for RIM to allow the state access to encrypted messaging communications, and while the current announcement is pointedly missing details on what’s been done to appease the Abu Dhabi decision makers, we can’t imagine them giving up the fight without RIM making some type of concession. And the shady, undisclosed concessions happen to be our least favorite kind.

UAE says BlackBerry is now compliant with regulations, free to rock on originally appeared on Engadget on Fri, 08 Oct 2010 03:53:00 EST. Please see our terms for use of feeds.

Permalink

We imagine that LG’s security forces are combing Poland as we speak, because Android.com.pl has just provided us with yet another high-end handset leak. This LG C900 (last seen combing AT&T trenches) reportedly joins LG’s E900 in housing a 1.3GHz QSD8650A Snapdragon chipset under its sliding-QWERTY hood. Though our first look at the device suggested a plasticky matte frame, our erudite Polish informants tell us the phone’s mostly metal inside — despite a comparatively teensy 3.2-inch capacitive screen, they say it weighs about as much as an original Motorola Droid. A 3.5mm jack and a miniUSB port will play nice with headsets and charging cables respectively, and the site says it’ll run 1,100 zloty (about $350) if or when LG’s marketers recover from the shock of these leaked details and decide to ship. Find a video after the break and a host of similarly excellent pictures at our source link.

Continue reading LG’s C900 Windows Phone 7 handset resurfaces with 1.3GHz Snapdragon, metal frame? (video)

LG’s C900 Windows Phone 7 handset resurfaces with 1.3GHz Snapdragon, metal frame? (video) originally appeared on Engadget on Tue, 31 Aug 2010 18:34:00 EST. Please see our terms for use of feeds.

Permalink

You may surmise that Auntie Beeb is only good for news distribution from across the pond, but as it turns out, the BBC is apparently giving at least a few of its employees a little of that oh-so-coveted “20 percent time.” In an effort to prove just how easy it is to create a smartphone application that can gank all sorts of personal information, a staffer at the organization spent just a few weeks learning enough code to create a “crude game.” In play, the app would gather contact information, copy text messages and log the phone’s current location; afterwards, it would shoot all of that information to a specified email address, but not before putting a serious hurting on the battery. All told, the spyware took up around 250 lines of the 1,500 making up the whole program, and thankfully for us all, the BBC decided against submitting the program into any app stores. Phew. So, the point? It’s pretty easy to craft an ill-willed app, so as with anything in life, download with care — and keep an eye on atypical battery drain, eh?

Continue reading BBC crafts malicious smartphone app to prove a point… we guess

BBC crafts malicious smartphone app to prove a point… we guess originally appeared on Engadget on Wed, 11 Aug 2010 13:26:00 EST. Please see our terms for use of feeds.

Permalink

We can’t say this is exactly a surprise, but we are rather saddened to learn that Saudi Arabia has apparently carried through on its threats to shut down all BlackBerry messaging services functionality due to “security concerns.” Users there are reporting that they are no longer able to use their keyboards for the jobs they were intended, forcing them to actually call friends — with their voices. Saudi Arabia has threatened $1.3 million fines for any wireless provider that does not play nicely and, until those threats are lifted, we’re thinking BBM is down for the count out there.

BlackBerry messaging shut down in Saudi Arabia, users feel early withdrawal pains originally appeared on Engadget on Fri, 06 Aug 2010 07:01:00 EST. Please see our terms for use of feeds.

Permalink

Huawei bids high, loses hard on two major US assets originally appeared on Engadget on Thu, 05 Aug 2010 04:07:00 EST. Please see our terms for use of feeds.

Permalink