Filed under: Cellphones

It looks like you might have to think twice before flipping that old iPhone on eBay when the 3G version finally hits — it appears that restoring the phone doesn’t actually erase the contents of the flash, meaning that your data is available to anyone with the proper tools until it’s overwritten. Making matters worse, it appears that Apple doesn’t do a low-level format when refurbishing iPhones either — an Oregon State Police detective was able to use forensic software to pull files, emails, and screenshots off an out-of-the-box refurbished iPhone. This actually shouldn’t be surprising to anyone — we’ve seen several utilities that access “deleted” portions of storage — but since Apple doesn’t provide users direct access to the iPhone’s filesystem, it’s basically impossible to clear your personal data off the device short of restoring and filling the disk with junk data. Hopefully iPhone 2.0’s Exchange-based “remote wipe” feature is a bit more secure, eh?

[Via TUAW]

Read | Permalink | Email this | Comments

Filed under: Laptops

And just think — last year you were singing Dino Dai Zovi’s praises for taking control of a MacBook Pro in nine whole hours. This year, the PWN 2 OWN hacking competition at CanSecWest was over nearly as quickly as the second day started, as famed iPhone hacker Charlie Miller showed the MacBook Air on display who its father really was. Apparently Mr. Miller visited a website which contained his exploit code, which then “allowed him to seize control of the computer, as about 20 onlookers [read: unashamed nerds] cheered him on.” Of note, contestants could only use software that came pre-loaded on the OS, so obviously it was Safari that fell victim here. Nevertheless, he was forced to sign a nondisclosure agreement that’ll keep him quiet until “TippingPoint can notify the vendor,” but at least he’ll have $10,000 and a new laptop to cuddle with during his silent spell.

Read | Permalink | Email this | Comments

Filed under: Gaming

If that unplayable version of Pong we saw for the Wii wasn’t quite doing it for you, you ‘ll be happy to know that homebrewer Christian Auby (aka DesktopMan) has just hit the next stage in evolution: Tetris. That’s right, you can now get a fully functioning version of the puzzler running on your Wii, thanks to that handy Twilight Princess hack, and what was probably a gargantuan amount of work on Auby’s part. The game loads straight from SD out of Twilight Princess, but after the hack has been engaged you can jump back to the loader to pull something new off of a card, which should make experimenting a little bit easier. Check the video after the break to see how it all works.

[Thanks, Craig]

Continue reading Wii Tetris: homebrew edition

Read | Permalink | Email this | Comments

Filed under: Gaming

Those hackers work fast. Two days ago, we saw a demo of the Zelda: Twilight Princess exploit, which allowed for the possibility of Nintendo’s Wii to boot homebrew code off of SD cards via stack smashing (buffer overflow). Now a clever coder named Auby has gone ahead and extended the hack to load an ELF version of Pong which was originally coded for the GameCube. Right now the controls aren’t functioning, but it appears that this is a work in progress, so we should be seeing updates to it soon. Check the video after the break to watch the breathtaking drama unfold.

[Thanks, Craig]

Continue reading Wii Pong: the Twilight Princess hack evolves

Read | Permalink | Email this | Comments

Filed under: Laptops

A Polish security researcher calling himself porkythepig is apparently gunning hard for HP this month, first exposing a slew of vulnerabilities that affected 83 different HP and Compaq models ten days ago, and today releasing an exploit that allows an attacker to brick any HP or Compaq laptop. The ’sploit takes advantage of a vulnerable ActiveX control in HP’s Software Update, allowing a hacker to easily corrupt Windows kernel files, or even take control of the machine with a little more effort. Porkythepig says the bug affects HP and Compaq laptops running Windows 2000, XP, Server 2003 and Vista, and that simply disabling the Software Update mechanism may not prevent attackers from taking advantage of the vulnerability. Even still, those of you out there running HP / Compaq machines may want take a second to shut down Software Update until HP issues a patch.

Update: Wow, we didn’t realize how seriously everyone took their slang. For what it’s worth, the definition of “bricked” has caused some amusingly serious discussion amongst Engadget editors today, and most agree that it should mean “dead beyond all repair” — except for Nilay, who keeps stubbornly saying that people “un-brick” devices all the time. We’ll stick to the most common definition for now, so no, this exploit didn’t “brick” anything.

[Via Slashdot]

Read | Permalink | Email this | Comments

Filed under: Cellphones, Portable Audio, Portable Video

Well if you like looking through line after line of incomprehensible programming gibberish, make sure to hit up the Read link below, in which the TIFF exploit-based firmware v1.1.1 jailbreak code from team Toc2rta is posted in its entirety. More of an academic exercise for curious geeks than a useful bit of knowledge for the average iPod owner, we’re sure there’s still some interest out there in seeing exactly how this hack was developed. And as usual, if you do decide to go about ‘breaking your device as previously described on these pages, we’re, like, totally not responsible for any undesired consequences.

Read | Permalink | Email this | Comments

Office Depot Featured Gadget: Xbox 360 Platinum System Packs the power to bring games to life!