Dive into OS X

The very first iPhone Update, version 1.0.1, is now available for download. Apple seems to be patching some security holes of Safari and WebKit. You can find out more about the update at Apple’s website.

Apple just announced the . For $69, you can extend your repair coverage for an additional year, a total of two years from the original purchase date of the phone. If you have the Apple iPhone bluetooth headset, the plan covers it as well.

If you are residing in Alabama, Connecticut, Nevada, or Wyoming, you are out of luck since Apple is not authorized to sell protection plans in those states.

Read more at Apple.com.

A team of independent security experts has found a flaw in the Apple iPhone that allows hackers to take control of the device, the New York Times reported on Monday.

The researchers at Independent Security Evaluators, which test the security of devices by hacking them, found that the Wi-Fi connectivity of the iPhone allowed them to take control of it and mine the wealth of private information the phones contain. The researchers also said that they could redirect users to a malicious Web site that could also circumvent the security on the phone.

“Once you did manage to find a hole, you were in complete control,” said Charles Miller, the principal security analyst for the firm.

The company, based in Baltimore, alerted Apple about the vulnerability this week and recommended a software patch that could solve the problem.

“Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users,” Apple spokeswoman Lynn Fox said. “We’re looking into the report submitted by ISE and always welcome feedback on how to improve our security,” she said.

The company said there was no evidence that this flaw had been exploited or that users had been affected, and it knew of no other exploits of this nature.

Hackers around the world have been trying to unveil the secrets of the iPhone since its release last month; most have focused their efforts on unlocking the phone from its sole wireless provider, AT&T, and getting unauthorized programs to run on it. The iPhone is a closed system that cannot accept outside programs and can be used only with the AT&T wireless network.

Some of those hackers have posted bulletins of their progress on the Web. A posting went up on Friday that a hacker going by the name of “Nightwatch” had created and started an independent program on the phone.

The ISE researchers were able to crack the phone’s software in a week, said Aviel Rubin, the firm’s founder and the technical director of the Information Security Institute at Johns Hopkins University.

The iphone-binutils team, led by Nightwatch, working on developing a toolchain for compiling apps for the iPhone has announced success at compiling a basic “hello world” application. This 3rd party application runs natively under the stripped-down version of OS X that ships on the iPhone.Though it’s just a rudimentary application, this is huge, because it now means pretty much all the pieces are in place to develop and install 3rd party genuine, binary applications that run on the iPhone (and don’t originate from Apple).

The iphone-binutils team is led by Patrick Walton (aka Nightwatch) who was also responsible for one of the earlier milestones in attempts to hack the iPhone. This most recent accomplishment puts this particular team approximately 2/3 of the way to a fully unlocked iPhone, according to their list of required goals.

For those who are interested in giving “Hello World” a shot, there are instructions available. We recommend only experienced users give this a shot. Otherwise, you risk bracking your iPhone simply for the thrill of a Hello World application.

Apple’s iPhones may be causing problems with the wireless network at Duke University.

The iPhone can access the Internet through AT&T Inc.’s Edge network or through Wi-Fi. When a Wi-Fi hotspot is unavailable, it automatically switches to the slower network but continues to check for a Wi-Fi signal. So, the problem is the phone’s built-in 802.11b/g adapters, which have been intermittently inundating the school’s pervasive wireless local access network (WLAN) with media access control (MAC) address requests. The iPhone flood the access points with up to 18,000 address requests per second, nearly 10Mbps of bandwidth, and monopolizing the AP’s airtime.

So far, the precise cause of the problem remains unknown. A computer science professor at the University of Maryland thinks both the phone and Duke’s network are to blame for the glitches at the university.

An Apple spokeswoman says the company is working with Duke to quickly resolve the issue but didn’t know details or the source of the problem.

One of the features missing on the iPhone is internet streaming music. And you can assume that Apple will not be offering it anytime soon. But no problem because SeeqPod has just released an iPhone-friendly user interface to bring internet streaming music to your iPhone.

Seeqpod is a web application offering “playable search”, what means that you can listen to countless songs publicly available on the internet. You can search for music & podcasts by artists you like, as well as discover other artists and songs you were not familiar with. You can generate playlists of songs, save them for future enjoyment and share them with friends by e-mailing.

I’m not sure what licensing or legal challenges they may face in the future, but for as long as it lasts, their iPhone implementation makes it an amazing iPhone application.

*3001#12345#* and tap Call. Enter Field Mode.
Field mode reveals many of the inner settings of your iPhone, specifically up-to-date network and cell information.

*#06# Displays your IMEI. No need to tap Call.
IMEI is the unique identifier for your cell phone hardware. Together with your SIM information it identifies you to the provider network.

*777# and tap Call. Account balance for prepaid iPhone.

*225# and tap Call. Bill Balance. (Postpaid only)

*646# and tap Call. Check minutes. (Postpaid only)
These three are pretty self explanatory.
*#21# and tap Call. Setting interrogation for call forwards.
Discover the settings for your call forwarding. You’ll see whether you have voice, data, fax, sms, sync, async, packet access, and pad access call forwarding enabled or disabled.
*#30# and tap Call. Calling line presentation check.
This displays whether you have enabled or disabled the presentation of the calling line, presumably the number of the party placing the call.
*#76# and tap Call. Check whether the connected line presentation is enabled or not.
State whether the connected line presentation is enabled or disabled. Presumably similar to the calling line presentation.
*#43# and tap Call. Determine if call waiting is enabled.
Displays call waiting status for voice, data, fax, sms, sync data, async data, packet access and pad access. Each item is either enabled or disabled.
*#61# and tap Call. Check the number for unanswered calls.
Show the number for voice call forwarding when a call is unanswered. Also show the options for data, fax, sms, sync, async, packet access and pad access.
*#62# and tap Call. Check the number for call forwarding if no service is available.
Just like the previous, except for no-service rather than no-answer situations.
*#67# and tap Call. Check the number for call forwarding when the iPhone is busy.
And again, but for when the iPhone is busy.
*#33# and tap Call. Check for call control bars.
Check all the usual suspects (voice, data, fax, sms, etc) to see whether barring is enabled or disabled for outgoing.

A custom ringtone to you iPhone? Yeah… Apple do not like this.
But, it looks like it can be done! Check it out at this site.

The first Digg.com interface we saw for the iPhone was made by David Cann. It was built using Yahoo! UI Library, PHP and the Digg API.

Now Digg has released their own iPhone application. You can check it out at digg.com/iphone. You need an iPhone or Safari’s Webkit software running to see it working properly.

Here are some features in the iPhone app:
* Native iPhone-like story scrolling
* Mini permalink pages with top 5 comments
* Login and Digging
* Pagination
* Jump to any topic

The application isn’t finished yet but the people from Digg.com wanted to get it out asap.

Apple’s iPhone is one of the most anticipated — and hyped — products ever. And with any huge product launch, the scammers come out in droves. So, if you want to make sure you don’t get ripped off, keep reading.

Secure Computing Corporation, a leading enterprise gateway security company, warned in a press release that socially engineered email spam, indicating that the recipient has won a new iPhone, is directing users to a malware hosting website. If the user clicks on a link, the users’ browser will attempt to connect to a Web site and install malicious software designed to take control of the victim’s computer. The criminals behind this scam are using sophisticated techniques. The Web site is loaded with more than 10 Active X vulnerabilities, each targeting a potential browser vulnerability. In addition, the website is tracking visitors on the site and then redirecting repeat visitors to a different, clean Web site in efforts to thwart security researchers as well as using XOR encryption to obfuscate the attack.
Paul Henry, vice president of technology evangelism for Secure Computing, believes that although this is the first iPhone-related phishing scam, it certainly will not be the last. “Because of the popularity of the iPhone brand, this is the first in what’s bound to be a series of scams involving the iPhone,” he said.

Sunbelt Software Distribution Inc. spotted a new Trojan horse that redirects unwitting iPhone shoppers to a bogus Web site when they surf to iphone.com, a legitimate address that normally takes users to Apple’s own iPhone site.
The Trojan horse, which has not yet been named by antivirus vendors, produces a pop-up when users on infected Windows PCs head to either Yahoo.com or Google.com. The pop-ups tout iPhone.com as “the only place to buy iPhone,” and use the Apple logo and the actual price ($499) of the 4GB model to add weight to the offer.”On this infected system, you get directed to a custom ‘iphone.com’ which actually is a fake site,” said Alex Eckelberry, Sunbelt’s CEO, in a blog entry.
The Trojan horse pulls content from the infected machine and injects code into Microsoft Corp.’s Internet Explorer browser to build what looks like an Apple-owned site. As the duped buyer makes his way through the purchase screens, he comes to the end and he is told to send the money via Western Union or MoneyGram. And I expect that you’ll never get your iPhone or your money back.