MacBook Air hacked!!

March 30, 2008

MacBook Air

A team of security researchers has won $10,000 for hacking a MacBook Air in two minutes using an undisclosed Safari vulnerability.

IDG News Service is camped out at CanSecWest in lovely Vancouver, Canada, and has chronicled the exploits  of Charlie Miller, Jake Honoroff, and Mark Daniel of Independent Security Evaluators during the Pwn to Own contest sponsored by TippingPoint. The contest includes three laptops, running the most up to date and patched installations of MacOS X Leopard, Windows Vista, and Ubuntu Linux:

  • VAIO VGN-TZ37CN running Ubuntu 7.10
  • Fujitsu U810 running Vista Ultimate SP1
  • MacBook Air running OSX 10.5.2

The main purpose of this contest is to responsibly unearth new vulnerabilities within these systems so that the affected vendor(s) can address them.The team was able to gain control of a MacBook Air on the second day of the hacking competition, which pitted the Air against Windows Vista and Ubuntu machines.

No one was able to execute code on any of the systems on Wednesday, the first day of the contest, when hacks were limited to over-the-network techniques on the operating systems themselves. But on the second day, the rules changed to allow attacks delivered by tricking someone to visit a maliciously crafted Web site, or open an e-mail. Hackers were also allowed to target “default installed client-side applications,” such as browsers.

The team had attack code already set up on a Web site, and was able to gain access to the MacBook Air and retrieve a file after judges were “tricked” into visiting the site. According to the TippingPoint DVLabs blog, a newly discovered vulnerability in Safari was used to gain control of the Air.

The contest rules stipulated that winners immediately sign a nondisclosure agreement relating to their technique, so that the vulnerability could be disclosed to the vendor, and TippingPoint said Apple has been informed of the vulnerability.

Last year’s contest was won by exploiting a QuickTime vulnerability, which was patched by Apple in less than two weeks. As of the time I posted this, no one had gained control of the Vista or Ubuntu machines, but I’ll update later as the results come in over the rest of the afternoon.

Advertisements

Apple Gets It

March 30, 2008

apple-iphone-sdk_ttn.jpg

Johnathan Zdziarski, blogger and author of iPhone Open Application Development (to be released book on how to hack your iPhone) was invited by Apple to speak at a conference held in a Cambridge Apple store, to talk about the history of hacking the iPhone and his thoughts on the device. Zdziarski was one of the first software engineers to hack the iPhone. Now, does this sound odd? One person wrote, “So for Apple to give Zdziarski the podium at an Apple retail location is a little like Steve Ballmer inviting Linus Torvalds to speak at a Windows product launch.”

So what does this got to do with Apple Getting It? Well, just the gesture of inviting Zdziarski to speak at the Software Development Kit (SDK) conference says a lot. Apple is finally not rebelling against change anymore, but beginning to embrace it. When the iPhone first came out, online open-source communities were trading hacks through third-party installer applications. Finally, a year later Apple understood the opportunity which could arise from creating it’s own SDK. By inviting Zdziarski and releasing it’s own SDK for iPhones, Apple is setting an example for other companies in the industry. It’s a lot easier to work with your customers to help them get what they want by giving them the tools to create their own customized product, then fight with them and give them the same old product. This just creates a hassle for both parties; the customer isn’t happy and the business isn’t profiting. It also gives a company’s development team a break, and creates many more product ideas and innovations that may never have been created without the help of SDK platforms.

Still iPhone’s SDK has its problems. It still doesn’t allow users to access low-level functions, like operate applications in the background and build certain types of objects, even though Apple insists it offers the same tools its programmers use to develop its software. But I’m sure hackers will come up with a way to fix that soon enough. Apple has however released a second version of their SDK, the Interface Builder, which is a visual editor that users can drag and drop items to create the user interface of their applications. Apparently this makes application creation a lot easier.

Oh and just a side note, remember how I wrote that post about the hacking contest for laptops (sure you do!) well it turns out the Macbook Air was the first one to be hacked.

Get a Mac

March 24, 2008

The latest “Get a Mac” ad from Apple, looks like PC this time doesn’t like the overhead banner ads that feature quotes pertaining to Vista’s total suckage from the likes of CNET and PC Magazine.


Being an avid Mac user articles and other forms of media that pertain to Apple ALWAYS spark my interest.

The past week two articles got my attention. How Apple Got Everything Right By Doing Everything Wrong , and Breaking The Rules: Apple Succeeds By Defying 5 Core Valley Principles, both by Leander Kahney.

Apple has been doing everything right by doing everything wrong. Period. They definitely don’t act like any other large corporation. Where as every other large corporation has produced products to suit many different companies and applications, Apple in all its wisdom, saw the opportunity to grab an extremely large target market by becoming self sufficient. By producing products that work amazingly well (and rightly so) with their other products Apple has been able to increase their revenue with products like the iPhone, iPod etc… without the need to outsource much of their products.

Leander Kahney was able to come up with Apple’s unofficial principles that make Apple who they are:

1. COOPERATEValley RuleEmbrace open platforms. Software should be decoupled from hardware so users can access any program or data from any device. Example: Google’s Android, an operating system that will run on a variety of handsets from different manufacturers.Apple RuleDesign software to work on your own hardware — and not on anyone else’s. The OS X experience is made only for the Mac; iPhone apps function only on iPhones. And customers don’t seem to mind. Apparently, they’re willing to trade freedom for a kick-ass product.2. COMMUNICATEValley RuleTell your fans what you’re up to so they feel a connection to your company. Hiring difficulties? New strategies? Digestive problems? Blog ’em! Customers will feel more invested and more loyal. Plus, their comments could give you some good ideas.Apple RuleNever talk to the press. Shut down rumor blogs. Threaten to sue children who send you their ideas. Never leak product news until you’re ready to announce it. Then use that discipline to create buzz and win coverage with every announcement.3. PLAY NICEValley RuleDon’t exploit your market-leader status. Software should compete on its merits, not its ability to shut out rivals. Microsoft earned an antitrust suit and decades of ill will by muscling PC makers into bundling its operating system and browser onto their machines.Apple RuleHardball tactics rule! Every Mac is preloaded with iTunes, which becomes the user’s default music program. And most iTunes purchases can be played only on iPods, creating a closed loop that has proven tough for competitors — and music labels — to challenge.4. LOVE YOUR CUSTOMERSValley RuleMake sure to lavish affection on your clients, and try to ensure that every one of them has a positive experience. Anyone can post a withering review on Yelp or Amazon, so you can’t afford to let a single complaint go unaddressed.Apple RulePlease yourself, not your fans. Release iMacs without floppy drives. Release MacBook Airs without optical drives. Cut the price of an iPhone by $200 two months after its introduction; when early adopters complain, offer them a $100 gift certificate.5. CODDLE YOUR EMPLOYEESValley RuleSince the best ideas bubble up from within the ranks, encourage autonomy by allowing workers free time to focus on their personal projects. Also, shower them with perks like free food and massages to make them feel special.Apple RuleMotivate through fear. Don’t be afraid to scream. Threaten to fire them. Withhold praise until it’s truly deserved. Go ahead and bring them to tears. As long as you can inspire them with your sense of mission, they’ll consider this the best job they’ve ever had.

Some of these rules/principles may seem harsh and may be over exaggerated.

Apple’s customer service is second to none. They treat people like people. Casual and easy to talk to, it makes you want to call customer service just to have a chat.

Its not news to anyone that Apple (or Steve Jobs) is extremely secretive. But this works to their advantage. By not talking to the press or leaking any information about upcoming advancements in technology or products, Apple is able to control a lot of information about them. By only announcing new technologies about a product days before its release, they are able to create incredible amounts of hype, and really know how to get everyone talking.

Apple’s corporate model is definitely one of a kind, but incredibly risky. Maintaining this model will make Apple a powerhouse, however if another company tried to adopt it, it would lead to imminent failure.

pacman google 

There has been a lot of coverage regarding successful companies like Google and Apple who have climbed the ladder of success using business models contrary to the traditionally proven models. Now that these companies are becoming more successful, other companies are beginning to emulate them, or are in the process of investigating how to become like them. A main component of this recent recognition stage is the documentation of these companies. Wired published an article on how Apple made it’s way to the top by breaking every rule. Siva Vaidhyanathan , media scholar at the Univeristy of Virginia, is in the process of writing a book called The Googlization of Everything. Also, Jeff Jarvis has recently been contracted to write a book about Google’s business strategy relating it to other businesses and industries, aptly named: WWGD – What Would Google Do? It is expected to be published next spring.

Read the rest of this entry »

Apple and Free Music?

March 20, 2008

As we all know, the free craze has been forcing companies to rethink their business tactics. To my surprise, Apple is thinking about it as well. Apple + free music = Are you kidding me?! I guess this will be an add on to Dave’s post..

But of course there is a catch. To receive unlimited free access to the music library, customers have to be willing to pay more for the iPod and iPod Phone playing and digital media storing devices. Apple has to wake up and smell the coffee. Some of the company’s rivals are experimenting with new ways to distribute online music, even if that means giving it away. So as of now, “Apple is negotiating with record labels over a deal to offer a monthly music subscription for the iPhone, as well as an unlimited music bundle for both the iPod and iPhone” according to a cited unnamed music industry source.

As of right now, the iPod shuffle starts at $49, and the iPhones start at $399. No one is really sure as to how much prices with jump but one can only imagine. Oddly enough, approximately 10 percent of Apple’s revenues are made through iTunes. In 2007, iTunes made a 2.7 billion dollar profit for Apple. According to The Financial Times, “Apple sold $8.3 billion in iPods last year, an 8 percent increase over the year before.”

I think that it would be in Apple’s best interest to make free music available to customers without jacking up prices. Then again, Apple has become the world’s second largest music retailer in the U.S. To my amazement, Walt-Mart Stores Inc is the world’s largest music retailer.

Finally, Paul McCartney has signed a $400 million deal, which will see the Beatles catalog make its way to iTunes, at long last.

Paul McCartney has signed a $400 million deal, which will see the Beatles catalog make its way to iTunes, at long last. Though McCartney will probably make off with the lion’s share of the cash sum, Ringo Starr and the families of the late John Lennon and George Harrison will also benefit. Micheal Jackson, EMI and Sony will also be paid, as they each own a share in the back catalog. McCartney may actually have to pay out a little more on his divorce settlement because of the deal. How that works is anyone’s guess, but you gotta feel sorry for him; having to share all those millions is just plain malicious. Efforts to clear the Beatles-related music for digital distribution have been previously held up by a long-running trademark feud between iPod\iTunes-owner Apple Inc. and Apple Corps., the Beatles label. The two sides finally settled the dispute, opening the door to clear the catalogs for distribution via iTunes and other digital retailers.

United Press International