The articles I've seen claim they can get past Activation Lock to get access to the phone, but the SIM still doesn't work. The reason the SIM doesn't work is because their fake servers don't have the ability to activate a device. Which means the phone is useless as it doesn't really work.
If course they're claiming they'll have a fix for the SIM issue, but I have to wonder: what are all those people doing with iPhones that can't make phone calls or connect to any cellular network? That's not much more useful than a bricked iPhone. They love to brag about how many people have used their hack, but since none of them actually have fully functioning iPhones I don't see why it's being portrayed as a benefit.
Unless I completely missed something and they got past the SIM issue.
I don't know of any public WiFi networks that use encryption. Even when you need to enter a passcode into a splash screen to get access to the internet it's still an unencrypted WiFi network.
Encyption over the air does nothing on public wifi because its so easy to arp poison and reroute traffic via a hostile host (playing default gateway) connected to the same encrypted wifi. If you can not control what clients are connected anyway, then ssl and other vpn techniques are your only choice for secure communication over "public" wifi. This has always been the case and still is!!!
The Microsoft and google teams have been hard at work to exploit such things. Exploiting and leaking to upset the apple name. But if it can be done.....it can be done, reguardless of the rigmarole. I'd still rather my 5s/OSX over any android RAT infested handset or windoze machine.
The Microsoft and google teams have been hard at work to exploit such things. Exploiting and leaking to upset the apple name. But if it can be done.....it can be done, reguardless of the rigmarole. I'd still rather my 5s/OSX over any android RAT infested handset or windoze machine.
I see your rationale for your choice on platform is based on total la la land conspiracy ideas rather than how good it is
Encyption over the air does nothing on public wifi because its so easy to arp poison and reroute traffic via a hostile host (playing default gateway) connected to the same encrypted wifi. If you can not control what clients are connected anyway, then ssl and other vpn techniques are your only choice for secure communication over "public" wifi. This has always been the case and still is!!!
Most newer WiFi is using WPA2, which I thought had corrected the issue with ARP injection. But to your point I still don't understand how the hackers intercept the Apple ID which you would think would be over SSL, but perhaps not.
How would they know how many stolen iPhones have been unlocked that way?
Probably because that is the amount that have been unlocked using their fake server. Of course they can't know about other people who might exploit this.
These phones don't need to be in the direct possession of the hackers. They are able to open the server up to people all over the world who then use it to unlock the phones in their possession. Which apparently is a lot of demand for...
P.s. That all those 30000 phones were sold for profit was a misinterpretation on my part, but 30000 have been unlocked using that server. The article stated that the selling for profit is among the motives for unlocking a phone.
Most newer WiFi is using WPA2, which I thought had corrected the issue with ARP injection. But to your point I still don't understand how the hackers intercept the Apple ID which you would think would be over SSL, but perhaps not.
Jailbreak your iphone and install Pirni on it. Then connect to your favorate wpa2 encrypted AP and play default router and capture all passwords in cleartext that are going to the router. Eazy like hell. Even a 7 year old can do it!
Was the whole problem that there was no ssl session on Windows iTunes?
Pirni is a jailbreak app. Jailbreak apps are apps that can only be installed on jailbroken iPhones/itouches.
The iphone's wifi card is extremely limited (It can't go into promiscuous mode, unable to monitor packets, etc). From a network security standpoint, it's basically useless. That's where Pirni comes in. Pirni "arpspoofs" the router - i.e. Makes other devices think the iPhone is the router/gateway. This causes all network traffic to flow through the iPhone. The data is then forwarded to the correct device (laptop, router, desktop) so that all packets are delivered - this makes it so no one notices any difference in their speed/surfing/etc. As the data passes through the iphone, Pirni captures the packets and dumps them into a file.
That is how Pirni "sniffs" packets.
The "parser" ('derv') simply reads that packet dump-file every 5 seconds, looking for passwords, URLs, or cookies. Derv then displays this information as it is found. It basically reads the packets, Filters out the uninteresting stuff, and displays what you want.
A really cool feature is the Cookie Injection. If the sniffer grabs cookies for a certain site, it will inject them into Safari (the default browser for iPhone/iPod). With this, you can exit out of the scripts (they'll still run in the background), load safari, and go to the cookie's homepage, mimicing the intercepted cookie/session data. It works with a lot of popular pages (facebook, Twitter, amazon).
The cookie-injection had been done before in WifiZoo, but this is the first time I've seen it on an iPhone/iPod.
It will only sniff packets sent over networks that you are connected to.
Also, as a heads up, some routers (universities, corporate) have security measures in place to detect and avoid arpspoofers.
Bonus: the scripts work on every type of encrypted wifi network (Open, WEP, WPA, WPA2).
Jailbreak your iphone and install Pirni on it. Then connect to your favorate wpa2 encrypted AP and play default router and capture all passwords in cleartext that are going to the router. Eazy like hell. Even a 7 year old can do it!
Was the whole problem that there was no ssl session on Windows iTunes?
One of them, iTunes for Windows doesn't hash the passwords before sending them to the server.
But the biggest problem does seem to be the issue in the server verification. I.e. allowing fake servers to act like iCloud. And thus allowing for man-in-the-middle attacks.
In the case of the unlocking the hackers open up the fake server to people all over the world who then use it to unlock their (probably often stolen) devices.
A bit late to this discussion and having only skimmed the past 20 or so responses after reading up to that point. There are a few points that should probably be made (or not, but I'm going to anyway ):
1. A man in the middle attack (MiTM) on a session works by the attacker pretending to be the server to the victim, and the victim to the server. It is effective only when the attacker can spoof identity. Therefore an MiTM attack on an SSL connection *can* happen when the victim cannot establish with certainty the identity of the server. This is exactly the effect of a client not verifying certificates correctly (as described in the article, and as caused by the 'goto: fail' bug).
An MiTM attack also requires the attacker to be "between" the server and victim. For most of us, that is most easily accomplished in a public wifi space. For service providers and governments it's much easier to subvert connections within or between large network transit providers.
Choose your comfortable level of paranoia, but SSL is *not* a sure-fire protection agains MiTM if you're not careful.
2. Shared password encrypted wifi networks: On all encrypted wifi networks, the bulk encryption is done via symmetric encryption (AES) with a shared (between client and provider endpoints) key. On all of those networks, the key is unique to each session so different users cannot decrypt one another's network traffic. This is true even on shared password networks, because the session encryption key is derived for each session in a manner that only the provider and user endpoints know what it is.
*However* on a shared password encrypted network, the password itself is used to verify the identity of the provider and client to one another. That means that while it's not practically possible to snoop on existing sessions, it *is* easily possible to effect an MiTM attack when a session is started by spoofing the provider (and it's pretty easy to force a session restart for those around you on a wifi network).
This is true for pretty much any service for which the sole barrier to entry is a shared secret.
3. On enterprise encrypted wifi networks (the ones where everyone has their own username and password), techniques similar to those used by SSL are employed to prevent MiTM attacks.
One final note: ARP spoofing (what Pirni can do) will often allow you to intercept network traffic (on your local wired segment, or on a wifi network), even encrypted traffic, but it does *not* automatically permit the *decryption* of that traffic.
Most newer WiFi is using WPA2, which I thought had corrected the issue with ARP injection. But to your point I still don't understand how the hackers intercept the Apple ID which you would think would be over SSL, but perhaps not.
Jailbreak your iphone and install Pirni on it. Then connect to your favorate wpa2 encrypted AP and play default router and capture all passwords in cleartext that are going to the router. Eazy like hell. Even a 7 year old can do it!
Was the whole problem that there was no ssl session on Windows iTunes?
Happily, you can't jailbreak the latest version of iOS.
Most newer WiFi is using WPA2, which I thought had corrected the issue with ARP injection. But to your point I still don't understand how the hackers intercept the Apple ID which you would think would be over SSL, but perhaps not.
Jailbreak your iphone and install Pirni on it. Then connect to your favorate wpa2 encrypted AP and play default router and capture all passwords in cleartext that are going to the router. Eazy like hell. Even a 7 year old can do it!
Was the whole problem that there was no ssl session on Windows iTunes?
Happily, you can't jailbreak the latest version of iOS.
Most newer WiFi is using WPA2, which I thought had corrected the issue with ARP injection. But to your point I still don't understand how the hackers intercept the Apple ID which you would think would be over SSL, but perhaps not.
Jailbreak your iphone and install Pirni on it. Then connect to your favorate wpa2 encrypted AP and play default router and capture all passwords in cleartext that are going to the router. Eazy like hell. Even a 7 year old can do it!
Was the whole problem that there was no ssl session on Windows iTunes?
Happily, you can't jailbreak the latest version of iOS.
I've read all comments and still can't answer question?what does don't use icloud on public wifi mean? Is it safe to use my ios device to access icloud on public wifi networks??? Please answer in context of hacks identified for icloud.
I just bypass the icloud screen lock on my iPhone 5c using the software form this page http://removeicloud.wordpress..... Its for free , all you need to do is to make some survey for download the software. Good luck . Try this tool and solve your iPhone problem
Comments
If course they're claiming they'll have a fix for the SIM issue, but I have to wonder: what are all those people doing with iPhones that can't make phone calls or connect to any cellular network? That's not much more useful than a bricked iPhone. They love to brag about how many people have used their hack, but since none of them actually have fully functioning iPhones I don't see why it's being portrayed as a benefit.
Unless I completely missed something and they got past the SIM issue.
Amazing what people can do with Fiddler!
In other words don't use a public WiFI network because iCloud services are constantly working in the background.
The list of services tied to your iCloud ID is much more extensive than people realize.
- http://www.apple.com/support/systemstatus/
I don't know of any public WiFi networks that use encryption. Even when you need to enter a passcode into a splash screen to get access to the internet it's still an unencrypted WiFi network.Encyption over the air does nothing on public wifi because its so easy to arp poison and reroute traffic via a hostile host (playing default gateway) connected to the same encrypted wifi. If you can not control what clients are connected anyway, then ssl and other vpn techniques are your only choice for secure communication over "public" wifi. This has always been the case and still is!!!
They say more than 30000 stolen iPhones have been unlocked this way and sold for profit (as they are more valuable unlocked than locked of course).
How would they know how many stolen iPhones have been unlocked that way?
Most newer WiFi is using WPA2, which I thought had corrected the issue with ARP injection. But to your point I still don't understand how the hackers intercept the Apple ID which you would think would be over SSL, but perhaps not.
These phones don't need to be in the direct possession of the hackers. They are able to open the server up to people all over the world who then use it to unlock the phones in their possession. Which apparently is a lot of demand for...
P.s. That all those 30000 phones were sold for profit was a misinterpretation on my part, but 30000 have been unlocked using that server. The article stated that the selling for profit is among the motives for unlocking a phone.
Jailbreak your iphone and install Pirni on it. Then connect to your favorate wpa2 encrypted AP and play default router and capture all passwords in cleartext that are going to the router. Eazy like hell. Even a 7 year old can do it!
Was the whole problem that there was no ssl session on Windows iTunes?
Jailbreak your iphone and install Pirni on it.
Wow that is a serious issue. I guess we better be careful even on our own WiFi at the office.
Pirni is a jailbreak app. Jailbreak apps are apps that can only be installed on jailbroken iPhones/itouches.
The iphone's wifi card is extremely limited (It can't go into promiscuous mode, unable to monitor packets, etc). From a network security standpoint, it's basically useless. That's where Pirni comes in. Pirni "arpspoofs" the router - i.e. Makes other devices think the iPhone is the router/gateway. This causes all network traffic to flow through the iPhone. The data is then forwarded to the correct device (laptop, router, desktop) so that all packets are delivered - this makes it so no one notices any difference in their speed/surfing/etc. As the data passes through the iphone, Pirni captures the packets and dumps them into a file.
That is how Pirni "sniffs" packets.
The "parser" ('derv') simply reads that packet dump-file every 5 seconds, looking for passwords, URLs, or cookies. Derv then displays this information as it is found. It basically reads the packets, Filters out the uninteresting stuff, and displays what you want.
A really cool feature is the Cookie Injection. If the sniffer grabs cookies for a certain site, it will inject them into Safari (the default browser for iPhone/iPod). With this, you can exit out of the scripts (they'll still run in the background), load safari, and go to the cookie's homepage, mimicing the intercepted cookie/session data. It works with a lot of popular pages (facebook, Twitter, amazon).
The cookie-injection had been done before in WifiZoo, but this is the first time I've seen it on an iPhone/iPod.
It will only sniff packets sent over networks that you are connected to.
Also, as a heads up, some routers (universities, corporate) have security measures in place to detect and avoid arpspoofers.
Bonus: the scripts work on every type of encrypted wifi network (Open, WEP, WPA, WPA2).
I hope this was informative!
But the biggest problem does seem to be the issue in the server verification. I.e. allowing fake servers to act like iCloud. And thus allowing for man-in-the-middle attacks.
In the case of the unlocking the hackers open up the fake server to people all over the world who then use it to unlock their (probably often stolen) devices.
A bit late to this discussion and having only skimmed the past 20 or so responses after reading up to that point. There are a few points that should probably be made (or not, but I'm going to anyway ):
1. A man in the middle attack (MiTM) on a session works by the attacker pretending to be the server to the victim, and the victim to the server. It is effective only when the attacker can spoof identity. Therefore an MiTM attack on an SSL connection *can* happen when the victim cannot establish with certainty the identity of the server. This is exactly the effect of a client not verifying certificates correctly (as described in the article, and as caused by the 'goto: fail' bug).
An MiTM attack also requires the attacker to be "between" the server and victim. For most of us, that is most easily accomplished in a public wifi space. For service providers and governments it's much easier to subvert connections within or between large network transit providers.
Choose your comfortable level of paranoia, but SSL is *not* a sure-fire protection agains MiTM if you're not careful.
2. Shared password encrypted wifi networks: On all encrypted wifi networks, the bulk encryption is done via symmetric encryption (AES) with a shared (between client and provider endpoints) key. On all of those networks, the key is unique to each session so different users cannot decrypt one another's network traffic. This is true even on shared password networks, because the session encryption key is derived for each session in a manner that only the provider and user endpoints know what it is.
*However* on a shared password encrypted network, the password itself is used to verify the identity of the provider and client to one another. That means that while it's not practically possible to snoop on existing sessions, it *is* easily possible to effect an MiTM attack when a session is started by spoofing the provider (and it's pretty easy to force a session restart for those around you on a wifi network).
This is true for pretty much any service for which the sole barrier to entry is a shared secret.
3. On enterprise encrypted wifi networks (the ones where everyone has their own username and password), techniques similar to those used by SSL are employed to prevent MiTM attacks.
One final note: ARP spoofing (what Pirni can do) will often allow you to intercept network traffic (on your local wired segment, or on a wifi network), even encrypted traffic, but it does *not* automatically permit the *decryption* of that traffic.
Happily, you can't jailbreak the latest version of iOS.
http://www.forbes.com/sites/antonyleather/2014/05/22/apple-ios-7-1-1-jailbreak-shown-to-work/
There has been no jailbreak for the iPhone 5, iPhone 5s or iPhone 5c since iOS 7.1 which came out in March 2014 over two months ago.
There has been no jailbreak for the iPhone 5, iPhone 5s or iPhone 5c since iOS 7.1 which came out in March 2014 over two months ago.
http://www.evad3rs.net/search/label/Jailbreak%207.1
but no "formal" release yet for 7.1.1
form this page http://removeicloud.wordpress..... Its for free , all
you need to do is to make some survey for download the software. Good
luck . Try this tool and solve your iPhone problem