Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

iPhone Cracked

The infamous Norwegian hacker, Jon Lech Johansen who is better known as “DVD Jon” for coming up with code that broke DVD copy protection in the late 90s has drawn first blood with the iPhone.

Johansen has posted a way by which iPhone owners can use their devices in a limited fashion without having to first activate it with AT&T. This set of instruction is posted on the Internet.

The code, which he posted Tuesday on his blog in an entry entitled “iPhone Independence Day,” transforms the iPhone into a very expensive iPod and Internet communicator without its voice functionality.

The code allows users to play any multimedia file that the iPhone has been designed to play without paying the startup fees. Any function having to do with wireless voice communications, though, cannot be used with the code. The workaround requires a Windows computer that has the Microsoft .Net framework installed.

The code basically mimics an AT&T server. This attack could be termed as a ‘mimicry attack.’ This is based on subverting the domain name system with a server that acts like Apple’s activation server.

While the solution does not exploit the full feature set of the iPhone, the code gives access to its most talked about features.

Most of the people interested in DVD Jon’s latest technological feat appear to be more attracted to putting one over on AT&T than to what they’re actually getting by circumventing the activation.

One blogger even told readers that another way to activate the phone without AT&T in the loop is to use a friend’s activated iPhone SIM card and then insert it into the unactivated iPhone.

Google DoubleClicks user privacy

European consumer group BEUC feels that combination of DoubleClick and Google could create a great threat to user privacy. The two companies, which announced plans for a merger months ago, both hold large databases of users’ online habits. If they combine those details it could lead to a violation of user privacy and would damage European Union privacy rights and limit consumers’ choice of Web content.

Their plea to EU regulators came after US consumer privacy advocacy groups asked the US Federal Trade Commission to look at how these two companies would have access to an unprecedented amount of data on consumers’ Web usage and Internet search habits.

In a letter to data privacy and consumer rights regulators, BEUC said the new company would have and could exploit enormous amounts of personal information about users as they click on Web pages and applications.

“Never before has one single company had the market and technological power to collect and exploit so much information about what a user does on the Internet,” it said. “The unprecedented and unmatched databases of user profiles ... appear also to be in clear violation of users’ privacy rights.”

The world’s largest Internet search engine relies on its cookies and user logs to compile information of the search terms entered into specific Web browsers as well as other potentially sensitive online information. The company says that the data help its search engine better understand its users so it can deliver more relevant results and advertisements.

Google had no immediate response to BEUC’s concerns but the company has said previously that the takeover poses no risk to competition and should be approved.

Addressing the U.S. antitrust review, Google said in May that protecting user privacy and making people aware of its privacy policies serves as a key part of building trust with users, advertisers and publishers.