Adobe is releasing an out-of-cycle patch for Adobe Reader and Adobe Acrobat today to patch a vulnerability for iPod Touches, iPads and iPhones.
The patch will affect all operating systems, not just Apple products. The next scheduled release of Adobe patches was October 12th, but due to the critical nature of this vulnerability Adobe is releasing the patch early.
From the Adobe Security Bulletin:
Adobe is planning to release updates for Adobe Reader 9.3.3 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.3 for Windows and Macintosh, and Adobe Reader 8.2.3 and Acrobat 8.2.3 for Windows and Macintosh to resolve critical security issues, including CVE-2010-2862 discussed at the Black Hat USA 2010 security conference and the Adobe Flash Player update as noted in Security Bulletin APSB10-16. Adobe expects to make these updates available on Thursday August 19, 2010.
Adobe’s Flash Player was just patched yesterday. If your Flash Player hasn’t automatically updated, go to adobe.com to get the update..
————————
HOSB RSS Feed
Apple is a secretive company by nature, but there are always people who were born to take things apart to see how they work and delve into area where they’re not wanted.
One White Hat hacker came up with a program called JailbreakMe 2.0 to allow you to run unapproved apps, themes and tweaks on your iPhone, iPad or iPod Touch.
However, there are also Black Hat hackers out there, too. Jesus Diaz at Gizmodo just released a vulnerability on all three above mentioned gadgets from Apple that don’t even need any action on your part other than opening a PDF file.
From the Gizmodo post:
Right now, if you visit a web page and load a simple PDF file, you may give total control of your iPhone, iPod touch, or iPad to a hacker. The security bug affects all devices running iOS 3.1.2 and higher.
Update: Initially we thought that this exploit only effected iOS4 devices, but it turns out all iPhones, iPod Touches and iPads running 3.1.2 and higher are susceptible.
The vulnerability is easily exploitable. In fact, the latest one-click, no-computer-required Jailbreak solution for iOS 4 devices uses this same method to break Apple’s own security (although in a completely benign way for the user).
How it works
It just requires the user to visit a web address using Safari. The web site can automatically load a simple PDF document, which contains a font that hides a special program. When your iOS device tries to display the PDF file, that font causes something called stack overflow, a technical condition that allows the secret ninja code inside the font to gain complete control of your device.
The result is that, without any user intervention whatsoever, that program can do whatever it wants inside your iPhone, iPod touch or iPad. Anything you can imagine: Delete files, transmit files, install programs running on the background that can monitor your actions… anything can be done.
It’s not just a problem with Apple. Virtually all smart phones are susceptible to hacking and viruses. Security and antivirus apps have yet to catch up. But secrecy is not a good defense.
The vulnerability is easily exploitable. In fact, the latest one-click, no-computer-required Jailbreak solution for iOS 4 devices uses this same method to break Apple’s own security (although in a completely benign way for the user).
How it works
It just requires the user to visit a web address using Safari. The web site can automatically load a simple PDF document, which contains a font that hides a special program. When your iOS device tries to display the PDF file, that font causes something called stack overflow, a technical condition that allows the secret ninja code inside the font to gain complete control of your device.
The result is that, without any user intervention whatsoever, that program can do whatever it wants inside your iPhone, iPod touch or iPad. Anything you can imagine: Delete files, transmit files, install programs running on the background that can monitor your actions… anything can be done.
.
————————
HOSB RSS Feed
Okay, up until now I haven’t been all that impressed with Apple’s iPad. “It’s a huge iPhone” and “Meh” were two of the most common responses to the iPad launch.
Other problems with the iPad:
No Flash
Apple’s iPad OS licensing agreement shows that users will only get one free major OS upgrade and will have to pay for any further upgrades.
Apple claims to have the right to restrict all content on its device
If your iPad requires service due to the battery’s diminished ability to hold an electrical charge, Apple will replace your iPad for a service fee ($105.95). You will receive a replacement iPad that will not contain any of your personal data.
No removable storage
No USB port
Can’t print anything
But, the guys at ThinkGeek.com have come up with a novel way to use your iPad. It’s called the iCade Arcade Cabinet. Just slide your iPad into the slot where it connects to a 30-pin connector, launch the free iCade app and it’s “game on”!
It has professional grade controls and a built-in iPad charger for unlimited play time.
What will they think of next?.
————————
HOSB RSS Feed
Apple’s recently released iPad has brought video streaming formats to the forefront. Why? Because it doesn’t recognize Flash.
It wasn’t that big a deal when the iPhone shunned Flash, but when the iPad, suitable for Internet browsing, didn’t include Flash it meant that its users would have a limited view of the web.
NOTE: YouTube uses Flash video. Apple added an app that allows YouTube videos.
First, a little background on video streaming. True video streaming requires server software that handles the stream. It monitors the connection speed between the server and the viewer and matches the download speed to the connection speed.
Most web video uses progressive download. That’s where a portion of the video is downloaded and the rest downloads as it’s being viewed. The initial wait time (buffer) and streaming rate are built into the video.
The advantage of progressive downloads are its simplicity and ability to run from any web site. The disadvantage is people with slow connections having to wait during viewing for the video download to catch up and people with fast connections not receiving the optimal experience.
The Video Streaming Battle Begins…
Continue reading .
————————
HOSB RSS Feed
Recommended
