Sweden-based Micro Systemation recently demonstrated on video just how easily their desktop software for military and law enforcement can crack into an iPhone. With a few quick reboots, XRY can not only dig out the phone's unlock code, but can also personal data, GPS locations, messages, and a log of keystrokes. Though Micro Systemation wouldn't go into specifics on how they go about doing all of this, they said the process is similar to jailbreaking, and they're constantly keeping up to speed on the latest iOS and Android updates. Though the video below shows the process happening pretty quickly, more complicated passwords can make the crack take infinitely longer - sometimes too long to be worth it.

Of course, this kind of software is used exclusively by law enforcement agencies of various kinds around the world, so there's no need to worry about some random hacking into your phone with this software. Likewise, Micro Systemation isn't responsible for how police and military use the software once they've been certified by local governments.   In California, cops don't even need a warrant to search your phone.

We all know that our iPhones are highly personal items and can store a lot of sensitive information on them. As scary as it might be that the cops can get access to it in a heartbeat, it's only really an issue if you've done something wrong, isn't it?

Source: Forbes

Iconic iPhone hacker George Hotz has quit Facebook and joined a new startup named Backplane. The folks over at BusinessInsider met up with Geohot recently and it looks like Backplane, funded by Lady Gaga and Google Ventures, is keeping him busy with hacking and coding.

Backplane empowers social community. We are a canvas for self-expression. We unite people around interests, affinities and movements. We are just getting started.

During a recent hackathon, Hotz was working on coding a program that would find all your friends on Facebook and put them on a map. Even though their project didn't win, it's good to see Hotz back to doing what he appears to be best at. Anyone besides me hoping he'll become involved in the iOS jailbreak community again?

Source: BusinessInsider

So if you've jailbroken your iPhone, installed SSH, and still haven't changed your password from the default despite our previous warnings about Dutch Ransomers and Australian Rickrollers? Maybe you thought those were just funny (as seen in this video from iPhoneMVP) and not worth worrying about? Well now things have gotten more serious -- there's a new attack making the rounds that just plain steals your data.

Same method of attack, the bad guy scans the local network for insecure SSH on Jailbroken iPhones, and when it finds it, begins to copy your contacts, messages, email, events, photos, media, etc. This could, of course, include passwords, financial data, and those pics you never got around to deleting...

If you haven't already, go change your SSH password now. If you need help, go to the TiPb iPhone Forums and get it. Just secure your iPhone.

[Intego, thanks to everyone who sent this in]

For iPhone Jailbreakers using SSH to access their devices -- without changing the default password -- getting Rickrolled by a worm may be annoying (no worse than getting held for ransom by a hacker) but it's a sign that far more insidious and malicious attacks are possible -- so change those passwords now!

Back to the Rickroll. TUAW reports:

A hacker, going by the name "ikee," created a worm that changes the home screen background on jailbroken iPhones whose owners failed to change the default password after installing SSH.

And the new background is, of course, Rick Astley. While removal details are included in an interview with the hacker, it's better to be safe than sorry. So, check our iMuggle's tutorial on how to change your SSH password, and change it right away.

Pwn2Own is a hacking contest which in previous years demanded OS exploits on day one, allowed browser vectors on day two (how OS X was compromised last year -- thanks Safari!), and opened the floodgates with 3rd party bugware on day three. First person to successfully hack a machine won it as a prize, along with a nice cash bounty for their troubles.

This year, Ars Technica says Pwn2Own is doing something a little different: they're bringing in the mobiles!

Apple's iPhone is front and center on their target list, along with the Google Android G1, and devices from the BlackBerry, Symbian, and Windows Phone families. Pwn the mobile and you not only win it, but $10,000 to boot!

Not a lot of solid info on the rules yet, but we'll keep a look out. Any white hats out there eager to try their luck?

We had sort of been expecting that the iPhone 3G would be more difficult to unlock because it would be impossible to walk out of a store without signing a contract and activating the iPhone. We all know how that worked out on launch day -- iPhones were flying about unactivated anyway. Honestly, given that the 2.0 software has already been fully pwned (read: opened up, jailbroken, made to serve the whims of hackers everywhere), the early unlocking really should be no surprise.

Fernando writes in:

I just saw this today. A brazilian team seems to be the first one in the world to have a fully unlocked 3g iPhone. It's using brazilian operator TIM, that does not support iPhones here in Brazil; actually the iPhone did not even start selling here, and when it does it will be Claro and maybe Vivo.

The video is in Portuguese, so it might not be clear exactly what's happening to most readers. The method here, as Gizmodo notes, is

a special card that piggybacks to your SIM card, fooling the phone into thinking it's using an official carrier. While this is not the software unlock being developed by the usual suspects, the video clearly shows that it works fine.

We know a lot of folks are waiting for a clear path to unlocking and jailbreaking to get the iPhone 3G -- it looks like that wait isn't going to be much longer than an Apple store line.