Hack Job

Filed under: security hacksIt's been a few weeks since [Dan Kaminsky] announced the nature of the DNS vulnerability and allowed 30 days of non-disclosure for patches to be applied before details of the exploit went public. Unfortunately, the details were leaked early and it didn't take long for a functional exploit to be released into the wild. Since then, many ISPs have taken steps to prevent their users from falling victim to the attack, and BIND, the widely-used DNS protocol implementation, was updated to minimize the threat. Even then, there were reports of a version of the attack being actively used on AT&T's DNS servers.

Filed under: cellphones hacks, newsTechOnline has cracked open the iPhone 3G to find out what makes it tick. They've released detailed diagrams as well as some videos of the dissection.

Filed under: cellphones hacks, ipod hacks, newsThe iPhone dev team, notorious for jailbreaking the iPhone has just released a video of the iPhone 3G hacked. Keep up to date with it and watch for a release on their blog. This is a major update to the PwnageTool which is already available for previous versions of the iPhone.

Filed under: newsOver at Engadget, they've taken some time to completely review the iPhone 3G. Take a few moments to stop reading about all the trouble activating them and read about the phone itself.

Filed under: macs hacks, security hacksWhen Apple pushed their most recent security update, the first thing we checked was whether the ARDAgent issue was fixed. It's not. This vulnerability lets anyone execute code as a privileged user and versions of this attack have already been found in the wild. While several Ruby, SMB, and WebKit issues were addressed it, ARDAgent is still unpatched. [Dino Dai Zovi] has published the method by which ARDAgent actually becomes vulnerable: when it starts, it installs its own Apple Event handlers and calls AESetInteractionAllowed() with kAEInteractWithSelf. This should restrict it only to its own events, but for some reason that's not the resulting behavior. He also pointed out that SecurityAgent has displayed similar weirdness; it is vulnerable to Apple Events even though it doesn't calls an Apple Events function. We can see how this unexpected behavior could make patch development take much longer and may end up uncovering an even bigger problem. Check out [Dino]'s post for more information.Read | Permalink | Email this | Linking Blogs | Comments

Filed under: macs hacks, pcs hacksOn June 23rd, EFiX is planning on releasing a USB dongle that will let any PC boot and install OSX from a retail DVD. The commercial device is supposed to take care of all patching and other woes OSX86 enthusiasts have had to deal with. Very little information is provided other than a statement that the development process took a lot of time and that they overcame "sabotage"... so, it's got that going for it. Major OSX86 contributor (and Psystar hater) [Netkas] received a device to test and was pleased with the results. We're just going to wait and see what happens. Not that it matters; they have no plans of releasing it in the US.

Filed under: home entertainment hacks, daily[David] took some interesting steps to put together his own Slingbox-ish setup. He used a Mac mini running Quicktime Broadcaster to capture the stream from a Firewire video camera which his cable/satellite receiver is plugged into. You'll have to use an OS X machine, but that's not too difficult these days. Broadcaster is about the simplest way to capture from Firewire and stream. We're using it in our own office to multicast the signal from a Canadian satellite box.Read | Permalink | Email this | Linking Blogs | Comments

Keywurl is a nifty little Safari plugin that adds simple keyword search to the address bar. Say you wanted to pull up the Wikipedia entry for hacks: just type "wiki hacks" into the address bar. Looking for photos tagged with makerfaire? "flickr makerfaire" will take you to the appropriate place.The latest beta version for Leopard allows you to right click on any form field and add a search shortcut keyword for it. This would easily let you add keywords like "hacks" or "slashdot" that would let you query for articles on your favorite sites. Unfortunately, there isn't a Tiger build of this version yet, so revision slackers like me will have to wait. You can also get at the keyword settings manually through a new button in the Safari preferences panel.

Filed under: macs hacksXBMC (formerly Xbox Media Center) has always been a popular choice for retiring an original Xbox. Maybe people install it for lack of something better to do or maybe it's the pride in having better media support than the 360. The XBMC team has found another device that has a pretty weak television experience, the Mac. Lifehacker took the latest XBMC for OSX beta build for a run now that it supports remote controls. It seems like a much more functional than Apple's built in Front Row. There are a few things that don't quite work yet, which you can find in the FAQ. We're definitely going to try this on our old Mac mini... once we upgrade it to Leopard, which is an unfortunate caveat that might prevent people from running XBMC on legacy hardware. There is no Apple TV support planned because of limited horsepower and the hacking hurdles that might be required. If you're interested in repurposing your old Xbox with XBMC, check out Lifehacker's install guide.Read | Permalink | Email this | Linking Blogs | Comments

Filed under: laptops hacks, misc hacksCertain OS installers cough*osx*cough don't like the on-board displays on some machines. [Ziddan] posted a paperclip based work around for them on the eeeuser forums (originally posted by [mugan] on insanelymac). Apparently by shorting the pins, the video card will report that there is an unknown external display attached.Read | Permalink | Email this | Linking Blogs | Comments

Amit Singh, the Google Mac Team hacker who taught us all how to use the Mac motion sensor as a human interface device and manipulate the keyboard backlight on the MacBook Pro, wrote a short program that demonstrates how to control the LEDs on your keyboard through a user space program:If you have an irrepressible urge to turn these LEDs on or off through software, here is a program that shows you how. (Note that the program only manipulates the LEDs -- it will not actually cause caps lock or num lock to be engaged.) The program also serves as an example of how to do user-space Human Interface Device (HID) programming through the I/O Kit.I'm not sure what you could use this for, but that's for you to sort out, right?

Dennis Stevense posted a great little Terminal hack which enables single window browsing for the latest version of Safari. If you're running 3.1 you can type in the following command to make all "target='_blank'" links open in a new tab instead of in a new window:defaults write com.apple.Safari TargetedClicksCreateTabs -bool trueThis is one of my favorite Firefox features, so I'm pretty happy to see it available in Safari, even if it's under a hidden setting.How to enable single window mode in Safari

A review of version 1.6.4 of Sunrise Internet browser. Still a little buggy, but very fast and nice minimalist look. Cool visual bookmark feature that pops out on the right hand side of the browser.

Becky Stern forwarded us Jonathan Berger's simple and useful hack that adds dividers to the Finder sidebar.I use the Finder's Sidebar pretty heavily, but it was getting to be a mess that could really use some dividers. Solution? Make an empty folder called " ..................." and stick it in there.You'll need a leading space with periods. Dashes also work and patterns like " - - - - - -" are satisfying too. Periods work particularly well, because you can make the filename long and when it's abbreviated in a skinny sidebar it'll still look correct with "..." added at the end.

We've posted about installing Ubuntu and Vista on the little Asus Eee PC, so to round things off, here's a guide for installing Leopard. Using a few tools of the hackintosh trade, Dan from Uneasy Silence was able to get OS X running on the little lappy.So, ever since I got the eeePC I've loved how easy it is to tinker with. Since I'm not a Linux guy, I dumped the Xandros preload and opted for Windows XP so I could you my EVDO USB datacard and blogging software easier, but I wondered could I install OSX on it? And, after trial and error - you can!One thing that Dan mentions is that Leopard is a bit pokey on the Eee. He opted to run OS X 10.4.8 instead, and it sounds like it performs quite a bit better.

One of my favorite old computers is making the news again--C|Net News.com reports that the Sharp Actius MM10 is most likely the thinnest notebook out there (seems pretty much a tie):Back in the first years of the decade, Sharp released the Muramasas. Measuring 0.54 inch thick, the Actius MM10 Muramasa notebook, which hit shelves in 2003, came with a 1GHz Crusoe processor from Transmeta, 256MB of memory, a 15GB hard drive and a built-in Wi-Fi module. It ran 2.5 hours on a regular battery, and cost $1,499. Sharp also had a Mebius notebook in the Muramasa family that measured 0.65 inch thick.In a strange coincidence, my XO laptop recently ordered me to install Linux on my MM10, so I dug it out of the closet, re-seated the hard drive (the case has never quite recovered from the time I installed a physically-too-large 40GB drive in it), and put xubuntu on it. What I'd like to find now is a 4GB or 8GB solid state drive in a package that's compatible with the Toshiba 1.8" IDE drive. Either that, or I need one of these: Compact Flash to 1.8" Toshiba HDD Adapter

If you hold down 'T' while booting a Mac, the screen will go black and display a large Firewire logo. In this state, called Target Disk Mode, your fancy laptop is magically transformed into a plain ol' external hard disk. Connect it to another machine via a firewire cable and your Mac's hard drive will appear on the other machine's desktop, just as if you had connected an external firewire drive. Just unmount and reboot to return your trusty Mac to its normal self.While turning your laptop into a $2000 firewire drive may seem a little bit of a downgrade, it can come in quite handy for transferring large files. Think about it: if you were to transfer a huge amount of data over sneakernet, you'd need to copy it over to a firewire disk, reconnect the disk to the another machine, and then transfer the data again over the firewire connection. With Target Disk Mode, you only make the firewire transfer once, so a large file transfer takes half the time. Like sneakernet, you still need to hike one of the Macs over to the other machine to make the connection, but since you are transferring half the data, you are only required to wear one sneaker.

GrabFS is a clever MacFUSE-based file system created by Amit Singh that creates a live screenshot file system for all of your running applications.When you run GrabFS, a new drive volume will appear. Inside, you'll find a folder for each running application, and inside each application directory, you'll find a tiff file for each of the application's windows. When you drag, copy or open one of these files, you get a snapshot of the application window at that point in time.

FTP is insecure protocol, but file-transfer is required all time. You can use OpenSSH Server to transfer file using SCP and SFTP (secure ftp) without setting up an FTP server. However, this feature also grants ssh shell access to a user.In this article series we will help you provide secure restricted file-transfer services to your users without resorting to FTP. It also covers chroot jail setup instructions to lock down users to their own home directories (allow users to transfer files but not browse the entire Linux / UNIX file system of the server) as well as per user configurations.

Whether you love Apple’s design and functionality, or just want to play around with your computer, it can be both fun and helpful to emulate a Mac while running Linux. Here, you’ll find tutorials, hacks, tools, and more that can help you copycat Mac.