h4ck3r _ N3w5

The co-founder of The Pirate Bay torrent site Gottfrid Svartholm Warg (Anakata) and his 21-year-old Danish co-defendant have been found guilty by a Danish court of hacking into systems operated by American IT giant CSC and illegally downloading files. It was the biggest hacking case ever conducted in the history of Denmark.

By breaking into the servers maintained by CSC, Svartholm Warg illegally accessed police email accounts and stolen email addresses and passwords of over 10,000 policemen, explored the European border control database, and downloaded millions of social security numbers belonging to Danish citizens. The initial hack attack took place for about six months.

“This is the largest hacking case to date. The crime is very serious, and this must be reflected in the sentence,” Prosecutor Maria Cingali said.

Gottfrid Svartholm allegedly committed the crime along with his his 21-year-old co-defendant between February and August 2012. His co-defendant is only known by the alias of “JKT” as the Judge Kari Sørensen, who presided over the case, ordered media outlets not to publish his name in order to protect the man’s privacy.

The defence team argued that although the hack attacks were carried out using a computer owned by Svartholm, but he was not the person that used it to steal the files as, they said, his entire group of developers had access to the computer. So, any one of them could be responsible for the hacking.

“My recommendation has always been that the investigation has focused on finding clues that point to my client, even though the tracks have also pointed in another direction,” lawyer Louise Høj said, as cited by TorrentFreak. “It is clear that my client’s computer has been the subject of remote control, and therefore he is not responsible.“

However, the court said the unauthorized access to CSC computer mainframes was a “systematic and organised” approach, dismissing the Swede’s claims that his computer system was used by someone else to carry out the hack as “unlikely,” the Local reports.

Security expert Jacob Appelbaum, a well-known activist and leading member of the Tor project – an open source and free anonymous browser service, said that it would have been easy for an outsider to gain access to Warg’s computer. He pointed out that Danish authorities had found no forensic evidence and all of the evidence had been provided by CSC.

Appelbaum expressed his disappointment with the conviction on Twitter. “Gottfrid convicted. I’m sad to hear that only two of the jurors understand the technology involved,” Appelbaum tweeted yesterday.

Gottfrid Svartholm was arrested in his Cambodian apartment in September 2012 and it took two years before he went on trial in Denmark. In September 2013, he was deported from Cambodia to Sweden where he served a jail term for copyright theft because of his involvement with the Pirate Bay file-sharing site.
In a separate trial in 2013, Warg was sentenced to one year in a Swedish jail for hacking into a bank’s computers. Then in November 2013, he was finally extradited to Denmark to face charges in the CSC hacking cases.

Svartholm will be sentenced on 31 October and could face six years in jail. His accomplice walked free from the court on Thursday as he had served 17 months in pre-trial detention.

“The punishment should be close to the maximum punishment, which can be six years in prison,” the senior prosecutor in the case, Maria Cingari, said according to local media. “It shouldn’t be under five years.“

Since its launch in 2003, The Pirate Bay (TPB) becomes the world’s largest torrent tracker site which handles requests from millions of users everyday and is in the top 100 most visited websites on the Internet. TPB is predominantly used to share copyrighted material such as films, TV shows and music files, free of charge. Generally, it is famous for potentially hosting illegal contents on the website.

via The Hacker News http://ift.tt/1nVxAWQ

Nearly a decade-long cyber espionage group that targeted a variety of Eastern European governments and security-related organizations including the North Atlantic Treaty Organization (NATO) has been exposed by a security research firm.
The US intelligence firm FireEye released its latest Advanced Persistent Threat (APT) report on Tuesday which said that the cyber attacks targeting various organisations would be of the interest to Russia, and “may be” sponsored by the Russian government.
The Report entitled “APT28: A Window Into Russia’s Cyber Espionage Operations” published by FireEye has “evidence of long-standing, focused operations that indicate a government sponsor – specifically, a government based in Moscow.”

“Despite rumours of the Russian government’s alleged involvement in high-profile government and military cyber attacks, there has been little hard evidence of any link to cyber espionage,” Dan McWhorter, FireEye vice president of Threat Intelligence, wrote in a blog post discussing the report.

“FireEye’s latest APT report sheds light on cyber espionage operations that we assess to be most likely to be sponsored by the Russian government, long believed to be a leader among major nations in performing sophisticated network attacks.“

The cyber-espionage group believed to have been operating since at least 2007 in order to steal political and state secrets from businesses and foreign governments. The group launched a cyber attack on government in Georgia, Eastern Europe, as well as NATO and the Organisation for Security and Co-operation in Europe, according to the report.

Whereas the Russian cyber criminal groups are known for conducting massive cyber campaigns aimed at stealing money and financial information, but APT28 focuses on “privileged information related to governments, militaries and security organizations.”

“This group, unlike the China-based threat actors we track, does not appear to conduct widespread intellectual property theft for economic gain,” FireEye stated in the report. “Nor have we observed the group steal and profit from financial account information.”

The security firm analyzed that the malware used by APT28 features a consistent use of the Russian language. Moreover, more than 96 percent of malware samples analyzed by the researchers were compiled between Monday and Friday, between 8AM and 6PM in the time zone paralleling working hours in Moscow and St. Petersburg. This regularity in the work suggests that the hackers were in Moscow, the report argues.

The APT28 group has constantly updated their software and made the resulting binaries difficult to reverse engineer. It used a downloader tool that FireEye dubbed “SOURFACE“, a backdoor labelled “EVILTOSS” that gives hackers remote access and a flexible modular implant called “CHOPSTICK” to enhance functionality of the espionage software.

Infection is usually achieved via a spear phishing email with a relevant lure and the malware hidden in the attachment. The hacker group has also created a number of fake domains for UK-based defence events, including the Counter Terror Expo, as part of the operation to gather intelligence on attendees.

Together with the help of above mentioned tools, the group gained access to the file system and registry; enumerate network resources; create processes; log keystrokes; access stored credentials; execute shellcode, and encrypt exfiltrated data uploaded with an RSA public key.

“The coding practices evident in the group’s malware suggest both a high level of skill and an interest in complicating reverse engineering efforts,” the report stated.

In another report , a top White House official has confirmed that Russian hackers have hacked into the unclassified White House computer networks. “we identified activity of concern on the unclassified Executive Office of the President network,”.

Russia has been suspected of attacks on Ukraine too, including attempts to gain access to politicians’ mobile phone communications.

via The Hacker News http://ift.tt/1q3GmOj

China’s number one — and the world’s 3rd largest — smartphone manufacturer, Xiaomi, which is trying to make inroads into India’s booming mobile phone market, was found secretly sending users’ personal data, including IMEI numbers, phone numbers and text messages to the web servers back to Beijing in China.

INDIA AND TAIWAN vs XIAOMI

This issue raised higher concerns across many countries, proactively in India, Singapore and Taiwan.

The Indian Air Force (IAF) — among the largest in the world — warned its employees and their belongings that their private information was being shipped over to servers in China, and asked them to avoid using Xiaomi smartphones due to security risk.

Taiwanese Government underlined similar concerns before Xiaomi’s launch in India. Xiaomi is facing an investigation in Taiwan for alleged cyber security threat, as a result of which last month the Taiwanese government decided to ban the company due to several privacy controversies.

When it comes to sales, Xiaomi’s Mi3 and RedMi 1S have lately been redefining the term ‘Flash Sales’ with a recorded sales of 90,000 units in just 12 seconds. So, you can imagine the total Xiaomi statistics of Xiaomi.

TAIWANESE RESEARCHER TO EXPOSE XIAOMI AT HACKER CONFERENCE

Meanwhile, an independent Taiwanese Security Expert came up with another bad news for Chinese Xiaomi Mobile company, as he claimed to have found zero-day vulnerability in Xiaomi website that allowed him to obtain credentials of millions of Xiaomi accounts and logs from the servers.
Taiwanese Researcher allegedly planned to reveal Xiaomi zero-day vulnerability and his investigative researcher at Asia’s biggest hackers conference, Ground Zero Summit (G0S) 2014 this November; with his session titled – “Privacy-Alert: Exposing China-based XIAOMI Mobiles“.

As shown in the above screenshot, paper abstract mentioned on the website says, “In this session Taiwanese Researcher will demonstrate how Xiaomi Phones have been sending device data and personal data of Xiaomi Phone user to Chinese Servers. The Researcher will also release Server Logs, Mi Account username, Emails and passwords of millions of Xiaomi users which have been obtained using a Zero Day flaw in the Xiaomi Servers.”

But after getting selected as a speaker for the conference, reportedly the talk has been cancelled and removed from the conference website within a day.

In a mail, the ‘Ground Zero Summit’ organizing team told The Hacker News that ‘Privacy-Alert: Exposing China-based XIAOMI Mobiles’ session has been cancelled due to “unethically breaching Xiaomi servers” using a zero day flaw in Xiaomi servers and that vulnerability could have been utilized by anyone to convey a data and privacy breach.

DATA BREACH AT XIAOMI

Xiaomi devices provide ‘Mi Account’ to its customers through which users gain access to their Mi Cloud, Mi Talk, MIUI Forum, Mi Market and other Xiaomi services. These online Xiaomi Mi Accounts store users’ personal information including mobile numbers, email addresses and account credentials.

Xiaomi website zero-day vulnerability and Taiwanese Researcher’ session at G0S Conference also raises concern about the security of the data of millions of users linked to their Xiaomi’s Mi Cloud account.

The researcher contacted The Hacker News team and provided partial database of a few thousands of Xiaomi users, which confirmed that the millions of Xiaomi Mi accounts has already been compromised.

Anyone with Xiaomi account credential can remotely locate, ring, lock and wipe up your phone data easily. Xiaomi mobile users are recommended to reset “Mi account” password immediately.

XIAOMI MOVING DATA CENTER TO INDIA

After facing several privacy controversies, Xiaomi said today that it plans to open a data center in India, away from its servers in Beijing due to performance and privacy considerations.

Just yesterday, Some newly launched Sony Xperia phones were also found secretly sending users’ data to Servers in China using Baidu Spyware.

via The Hacker News http://ift.tt/1wHs4Xz

If you own a Sony smartphone either the Android 4.4.2 or 4.4.4 KitKat firmware then inadvertently you may be transmitting your data back to the servers in China, even if you haven’t installed any application.
Quite surprising but it’s true. I know many of you haven’t expected such practices from a Japanese company, but reports popping up at several forums suggest that some new Sony Xperia handsets seem to contain the Baidu spyware.

MYSTERIOUS BAIDU SPYWARE

About a month ago, a group of community users of Sony smartphone detected the presence of a strange folder, named “Baidu”, mysteriously appeared from among those present in various versions of Android for these handsets.

The creepy part is that the folder is created automatically without the owners permission and there is no way of deleting it. Even if someone tries to remove it, it instantly reappears as well as unticking the folder from device administrator equally seems to do nothing, neither does starting the phone in Safe Mode.

“Just unpacked my Sony Z3 compact, haven’t installed a single app and its connecting to China. I am not so concerned about the folder itself but my phone now has a constant connection to an IP address in Beijing which I am not too happy about.” Reddit user commented.

The Baidu folder appears to be created by Sony’s ‘my Xperia’ service each time a connection is made and is reported to be sending pings to China. There is no further information known on what these pings are transmitting but nevertheless they do seem to be transmitting.

PERSONAL INFORMATION SEND TO CHINA

Going deep, several users reported they found that the Chinese government is able to detect the status and identity of the device, take pictures and make videos without the consent of the user. A user, going by the handle Elbird, posted on Sony Forums that with the help of Baidu folder, the Chinese Government can:

• Read status and identity of your device
• Make pictures and videos without your knowledge
• Get your exact location
• Read the contents of your USB memory
• Read or edit accounts
• Change security settings
• Completely manage your network access
• Couple with bluetooth devices
• Know what apps you are using
• Prevent your device from entering sleep mode
• Change audio settings
• Change system settings

AFFECTED PRODUCTS

Thankfully this is a spyware and you can check to see if you have or not. If you see the folder named Baidu in your device then your device contains the spyware. But, for users it isn’t the folder which seems to be the real cause for concern, though; it’s the fact that the phones open a connection to servers.

According to the reports affected devices include the new Sony Xperia Z3 and Z3 Compact, and several users from the Reddit community have also reported about the presence of this folder on their mobile phones, too — and not necessarily phones made by Sony. One owns an HTC One M7, another an HTC One X, a few others the OnePlus One.

STEPS TO DISABLE BAIDU SPYWARE

1. Backup your important data and factory reset the device.
2. Turn on the device and go to Settings -> Apps -> Running and Force stop both “MyXperia” apps.
3. Then remove the baidu folder using File Kommander app.
4. Go to Settings -> About Phone -> Click 7 times on the Build Number to enable developer mode.
5. Download or Install the Android SDK on your computer and then connect the Sony device to it using USB cable.
6. Run the adb tool terminal : adb shell
7. In adb shell, type the command: pm block com.sonymobile.mx.android
8. Exit adb shell
9. Reboot the device.

Note that the spyware does not necessarily affect the process or functionality of your mobile devices, so you shouldn’t be worried in this respect. Sony has not officially responded to this ‘baidu’ folder issue.

However, the company has recognized the issue and has said that in the next release the problem will be fixed. Unless Sony can roll out some kind of fix in the near future then it seems you might have to wait until Lollipop rolls out in January before you can get rid of Baidu.

Recently Chinese smartphone manufacturer Xiaomi has been called out for spying on personal user data using their smartphones. According to F-Secure Xiaomi Smartphones were sending user data back to the servers based in China.

via The Hacker News http://ift.tt/1oZHhEy

The Nation’s largest telecom operator ‘Verizon Wireless‘ is tracking its customers’ mobile internet traffic by adding a token to Web requests traveling over its network, in order to facilitate targeted advertising even if a user has opted out of their Customer Proprietary Network Information (CPNI) options.

The Precision Market Insights division of Verizon is collecting users’ data from more than two years with the launch of the Unique Identifier Token Header (UIDH) under its Relevant Mobile Advertising program. The company also expanded its program to cover all Verizon Wireless subscribers.

UIDH TRACKS CUSTOMERS’ EVERY MOVE ON WEB

When consumers visit certain websites or mobile apps, The Verizon network is adding cookie-like X-UIDH header tokens to Web requests traveling over its network with a unique value/identifier for every particular mobile device.

This Verizon’s solution is called the PrecisionID, which is being used to create a detailed picture of users’ interests and help clients tailor advertisements, according to Verizon’s own documentation.

The outcome is that the second largest cellular communication provider in U.S. Verizon Wireless is sending a unique identifier for you to each and every unencrypted website you visit using your mobile device, which means that, at worst scenario, advertisers can track your every move everywhere you have been.

Though the company started navigating the service two years ago, security experts began warning of the issue this week. “Verizon is rewriting your HTTP requests to insert a permacookie? Terrible,” senior staff technologist with the Electronic Frontier Foundation, Jacob Hoffman-Andrews, tweeted about the issue on Wednesday.

USERS’ EVERY PERSONAL DATA IS COLLECTED

The UIDH value changes each week would provide targeted advertisements under Verizon’s Precision Market Insights from participating advertisers which could request location and market-segment information. The information used by advertisers include subscribers’ postal address, device types and language preferences to build profiles along with gender, age and hobby and personal interests.

“In addition, we will use an anonymous, unique identifier we create when you register on our websites. This may allow an advertiser to use information they have about your visits to online websites to deliver marketing messages to mobile devices on our network,” Verizon said on its website. “We do not share information that identifies you personally outside of Verizon as part of this program. [Some of this information was] obtained from other companies.“

VERIZON TRACKS EVEN YOU’VE OPT OUT

The strange thing is you can’t do anything about the issue because even if you opt out of all the Verizon tracking, by either using a privacy mode in your browser and enable Do Not Track, or by using a different browser, or even if you change to a new phone, or use a tethered laptop for browsing, in all ways you are not safe.

UIDH allows Verizon to link a website visitor to its own internal profiles, in an attempt to allow client websites to target advertising at specific segments of the consumer market.

HOW TO PROTECT YOURSELF

Though, Verizon offers privacy settings, but they don’t prevent sending the X-UIDH header. The only known solution left with you is to encrypt all your browsing. You can do this using HTTPS Everywhere, but this only works if the website supports HTTPS. Because this issue is already being exploited in the wild so the best solution is to use full encryption using a VPN like Tunnelbear or TOR.

Next, let’s get Verizon Wireless to change this policy, by arguing that the service is essentially tracking users and that companies paid for a fundamental service that should not be using the data for secondary purposes.

via The Hacker News http://ift.tt/1wCmCFE

The National Institute of Standards and Technology (NIST) is warning users of a newly discovered Zero-Day flaw in the Samsung Find My Mobile service, which fails to validate the sender of a lock-code data received over a network.

The Find My Mobile feature implemented by Samsung in their devices is a mobile web-service that provides samsung users a bunch of features to locate their lost device, to play an alert on a remote device and to lock remotely the mobile phone so that no one else can get the access to the lost device.

The vulnerability in Samsung’s Find My Mobile feature was discovered by Mohamed Abdelbaset Elnoby (@SymbianSyMoh), an Information Security Evangelist from Egypt. The flaw is a Cross-Site Request Forgery (CSRF) that could allow an attacker to remotely lock or unlock the device and even make the device rings too.

Cross-Site Request Forgery (CSRF or XSRF) is an attack that tricks the victim into loading a page that contains a specially crafted HTML exploit page. Basically, an attacker will use CSRF attack to trick a victim into clicking a URL link that contains malicious or unauthorized requests.

The malicious link have the same privileges as the authorized user to perform an undesired task on the behalf of the victim, like change the victim’s e-mail address, home address, or password, or purchase something. CSRF attack generally targets functions that cause a state change on the server but it can also be used to access victim’s sensitive data.

“In this way, the attacker can make the victim perform actions that they didn’t intend to, such as logout, purchase item, change account information, retrieve account information, or any other function provided by the vulnerable website,” Elnoby said.

The researcher has also provided a proof-of-concept (POC) video that will give you a detail explanation on How the researcher made the attack work on Samsung’s Find My Mobile feature.

According to the researcher, the first attack to remotely lock victim’s device is critical if exploited because the attackers are able to lock victim’s device with a lock code of their own choice, forcing the victim to do a recovery for the lock code with his Google Account.

The US-CERT/NIST identified the vulnerability in the Samsung Find My Mobile as CVE-2014-8346 and rated the severity of the flaw as HIGH, whereas the exploitability score of the flaw is 10.0.

“The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic,” the security advisory issued by the NIST states.

via The Hacker News http://ift.tt/1wuWBZG

Users of Android operating system are warned of a new variant of Android malware Koler that spreads itself via text message and holds the victim’s infected mobile phone hostage until a ransom is paid.
Researchers observed the Koler Android ransomware Trojan, at the very first time, in May when the Trojan was distributed through certain pornographic websites under the guise of legitimate apps. It locks the victim’s mobile screen and then demands money from users with fake notifications from law enforcement agencies accusing users of viewing and storing child pornography.

ANDROID SMS WORM

Recently, researchers from mobile security firm AdaptiveMobile has discovered a new variant of the rare piece of mobile malware – named Worm.Koler – that allows the malware to spread via text message spam and attempts to trick users into opening a shortened bit.ly URL, turning Koler into an SMS worm.

Once the device is infected by the Koler variant, it will first send an SMS message to all contacts in the device’s address book with a text stating, “Someone made a profile named -[the contact’s name]- and he uploaded some of your photos! is that you?” followed by a Bitly link, according to the security firm.

When a victim clicks on the Bitly link, he or she is then redirected to a Dropbox page with a download link for a ‘PhotoViewer’ app that, if installed, will push a ransom screen to pop up incessantly on the users’ screen. The ransom message reads that the device has been locked up because of having illicit content and users must pay $300 via MoneyPak to ‘wave the accusations.’

“The device appears to be completely locked down with the screen on the phone blocked, so the user won’t be able to close the window, or deactivate the malware through the app manager,” reads the blog post. “The victim is forced to buy a voucher as instructed on the blocking page, and send the voucher code to a malware author.”

INFECTION SPREADING RAPIDLY

The Worm.Koler is capable of displaying localized ransomware messages to users from at least 30 countries, including the U.S., where three quarters of the latest Koler variant infections were seen by the firm, and smaller number of infections were also being detected in parts of the Middle East.

“Due to the Worm.Koler’s SMS distribution mechanism, we are seeing a rapid spread of infected devices since the 19th of October, which we believe to be the original outbreak date,” the blog post states. “During this short period, we have detected several hundred phones that exhibit signs of infection, across multiple US carriers. In addition to this, other mobile operators worldwide—predominantly in the Middle East, have been affected by this malware.“

HOW TO PROTECT YOURSELF

If users suspect they are infected by the malware, they should never authorize any payment as it won’t guarantee the unlocking of your device, as well as it will further encourage cyber criminals to carry out such ransomware practices again and again.

Koler does not encrypt files, according to the security firm, therefore it becomes easy for users to eliminate the threat from their infected devices by following two simple steps:

• Reboot your phone in the “Safe Mode“
• Remove the ‘PhotoViewer‘ app using standard Android app uninstallation tool

In order to protect yourself from such threats in future, the best practice is to have the “Unknown Sources” option turned off in your Android device’ security settings menu. Turning off of this option won’t let users to install applications from unknown sources, but only from the official Google Play store.

via The Hacker News http://ift.tt/1zrV1wl

There’s a good news for app developers. On Wednesday at Twitter’s first annual developer conference Flight, the company announced a new tool for developers which will allow users to log-in to mobile applications using their phone numbers rather than a traditional username and password combinations.

SAY NO TO PASSWORD

The service will be called Digits, aimed at application developers looking for an easier, password-free login option for their mobile applications – in a similar way to Snapchat, WhatsApp and Viber that rely only on verified users’ mobile numbers for sign-in, rather than the traditional ID and password combination.

“This is an entirely new native mobile sign up service that makes mobile-first sign-up frictionless, and creates an identity relationship entirely between you and your users,” said Twitter CEO Dick Costolo, speaking at the Twitter Flight developer conference in San Francisco.

DEVELOPERS DON’T TRUST TWITTER

On one hand, where other social networking companies encouraged third-party developers to develop their own applications and services on top of the platform. Twitter always tried to reassert control over its product and platform and therefore being hated by developer community, but this new move will definitely solve this all.
According to the app developer Marco Arment, Twitter can’t be trusted again. “We’re just innocent bystanders getting hit whenever this fundamentally insecure, jealous, unstable company changes direction, which happens every few years,” wrote Arment, who most recently developed Overcast, an app for listening to podcasts. “Twitter will never, and should never, have any credibility with developers again.”

HOW DIGITS WORKS

Basically, Digits uses SMS messages to control access to registered accounts. When a developer adds Digits to its application, the user will be able to sign-in to that application using his or her mobile phone number.

Once the user provides the mobile phone number, Twitter will send a verification code on the provided mobile number via an SMS. User then enters that the SMS-based confirmation code to the log-in, and have access to the application. Note that each code Twitter sends you via SMS will expire after it’s used. The process is just like a two-step verification one.

INTRODUCING FABRIC

Digits is one of many products announced at the developers conference in San Francisco. The company also introduced Fabric – a free software development kit for apps. Fabric will have three components:

• MoPub – It is a mobile advertising platform bought by Twitter for $350m last year. It will help developers monetise their products on the Twitter platform.
• Crashlytics – Crash reporting service, Crashlytics, bought by Twitter for $100m in 2013, will help developers test and build their apps as well as debug them.
• TwitterKit – It enables apps to integrate into Twitter for streamlining real-time information. For example, the popular transport app Citymapper will now Tweet live updates from San Francisco’s Bart train system to users. TwitterKit allows developers to embed Tweets natively, as well as allows users to log into apps via Twitter.

“Fabric was built with ease of use in mind,” Twitter’s director of product, Jeff Seibert, wrote in a blog post. “Installation takes just minutes, and most features only require a few lines of code—so you spend less time managing SDKs and more time building the best experience for your users.“

You can also go to the Digits website, which looks very basic at this time, in order to know more about it. Digits is launching now in 216 countries and 28 languages, which represents a serious move from Twitter’s end in terms of owning a piece of the mobile landscape.

via The Hacker News http://ift.tt/1ry8xWa

Good news for iOS 8.1 users! The Chinese jailbreaking team Pangu has released a software tool that allows users to Jailbreak their iPhones, iPads and iPods running the latest version of Apple’s mobile operating system, iOS 8 and iOS 8.1.
That was really very quick, as iOS users need to wait quite long for the jailbreaks. Pangu developer team is the same group responsible for jailbreaking iOS 7 few months back.
The group made its jailbreak tool available by releasing a download link for the developers edition before quickly removing it. The link for the tool on Pangu’s site is currently unavailable, with the team noting on their official Twitter account that, “Current Pangu Jailbreak v1.0.0 is disabled remotely because we are fixing bug which may cause lost of your photos. Please wait …”
The developer edition of the jailbreak iOS 8 tool didn’t come with the Cydia app store, which would make the tool useless for an average iOS users who likes jailbreaking their phones to install unauthorized tweaks. Therefore iOS jailbreak fans have to wait for a bit for the wide release date with Cydia support.
The Pangu group has released the iOS 8.1 jailbreak tool only for the Windows systems right now, and a Mac OS X release should follow soon. Moreover, there is no English version of the tool, it’s available only in Chinese language so you’ll have to wing it if you don’t know the language.
According to a thread on Reddit, Cydia developer, Jay Freeman (@Saurik) is currently working on making it compatible with this jailbreak.

“So, windknown has contacted me, about a half hour ago, via e-mail. He has told me one of the issues that is keeping Substrate from working on the device, which will probably require me to build a little binary patch for dyld as part of the Substrate installation sequence,” Saurik wrote.

Those not familiar with the Jailbreaking, it is a process of removing limitations on iOS devices, Apple’s operating system, so you can install third party software not certified by Apple. Such devices include the iPhone, iPod touch, iPad, and second-generation Apple TV.

The group has promised that their iOS 8 jailbreak tool successfully works on all iOS 8 and iOS 8.1 devices including iPhone 6, iPhone 6 Plus, iPad mini 3, and iPad Air 2, as well as earlier devices such as the iPhone 5s and iPad Air.

Since many of the standard tools for users aren’t available at the moment for iOS 8, so we recommend you to wait for the wide release jailbreak tool with Cydia support. As soon as we get some more details on exactly when the Pangu iOS 8.1 jailbreak will be released we will update the story.

via The Hacker News http://ift.tt/1oBh9jf

Google is offering its users a completely new and better experience with its mailing service. And in an effort to do this, the company has launched a new email service, an alternative to Gmail, called “Inbox” on Wednesday that aims to make email more useful and preview next-generation capabilities.
Inbox will not replace Gmail, the company’s popular 10-year-old email product, instead it will sit next to its Gmail service and will provide users’ better organize their emails with live alerts for appointments, flight bookings and package deliveries in a more user-friendly way.

“Years in the making, Inbox is by the same people who brought you Gmail, but it’s not Gmail: it’s a completely different type of inbox, designed to focus on what really matters,” wrote Sundar Pichai, Google’s senior vice president of Android, Chrome and apps, in a blog post.

According to the company, the Inbox service was designed to deal with the problem of getting too much email, in which the important and most urgent messages get lost amidst junk messages and endless threads.

Inbox solves this problem and displays only real-time updates to emails – for example, showing the delivery status of items bought online, showing reminders in a more accessible way that allows users to more easily keep track of their important chores and appointments.

“With this evolution comes new challenges: we get more email now than ever, important information is buried inside messages, and our most important tasks can slip through the cracks—especially when we’re working on our phones,” the company noted. “For many of us, dealing with email has become a daily chore that distracts from what we really need to do—rather than helping us get those things done.”

Other Features Inbox Include:

• Organising custom message bundles – from bank statements and online shopping purchases to travel reservations, to reduce inbox clutter.
• Speed dialing a friend with a red + button.
• Pin items to come back and address.
• Marking tasks as done by swiping to right.
• Find travel docs, photos and other critical information without opening the email.

Video Demonstration:
You can also have a look to its video demonstration:

The tech giant has made the new Inbox app available on the Web as well as on Android smartphones and iPhones, but we have access to the limited release, as it is being distributed via Google’s tried-and-true invite system.
The company sent out invitations to selected Gmail users to try out the new service, but users were allowed to email the company at inbox@google.com to get an invitation. Inbox app is available on Google Play Store and it also appears to be on the iOS App Store.

via The Hacker News http://ift.tt/12oyq4V