iOS, News/Rumors

iOS vulnerability with “mobileconfig”

Security on Apple’s iOS is notably tight, but an Israeli firm has pointed out that the profile system for iPads and iPhones could leave users open to remote attacks resulting in data theft.

Israeli firm Skycure Security on Wednesday published a proof-of-concept vulnerability report on the company blog (via InformationWeek). Skycure’s report shows how malicious users could leverage iOS profiles, also known as mobileconfig files, in order to circumvent Apple’s malware protections.

ios-sandboxing-130313

Malicious apps are filtered in the App Store approval process, making it more difficult than on other platforms for them to get onto iDevice users’ machines in the first place. Furthermore, iOS’ sandboxing structure makes it difficult for apps to access anything outside of their set permissions. Mobileconfig files, though, are used by cellular carriers, Mobile Device Management solutions, and some mobile applications to configure certain system-level settings for iOS devices, including Wi-Fi, VPN, email, and APN settings.

Skycure claims that, with a bit of social engineering, an attacker could get victims to download a malicious iOS profile. The attacker could do so by, for example, promising a user access to popular movies and TV shows on an attacker-controlled website. The user would install an iOS profile to “configure” their devices accordingly, and the attacker would then have access.

With access to the user’s device, an attacker could route all of the victim’s traffic through the attacker’s server or install root certificates on the victim’s device, allowing for interception and decryption of SSL/TLS secure connections.

Skycure also notes that some AT&T stores, in signing up customers for pay-as-you-go accounts, were directing those customers to download and install a profile from unlockit.co.nz on an unencrypted channel. The installation of that mobile configuration is necessary to get access to AT&T’s data network, but downloading a mobileconfig file in such a manner, Skycure says, leaves users wide open to man in the middle attacks, especially when performed over a public Wi-Fi network.

Skycure recommends that iDevice users only install profiles from trusted websites and applications and do so only through a secure channel, indicated by an address beginning with https. The firm also recommends wariness when faced with a non-verified mobileconfigs, calling them cause for suspicion.

News/Rumors

Apps revenue expected to hit $25 Billion in 2013

The app revolution sparked by Apple’s iPhone has kicked into full gear, and a new report estimates that revenue for all app stores will hit $25 billion in 2013. Apple’s iOS App Store and Google’s Play Store will once again lead the way this year, according to new figures out from Gartner. The Wall Street Journal reports that the industry analysis firm forecasts a 62 percent jump in app store revenues, with total revenues for the industry rising to $25 billion.

Apple and Google’s app stores are now nearly even in terms of the number of apps available. Both stores hold about 700,000 apps. Second-tier stores from Microsoft, BlackBerry, and Amazon also have app libraries numbering in the tens or hundreds of thousands, though they lag Google and Apple by a large margin.

saupload_itunes_top_paid_apps

Gartner’s study found a some churn in the app market as well, with 63 percent of daily used apps being different from daily used apps from a year ago. Customers tend to focus on about eight apps, even though they have many more on their mobile devices.

Even with the aforementioned churn, app marketplaces have become somewhat static, with established publishers taking the lion’s share of attention. Only two percent of the top 250 publishers in Apple’s App Store are newcomers, and newcomers make up only three percent of Google Play’s top 250 developers.

Established developers, though, are diversifying the ways they make money. Popular music identification app Shazam, has grown from an earlier dependence on carriers to hold five revenue streams, including in-app ad sales.

Apple, iOS

APPNATION Reveals the 2012 State of Smartphone and Apps

This year’s Appnation conference revealed that nowadays, one in two mobile owners have a smartphone and that iOS and Android users have almost doubled in a single year and that the 2012 smartphone user is downloading more apps.

It seems that the situation has changed significantly in just a year; the average number of apps on a device rose from 32 in 2011 to 41 in 2012, but this is also a consequence of the more powerful devices that were released during this year. Also, users spend more time using the apps than using the mobile web. As expected, due to the various possibilities offered by Apple to developers, the number of iOS app augmented; same for the number of iOS users who outrun the Android users.

For exact data, check out this infographic from Nielsen.

Apple

The one-of-a-kind $10K iTunes Gift Card revealed by its fortunate owner

Apple’s 25 Billion App Countdown promotion started on February 17th and ended on March 2nd, when Chunli Fu of Quingdao, China, downloaded the lucky 25 billionth app. She has recently visited the Apple store in Beijing to claim her $10K iTunes Gift Card prize, which she has also revealed to the press.

This is not Apple’s first promotion. The Company has also celebrated 10 billion App Store downloads and 10 billion iTunes Music Store downloads. The reason for which Apple decide to celebrate also a milestone number of the downloads from the App Store was explained by  Eddy Cue, Apple’s senior vice president of Internet Software and Services:

 “When we launched the App Store less than four years ago, we never imagined that mobile apps would become the phenomenon they have, or that developers would create such an incredible selection of apps for iOS users.”

The app that Chunli downloaded was “Where’s My Water” from Disney and according to the Chinese press, she wasn’t a huge Apple fan and she didn’t even know about the 25 Billion App contest. She only owned her iPhone for about a month and simply downloaded a free app she needed.

Paradoxically, the media has given her the “Apple Girl from China” nickname though she wasn’t even trying to win the promotion, while millions of other Apple fans were desperately downloading apps hoping they will win the $10K gift card.

Anyway, I reckon that exhausting $10,000 only on apps, music and videos will turn Chunli Fu into Apple’s biggest fan.

Source: TNW, TNW

iPad

New Retina Display-enabled apps

Last night, at 12:00 a.m. Wallmart started the selling of the new iPad while this morning the third generation tablet was expected also in other big cities all over the world. People rushed in line to make sure they will be the first to get the most expected iPad.

Apple anticipated that this tablet mania will extend also on the Apps area, so yesterday has updated the iTunes store with the “Great Apps for the New iPad” section, in order to make it easier for the new iPad owners to get the enhanced apps they need.

The Apps section include new released games, such as “Infinity Blade II,” “Real Racing 2 HD” and “Sky Gamblers: Air Supremacy,” “Tweetbot,” “Ratatap Drums,” “Evernote” and many others, all of them enhanced to match the Retina Display and to ensure the new way of experiencing technology that Apple had promised.

Source: 9to5 Mac

iPad 3, News/Rumors

Apple committing some last significant changes till the iPad 3 launch

It seems that the Yerba Buena Center for the Arts is not the only location that gets reshaped for the iPad 3 launch; also the App Store for iPad got revamped.

Few hours ago a new Top Charts and a new category appeared on the App Store. The new Top Charts begins with a list of kids apps and changed the vertical scroll with the sideways one. During the last year, thousands of shopping entertainment apps appeared in the “Lifestyle” category. Apparently, Apple considered that these apps should have their own place on the App Store and added a new item on the list, namely the “Catalogs” category which appears under the “Business” one.

Catalog Spree, the leader catalog shopping app was the first to be categorized under “Catalogs”. Currently the empty space got filled and surely more catalogs will appear until tomorrow’s Apple event.

Meanwhile, Google is also planning to revamp the Android Market. In about a week, the Android Market home icon will be redesigned and it will appear as “Google Play Store.” Under the “Google Play” brand users will find all the e-books, movies and music apps integrated by the Android Market. Google will also bind the Web-based Android Market with Google Music and with the e-bookstore under a single brand.

Source: 9to5 Mac, AllThingsD

iPad, News/Rumors

Griffin announces StudioConnect Audio/MIDI interface for iPad

If you trip a lot and were looking for a way to connect a guitar, bass or MIDI instrument to the iPad, Griffin Technology comes with a audio/midi interface called StudioConnect which can be purchased directly from their website for $149.99.

“StudioConnect gives your iPad: audio in/out, MIDI in/out, and a stereo headphone jack with its own volume control so you can monitor what’s going in (or out).”

“StudioConnect connects your guitar, bass, keyboard or any MIDI-capable instrument straight into your iPad so you can use GarageBand and hundreds of other music and effects apps available through the App Store.”

StudioConnect is perfectly compatible with GarageBand app and can be optionally used with other accessories such as GuitarConnect Pro ($79.99) – Analog to digital interface for iPad and iPhone 4, Guitar Cables ($19.99), DJ Cable ($19.99) – Headphone and master output splitter cable for Algoriddim Djay app.

Please, watch this video tutorial to see how Griffin’s employees combined these great tools to work together:

I would say they did a pretty nice job with this material and other documentation and support existing on their website.

Source: Griffin