iPhone 5 DODOCASE BOOKback [Review]

I arrived into the office on Friday 21st Sept (launch day) to find a 64GB Black iPhone 5 waiting for me. I was still using an iPhone 4, I skipped the 4S, so after 2 years of iPhone 4 use I thought I would treat myself to a new one.

This isn’t a review of the iPhone 5, there are plenty of those around so I’m not going to rehash what everybody else has said although I will add one criticism and that’s about the battery life. It sucks. Yes the iPhone 5 has 225hrs standby, so that’s 25 hours more than the iPhone 4S but remember I’m coming from an iPhone 4 which had 300hrs standy so I’ve effectively lost 75hrs standby. Other than that, the build quality and design of the new iPhone 5 are fantastic, it feels great in the hand, it’s disturbingly thin and light yes feels much more rugged than the glass backed iPhone 4 and 4S.

The last thing I wanted to do with my ultra thin iPhone 5 was plonk it into an ugly and bulky iPhone 5 case and lose the benefit of the slimmer design. If you’ve read my previous review of the super slim Elago S4 Breath iPhone 4 case you’ll know that I hate iPhone cases and if I do need to use one I’ll use the thinnest one I can possibly find so your iPhone is protected, otherwise you may need helpful instructions for repairing a smashed iPhone LCD in case of something happen. Continue reading “iPhone 5 DODOCASE BOOKback [Review]”

How to hack Facebook and other iOS apps using a plist extracted from iOS backups

Facebook_Hack_Plist_OAuth_Backup_scoopz_com

Summary

This post details the step-by-step method required to extract a plist/OAuth token from a standard (non encrypted) iTunes backup of any iOS device (iPod Touch, iPhone and iPad) and then copy this onto another device to automatically log in using those creditials.

NOTE: The process outlined below will not work if you have iTunes set to encrypt your iOS backups. This method was confirmed as working as of 10th April 2012 using the latest iOS xxx and current Facebook (v.4110.0), Dropbox (v1.4.6) and LinkedIn (v35) iOS apps. You do not need to have a jailbroken iPhone or iPad for this to work. I do not condone using the methods below to gain access to anybody’s accounts without their prior permission, I hold no responsibility if using the information in this post lands you in trouble with your ex partner,  current partner, your boss, the police, your kids, etc.

Background

In case you weren’t aware a security flaw was found by Gareth Wright earlier this week that allows your Facebook login key to be copied form one iOS device to another and essentially allow a 3rd party access to your account without needing to know your account email address or password. The same vulnerability has also been found in Dropbox, LinkedIn, Tumblr, Vimeo and 1Password and was also exploited by companies offering to buy youtube views. At the time of writing this post, Dropbox have said they are going to address the problem and 1Password have gone one step further and rewritten the way the user details are stored so this exploit cannot be used anymore and have submitted the update to Apple for approval before it’s released. Facebook appear to dismiss the security vulnerability saying it is only really an issue if your device is jailbroken or you use a 3rd party app to access the files on your iOS device. WRONG! If you have ever connected your iOS device to iTunes via USB and iTunes has taken a backup of your device then you are at risk (unless you tick the box to encrypt your backups, in which case rest easy and don’t worry about anything written below). The plist file that is the centre of this whole security flaw is copied to your computer via iTunes backup, no third party app here extracting files as Facebook suggests. Granted you need a third party app to access the file and place it onto another iOS device but crucially, the insecure file is copied to your computer during a normal iTunes backup.

What does this mean to most end users then? Probably not a lot to be honest. If you only ever connect your iPhone or iPad to your own personal computer then there’s nothing to worry about since the insecure file, locked away in the backup of your device, resides on your personal machine and nobody else can get to it easily. But in today’s modern and social society, the likelihood is that you have a computer you share with your wife, girlfriend, housemates, family or you have been at a friends house with a low battery and connected your iPhone to give it a little extra juice. This is where things become a little more vulnerable, if the computer you connected your device to made a backup of your device (remember a backup is always made when you are updating the iOS via iTunes) then the crucial plist file with your OAuth key in for apps such as Facebook, Dropbox, LinkedIn and more now reside on that computer in that backup.

So if you currently share a computer with your partner and want to log into Facebook as them, you can if you follow the steps below. Likewise, if your ex-partner used to connect their iPhone or iPad to your computer but left you several months ago for somebody hotter, then you too can dip into their old backup on your computer and log into Facebook and other apps as them. [Again I re-iterate the moral/legal implications of such actions]

Step by Step Guide

Ok so how can you hack into somebody else’s Facebook using a file from their iOS backup? You’ll need two pieces of sofware:
1 – to read the backup files an extract the plist file
2 – to allow you to drag and drop plist files onto your current iOS device

Let us pretend you want to gain access to your ex-girlfriend’s Facebook account and you know that she used to connect her iPhone or iPad to your computer. The first thing to do is open up iTunes and go to Preferences and select the Devices icon along the top which lists all device names that are backed up on your machine along with date of the backup.Facebook_Hack_Plist_OAuth_Backup_scoopz_com

Continue reading “How to hack Facebook and other iOS apps using a plist extracted from iOS backups”

Recent queries:

  • Software retrieve email from facebook
  • ScoopzBlog New Reviews GuidesandSuuport
  • where does iphone store facebook password
  • facebook app get password
  • recover facebook app password on iphone
  • yhsm-inucbr_001

Pocket Boom Portable Vibration Speaker [Review]

Is your iPhone speaker not loud enough for you? Don’t want to lug around a hefty set of portable speakers? Then look no further than the PocketBoom portable surface vibration device which turns almost any surface you can think of into a speaker.

It’s pretty simple, all you do is unwrap the vibration head from the main battery unit and stick it to a large surface. The other end goes into the headphone socket on your iPhone, iPod touch, iPad, or any other generic MP3 player or device with a standard 3.5mm headphone jack.

If you turn the PocketBoom on without it being attached to any surface you will still hear your music being played but it will sound very quiet and tinny. If you touch the white sticky pad on the vibration head you’ll feel it moving up and down much like any normal speaker cone would do. The fun begins when you stick it to a random surface like a cardboard box or plastic tub….suddenly the music is massively amplified and you effectively turn the random item into a speaker! Continue reading “Pocket Boom Portable Vibration Speaker [Review]”

Recent queries:

  • best vibration speaker