BufferOverflow
Latest
Leopard and Snow Leopard flaw exploited in proof of concept, real-world tomfoolery surely coming soon
Look at you, all cuddled up with your Leopard install, sipping on a steamy hot cocoa, watching the snow fall outdoors, and thinking you don't have a care in the world. We hate to break it to ya but you do have a care, a big one, thanks to a proof of concept hack exploiting a buffer overflow in MacOS 10.5 and 10.6. The flaw has been known about since June, but only now has it been proven to work on Cupertino's latest, and a very straightforward code example of how to use it has been posted online. You know what that means: watch out for those e-mail attachments. Interestingly, the flaw is also said to possibly exist in the PS3 as well, which could make for a very interesting spring -- cocoa or no.
iPhone v1.1.1 exploits starting to surface
As if anyone expected it to stay locked down forever, the layers of security surrounding v1.1.1 of the iPhone firmware are being peeled away. TUAW's Erica Sadun managed to get read / write access to the phone's directories during her liveblogging session, and the hackint0sh forums are abuzz about a new hacking method that uses buffer overflow via "carefully crafted" TIFFs that crash Mobile Safari. Neither of the new hacks approach the relative ease of use that we'd seen pre-v1.1.1, but it's still early days yet. Apple, throw us a bone here, will ya?[Thanks, Julian]Read - Liveblogging the big iPhone 1.1.1 hack (TUAW)Read - A new exploit discovered (hackint0sh)
PSP firmware hack drives Lumines sales
Well that was fast. It was just Saturday that hackers at Noobz found a buffer overflow exploit in the puzzle classic Lumines that allowed hackers to run a simple Hello World program on any PSP firmware, including the recently released version 3.5. By Sunday, our blogging brethren at PSPFanboy caught the above screengrab of Amazon's Movers and Shakers page showing the game's sales jumping a ludicrous 5900 percent in just one day. As of this posting Monday morning, the same page shows a more moderate 750 percent rise pushing the two-year-old title to the second-highest spot on Amazon's video game sales charts.We understand that there are a lot of people out there that want to exploit this new, uh, exploit to run homebrew code on their PSPs. What we don't understand is how there can be so many PSP owners out there that don't already own Lumines. How do you buy a PSP and not immediately pick up this hauntingly beautiful musical puzzler? We suppose there could be some PSP owners out there who eschew UMDs altogether for legally questionable emulators, but really, if you need a firmware hack to justify shelling out a few bucks for such sublime puzzle goodness then we don't want to be your friend anymore.
