How To: Enable HD Video Recording on The iPhone 3GS

Mike Pan has successfully modified system files on the iPhone 3GS to record HD video at 30fps.
The video is recorded at 1080×800 at up to 20Mbps, this is a big improvement from the default 640×480 at 3Mbps. The unusual size is used to keep the video at the right aspect ratio when recording. You can also change the resolution to 960×720 if you so prefer.

It does take a little longer for the 3GS to focus and the quality won’t be as good as that on the iPhone 4 but it’s a nice improvement especially if you’re not moving the phone a lot.

First of all make sure you have a jailbroken iPhone 3GS on iOS 4.1, then ensure you install OpenSSH and you know your iPhone’s IP Address. Next download the relevant patch files, depending on your resolution prefenrence.

1080×800 Patch
960×720 Patch

Once you have downloaded the relevant patch extract it. In the extracted folder you should have the following files:

Launch your favourite SSH client and connect to your iPhone. Once you’ve connected navigate to /System/Library/CoreServices/SpringBoard.app/
Now locate the file N88AP.plist, rename it and add .bak to the end of the filename, this will act as a backup file so that you can revert to the original setting.
Now drag the N88AP.plist that you downloaded and put it in the same folder as the original was in.

Now navigate to /System/Library/PrivateFrameworks/Celestial.framework/N88/
Now locate the files:
– AVCapture.plist
– CameraRollValidator.plist
– MediaValidator.plist

Rename them all and add .bak to the end of the filenames.
Now drag the AVCapture.plist, CameraRollValidator.plist, and MediaValidator.plist files that you downloaded and put it in the same folder as you just navigated to.

Now just restart your iPhone 3GS and your HD video recording will be enabled.

iPhone Security Issues Not Exclusive To Jailbroken Devices

In the past few months there have been multiple worms released into the wild that affected inadequately protected jailbroken iPhones. However a Swiss iPhone developer has published research that indicates that there are also security vulnerabilities affected un-jailbroken devices too. This doesn’t come as much of a surprise to most as it was only a matter of time.

The developer, Nicholas Seriot has created a proof of concept app called SpyPhone to demonstrate how Apple’s own APIs can be used to read and edit user’s address books, gain access to the user’s web surfing history or even recent location information. Although this is not as bad as what can be done with root permissions to the device, it can still effect users, especially when they think they are safe.

For the attacks to work, the application with the malicious code would need to get through the App Store approval system, however this wouldn’t be very hard as pointed out by many developers, as Apple doesn’t check source code but does have a kill switch on every app. The code would be delayed, so that it only beings to work so many weeks after the app is released or it could be an encrypted payload.

Nicholas Seriot detailed these possible iPhone privacy risks in a talk he delivered in Geneva, during which he also outlined possible defense strategies, suggesting that Apple should design the iPhone OS to require users to authorize read or read-write access by iPhone applications to potentially sensitive on-device information such as the Address Book, add firewall functionality to the device and ensure the keyboard cache is not as readily available to third-party applications.

Developers Research

Second iPhone Worm Used For Malicious Purposes

There has been news today of yet another iPhone worm that affects users who have unsecured SSH installed on their device.

Security Company, F-Secure, has unearthed this latest worm for the iPhone which targets people in the Netherlands, as it did before with the first exploit of unsecured SSH. It targets users who use their iPhone to online bank with ING. Much like a phishing attack, it redirects the bank’s users to a look-a-like website with a log-in screen.

The worm only affects jailbroken devices as before, and only devices with SSH that has the default password are affected. This latest worm is more serious than the ones prior, as they were created to warn people, that things such as this could happen. The security company, F-Secure, have also said that it can behave like a botnet and send itself to other un-secure devices on a local WiFi network.

The phone can be controlled by the hacker remotely without the knowledge or permission of the user. Hackers can ring people, text people, copy your contacts or what ever they wish with your device if it’s left open. At the moment it’s only spreading around the Netherlands, but soon enough malicious hackers will most likely take advantage of the users who don’t change the default password.

A spokesperson for ING Bank said that a warning was going to be put on the bank’s official website.

“We are also briefing call centre personnel,” she added. “It’s important to remember that the worm only affects jail-broken phones and it is only aimed at customers in the Netherlands.”

If your device is jailbroken and you believe SSH maybe, or is installed then please read this guide to secure your device. Many other guides will not fully protect you as they only change the mobile user password and not the root.

If you wish to read more from F-Secure on this issue click here.

How To: Change Your iPhone’s SSH Password
Dutch Hacker Hack’s Into Jailbroken iPhone’s
iPhone Worm Rickrolls Jailbroken Devices

iPhone Worm Rickrolls Jailbroken Devices

Over the past week there has been a lot of news over unsecured SSH on iPhone. First about the Dutch hacker who wasscanning the network for jailbroken users who had not changed their default SSH password. Now a hacker who goes by the name of “ikee” from Australia, created a worm that changes the home screen background to Rick Astley.

As I’m sure your aware by now this only affects users who have jailbroken their phone and installed OpenSSH, not just general users or who have jailbroken their device. If you have jailbroken your device and have got OpenSSH installed please read this guide on how to change your default password to ensure none of these worms or hacks will affect you.

Rickroll iPhone Worm

ikee says this is how the worm spread: “The code itself is set to firstly scan the 3G IP range the phone is on, then Optus/Vodafone/Telstra’s IP Ranges (I think the reason Optus got hit so hard is because the other 2 are NAT’d) then a random 20 IP ranges. I’m guessing a few phones hit a range that another vulnerable phone was on.”

Once one phone is infected it searches for phones with the default password and then begins the process again.

Dutch Hacker Hack’s Into Jailbroken iPhone’s

How To: Change Your iPhone’s SSH Password

How To: Disguise An App

So let’s say you have an App on your phone that you really need, but other people would keep going on it and you don’t really want them using it or seeing what it is. Well there is a simple way to disguise an app on your iPhone as anything you want.

Let’s say the app we want to hide is Cycorder.

Getting Started

First of all you have to SSH into your device and go to your Applications folder and open the relevant folder, in this case being Cycorder.app.

Once this is opened you will see the following files:
Cycorder
icon.png
info.plist
loading.png

Note: these will vary on application, but the files needed will remain the same.

Now copy the files icon.png and info.plist to your computer.

Before editing either it’s a good idea to backup the files just in case you go wrong.

Editing The Icon

People using the iPhone will most likely use icons to refer to an app, so changing the icon of the app you wish to hide is the first thing to do.

First you need to get the icon from another app or you could make one yourself. Simply pressing the Home button and Sleep/Wake button will capture a screen shot of your home screen and you edit the icon to the correct size etc.

Note: Always save the icon as a png image and make sure it’s transparent.

Downloading a free app off the App Store would maybe be a better idea for this as it gives you a quick and disposable way to disguise an app. However think about if people are likely to click on it, so find something boring.

Once you’ve edited and saved your new icon, save it as a png and copy it back to the app folder on the iPhone, replacing the original.

Changing The Name

The second way people will know which app is which, is via the name underneath the icon (which by now you will have changed).

To change the name simply open the plist either using a text editor or a dedicated plist editor such as iPodRobot’s plist editor.

Look at the plist and find the tag called
<key>CFBundleDisplayName</key>

and change the value below it what you wish the app to appear as on the home screen.

Once this is done, save the plist and copy it back to your device, overwriting the old one.

Now re-spring or re-boot your device and the application will now be disguised.

iPhone/iPod Touch File As a USB Drive Without Jailbraking

If you want to edit or view files on your iPhone or iPod Touch, you used to have to Jailbrake the device and install Disk Aid OpenSSH and access the files wirelessly, but now there is a way to access the file system without having to jailbrake.
It doesn’t give you as much power as using OpenSSH but allows you to copy and paste things to and from your device.

DiskAid is a freeware application for Windows & Mac OS X, it supports both gen iPhones and both gen iPod Touchs. It will automatically detect your device, just plug in and go. It’s as simple as drag and droping the files. And it supports Firmware 1.1.1 to 2.2.

DiskAid Download Page

iPhone Developer Denys ‘Jailbroken’ Support

I was recently having a problem exporting a picture from the Private Pics app, so I emailed the support team to ask them where abouts the image files were stored on the phone so that I could manually access them, as I know that encryption of these is currently not allowed by Apple; and I have a jailbroken iPhone so can use WinSCP and OpenSSH to access the file system.
I recieved a reply as follow:

My suggestion is to export again.

I’m sorry, but Apple has recently stated that their consider jailbreaking their devices to be illegal, and I am unable to provide support for a jailbroken iPhone or iPod.

Dreaming Phone Support

It seem’s that since Apple stated jailbraking as illegal iPhone Devs are not giving support, this may just be an isolated case but still if someone has a problem with a product that you created you should help them, right?

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31