Though jailbreaking an iPhone certainly opens up opportunities to add functionality that Apple doesn't approve of, it can also make an iPhone less secure. Several Dutch iPhone users found that out the hard way after a hacker attacked a number of vulnerable phones on T-mobile Netherlands and tried to extort €5 from them.

It appears one enterprising Dutch hacker used port scanning to identify jailbroken iPhones on T-mobile Netherlands with SSH running. Enabling SSH is a common procedure for jailbroken iPhones, allowing a user to log in via Terminal and run standard UNIX commands. Unfortunately, iPhones all have a default root password that many forget to change after jailbreaking, leaving their phone as vulnerable as a Lamborghini parked on a public street with the windows down, the doors unlocked, and the keys in the ignition.

The hacker relied on unchanged root passwords to hack into the phones. He then sent what appears to be an SMS alert to the hacked phones (in reality it's a replaced wallpaper) that read, "You iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files." Going to the website directs the user to send €5 to a PayPal account, after which the hacker will e-mail instructions to remove the hack—which most likely involve restoring the iPhone to factory settings.

The hacker doesn't appear to have malicious intent, other than to glean some extra cash. "If you don't pay, it's fine by me," reads the page mentioned in the message to the hacked iPhone owners. "But remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advice to secure your phone."

An Ars reader familiar with computer security let us know that security researchers have done similar port scanning in the past, and downloaded users' SMS databases as a "proof of concept." However, this is the first time that it seems the technique has been used in the wild. It's worth noting that the technique is fairly trivial and could be done by anyone with even a modicum of networking know-how.

The incident highlights the fact that jailbreaking removes the security mechanisms that Apple has in place for the iPhone OS—which are as much about securing the device against hackers as they are about preventing "unauthorized" applications. If you do jailbreak, then the onus of security is on you, so be sure to change the root password to something other than the default. You can also disable the SSH daemon when not in use to prevent this particular attack from happening to you.

UPDATE: It appears the young hacker has had a change of heart on the money issue, and posted instructions for undoing what he did to several Dutch iPhone users. According to a commenter below, he has also apologized for asking for money and returned whatever ill-gotten gains he received from his stunt. However, that doesn't mean someone else couldn't pull the same trick and just not tell you about it. So for goodness sake, if you jailbreak and do things like leave an SSH daemon running, change the default passwords.

Pengalaman saya sendiri waktu menggunakan linux mint Gloria 7. masalah yang saya dapatin adalah firefox (v.saya lupa) suka dan pasti akan otomatis tertutup sendiri , dan kita harus mulai running lagi dari application untuk menggunakan firefox itu.

firefox tidak akan bisa anda upgrade gitu aja dari mozilla web - akhir nya saya iseng cari tutorial nya.

Mozilla released Firefox 3.5 and you can now install it in Gloria. The package name is “firefox-3.5″.

To install this package, you can use Synaptic, mintMenu, mintInstall, or simply the terminal:
apt update
apt install firefox-3.5

Once installed, your system will have both Firefox 3.0 and Firefox 3.5 and the item called “Firefox” in your menu will continue to point to Firefox 3.0.

To launch Firefox 3.5, you can use the command line and type “firefox-3.5″ or you can click on the “Shiretoko Web browser – Firefox 3.5 Beta” item in your menu.

Don’t mind the fact that it’s called “Shiretoko” and that it mentions “Beta”, this version of Firefox is the stable 3.5 version. Upstream, Ubuntu decided to keep version 3.0 as the main Firefox version for Jaunty Jackalope users and since Firefox 3.1/3.5 was made available as a Beta (3.5b4) at the time, they apparently decided it should keep its beta name (Shiretoko).

You cannot run both Firefox 3.0 and Firefox 3.5 at the same time. To run one version, make sure all instances of the other one are closed.

If you like the new version of this browser, you can change your Firefox menu item and make it point to Firefox 3.5 by editing the file /usr/share/applications/firefox.desktop as root, and by replacing the line “Exec=firefox %u” with “Exec=firefox-3.5 %u”.

P.s : firefox seri 3.5 is Sheritoko

• Metasploit now has 445 exploit modules and 216 auxiliary modules (from 320 and 99 respectively in v3.2)
• Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (375k lines of Ruby)
• Over 180 tickets were closed during the 3.3 development process

• Ruby 1.9.1 is now supported and recommended
• Windows Vista and Windows 7 are now supported
• Major improvements in startup speed thanks to patches from Yoann Guillot

• The msfconsole is now the primary user interface on Windows (using RXVT)
• The Windows installer now uses Ruby 1.9.1 (cygwin)
• The Windows installer now ships with Cygwin 1.7
• The Windows installer now comes in full and mini editions
• The Windows installer can be launched silently with /S /D=C:\path
• The Windows installation is now portable and can be installed to USB
• The Windows installation works on 64-bit Windows if launched in Compatibility Mode
• The Windows installer now offers to install Nmap 5.0 for your convenience

• Standalone Linux installers are now available for 32-bit and 64-bit Linux. These installers contain a complete execution environment, including Ruby 1.9.1, Subversion, and dependent libraries.
• The preferred installation location is /opt/metasploit3/msf3, please see the Ubuntu and generic Linux installation guides for more information.

• The startup banner now includes the number of days since the last update and the svn revision
• The RbReadline library is used by default, allowing msfconsole to work on systems without libreadline
• The -L parameter to msfconsole now allows the system Readline to be used if necessary
• A new 'connect' command, similar to netcat, that can use meterpreter routes
• Colorized output on terminals that support it. This can be disabled (or forced on) with the 'color' command

• Win32 payloads can now be embedded into arbitrary executables using 'msfencode -t exe -x MYFILE.exe -o MYNEWFILE.exe'.
• Win64 payloads can now be embedded into arbitrary 64-bit executables using 'msfencode -a x64 -e x64/xor -t exe -o MYNEWFILE.exe'.
• The default executable size for generated Win32 binaries now depends on the size of data/templates/template.exe. As of the release, this file is approximately 80k.
• Payloads can be generated as VBS scripts using the -t vbs option to msfencode. Persistent (looping) payloads can be generated with -t loop-vbs.
• Payloads can be generated as VBA macros for embedding into Office documents. The output is in two parts, the first must be pasted into the Macro editor, the second (hex) must be pasted to the end of the word document.
• The x86/alpha_mixed and x86/alpha_upper encoders now accept the AllowWin32SEH option (boolean) to use a SEH GetPC stub and generate 100% alphanumeric output.

• This is a standalone Metasploit server that accepts authenticated connections over SSL.
• The demonstration client, msfxmlrpc, can be used to call the remote API

• Database support is now active as long as rubygems and at least one database driver are installed. The only db_* plugins are no longer necessary and have been deprecated.
• The vulnerabilities table now references the host as the parent table and not the service. This allows vulnerability information to be ported that is not tied to an exposed service.

• All applicable exploits now have OSVDB references thanks to a major effort by Steve Tornio
• New aix/rpc_ttdbserverd_realpath exploit module, which targets latest versions of IBM AIX operating system (5.3.7 to 6.1.4)
• Support for the Oracle InstantClient Ruby driver as an exploit mixin
• Support for the TDS protocol (MSSQL/Sybase) using a custom native Ruby driver (MSSQL 2000 -> 2008)
• Extensive support for exploitation and post-exploitation tasks against Oracle databases
• Extensive support for exploitation and post-exploitation tasks against Microsoft SQL Server databases
• The browser_autopwn module was completely rewritten using much more robust fingerprinting methods
• SOCKS4, SOCKS5, and HTTP proxies work much better now

• The Windows stagers now support NX platforms by allocating RWX memory using VirtualAlloc. The stagers have been updated to perform reliable stage transfer without a middle stager requirement.
• The reverse_tcp stager now handles connection failures gracefully by calling EXITFUNC when the connection fails. This stager can also try to connect more than once, which is useful for unstable network connections. The default connect try is 5 and can be controlled via the ReverseConnectRetries advanced option. Setting this value to 255 will cause the stager to connect indefinitely.
• The reverse_tcp_allports stager has been added, this will cycle through all possible 65,535 ports trying to connect back to the Metasploit console
• The ExitThread EXITFUNC now works properly against newer versions of Windows
• The CMD payloads now indicate support for specific userland tools on a per-exploit level
• The Windows stagers now support Windows 7
• New payload modules for Linux on POWER/PowerPC/CBEA
• New payload modules for Java Server Pages (JSP)
• New payload modules for Windows x64
• New payload modules for IBM AIX operating systems (versions 5.3.7 to 6.1.4)

• Scanner modules now run each thread in its own isolated module instance
• Scanner modules now report their progress (configurable via the ShowProgress and ShowProgressPercent advanced options).
• A simple fuzzer API is now available as well as 15 example modules covering HTTP, SMB, TDS, DCERPC, WiFi, and SSH.
• Ryan Linn's HTTP NTLM capture module has been integrated
• Support for the DECT protocol and DECT mixins have been integrated (using the COM-ON-AIR hardware)
• Support for the Lorcon2 library including a new Ruby-Lorcon2 extension
• Addition of airpwn and dnspwn modules to perform spoofing with raw WiFi injection using Lorcon2
• The pcaprub extension has been updated to build and run properly under Ruby 1.9.1
• Max Moser's pSnuffle packet sniffing framework has been integrated into Metasploit

• The Meterpreter now uses Stephen Fewer's Reflective DLL Injection technique by default as opposed to the old method developed by skape and jt.
• The Meterpreter now uses OpenSSL to emulate a HTTPS connection once the staging process is complete. After metsrv.dll is initialized, the session is converted into a SSLv3 link using a randomly generated RSA key and certificate. The target side now sends a fake GET request through the SSL link to mimic the traffic patterns of a real HTTPS client.
• The Meterpreter AutoRunScript parameter now accepts script arguments and multiple scripts. Each script and its arguments should be separated by commas.
• The Meterpreter can now take screen shots using the 'espia' extension and the 'screenshot' command. To use this feature, enter "use espia" and "screenshot somepath.bmp" from the meterpreter prompt.
• The Meterpreter can now capture traffic on the target's network. This is handled in-memory using the MicroOLAP Packet SDK. This extension can buffer up to 200,000 packets at a time. To use this feature, enter "use sniffer" and "sniffer_start" from the meterpreter prompt.
• The Meterpreter now supports keystroke logging by migrating itself into a process on the target desktop and using the keyscan_start and keyscan_dump commands.
• The Meterpreter now supports the "rm" file system command.
• The Meterpreter now supports the "background" command for when Ctrl-Z isn't feasible.
• The Meterpreter now supports 64-bit Windows.
• Alexander Sotirov's METSVC has been added to the Metasploit tree and stub payloads are available to interact with it

• The basic framework for Meterpreter on Linux, BSD, and other POSIX platforms was completed by JR
• The stdapi extension has been partially ported to the POSIX platform

• All scripts now accept a "-h" argument to show usage

• The msfgui interface is not actively maintained and is looking for a new community owner
• The msfweb interface is not actively maintained and is looking for a new community owner
• The msfopcode command line utility is disabled until the Opcode Database is updated
• The msfopcode client API is disabled until the Opcode Database is updated and restored

• The auxiliary/scanner/portscan auxiliary/scanner/snmp auxiliary/scanner/sip and auxiliary/scanner/discovery modules are broken in 3.3 due to bug #529 (fixed via online update).
• The Meterpreter payload does not work with the PassiveX stager (reverse_http), this is bug #291.
• Using the SQLite3 database with threaded scanners can lead to BusyException errors due to table locking. This is ticket #514. The workaround is to use a more robust database, such as Postgres or MySQL.
• Using any database with threaded scanners under Ruby 1.9.1 leads to a segmentation fault in the Ruby interpreter (ticket #513). The workaround is to use Ruby 1.8.7 with the Postgres or MySQL databases.
• Ctrl-R is broken with RbReadline; this is bug #492. The workaround is to start msfconsole with -L to use the system readline (which doesn't work on OSX).
• The screenshot command in the Espia Meterpreter extension fails to work when the console is not running as an administrator on Windows 7 and Vista. This is bug #488