Escher Auernheimer, a member of the security group Goatse Security, has posted a public response to AT&T’s customer email regarding the recent exposure of over 100,000 customer emails and SIM ICC-ID numbers. He claims that if the group and the third parties had not exposed the security hole, AT&T “would have never fixed” the problem, and that the company “had plenty of time to inform the public” about the problem before Goatse went public, but it did not, and also pointed out that the potential for exploitation of other vulnerabilities still exists. “AT&T is not highlighting the potential for a skilled attacker to use a Safari exploit, or other iPad application exploit based on this dataset to takeover the iPad,” Auernheimer said. “A complete list of iPad 3G customers (which could have been generated from this vulnerability) would have the ideal bit of data for those in the RBN with zero-day Safari exploits to acquire.”
Editor’s Note: Although it’s not prevalent, there is a small amount of foul language towards the end of Auernheimer’s post, making it possibly NSFW.
Good.iWare has released another update to its highly popular PDF reading application for the iPad, adding a number of enhancements to PDF reading. GoodReader for iPad 2.8 introduces horizontal page turning for PDF files for a more book-like reading experience. The new version also provides the ability to rotate PDF files, automatically crop margins for a full-screen view of text and display two-page spreads in landscape view. GoodReader also now pre-caches PDF files for better performance when turning pages and adds support for Apple’s iPad Dock Connector to VGA Adapter, allowing documents to be displayed on a secondary monitor, TV or digital projector. GoodReader for iPad is available from the App Store for $1 and is a free update for existing users.
Silvio Rizzi has released an iPad version of his popular Reeder RSS client for iOS. Reeder for iPad brings over all of the features from the iPhone and iPod touch version, including Google Reader sync, browsing by feed or folder, starring and sharing items, image caching, and integration with third-party services such as Instapaper, Twitter, Delicioius and Pinboard. The iPad version introduces a redesigned interface for the iPad with a split-screen reading view and feeds and folders shown as thumbnails. Users can open folders using a pinch gesture—individual feeds appear as thumbnails and expand outward with the same effect as opening albums within the iPad Photos application. Reeder for iPad is available from the App Store for $5.
AT&T has sent out an email to its iPad with Wi-Fi + 3G customers explaining the situation surrounding the recent exposure of over 100,000 customer emails and SIM ICC-ID numbers. Titled “Important Information About Your iPad 3G,” the email from AT&T Senior Vice President Dorothy Attwood states that a group of “unauthorized computer ‘hackers’” used a web address that’s part of the iPad log-in process to determine users’ iCC-ID numbers and get their email addresses. It also states that AT&T took “swift action to prevent any further unauthorized exposure of customer email addresses,” and that [w]ithin hours, AT&T disabled the mechanism that automatically populated the email address.” “I want to assure you that the email address and ICC-ID were the only information that was accessible,” Attwood writes. “Your password, account information, the contents of your email, and any other personal information were never at risk. The hackers never had access to AT&T communications or data networks, or your iPad.” The publication of details relating to the matter recently led the FBI to launch an investigation into the matter.
The U.S. Federal Bureau of Investigation has launched an inquiry into the recent security breach on AT&T’s website that led to the exposure of more than 100,000 iPad with Wi-Fi + 3G customers’ email addresses and SIM IDs. “The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat,” FBI spokesman Jason Pack told Reuters. The security hole, which was found and exploited by a group called Goatse Security, has since been closed, claims AT&T. The investigation isn’t surprising, the report claims, quoting an unnamed telecommunications executive as saying ““if there’s a high profile data compromise it’s not unusual to get a phone call from government officials.”
A security hole on AT&T’s website has led to the exposure of email addresses and SIM ICC-ID numbers for 114,000 iPad with Wi-Fi + 3G users. Gawker reports that a security company known as Goatse Security discovered a script on AT&T’s website, accessible by the public, through which it obtained the data. While the security group did notify AT&T of the breach, and the company subsequently closed the security hole, the group admits it shared the PHP script it used to harvest the data with several third-parties prior to AT&T’s action, meaning that the accounts of all 114,000 known users, and possibly more, have potentially been compromised. Included in the breach were the email addresses and ICC-ID numbers of a number of high-ups in the media, tech, and financial industries, as well as a number of senior government officials, allegedly including White House Chief of Staff Rahm Emanuel. Despite the leak, a notable security expert at the University of Virginia told Gawker the exposure of ICC-ID information “has no direct security consequences.” AT&T and Apple have yet to comment on the matter.
Cisco has reached an agreement to license its iOS trademark to Apple. During its WWDC 2010 keynote address, Apple announced that it would be changing the name of iPhone OS to “iOS,” which was covered under a Cisco trademark relating to its “IOS” network infrastructure software. “Cisco has agreed to license the iOS trademark to Apple for use as the name of Apple’s operating system for iPhone, iPod touch and iPad,” Cisco said in a statement reprinted on a company blog. “The license is for use of the trademark only and not for any technology.” Notably, Cisco was also the owner of the iPhone trademark when Apple first introduced the phone in January of 2007; the dispute over the name led to a lawsuit which was eventually dropped when the two companies came to an agreement to share the iPhone name.
Apple today renamed its mobile device operating system, replacing the former iPhone OS moniker with “iOS.” Apple CEO Steve Jobs announced the change during his WWDC keynote address, and used the opportunity to highlight some of iOS 4’s previously revealed features, including multitasking, folders, the unified Mail inbox, rotation lock, and enterprise features like Exchange Server 2010 support, wireless app distribution, mobile device management, data protection, and SSL VPN support. In an update on the new iAd advertising service, Jobs mentioned a number of large brands that have signed on to the service, including Nissan, Citibank, GE, Sears, Target, Best Buy, and others; the service will go live on July 1 for all iOS 4 devices, with $60 million committed for the second half of 2010.
New to the OS will be an option to use Bing search instead of Google or Yahoo!; Jobs also revealed that the 100 millionth iOS device will be sold this month. Developers can download the gold master of iOS 4 beginning today by visiting the iPhone Dev Center; iOS 4 will launch on June 21 as a free upgrade for all applicable products, including the second- and third-generation iPod touch, iPhone 3G, and iPhone 3GS.
During today’s WWDC keynote address, Apple CEO Steve Jobs revealed several enhancements to the iBooks app for the iPad. The new version will offer highlighting and note taking, with an option to bookmark a page and have the bookmark appear in the table of contents. In addition, the new version of iBooks will offer support for reading PDF files. Jobs noted that the iBookstore has seen five million downloads in the first 65 days, for an average of 2.5 books per iPad, and offers books from five out of the six largest publishers in the U.S., taking a 22% share of eBook sales in just eight weeks. The updated version of iBooks will be released later this month.
Appremix has released an update to its Boxcar Push Notification application for the iPhone platform. Boxcar 3.0 is now a universal app, adding iPad support and a revamped inbox with a pull-down-to-refresh feature, the ability to delete individual notifications and five new notification sounds. Notably, all push notification services offered by Boxcar are now free—previous versions provided one service at no charge and required users to purchase additional notification services via in-app purchase for $1-$2 each. Instead, the new version appears to be ad-supported, with a $5 in-app purchase option for users who would like to upgrade to the ad-free version. Ads are not yet appearing in the application and it is unclear whether or not existing users who have previously purchased additional services will be required to purchase the ad-free upgrade separately. Boxcar 3.0 is available from the App Store as a free download; existing users should receive the new version automatically.
Lexcycle has released a Universal update to Stanza, its acclaimed e-book reader application. Stanza 3.0 adds native iPad support as well as support for PDF, DjVu and Comic Book Archive formats. iPad users can now transfer e-books directly onto their device using the iTunes File Sharing section as well as opening support book formats directly from web pages and e-mail attachments. Additional language support for Turkish and Bulgarian users has also been added. Stanza continues to provide support for a wide variety of e-book formats, including ePub, eReader and Mobipocket as well as direct integration with a number of e-book services from directly within the application. Stanza 3.0 is available from the App Store as a free download; existing users should receive the universal update automatically.
AT&T is considering letting customers who have pre-ordered an iPad with Wi-Fi + 3G sign up for an unlimited data plan. The New York Times reports that AT&T is contemplating the move in the face of widespread iPad shortages that may leave some customers interested in the unlimited data plan unable to sign up prior to the data plan switch over on Monday. “We are looking into this situation and how we can accommodate these customers,” an AT&T spokesperson told the NYT. According to the report, AT&T would allow customers who have paid for, but not yet received, an iPad with Wi-Fi + 3G to sign up for unlimited data ahead of when the device actually arrives; until such a solution is announced, iPad users have until 11:59 on June 6 to sign up for unlimited data, which will then need to be automatically renewed each month in order to not fall back on the company’s new data plans, which max out at 2GB for $25 a month.
Update: AT&T has confirmed that customers who pre-order the iPad with Wi-Fi + 3G by June 7 will be eligible for the $30 unlimited plan. “[N]o need to worry,” a company spokesperson wrote on AT&T’s Facebook Wall, “we will honor the $29.99 unlimited data pricing for customers who order iPad by June 7.”
Following AT&T’s decision to introduce new “smartphone” plans that will impact iPhone and iPad 3G users, the company has been flooded with negative sentiments from angry customers. The company’s Facebook Wall is filled with comments ranging from well-mannered and sensible sentiments—“Just imagine the good PR you guys will get if you offer the tethering for free with the [DataPro] plan, it won’t change anything in your service since everybody will use the same data that [they are] already paying [for]”—to bolder and frequently brutal ones, such as “AT&T is showing their true colors… They really truly suck.” Many users, including iLounge readers, have focused about the abrupt change in iPad with Wi-Fi + 3G service terms after only a month on store shelves. “Bait and Switch,” says iLounge reader Liz. “They pumped the iPad 3G for months on the unlimited data plan with no contract and now they’re taking it away only what 2 months or less since the 3G launched? Screw AT&T I’d rather pay the big cash to another carrier and use MiFi instead.”
A quick search of Twitter for the hashtag “#attsucks” turns up numerous recent tweets, for obvious reasons all negative. “I’m sure of two things: as of 6/7 I’m giving $15 less to AT&T each month,” writes user davehiggins1. “As of 11/20 I’m giving $0 to AT&T each month.” Twitter user HelloTasmin writes, “Does it actually make it better that I pay slightly less for a service that becomes sh!*!ier every day?” It remains to be seen whether the backlash will force AT&T’s hand to remedy some of the newly-created issues; however, as iLounge reader Devo points out in a comment on our editorial on the matter, there is some precedent for iPhone-related customer outcry leading a carrier to change its policies.
“When Apple finally announced that Canadians [were] going to get their chance to get their hands on a (legitimate) iPhone, Rogers communications (our AT&T equivalent provider north of the border) announced some pretty lousy data plans,” Devo writes. “In fact, some of them had (have) ridiculously low caps. I think they started [at] 100MB! Canadian customers were so [put] off that Americans were being offered unlimited data that a petition was started to try and force Rogers to offer the same, an unlimited plan at a fair ($30) price. What we got was a limited time offer of 6GB for that $30, and yes I signed up for that. Then last summer, Rogers got wise and when Apple offered tethering on the iPhone, customers could use that service, free of any additional charge, and any data usage incurred would count towards that month’s allowed data. Now AT&T wants to make the same mistakes as Rogers, and hopes to get away with it? What are they thinking? Who in the world thinks it’s a good idea to offer worse service at a higher price, than was available to consumers in the past. They must think you’re all idiots.”
AT&T has delivered contradictory statements regarding the future of the 250MB for $15 iPad with Wi-Fi + 3G data plan to separate publications. Speaking with Chicago Now, AT&T spokesman Mark Siegel said that users currently on the $30 a month unlimited iPad plan would be able to keep it, while users who haven’t signed up for it will be unable to, and will need to choose from the DataPlus plan, which offers 200MB for a $15 charge, or the 2GB for $25 DataPro plan, indicating that the current $15 plan will be discontinued for new users. Seth Bloom, also an AT&T spokesperson, chatted with TUAW, and said that “[t]he prepaid iPad $15 plan will not be affected at all by these changes,” adding that “[y]ou will continue to receive 250MB (not 200MB) after the changeover for the same $15 cost,” contradicting Siegel’s statement. iLounge has contacted AT&T about the issue and will update this story if and when we receive a response.
AT&T has announced that it is making several major changes to its data plan offerings, including those for the iPhone and iPad, as well as giving a concrete timeframe for its iPhone tethering launch. The single $30 unlimited iPhone data plan will be replaced by a pair of options: DataPlus, which offers 200MB of data for $15 per month, and DataPro, which provides 2GB of data for $25. Should a customer exceed their data limit, they will receive either an extra 200MB of data for $15 on DataPlus plans or an extra 1GB of data for $10 on DataPro plans. Similar changes will be made to the company’s iPad data offerings, with the $30 unlimited plan being replaced by the new $25 for 2GB a month plan. All of the data plans offer free access to more than 20,000 AT&T Wi-Fi Hot Spots as well. Finally, AT&T will be offering iPhone tethering to customers on DataPro plans for an extra $20 per month; the feature will be available when iPhone OS 4.0 is released. Current customers are not required to switch to the new plans but can do so if they wish without extending their contracts; the plans will be available beginning June 7.
Earlier this evening, Apple CEO Steve Jobs gave an on-stage interview with Walt Mossberg and Kara Swisher to open this year’s D: All Things Digital Conference. Jobs touched on a number of subjects, ranging from the App Store approval process to the purchase and subsequent publication of details relating to the fourth-generation iPhone. Perhaps most notably, Jobs revealed that the basis for the iPhone OS originally started as a software project for a tablet, and was only re-focused on a phone once Jobs saw the initial user interface coming together. He later made an analogy between traditional PCs and trucks and tablet computers and cars, saying that he thinks PCs will be more like trucks, and over time, less people will need them.
Asked about his own open letter regarding Apple’s stance on Flash support for the iPhone OS platform, Jobs depicted the company as having fewer resources than some competitors, and explained that it tries to look for technology that is up and coming, instead of on its way out. He noted Apple’s history of both abandoning outgoing technology earlier than competitors, such as with the 3.5-inch floppy disc in the iMac and optical drives in the MacBook Air, and adopting new, upcoming technologies earlier than others, pointing to USB support in the first iMac. He described Flash as waning, and said he only wrote the letter after Adobe publicly complained about the lack of Flash support on the iPad.
Adobe has announced its new digital viewer technology for print publishers that allows them to create Apple-compliant versions of their magazines. Debuting with the iPad version of Wired Magazine, which is currently available from the App Store, the technology allows for the inclusion of video content, slide shows, 360-degree rotating images, vertical and horizontal content support, and touch gesture support. The new technology was developed “with input from” Wired, and was likely created in response to Apple’s decision to ban Flash and other cross-compiler solutions from the iPhone OS. The new digital viewer software is expected to appear on Adobe’s Labs service “soon.”
A number of leading PC motherboard manufacturers have released updated drivers that allow for iPad charging. Gigabyte, MSI, and ASUS have all released software updates that allow for iPad charging, as well as faster charging for iPhones and some iPod models, on recent motherboards. Engadget notes that although the software is designed for the respective manufacturers’ products, some users of other companies’ machines have reported that the software works with their models, as well.
Following a rash of suicides that has drawn widespread attention, Apple will soon begin paying direct subsidies to Foxconn employees involved with manufacturing the company’s products in an effort to improve employee happiness. Citing unnamed sources, Chinese-language Zol.com reports (Translated Link) that Apple already pays Foxconn 2.3% of final product prices, but will expand this by paying an additional amount, reportedly in the 1-2% range, directly to the employees, subsidizing their current $132 monthly salary. The report also claims that the subsidies will initially be paid to iPad product line employees; no mention is made of if or when the additional payments might be extended to employees involved in the manufacture of other products such as the iPhone and iPod. [via Engadget]