This is a pretty good comparison of the EAS (Exchange ActiveSync Policies) support for iPhone, Android, Windows Mobile and Windows Phone 7:
http://refraction.co.uk/blog/wp-content/uploads/2010/11/Exchange-ActiveSync-Policies.pdf
Do you ever wanted to know what kind of Exchange ActiveSync Policies the iPhone OS 4 supports? Officially, the iPhone OS 4 supports the following Policy Settings:
Here is a nice blog article what really works for iPhone OS 4.
Here it is: a Jailbreak for iOS 4.1 for iPhone models 3GS and 4. The tool called “limera1n” and was delevoped by a hacker named GeoHot. “limera1n” is a 1-click solution for jailbreaking. But take attention, for those who would like to unlock their devices I would suggest to wait for a new version of the pwnage to by the dev team. “limera1n” works with another baseband version and therefore an unlock is not possible at the moment.
Here is a step-by-step guide in german for jailbreak your device. This is the link to the official “limera1n” page.
I found a nice blog entry about VoIP Security in connection with SIP and RTP encryption. The article discusses different types of security products for protecting media and signaling data.
Here I found a really interessting article about a forensic analysis of an iPhone. The blog post gives us a look at some of the common forensic tools and how they can be applied to iPhone forensic analysis.
It’s not just Android apps that transmit users’ personal data to vendors. Erick Smith, Assistant Director of Information Security and Networking at Bucknell University in Lewisburg, published an analysis of application transmission of iPhone Unique Device Identifiers (UDIDs). In his article, he describes that 68% of 57 tested free applications are transmitting UDIDs to servers under the application vendor’s control each time the users starts the application. Furthermore, 18% of these applications transmit the information encrypted.
He also confirmed that some applications (such as Amazon, Facebook or Twitter) are able to link the UDID to real-world identity by matching the UDID with an existing User-ID.
You can find the study here: link
A new exploit on iOS 4.1 and iOS 4.2 (beta) allows the installation of cracked apps on non-jailbroken devices. Apple got another exploit to fix! Supposedly an app called “IPA God” will be released soon that takes advantage of iOS 4.1 and 4.2 (beta) devices to allow the installation of cracked apps.
The video above shows it in action.
At the moment, I am writing some hardening guidelines for Internet Explorer 7/8. One important part of this guidelines are the settings of the group policy objects. In IE 8 there are about 1300 GPOs for configuring the browser. Fortunately, not all of them are security relevant. But there are some new topics I have never heard about. One of these topics is “Binary Behavior Security Restrictions”. I was searching for a long time for a good explanation and was looking for some best practices strategies. Last but not least, I found this interesting link: Link
Yesterday night, Apple released iOS 4.1 with new features like Ping!, Game-Center and some other “upgrades” for iPhone 4. By the way Apple also fixed known security-vulnerability holes on iOS 4.0.1. Nevertheless there is already a jailbreak available for iOS 4.1. Read a step-by-step guide on http://www.redmondpie.com/how-to-jailbreak-iphone-3gs-on-ios-4.1-with-pwnagetool-guide/.
Would you like to release Mozilla Firefox instead of Internet Explorer in our company? There is a smart way to lockdown Firefox with Group Policies in Active Directory. You can set each configuration item by Group Policies.
Check out the website of the FrontMotion Team where you can download the ADM-Templates. On the website http://kb.mozillazine.org/ you can find the explenation of all the settings.
