TeQ LAB, LLC

AT&T iPhone Tethering / Visual Voicemail / No Jailbreak Fix

noreply@blogger.com (TeQ) — Sat, 01 Aug 2009 07:18:53 PDT

Here is the TRUE FIX for AT&T, Visual Voicemail and Tethering without jailbreaking. I finally tried it enough times and it works in this scenario:

Install the “pre-configured” AT&T Profile from the Ben.M site using mobile safari from your iphone.

MOST IMPORTANT PART!
DO NOT REBOOT YOUR PHONE UNTIL YOU MANUAL RESET NETWORK SETTINGS – SETTINGS -> GENERAL -> RESET -> RESET NETWORK SETTINGS.

If you reboot the phone before doing this, it seems to permanently save the wrong VMM settings. If you reset the network settings before rebooting, it reverts back to the old APN config but leaves the Tethering app installed.

I’ve tested this 10 times now and it seems to be the right steps. It did not work for me until I followed these steps exactly.

To clean this up and retry things, go into Settings / General / Profile and remove the Unsigned app. This will automatically clean the tethering support off your phone (without even rebooting).

I think this explains why a lot of people have had mixed results. Some people (like me) assume you needed to reboot the phone in order to get the Tethering working first. Other people are following step by step, but none of the steps mention the dangers of rebooting before doing the 'network reset'.

I hope this clarifies the process for anyone having trouble.

Good luck and stay safe!

Your password strategy probably sucks!

noreply@blogger.com (TeQ) — Fri, 13 Feb 2009 10:14:16 PST

Consider This:

Every day people sign up for access on the latest, coolest, random system / website that they find interesting or serves a purpose.

It's safe to say that most online systems require an email address in order to gain access. Most of these sites also require a lot of personal identifiable information to complete the registration process.

Is the password for your primary email account (@hotmail.com, @google.com, etc) different from the password you're using on this new site for which you just registered?

If not, here's some reasons you should rethink your approach!

Fact:

Most users reuse the same email account and password for the majority of systems and sites they frequent.

Example:

You create an account at 'www.JoesOnlineWidgetsAndFish.com' using your hotmail account as the login information: 'verysillyuser@hotmail.com'. As always, you use your super secret (but standard) password: 'Mysweetpasswordnobodycanguess1955'.

You are now (perhaps unwittingly) putting 100% faith in Joe (with the Online Widgets and Fish) that:

Joe's Development staff secured your password appropriately (probably not)
Joe and his employees have no malicious intent, now or in the future (toss up)
The Site has not and will not ever be compromised in any way. (heh)

Assume now that Joe's was the victim of an internal hack. The hacker has taken control of his user list and now has access to your email address and preferred password. Alternatively a developer could easily inject and deploy some code to simply capture your password on the login page, bypassing any security steps entirely, including getting through: MD5/Hashed Passwords, Database Security standards, even SSL.

The hacker then navigates over to the email host you registered with (hotmail.com) and logs in using your email account and your common password. Hacker scans your inbox for every other sites you have ever accessed and propogating this scenario endlessly.

Now you may have a different password on those other (more important) sites, but since hacker now has access to your email account - they can easily request a password change from most sites. The sites will be more than happy to email your new password to your 'pre-validated' email address.. the one the hacker is now monitoring.

Some Research:

Having been on the fraud investigation task force for several ecommerce companies, I've had the pleasure of speaking with 'impacted' end users from time to time. These are users who were on the receiving end of bad news: "Our Website was compromised. Your data is at risk. We lost your password and credit card information to malicious hackers."

As you can assume, most of these customers were not too interested in anything but yelling and threatening lawsuits. However, there were occasions where I had a chance to really speak to some of them and get a few security related questions in.

What I discovered was scary but not all that suprisingg: 95% of the customers I spoke with indicated they did re-use their password on most sites, including their primary email account.

A better approach:

It is your responsibility as a secure user to ensure you are not re-using your passwords. If you decide you must re-use the same password, at minimum you need to ensure the password you're using for your email host is different from any other site you access.

Never reuse your email passwords anywhere
If you are already doing this, change your email account password(s) immediately

Conclusion:

Having worked with hundreds of ecommerce companies over the years, I can safely say that most small online companies have pretty weak security. Protecting YOUR password is probably not their main priority. Many sites only consider the impact of a password compromise as it relates to their own systems. They are not considering the fact that you may be re-using your password on hundreds of other sites. More often than not these companies have implemented strong encryption for your Credit Card information but they may overlook the importance of password security.

If you need assistance locking down your ecommerce company, please drop us a line!

Stay safe,

@TeQ

Many Chicago area T Mobile G1 Customers are finding it difficult to "Stick Together".

noreply@blogger.com (TeQ) — Wed, 11 Feb 2009 17:37:52 PST

Many Chicago area T Mobile G1 Customers are finding it difficult to "Stick Together".

This issue has been present since launch and continues to go unaddressed.

It seems there are specific zones / Towers in the downtown Chicago area where customers using the Android / Google Phone (G1) are having consistent daily issues with their new phones locking up.

One user I spoke with indicates he has replaced his phone 3 times. With any new technology there is always delays getting any information from a big company. So far T mobile has not openly addressed this issue.

The G1 is one of T Mobile's first 3g devices which can only be assumed is the issue here. One solution to keep your phone from locking up is to remove the sim card. Obviously this defeats the entire purpose. Additional reports indicate that disabling the 3g features does not resolve the lock up issue.

Customers in New York have also indicated they have experienced this problem, but on a less frequent basis.

Personally, I have not had any issues with 'lock-ups' in the Austin area or any of the other cities I've traveled.

If you are in downtown Chicago or New York and are experiencing a lock up scenario, please chime in. Include your general location if possible to help determine what Towers may be causing the issue. Are any other areas having problems? Let us know!

TeQ

Pinch Media's Free Tools for iPhone Developers

noreply@blogger.com (TeQ) — Tue, 10 Feb 2009 17:55:16 PST

"Enhance your iPhone SDK applications with Pinch Media.
Pinch Media builds free tools for iPhone developers that add functionality to your applications. Simply add the appropriate Pinch Media code module to your application and follow the integration instructions, and we’ll take care of the rest."

Pinch media recently announced their iPhone development libraries: Pinch Advertising and Pinch Analytics. Although the company name implies these tools support pinching features, it turns out to just be a cool company name. These tools are not related directly the the 'pinching' behavior.

Pinch Advertising allows developers to easily integrate advertising into their iPhone applications. It appears they manage the ads for you.

Pinch Analytics allows you to easily track your end users activities for better usage analysis. "When the Pinch Analytics code module is integrated with your iPhone SDK application, Pinch Analytics will track the number of unique, active users, the length of time your application is being used, and, if enabled, the geographic location of your users." Now I won't have to develop it.

It's very cool to see some free development libraries becoming available. I'm looking forward to trying these out!

Obviously these tracking tools and ad serving features are similar to features that google provides in it's own tools. You will be contributing your user data and usage information directly to their collective repository. For individual developers that want to easily add these features, the trade off is a no brainer. For bigger companies or projects, it may be more appropriate to roll your own tracking solution.

They are also working on some 'new' tools. We'll be keeping on eye on these guys..

Thanks @kermee for the heads up!

TeQ

Pinch Media