Fun Stuff

Well, after a period of silence, here is an update!

I felt the need to write a quick little article about this new item I found in Cydia:

Firewall iP by Yllier ($1.99)

This nifty little program is does quite a bit and can be quite helpful to both the right and wrong people. Is it a security tool? Yes. Is it a hacking tool? Yes. Will maliciousness come out of it? Most likely, as I've tested already..

"Firewall iP allows you to block outgoing connections (TCP & UDP). It hooks into applications from AppStore and Cydia. Firewall iP will warn you if the app wants to establish a connection to a host and shows you the hostname. Then you have the options to allow/deny the connection once/always or allow/deny all the connections for the application.
You can decide if the application will send data. Developers will no longer be able to collect stats about you (UDID phone number, usage statistics...) or even collect personal data. With Firewall iP you can cover all app analytic providers which aren't in PrivaCy and also custom analytics."

So.. pros and cons? Mostly pros for the right people using it for the right reasons. Block your number, personal stats, etc.. This is always good and we've seen this issue semi-resolved by PrivaCy, only this app allows the blocking of all connections to any host any app tries to access upon your request/configuration.. not bad.

The bad? This program can be used by script kiddies to enable formally blocked, though cracked, IPAs. Some examples of IPAs that have done a pretty good job of stopping users from using them without paying are: Beejive, GPush, some old "Save Kitty" game if I remember", and newly Rally Master Pro. Each one of these IPAs when downloaded outside of iTunes and used on jailbroken phones, may allow the application to open and if anything give the user a short demo but then the cracked IPA shuts down, rendering useless, requesting the user to purchases these apps.

Where am I getting at? Well, this new Firewall app blocks UDID, right? and these cracked IPAs are most likely communicating with the servers to trace the authorized UDID's, right? Well.. a little testing and I was made aware of what this Firewall iP app can do for script kiddies.. it allows them to bypass the connection made to identify the IPA as cracked and allows the use of the app without it restricting itself to shutout on the user.. I tried this and got positive results with Rally Master Pro; I was able to play past the 'demo' portion of the game without any warning and have access to the full contents of the game. Interesting results..

So.. Firewall iP: good for moralized iPhone/app-purchasing clients & for script kiddies trying to played their alternately downloaded IPAs, as well.

Very cool program, nontheless!

P.S. Iowa really sucks and can't wait for PSU-vs-Ohio this coming weekend!