1. Turn on the phone.
2. Slide to unlock.
3. Press Emergency Call.
4. Enter a very long phone number.
5. Press and hold down the Power button.
6. Wait for one second.
7. Press the Call button.
8. The phone will show the “Slide to power off” screen.
9. Release the Power button.
10. Press Cancel.
11. Double press the Home button.
12. Press the Phone icon.
13. Make calls.

What the flaw allows:

As you can see in the video above, a Smart Cover can essentially unlock an iPad 2. The person who unlocks your iPad 2 will not have complete access to your iPad, but will be able to gain entrance to whatever you locked your iPad 2 on. If your iPad 2 went to sleep in Mail, Safari, Messages, Contacts, or Maps, you can imagine the sorts of personal information that can be viewed on your iPad. If you left your iPad 2 on its Home screen, the person can view which applications you have on your device, control media from the multitasking bar, but not much else.

How to re-create it:

1) Lock a password protected iPad 2

2) Hold down power button until iPad 2 reaches turn off slider

3) Close Smart Cover

4) Open Smart Cover

5) Click cancel on the bottom of the screen

(src:9to5mac.com)

SEAGATE -> “Seagate” +25 spaces

MAXTOR
series N40P -> “Maxtor INIT SECURITY TEST STEP ” +1 or +2 spaces
series N40P -> “Maxtor INIT SECURITY TEST STEP F”
series 541DX -> “Maxtor” +24 spaces
series Athena (D541X model 2B) and diamondmax80 -> “Maxtor”

WESTERN DIGITAL -> “WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCWD”

FUJITSU -> 32 spaces

SAMSUNG -> “ttttttttttttttttttttttttttttttttt” (32 times t)

IBM
series DTTA -> “CED79IJUFNATIT” +18 spaces
series DJNA -> “VON89IJUFSUNAJ” +18 spaces
series DPTA -> “VON89IJUFSUNAJ” +18 spaces
series DTLA -> “RAM00IJUFOTSELET” +16 spaces
series DADA-26480 (6,4gb) -> “BEF89IJUF__AIDACA” +15 spaces

HITACHI series DK23AA, DK23BA and DK23CA -> 32 spaces

TOSHIBA -> 32 spaces

For xbox hdds try “XBOXSCENE” or “TEAMASSEMBLY” too

There is also some software available to reset the password called MHDD, another suggested program is ATAPWD. A Commercial tool from HDDLock claims to unlock drives and prices vary with drive size.

The latest version of OS X Lion allows any user to easily change the password of any local account, due to permissions oversights on Apple’s part. The news comes less than a month after another Lion vulnerability that let users bypass LDAP without a password gained notoriety.

Originally reported by Defence in Depth blogger Patrick Dunstan, the root of the newly discovered problem in Mac OS X 10.7 is tied to the user-specific shadow files used in modern OS X platforms. These files are essentially hash databases and contain, among other things, the user’s encrypted passwords. Ideally, they should be accessible only via high-privilege accounts.

According to Dunstan, Apple dropped the ball in terms of how Lion handles privilege. “Whilst non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data,” Dunstan wrote. “This is accomplished by extracting the data straight from Directory Services.” Any user can accomplish this trick by simply invoking the directory services listing using the /Search/ path — for example, $ dscl localhost -read /Search/Users/bob (where “bob” is the username). This causes Lion OS X to spew out the contents of Bob’s shadow hash file, including data that can be used to crack Bob’s password with a simple script, such as a Python script written by Dunstan.

Source: Info World

Here’s an example project we made for a Windows7 box that adds a new Admin user to the system and hides that user from the logon screen. the whole process takes about 16 seconds , with most of the time taken by the device being detected as a keyboard and the driver installed. The device costs about $20 and can be found here

When your iPhone is locked with a passcode tap Emergency Call, then enter a non-emergency number such as ###. Next tap the call button and immediately hit the lock button. It should open up the Phone app where you can see all your contacts, call any number, etc.

A very similar security flaw discovered on the iPhone that we blogged about in 2008 that allowed people to easily bypass the lock screen to access mail, contacts and bookmarks. Apple later acknowledged the bug and issued a software update patching the issue.

An Apple spokeswoman’s response regarding the security flaw:
“We’re aware of this issue and we will deliver a fix to customers as part of the iOS 4.2 software update in November.”

Please note that resetting the password from an account other than the corresponding user account always means that the user loses the credentials stored in the Windows Vault, stored Internet Explorer passwords, and files that you encrypted with the Encrypting File System (EFS). Of course, if you have a backup of these credentials, you can restore them; likewise, if you have exported the private EFS key, you can import it again after you have reset the password.

Like with all other solutions that allow you to reset the Windows password without having an account on the corresponding computer, you have to boot from a second operating system and access the Windows installation while it is offline.

You can do this with a bootable Windows PE USB stick or by using Windows RE. You can start Windows RE by booting the Windows Vista or Windows 7 setup DVD and then selecting “Repair” instead of “Install Windows.”

By the way, you can’t use the Windows XP boot CD for this purpose because its Recovery Console will ask for a password for the offline installation. However, you can use a Vista or Windows 7 DVD to reset a forgotten Windows administrator password on Windows XP.

This works because Windows RE, which is based on Vista or Windows 7, will let you launch a command prompt with access to an offline installation without requiring a password.

To reset a forgotten administrator password, follow these steps:

1. Boot from Windows PE or Windows RE and access the command prompt.
2. Find the drive letter of the partition where Windows is installed. In Vista and Windows XP, it is usually C:, in Windows 7, it is D: in most cases because the first partition contains Startup Repair. To find the drive letter, type C: (or D:, respectively) and search for the Windows folder. Note that Windows PE (RE) usually resides on X:.
3. Type the following command (replace “c:” with the correct drive letter if Windows is not located on C:):
   copy c:\windows\system32\sethc.exe c:\
   This creates a copy of sethc.exe to restore later.
4. Type this command to replace sethc.exe with cmd.exe:
   copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
5. Reboot your computer and start the Windows installation where you forgot the administrator password.
6. After you see the logon screen, press the SHIFT key five times.
7. You should see a command prompt where you can enter the following command to reset the Windows password (see screenshot above):
   net user you_user_name new_password
   If you don’t know your user name, just type net user to list the available user names.
8. You can now log on with the new password.

I recommend that you replace sethc.exe with the copy you stored in the root folder of your system drive in step 3. For this, you have to boot up again with Windows PE or RE because you can’t replace system files while the Windows installation is online.

Via: 4sysops.com

It also has a bunch of new bug fixes/updates.

1. - Added 64-bit environment support
2. - Added USB support tools (grldr, klmemusb)
3. - Added debugging code to make it easier to track down various compatibility problems
4. - Fixed bug in Windows 7 support failures
5. - Removed Linux support
6. - Many performance improvements to source code
7. - Improved BIOS support by reducing code size significantly

Unfortunately it is no longer free. But for a meager price of $15.99 for a personal license, it gives you free updates and support for a period of 6 months. You can still use it without restrictions after that period.
They also offer a commercial license, for $75.99 with 1 year of support and updates, allowing you to use on business environment.
To purchase Kon Boot v1. 1,visit their website http://www.kryptoslogic.com

We are also giving away 10 personal licenses this week to some lucky readers!!! More details to come!!!