Clear iSpot gets easy web-based 'jailbreak'

For hackers, Clear must have known that its iSpot mobile hotspot would be hard to resist -- $100 for the device contract-free plus unlimited WiMAX for $25 a month is a pretty insane deal, after all, and the only catch is that they try to lock non-iOS devices out of the action. Indeed, it took mere hours for unlocks to start coming out of the woodwork, but now it's easier than ever: the developer of one of the original iSpot hacks has circled back to create a new unlock that requires nothing more than a couple link clicks while you're on a machine connected to the hotspot. How is that possible? Turns out there's a vulnerability that makes it possible to execute arbitrary commands on the iSpot through web code, and Clear hasn't yet updated the firmware to patch it. On that note, the developer tells us that there are actually some iPads that aren't able to connect to the iSpot without the hack, ostensibly because Apple is using some MAC addresses that the iSpot's current firmware isn't expecting -- so ironically, you might need this "jailbreak" just to use the thing the way Clear intended. As always with these sorts of things, proceed with caution -- we don't have an iSpot lying around to try this ourselves, so let us know how it goes.

Clear iSpot gets easy web-based 'jailbreak' originally appeared on Engadget on Mon, 13 Dec 2010 13:46:00 EDT. Please see our terms for use of feeds.

Permalink   |  iSpot Unrestricted, seclists.org  | Email this | Comments