Nokia has been handing out the N900 for selective "artsy" uses lately through its "Push" program, and the folks at Tinker it now! sure seem to have put their model to good use. They've paired the device with all matter of nostalgia, including a Rolodex, FM radio and a 3D Viewmaster. Our favorite by far, however, is the Speak & Spell hack, which puts the gargantuan Speak & Spell keyboard to good use in penning text messages for the N900 -- which displays them in the classic font and even articulates your words with a speech synthesis engine. It's all a testament to the flexibility of Linux, hacker ingenuity and of course liberal application of Arduino, but it's also a little advertorial-ey, so you might want to leave your gag reflex at home for this one.

[Via Nokia Conversations]

According to Dieter over at PreCentral, real, honest-to-goodness usable apps are starting to "trickle out" for the Pre / webOS. Apparently utilizing a loophole in the operating system which allows unsigned apps to be sideloaded through email, homebrewers have taken to the interwebs with small utilities like the tip calculator (pictured above). This comes just a day after a group of DIY'ers figured out a workable solution for getting software onto the phone without rooting, so obviously Pre hacking is moving along at a healthy clip. These are -- of course -- very early applications, so don't expect perfection, and there seems to be some concern that Palm might want to patch up this hole, as it leaves the phone vulnerable to less altruistic endeavors. While the latter point is reasonable to consider, we do have a piece of advice for the folks at the front of this movement: don't wait and worry on how Palm will react to this stuff. It's important to push platforms like webOS, and the Pre needs all the love it can get on the development side right now.

Read - Right now: Install a Homebrew App without Hacking
Read - Homebrew Apps Tricking Out, but be careful

That iPhone OS 3.0 jailbreak we saw the iPhone Dev-Team pull off earlier this week? It's out now, or at least, part of it is. Pwnage Tool is now flooding torrents, but there's lots of caveats here. Most importantly, this isn't Ultrasn0w, which means if you're wanting to use your toy on T-Mobile or another unofficial carrier, be patient -- it's also worth noting that the jailbreak doesn't jibe with yellowsn0w, so those who rely on it should stay away for the time being. No compatibility with the 3G S, or at least, it probably hasn't been tested... we wouldn't recommend anyone setting the precedent here. You'll need Mac OS X to run it, with QuickPwn for Mac and Windows coming further down the line. Ultrasn0w is also due out at some indeterminate future, so that all said, if you're just needing right now a jailbroken device with spotlight functionality, hit up the read link for all the pertinent details. It should goes without saying, but they're might a few negative side effects to it, and one of the big ones we heard is that YouTube might be fubar'd at the moment.

Read - trois, drei, три, három! (Pwnage Tool released)
Read - No YouTube On Jailbroken iPhone 3.0?

Well, that was fast. Just a couple hours after we noted Palm warning against hacking webOS to allow data tethering on the Pre, the first set of instructions has popped up. It's not the cleanest hack we've ever seen -- you need to root your phone, enable SSH, and then configure your browser to run through a SOCKS proxy -- but it'll certainly get the job done in a pinch. Just don't go crazy, alright? We've got a feeling Sprint's watching Pre accounts with an eagle eye.

We've seen a tremendous explosion in the webOS hacking scene ever since the Pre's firmware image leaked out -- between the easily-accessible restore more, Linux foundations and the directly-accessible HTML / CSS / Javascript application code, we've already seen everything from minor tweaks to full on NES emulation to Sprint activation hacks. In short, things are wide open at the moment, and people (including us) are excited by the possibilities -- but that doesn't mean Palm has to play along. In fact, two recent developments have us worried for the future of this happy little scene -- first, Palm's apparently forbidding the Pre Dev Wiki from posting any information about data tethering during the Sprint exclusivity period, and apparently threatening to have the site shut down if it happens:

We have been politely cautioned by Palm that any discussion of tethering during the Sprint exclusivity period (and perhaps beyond-we don't know yet) will probably cause Sprint to complain to Palm, and if that happened then Palm would be forced to react against the people running the IRC channel and this wiki.

Yeah, that's pretty aggro for a company that needs to court all the developer support it can. We're not sure what'll happen after Sprint's exclusivity runs out, but we can't imagine any other carriers are going to be thrilled about hacked tethering options either, so we'd say Palm's going to keep the pressure on until unlocked GSM webOS devices hit the scene -- and we can almost guarantee that tethering hacks are going to make it into the wild regardless of Palm's actions.

Even worse for hackers, Palm's taking an unusually aggressive approach to webOS system updates -- they're mandatory. According to the support docs, webOS updates are automatically downloaded in the background within two days of being available, and they're required to be installed within a week of the download -- after seven days and four install prompts, the phone will give you a ten-minute countdown and then automatically begin installing the update. Sure, we can understand why Palm would want all of its devices to be updated, and we know that a lot of webOS system foundations are in flux while the Mojo SDK is being finalized, but forced updates seem extremely heavy-handed to us -- it's one thing to try and maintain control over a platform, it's another to keep it with an iron fist. Of course, it's probable that we'll see a hack to bypass all of this extremely soon, so maybe it'll all work itself out, but we'd really like to see Palm develop an official policy friendly towards hacking and homebrew and stick to it -- the Pre and webOS have attracted a lot of talent in the past two weeks, and it'd be a shame to lose it.

[Via PreThinking; thanks, Justin]

Read - Pre Dev Wiki tethering policy
Read - Palm webOS updates support doc

Callers, your worst nightmare is coming true... maybe. According to a report, a group of hackers at the Black Hat conference in Washington D.C. claim that they're able to hack GSM calls with equipment costing about $1,000. If you believe the team (and we're inclined to at least have a listen), they can decrypt GSM phone conversations and text messages on a network using inexpensive tools called field programmable gate arrays. Until now, the cost of the technology required to hack GSM transmissions has been prohibitively expensive for all but your government and large-scale snooping operations, but that's beginning to change. Not only can this technique allow access to calls, but some of the tech demonstrated at the conference might also enable a user to pinpoint a phone's distance from the surveillance hardware, and find out what type of device is being used. There was no mention of CDMA hacking, so you might want to move over to Sprint for all your seedy activities. Er, we mean stay on Sprint.

We're not really certain why anyone's surprised by the iPhone libtiff exploit at this point -- it's the entire basis of the 1.1.1 jailbreak, after all -- but apparently Fast Company didn't get the memo, because it just posted up this video of "self-employed security consultant" Rik Farrow using the 'sploit to surreptitiously install a voice recorder on an unpatched 1.1.1 iPhone. That would have been huge news when the iPhone first came out, obviously (and look at that -- it was) but FC and Rik are a little late, here: the libtiff exploit has already been patched, first by the Jailbreakme 1.1.1 web-jailbreak and then by Apple in the 1.1.2 update. There's no doubt that it's a serious vulnerability -- and Rik's confidently paranoid tone in this video makes it a must-watch -- but it's funny to see people get all worked up over a patched security hole hackers have been exploiting on a variety of devices for some time now.

For all you fanatics on the edge of your seat over the iPhone v1.1.1 hacking situation, there's some good news on the horizon. According to Erica Sadun -- one of the soldiers heading up the fight to break Apple's stranglehold -- the iPhone / iPod touch dev team have indeed managed to Jailbreak the new update. Apparently, the general-use tool hasn't made a showing yet, but baby steps have been taken, and the goods are sure to follow. So what can you expect? Third party apps are working, but will probably need to be recompiled due to the new frameworks, Springboard won't recognize DisplayOrder.plist (included apps now seem to be hard-coded into the Springboard app), you can activate the phone with third-party workarounds, and the Mobile Terminal and BSD suite work, as well as ARM-compiled command-line utilities. Of very interesting note: Erica says that the new firmware references both Nike and a radio, and that the devs are taking up a fund to buy a cake and deliver it to Apple, courtesy of "the Crazy Ones." She says the Jailbreak isn't "ready for prime time," and based on this info we tend to agree, but if you really want the full scoop, truck over to TUAW and check out the info for yourself.

In 2005, Greek authorities discovered a plot hatched and executed by unknown sources which allowed the tapping of wireless phones on the Vodafone network belonging to the country's Prime Minister and other top officials, making it one of the furthest reaching covert infiltrations of a government in history. A recent report from IEEE Spectrum shows that the tap was made possible by a 6,500 line piece of code called a rootkit, the first-ever to be embedded in a phone switch's OS. The complex hack took advantage of aging phone systems by disabling transaction logs on calls and allowing call monitoring on four switches within the teleco's computers, thus sending the call to another phone for monitoring (similar to a legal wiretap). The spies covered their tracks by creating patches on the system which routed the calls around logging software which would have alerted admins, and were only discovered when they tried to update their software. The case clearly exposes holes in call security amongst providers (due largely in part to outdated systems), and suggests the possibility that this kind of thing could easily happen again... to you!

[Via textually]

To no one's surprise, hackers have been hard at work on the iPhone since day one, and it looks like they're already turning up a few vulnerabilities. As The Register reports, the folks at Errata Security seem to have been the most successful to date, finding not one, but two "bugs" with the phone. The first is apparently similar to one of the bugs recently found in the Windows version of Safari which, in this case, allows someone so inclined to take control of the browser and run applications by causing a buffer overflow. The second, somewhat simpler flaw Errata discovered is that the device can apparently be easily locked up when exposed to a so-called Bluetooth "fuzzer." Despite that, the Errata folks say that they think the iPhone "is inherently more secure than competing smartphones," largely due to its dependence on iTunes and its ability to push out security updates faster than carriers are able to. As The Register points out, some intrepid "researchers" also recently discovered the passwords required to give an application root access although, as of yet, no one's actually found anything useful to do with them.

[Thanks, Jags]

Hot on the heels of DrewTech's Linux-powered DashDAQ is FIC's own piece of Linux-based hawtness, the FIC-GTA001 mobile. While the company is already familiar in the world of CDMA, this marks the firm's first endeavor into the realm of GSM smartphones. Sporting a 2.8-inch 640 x 480 resolution touchscreen with "multi-touch gesture recognition," GPS capabilities, dedicated "emergency paging button," and an "iPod-quality MP3 player," the svelte cellphone is primed for homebrew apps thanks to the inclusion of the SDK right in the box. FIC is hoping that adopters will participate in developer communities to craft new and improved applications for the limitless device, and even hopes to enable wireless uploads / downloads of completed files. The device is powered by a Samsung S3C2410 ARM9-based processor, 128MB of internal RAM, and 64MB of flash memory, but unfortunately there's no scheduled release date or expected price for the open-source (and delightfully styled) handset.