Sniffing bluetooth traffic - Networking

I want to search around me for ppl with bluetooth phones or PDA's. Is there any good program for that? It should work with pocket pc 2003.
Have a nive day.

Let's see:
1) First post
2) Looking for sniffer software to detect people using bluetooth around you.
I'm thinking you're in the wrong place unless you can come up with a good reason to want to do this.
db

blutooth sniffing / packet insertion / snarfing.
Bluesnarf will compile and run if used with the litmus toolkit..

bluesnarf
cool, but where do u get the prog from?

mate,
try this out; app is called "meeting point". i copied and pasted the details from the web; as seen below:
===================================
Description:
This application is designed to search for -and to communicate with- other instances of itself running on other devices using Bluetooth.
When two or more MeetingPoints are within Bluetooth working distance, they will automatically exchange messages.
Meeting somebody for the first time and worried if you could identify the right person?
Need to meet a client on airport, bar, or another crowded place?
Just "tune" the same channel and it will fire an audible alarm when both meeting parties are close enough.
Do you want to exchange messages with anybody on working range? Just select the PUBLIC broadcast channel.
MeetingPoint works on many Operating Systems / platforms, such as PalmOS, Windows Mobile 2003, Windows 9x/NT/2000/XP and smartphones Symbian Series 60.
Every time a Bluetooth device is found, MeetingPoint communicates with it and attempts to perform a handshake. If the contacted device is also running MeetingPoint, and is "tuned" in the same channel, they will exchange messages and its users will hear an alarm notifying of the arrival of a new message.
MeetingPoint uses Bricenter's FDE (Fast Discovery Engine). FDE algorithm is based on statistical probabilities, and works well in the real world.
In a real situation, devices launch MeetingPoint at a random time and far away from the actual meeting place. When they enter the "meeting zone", their Bluetooth states are "shuffled" enough and, according to statistical probabilities, the "contact time" should be minimal. This is a critical feature designed specially for cases were people are moving.
MeetingPoint will redefine "bluetoothing" to a new level.
===================
cheers
robson

bluesnarf
ok thats cool, but what about the forced entry abilities that 'snarf claims to have? i think the only way to protect myself from it is to understand how it works.
Smiley

Re: bluesnarf
smiley_thing69 said:
i think the only way to protect myself from it is to understand how it works.
Click to expand...
Click to collapse
How about turning off Bluetooth?! :lol:
No, seriously..
I don't consider bluesnarfing and bluejacking such a big deal, but it would be fun to try it..
Lemme know it you find "bluesnarf1.0_ARM.cab" or something..

Related

FIREWALL, do we need one? howgood is standerd securty?

Hi Guys
Is there a good firewall that we can use with the universal? Do we really need one?
when i browse the web on my Exec i use it over wifi so is that safe, (my home is protected BUT what about the free HOTSPOTS in the city centre <I trust star bucks with my coffee-do I trust them with my internet security?
Would any of you guys use your PDA's webpage to buy something from a website (ebay) or even online banking?
Im not to fused about someone hacking my PDA through my wifi/internet connection, come on the way I look at it, if some one is that good Im sure they have better things to hack then mine! lol
Im more concerned about if I am going to log onto ebay's webpage how secure is my information while its being sent from My PDA browser to there server?
IL appreciate everyone’s thoughts on this!
YES VIJAY that includes you as well,
GUYS KEEP YOUR REPLIES IN RELATION TO THIS THREAD, if you want to talk about your aunty janes cats dogs friends sisters leg, start another thread!)
You don't need one.
Ward said:
You don't need one.
Click to expand...
Click to collapse
could you explain why, please?
@ WARD
why dont we need one? because you say so? lol
come on mate you can not give a one sentence reply and walk away from this, do you know how long it has taken me to write the post?
unless you a allsinging alldancing knowit all---------, well even if you are, give a better reply then "you dont need one"
or dont post at all.
you dont need one
You don't need a firewall now, because:
a) No tools for the PPC are really available at the moment, and
b) What exactly are they going to do when they hack in?
c) More importantly, you won't FIND any firewalls for Windows Mobile.
But as to the question of how safe is the information being sent to eBay; well, Pocket IE (Internet Explorer Mobile) is based off IE 5 and 6, with the same security levels. So if you access something with that little lock icon on, you're pretty secure.
If not, you're taking the same risk as normal browsing.
OK guys come on give better answers then "you dont need one"
we are not all mind readers,
:?:
breakit down, whywe dont need one?
how safe is your data when its sent from your device?
try to read my intial thread and reply to the points in there,
I am sure that you are not naive to think we dont need one because our networks tell its its safe or because microsoft does,
How many times has microsoft security been compermised?
Networks- remmber t-mobile? when there servers where being hacked (one good thing that came out of that was pairs hiltons EMAILS! along with the secrect service but with parisss its was more of like many online service providers, T-Mobile.com requires users to answer a "secret question" if they forget their passwords. For Hilton's account, the secret question was "What is your favorite pet's name?" By correctly providing the answer, any internet user could change Hilton's password and freely access her account. and her pet dog name is!!! Chihuahua
http://www.theregister.co.uk/2005/01/12/hacker_penetrates_t-mobile/ )
@ snorbaard
thanks dude
N2h, you're being rather rude, so I would have expected a lot more "you don't need one" replies by now just to spite you. I'll answer your question first, and then detail why I believe you're being rather rude.
--
What you're asking about isn't really a firewall. A firewall is used to prevent certain communications either coming into a machine, or going out of it. E.g. a firewall could be placed on outbound port 80 to prevent users from browsing 99% of the web, or a firewall can and should be placed on inbound port 139 to stop some older netbios 'attacks'.
What you're really asking about is whether the communication you do via your PocketPC - over wifi - is 'secure' in that others can't access your information. The answer to that isn't a simple yes/no - it will depend on a few things.
The first thing to make sure as that the access point you're using has WEP (Wireless Encryption Protocol) enabled. The bigger the key, the better. This will mean that 'over the air', your information will be encrypted. Anybody who would 'snoop' that information from the air will need a LOT of data, and a reasonably fast machine, to get the WEP key.
The next thing to make sure is that if the information you're sending is rather sensitive, that you send this information to a site which is using SSL. SSL encrypts your data on your PocketPC itself, all the way through the WiFi router/access point, over the internet, bouncing off of satellites - whatever, until it reaches the destination website where the data is decrypted again. The odds of anybody cracking that signal are *very* slim. It can be done, but it takes ages and ages on multiple computers for even the simplest of SSL encryptions. The 'dumb' way to check whether the site uses SSL is to see if the URL starts with "https". The 'proper' way is to check if the padlock icon is 'locked' in PIE (left of the address bar).
The third thing, if you're using e-mail, is to use an e-mail encryption application, such as PGP. I'm not aware if any exist for PocketPC, but I'm sure they do. These basically encrypt your message in a way that it can still be sent by plain e-mail. The recipient then decrypts the message again on their end. Based on the encryption method used and the length of the message, it would take quantum computers to decrypt it to anything meaningful.
--
For those wondering whether you do indeed need a Firewall - no, you don't. You may wish to look into some basic BlueTooth protection if you leave that on a lot, but other than that there are no real intrusion points for a PocketPC that you'd have to be worried about.
Microsoft may turn the PocketPC into some ueberplatform in the future which would make it more vulnerable, or maybe they learned their lesson and they'll keep things fairly secure - who knows.
--
Now then.. as to why you're being rude...
First.. your post - what's with the bold blue text? Do you think it would get people's attention easier? Just makes it more difficult to read.
Second... you address a specific person, vijay555 - who is a very busy person. But even if he wasn't, it's a bit presumptious of you that 1. he would be reading this, 2. he would be interested in replying at all.
Third... you presume that people would go off-topic, in your original post (in large red type, at that). Why not have a bit more faith in fellow man and see what replies roll in, first? Then if people go off-topic, point it out and ask that they try and address the issue you raised in your post.
Fourth... when somebody does answer your post, even if it is a rather short reply, you tell them to either post a better reply, or not reply at all. Don't be surprised if many people will interpret this in a way that will make them not want to reply to any of your posts at all.
--
Edit: and such is the cost of typing long replies - other people reply before you
zeboxxxxxxxxxxxxxx lol
thatsmade me laugh :lol:
thanks mate
FROM ZEBOX (sorryabout the caps hope i dont hurt anyones feeling)
Now then.. as to why you're being rude...
First.. your post - what's with the bold blue text? Do you think it would get people's attention easier? Just makes it more difficult to read.
dude I LIKE USING COLOURS lol
Second... you address a specific person, vijay555 - who is a very busy person. But even if he wasn't, it's a bit presumptious of you that 1. he
would be reading this, 2. he would be interested in replying at all.
tust me he gets around!
Third... you presume that people would go off-topic, in your original post (in large red type, at that). Why not have a bit more faith in fellow man and see what replies roll in, first? Then if people go off-topic, point it out and ask that they try and address the issue you raised in your post.
Fourth... when somebody does answer your post, even if it is a rather short reply, you tell them to either post a better reply, or not reply at all. Don't be surprised if many people will interpret this in a way that will make them not want to reply to any of your posts at all.
all in one, the amount of threads iv read where the converstion has gone off topic----------- so had to make that clear,
andbeing honest Im having a lugh so i dont want anyone to take it personaly if Imake a checky comment,
and zeboxx this ones just for you
You still don't need a firewall for your Pocket PC.
A firewall in the sense I understand it is a filtering application which brackets network access: rejecting unsolicited packet, applying appication based rules and optionally, performing some filtering on incoming content.
You don't need one, because: there is very little need to restrict application access to the network - malicious apps exist, but its so difficult for them to gain a foothold on your PPC without you knowing about it. So on a clean PPC, a firewall does nothing useful. Dropping unsolitcited packets is nice, but your PPC is mobile - not always connected and therefore of extremely low risk of network intrusion - AFAIK, I've never even heard of a case.
Save your money and CPU and carry on. P.S. PPC AntiViruses are similarly useless, don't listen to PR hype.
@@ ward
Ward thanks for that between you and snorbaard my questionshave been answerd
regarding firewalls and website security!
thanks dude
ward, zeobox Suggested that i was rude to you andmay have hurt your feeling , well my apologies hope we can b friends :lol: lol
cheers bud
RE
Quote
"c) More importantly, you won't FIND any firewalls for Windows Mobile."
AIRSCANNER has one, however, its not currently for WM5 yet
Here:-
http://airscanner.com/downloads/firewall/firewall.html
Keep a close watch on AIRSCANNER for the WM5 version though
RE
ZeBoxx
How to protect your PPC when you're surfing at free hotspots?
I believe that the response should be "You don't need a firewall for your WM5 device - yet."
It's very possible that there are vulnerabilities present in WM5 O/S that simply have not been found yet. There may even be vulnerabilities in WM5 that allow people to reset your device remotely, edit and remove information, etc.
Why would there be vulnerabilities in WM5?
Firstly, its made by Microsoft, and Microsoft has a very bad track record when it comes to this type of thing. Secondly, even if all preventions towards vulnerabilities were taken by Microsoft, it's always possible for one smart hacker to link together something that nobody has ever thought about before. Basically, vulnerabilities are always possible.
If there are vulnerabilities in WM5, why havent I heard about it yet?
Currently the number of devices running WM5 are very small. Theyr also very new, and thus hackers havent really begun to try. It only takes one good enough hacker to do it, though.
Therefore I don't think ruling out firewalls as being irrelevant to WM5 devices is the right way to go about it. Currently, theyr not needed, but who knows? In a months time we might all be scrambling for a firewall as some worm runs riot deleting our files..
It would probably be nice to have a firewall available, anyway. 8)
Just thought I would post to point out that when you go online using GPRS most service providers give you a NAT connection which is in practice the same as a firewall. No incoming connections are allowed, you don't have a public IP address.
This is largly because if you had a public IP all the viruses on the net looking for unsecure Windows machines would flood out your GPRS connection and use up all your credit without you doing anything.
chinnybob said:
Just thought I would post to point out that when you go online using GPRS most service providers give you a NAT connection
Click to expand...
Click to collapse
Very true - also, nearly all wireless hotspots will do the same thing, generally decreasing the amount of potential hackers to only other users sharing the same hotspot.
If your device ever gets hacked while using a hotspot, look around for the guy with the laptop trying to look the other way. :twisted:
As I understand it, there's built in facilities for port redirection and monitoring in Windows Mobile already. Whether or not you'd wish to use it for anything is down to a coder.
As everyone is saying, there are two distinct issues I see here:
1. Are your communications secure between PDA and Server?
2. Is your PDA secure to external intrusions?
Question 1 is addressed above. Use appropriate good sense, keep an eye out for SSL and https and always be weary of transmitting anything sensitive over an open channel. Would I use my PDA to buy something over the net? Probably not - I barely trust my PC browser (and I wrote and secured it myself), and although there's little reason to trust PIE less, that's not a high state of confidence. I always half expect to get cheated/identity theft-ed over the net. But use good common sense, reliable traders and be weary of all open connections that you don't control.
Question 2.
Intrusions. Again, as everyone is saying - as of now, there's not an enormous amount of damage that could be done to your PDA even if someone could stomp all over it without your knowledge. Worst case, you need to hard reset, and someone steals all your personal info.
However, there aren't many well known exploits that you need to worry about. But, that probably means that there are exploits known to those who would be interested in you.
However, since you're wifi roaming, it's likely your IP is dynamic. Somebody would have to have an idea of where you are and be particularly interested in finding you on the net to track you down. (although that's easy enough to do if they know your habits. Server logs give a wealth of info for free! I can see many visitors to my website directly from warez sites. If I wanted to backtrace to an ISP, a server or a user, the info is there in front of me)
So, someone can find you on the net. They then need to identify you as using a PDA they can exploit. They have to know exploits. They can then get access to your system. What's the worst that can happen? As everyone says, be weary of carrying very sensitive info on you phone, at least unencrypted. They're small things prone to theft and loss. If you would worry if it was stolen from your hand, don't put it on there, or encrypt it. Doubley so if you're using public wifi.
There are exploits to take advantage of your system. I'm working on stuff that could easily be classified as a trojan, and there is live code, years old, demonstrating the techniques.
Best advice: be careful. Your PDA is naked compared to your PC (which is firewalled, anti virused, and anti-spyed already. right?) Just because no one is interested in looking at your PDA's undies, doesn't mean you should flash them around. Use good sense on all public networks. However, given the hardware limitations of our PDAs, I'm inclined to say, better to leave it unprotected but not at risk (ie not carry highly sensitive info), then have CPU intensive protection that's counterproductive and unlikely to be needed most of the time.
Others would have different priorities. You have to judge what you have at stake.
V
VIJAY thanks for the reply your thoughts are allways much appericated.
when you say you have secured your own browser is it a programme that's available on your site or a 1of thing that you did? someone else advised me that netfront 3.3 (or what ever the latest version is) is more secure then ie any thoughts on that.
thanks
N2h
p.s zeooooooobox guess ur sorry ass was wrong after all.
N2h said:
VIJAY thanks for the reply your thoughts are allways much appericated.
when you say you have secured your own browser is it a programme that's available on your site or a 1of thing that you did? someone else advised me that netfront 3.3 (or what ever the latest version is) is more secure then ie any thoughts on that.
thanks
N2h
Click to expand...
Click to collapse
He said quite specifically his PC browser. (i.e. not a browser on his phone)
As someone said earlier, just make sure the little padlock is there. SSL encryption is good enough for most things.

ActiveNotQuiteSync Doing My Head in

>>>
Yo!
Saw the other thread where the other guy initially could and then lost the ability to ActiveSync to his PC - exactly the same has happened to me.
http://forum.xda-developers.com/viewtopic.php?t=42520
Here is what I tried and it worked:
* Connect Pocket PC
* Go to Network Connections and Find the Local Area Network Connection for the Pocket PC
* Properties
* Make sure TCPIP is selected
Click to expand...
Click to collapse
"Find the Local Area Network Connection for the Pocket PC" - NOPE!! no matter how many icons & tabs etc I tap, i simply CANNOT find this!
What I get on my PC is:
USB Device not recognised: Q: Is there a USB driver I need to install & if so where can I get it from (via the internet).
What I get on my Uni (eventually) is:
Pocket PC Networking
Unable to obtain a server-assinged
IP address. Try again later or
enter an IP address in Network Settings
Click to expand...
Click to collapse
Server-assigned IP address??? You're kidding me right? I think I need some insight into what ActiveSync is actually doing here!
Yep, it's rant time boys & girls....
Now as an aside, is it just me but is something basically amiss with these things - Sync'ing to a PC SHOULD BE A BLOODY DODDLE- EASY - NO DICKING ABOUT, but hell no - infinite levels of crap to wade through encountering insane use of TLAs (yep, there you go, another one). God, why can't they K I S S ???? (and another one). What I mean is that I've been using PCs since day dot. I am an honours degree qualified electronics engineer - I desgin hardware & write real time embedded software systems, so if I am getting pi$$ed off with the damn thing, what chance has your average mug in the street??????? :shock:
Andy (currently rigging up a sturdy hessian rope with a noose in it)
PS
TLA = Three Letter Anacroynims (sp)
K I S S KEEP IT SIMPLE! STUPID.
Good-o, know one knows how to do this (what should be simple, but hell no) task.
Bloody great!
Can't sync to a PC, can't install any programs, utterly useless as a PPC device all down to some sh1te convoluted bollocks piece of software.
I can now measure time wasted in YEARs on similar, badly written software.
Andy
hey dude
take a few deep breaths and lets start at the beginning eh
this should be a simple straight forward process and suspect you have missed the simple bit and launched straight into complex related issues, I suspect that it relates to the using of a USB Hub.
so lets "KISS" ehm, slight cough, blush
1. Dont use a USB hub
2. Delete all partnerships that you have created on both the PC and the PPC
3. Ensure you are running XP SP2 on the PC
4. Ensure you are running ActiveSync 4.1
5. Reboot both the PC and soft reset PPC
6. Go into task manager on the PPC and ensure activesync didnt auto start on soft reset
7. Open outlook on the PC and ensure it is upto date and connected if you are running it with exchange
8. Plug the PPC via the Sync cable directly into the USB port on the PC (not a hub)
9. Wizard should start, at this point, untick the box about exchange server
10. Following the wizard, deselect all options for synchronisation
(we can add some options later, but lets get to the basic partnership setup first)
Now then, those are the simple basic steps. What I would like to know before we get much further is:
1. What do you see? Did you get a wizard pop up to create the partnership?
2. Did you successfully create the partnership
3. Did it synchronise on the activesync screen
4. Did you get an error message on the PC? If so what is the description? If so, go to the PPC open up activesync on the PPC and tell me what the error code is, if any and details of last sync?
If you have successfully created your partnership and it says synchroniZed even though nothing is actually sync'd yet, we have a good start. You can now start installing programs before we sync any data.
I personally choose to extract the cab files that are used during the sync file and copy them to my SD card so I dont need an activesync connection to install.
The CAB files are normally located in \program files\microsoft activesync\ once you have run the setup program on the PC. Alternatively, they can be found in their own personal program directory. I have only ever found one situation that I couldnt find the cab file for. Now all of my source programs are on an SD card and can be reinstalled anytime, anywhere without my PC.
Eitherway, if this is now working, and you have your partnership, first sync something simple like your favourites, or files.
Once this happens, can you now choose just your contacts, then your calendar, then your tasks.
At this point, you can move one step further and decide whether you would like to use your outlook email to sync directly, or through a GPRS/WIFI facility directly to an exchange server.
Okidoki
Thats enough for now. Lets get back to the beginning and work through this simply.
Some other forums that may help....
Morphosin found solutions to his here:
http://forum.xda-developers.com/viewtopic.php?t=40646&highlight=
and some more
http://forum.xda-developers.com/viewtopic.php?t=42540&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=37039&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=24184&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=42088&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=40900&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=39259&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=38453&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=35449&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=34598&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=31478&highlight=85010014
http://forum.xda-developers.com/viewtopic.php?t=27636&highlight=85010014
as is obvious, you are not the only one. So some deep breaths, tell me what is going on, try to follow the above, read up on issues faced by others and see if they can assist, then let me know how you go and we can start to trouble shoot. I assure you it will be simple, and even if I cant help, each time we communicate this discussion will bounce to the top again and people far more knowledge that us will but in say, hey morons, click here and its done... and all will go away.
Cheeers
@simon_darley thank you very much that was very helpful (btw, no hubs to speak of).
Story so far.
Let me get this off my chest first...
OH MY GOOOOOOOOOOOOOOOOOOOOOD!
How friggin COMPLICATED can something get???? 2 days of searching, reading, installing, uninstalling, falling down holes & climbing out again, faffing & frigging about. All of it needlessly!
Bad buggy software - as a result, many hoops to jump through.
See these were my goals & I think I have it (almost) all sussed now:
1) Sync to PC via a physical USB cable - easy? - nope. ONLY reason to do this is for installation of software. (Sod that sync tasks bollocks, I couldn't give a toss). A little snipped from some dude (here) mentioned the fact that this was unnecessary & could be achived via copying CAB files onto SD media & then installing software on the PPC itself - GREAT :lol:
2) WiFi connection (at work) so I could browse the internet - why? Because it was there & I was interested to see if I could do it. 3 hours later I'm in - thankyou very much! :wink: Some arsehole programmer thought it would be a good idea to make the SSID (a 26 character HEX code), CASE SENSITIVE and relay the keystrokes back to the user as a series of sodding '*'s.... :evil: In the process I've had to learn all sorts of stuff about EAP, LEAP, WiFi LAN access point (Beacons), Wireless clients, The 802.11 standard & hence WEP (and dynamic WEP keys), SSID, EAP, LEAP, WPA TKIP & finally the fact that of all those listed, my PDA uses the adapter: "tiacxwln Compatable Wireless Ethernet": to use server-assigned IP addresses (i.e. use DHCP).
3) A nice simple BlueTooth connection to my PC so that I can browse the internet on my PDA while my wife does the same on the PC - This turned out to be a TWO DAY exercise: Let me list some problems.
Bug - Can't use the WinXP SP2 Bluetooth drivers.
Bug - Can't install the WIDCOMM drivers as they are not certified. (There is a workaround guide, but COME ON GUYS!!).
Bug - If you've pissed about with BlueTooth COM ports, WIDCOMM can't 'go back' as it were to use the lower COM ports (COM9 & below), the assigned COM ports keep increasing. This would be fine if it were not for a ...
BUG - PDA BlueTooth can only use COM ports up to COM9 :twisted: :twisted: :twisted: :twisted:
ARRRRRRRRRRRGH
Hence: Had to uninstall WIDCOMM
Hence: Had to reinstall WinXP BlueTooth driver
Hence: could then (in a convoluted manner) 'recover' the com ports from COM9 and below.
Hence: Then had to uninstall the WinXP USB Driver
Hence: Then had to reinstall the WIDCOM drivers (and go through all that certification bollox again).
Hence: The PC Could then be set up to use a Serial Comms 'service' on a COM port assignment on a COM9 port or less!!!!
Hence: Then had to REBOOT
Hence: Then had to remove any partnerships
Hence: Then had to use a password OF MORE THAN 8 CHARACTERS - some guy mentioned It does allow you to enter less than 8 characters but doing so screws thing up. ARRRGH AGIAN :twisted:
Hence: New partnership on PPC
FINALLY A BLUETOOTH LINK to the PPC
More dicking about making my internet connection an available 'service' over Bluetooth'
FINALLY get to connect to the internet :lol: :lol: :lol:
But, hold on, the fat bird isn't singing yet, GPRS is now sticking it's nose in insisting it's the (expensive) path to the internet & keeps popping a nag up, regardless of the fact that I keep telling it to f-off!
Oh, and the damn thing seems to keep disconnecting every 5 mins. FOR THE LOVE OF GOD!!!!!!
ARRRRRRRRRRRRRRRGGGGGGHHHHHH
Anyway, getting there :wink:
Phew. Anyone who knows how to get rid of that poxy GPRS - 3G thing (yes I know its a medium so I guess I mean that useless boil on the arse of humanity called WAP) & also how to keep the damn thing connected - I think it's an Activesync issue....
Anyway, I'm now off to the top of my local bell tower with a fully loaded high-powered rifle with telescopic sights & 10,000 rounds of ammo, disguised as a postman.
Andy
hey andy
werent you the guy that got a nice cheap phone hacked the parts, put it back together, and now over the moon.... ?? thought it was you i read about, may be not.
Hmmmm gprs..... hmmmm fun aint it.
try this cab file..... it stops the auto detect and thus removes the "G" in the screen, I found it effective.
I think you can still connect it, but have to go through the manual process of going into connections, press and hold, select connect. otherwise it wont auto connect at all, it saved me heaps, and I never really used it at all. Otherwise, you can simply go in and delete the settings yourself when you like.
Re Activsync, you may find that it auto starts, and thus tries to start the gprs. this can be rectified by going to activesync on the PDA, create a server source, as fictitious entry. find the connection periods and set all to manual. Then delete the settings entirely. This should prevent activesync from autostarting, and more importantly kick starting GPRS.
oh well, think of it on the bright side, you are getting to use all tha education you paid a fortune for....
let me know how you go with activesync and gprs...
werent you the guy that got a nice cheap phone hacked the parts, put it back together, and now over the moon.... ?? thought it was you i read about, may be not.
Click to expand...
Click to collapse
Tha's me!
Hmmmm gprs..... hmmmm fun aint it.
Click to expand...
Click to collapse
And WiFi
And BlueTooth
And USB
And ActiveSync
And this qVGA thing (still amazed at that - "hey guys lets put a full 640x480 expensive top of the range VGA display on these things", followed by "hey guys lets NOT use the full display capabilites, let's piss everyone off and only actually design an OS that uses a QUARTER of it's capabilites and use 320x240?!?!?!?!" - my God in Heaven!!!!!!!!! :evil: )
try this cab file..... it stops the auto detect and thus removes the "G" in the screen, I found it effective.
Click to expand...
Click to collapse
Thank-you Thank-you Thank-you (again)
I think you can still connect it....
Click to expand...
Click to collapse
I think I can safely say that I will NEVER EVER connect to the internet using crappy WAP. Crap & expensive & slow & useless & what's the point?
oh well, think of it on the bright side, you are getting to use all tha education you paid a fortune for....
Click to expand...
Click to collapse
You cheeky little a-rab. :lol: Anyway I'm old enough to have missed tuition fees here in the UK, so my 4 years Honours Degree course was not paid for by yours truley :wink: Hell I even got a grant :wink: :wink:
Anyway I must say this, you have been more than helpful & understanding of my foul temper! You see my fault is that as an engineer (my wife is now rolling her eyes skyward), when I see things badly designed it just does my head in because it does not take much more effort to make things so much more better - it beggers belief sometimes and I have to wonder if they actually try using some of these God awful programs & drivers - like I may have already mentioned, how is your average guy in the street meant to cope????
Andy
underwurlde said:
And this qVGA thing (still amazed at that - "hey guys lets put a full 640x480 expensive top of the range VGA display on these things", followed by "hey guys lets NOT use the full display capabilites, let's piss everyone off and only actually design an OS that uses a QUARTER of it's capabilites and use 320x240?!?!?!?!" - my God in Heaven!!!!!!!!! :evil: )
Click to expand...
Click to collapse
Thats not strictly true...
it is running at 640x480, always!!!!
its the font sizes and dpi the applications run at that makes it look like qvga.
try the latest pocket breeze, full vga support, looks amazing.
Click to expand...
Click to collapse
my old mans an engineer (marine/mechanical).
i left home early....
he is a great guy from 15,000km away (he is in Perth, WA and I moved to Brisbane, QLD), same continent, just opposite sides of it. now we get along great
one advantage of the GPRS, quizz shows.... you can win the prize competitions by googling whilst in the show, and it doesnt look as obvious and it isnt WAP, it should be full internet access with googling ability.
if you get 3g on the correct plan its reasonably usable and also gives you TSC/RDP connections into your servers whilst on the road. note, beware the standard 3G is voice capable only at 128kbps, but it should be able to and can be requested to run at 384kbps.
either way, i dont really use it either, its simply to expensive. i just run wifi at home and works a treat.
it is running at 640x480, always!!!!
its the font sizes and dpi the applications run at that makes it look like qvga.
Click to expand...
Click to collapse
I think that was what I was trying to say... :roll: Anyway what's that pocket breeze thing then????? Link / file DEFINATELY needed!!!! :lol:
my old mans an engineer (marine/mechanical).
i left home early....
Click to expand...
Click to collapse
Probably because he spent most of his time shouting at his PC. (Just like what I've spent the entire weekend doing... Saying that I seem to be missing a daughter - and she's only 3 1/2... The other one is packing her suitcase - not bad for a 2 year old).
one advantage of the GPRS, quizz shows.... you can win the prize competitions by googling whilst in the show, and it doesnt look as obvious and it isnt WAP, it should be full internet access with googling ability.
Click to expand...
Click to collapse
Wierd. chaps here at work are intregued... Can you expand a little (I'm a bit slow at these things) & provide some site addresses please?
Thanks guys - now the dust is finally settling, things are getting (even) more interesting on this little Xda Exec..
Andy
re quizz shows, what i meant was things like quizz nights and business nights out when there are prizes and games such as "the most poisonous snake" or the longest river or biggest river etc etc
you can google this sort of information and get the right answer inside the show. it doesnt stand out as much when you are using a phone rather than a laptop or computer, but with fast internet access you can get the answer 99% of the time, in the time frame.
just dont get caught...
underwurlde
pocket breeze is a today plugin pim system,
i hardly ever use calendar, tasks, inbox, notes, etc thats to pocket breeze,
http://www.sbsh.net/products/pocketbreeze/
take a look and install the demo, it roxx, just get rid of the mail, calendar, tasks plugins from today and use this as an all in one, it hardly impacts performance with the right settings, eg, turn off expand/collapse, turn off the entry counters etc, with these little tweaks its nice and smooth.
reduce the font sizes down aswell, you get vga res text.
personally i think breeze is the best pim management system there is, i tried pocket informant but for impact it had.
lost again!
@simon_darley,
LOL...I get you now, sneaky git! :wink: Like it, my kind of scam.
Just another question...
The rar file you sent me, erm , now I've installed it now what? Is it a program (if so where is it hiding) or is it a reg hack?
Steep learning curve going on here!
Thanks again,
Andy
Andy
Re
FINALLY get to connect to the internet
But, hold on, the fat bird isn't singing yet, GPRS is now sticking it's nose in insisting it's the (expensive) path to the internet & keeps popping a nag up, regardless of the fact that I keep telling it to f-off!
Then
Just another question...
The rar file you sent me, erm , now I've installed it now what? Is it a program (if so where is it hiding) or is it a reg hack?
The rar file, is actually a cab file, and can simply be downloaded to your device, and click to run, it will auto install and from that point, not be removable. It was an "O2" release not an Imate release, but works on both.
I dont know what it is, I dont know how it works, but I do know that it stopped my JJ from auto connecting to the internet whenever i clicked or touched something that needed an internet address. It basically stops the device from detecting that the option is available, and thus if the system detects a need, it cant find the connection directly.
It basically set the system to have no internet connection, unless you manually open a connection, eg via WIFI, Bluetooth AS, or manually making the GPRS connection by going start > connections > connections and locating the connection, then press and hold to make the connection. It was so long and convoluted, that it never happened and i never connected using GPRS/3G unless i was desperate (like quizz shows ...
There are other reasons why it connects in the first place and somethings that you need to look at was why was it trying in the first place.
1. Activsync automatically starting as mentioned
2. Pressing the "Web" key on the keyboard, which auto starts PIE, which if you havent changed to \windows\default.thm rather than the default www.clubimate.com or other similar, then it would auto start the GPRS as it "detected" that GPRS was available.
3. MSN Messenger not closing properly and trying to reconnect
4. Closing a WIFI connect when the device hasnt shut down an Internet connection
So, what it is supposed to do is shut the direct availability detection method the system uses. I dont really know how successful it was, but you should now see the removal of the "G" and "U" icon, which should now have a symbol similar in nature to the active connection, but with a cross through it.
In summary, i dont know... it was something that was given to me in this forum months ago as i also got "upset" by the auto connect feature. After adjusting the AS settings, and changing the Internet shortcut button, i didnt need it anymore, and still dont run it on my device as it doesnt auto connect as much anymore at all.
Now, it only auto connects when i click on a link in my email and i dont have wifi open, which was my fault not the device fault for clicking the link in the first place.

Capture Voicestream to encrypt calls

Is there anyone who has done this, kind of like recording the phonecall... Though my query is slightly more advanced, I would like to see a Crypto program creating secure phonecalls using WM5...
So we would need to capture the datastream incoming(to decrypt) and outgoing to crypt, this creating a nice safe way to talk to your...friends... Anyone else up for this project?
Or any feedback on the concept?
...and...
i dont think its only me intrested in this so ill send this source code aswell from a company that works from a PC via isdn... This company sells cellphones with encryption...
http://www.cryptophone.de/support/downloads/downloads.html
Dont know if this could help in the initial stage?
Ps.
A similar software does exist (180 dollars per phone + all your details are sent to australian gov) www.securegsm.com
Anyone up for the task?
Re: ...and...
it is impossible to intercept the audio data coming through PPC unless your hardware is specially designed for it and it provides you a specialized API for doing that. All crypting software encrypts calls via doing CSD calls and senging data. There is another program - www.cryptophone.de
this looks like a HTC anyway...
http://www.cryptophone.de/products/CP220/index.html
???
Then how can secureGSM do it in a software made for any WM5?
So theoretically i dont think there is a problem there....
SecureGSM is an end to end app, which I suppose all such apps would have to be.
As such, it almost certainly doesn't need to pick up the phone/modem audio path (which as Mamaich says, seems to be impossible without a particular hardware implementation), but just use the normal microphone and loudspeaker recording/playback functions.
V
AddeBC,
Vijay is right. SecureGSM is working on the same principal as criptophone.
Establish a modem connection between two devices running the same software run a negociation with the network (v.110 is much faster then v.32) start a data connection with the other dude...the stream that the mic receives is encrypted and sent over to the other party there the software decrypts the stream and plays it troughout the speaker.
There were quite a few threads regarding csd connections between phones so could start from there.
The only thing that you're going to miss in this deal is the logistic for selling the software + phone.
Cheers,
Raul
I often thought of adding this as a feature of GSMbeam but I just can't think when I would ever really need it. It would be cool to communicate without the possibility of Big Brother knowing what is said, but what would you say?
To sell this kind of software may also bring you in contact with undesirable groups, criminals or terrorists are propably in need of good voice call encryption.
To do this it will have to have a reletively low quality of sound because of the poor data rate on voice calls. How would one go about encoding the sound to data? Are there any off the shelf open ended codecs for this purpose or would the work need to be done from scratch?
OdeeanRDeathshead said:
......To sell this kind of software may also bring you in contact with undesirable groups, criminals or terrorists are propably in need of good voice call encryption....
Click to expand...
Click to collapse
as per SecureGSM FAQ:
http://www.securegsm.com/pages.php?pageid=16#4
Is your software designed to support criminals and terrorists?
Absolutely not! We do not condone any such activities, and take extreme care to ensure that our products are used to prevent, rather than encourage criminal or terrorist behavior.
AddeBC
AddeBC said:
A similar software does exist (180 dollars per phone + all your details are sent to australian gov)
Click to expand...
Click to collapse
End User Details are being collected as part of identity verification procedure.
First name, Second Name, living address, phone number and contact email address. I suppose, this is standard practice. We do not support criminals and terrorists and would not sell if in doubt.. At the same time our software does just what is says to do: encrypts phone conversation end to end to the military standards and beyond.
It is buyer's resposibility to provide correct information on the order form.
see this page for details:
http://www.securegsm.com/pages.php?pageid=26
Also, I suppose providing end user information to the Australian Government does not automaticaly lead to the conclusion that SecureGSM is flawed or insecure, has master key, back door or leaving any other way to interfere with contents of SecureGSM encrypted conversation. And no! Big Brother does not know what is said..
Any way, if terrorists or any of the countries listed there want call encryption they would not trust their lives to someone elses software. I am sure they are smart enough to write their own.
As for the laws governing the sale, that just makes me mad. I do not trust John Howard, I think I should have the right to a private conversation without registering it with him. I guess that is the beauty of computers. Computers make the world go round and its the size of your brain that gets results not politics.
Well, for a less.. 'big brother-ish' scenario, I would, personally like to have my line phone to be encrypted, as it is way much easier to have someone bugging your phone line.
However, for a cell/mobile phone, it is relatively difficult for amateur people to bug it, right? What are the chances that someone around you that is interested on your conversations, is capable of intercepting your mobile/cell phone calls.
Raseac Secure Phone - for WM 2003 and WM 2003 SE
This looks worthwhile! Downloads are available from the website for testing.
[Also, as a side note, I have been in touch with Phil Zimmermann, the creator of PGP, and lately of Zfone (crypto SIP phone for XP/Linux/Mac), and he says he realizes the importance of the Pocket PC platform and is considering ways of implementing Zfone for Pocket PC.]
Code:
http://www.raseac.com.br/
Encryption system for end-to-end secure voice communication. It was developed to be used in palmtop computers running Microsoft PocketPC 2003 e 2003SE (Intel).
When installed in a palmtop connected via modem to a telephony system (fixed or mobile), it allows your company and your business a secure means of communication anywhere around the world.
Since Raseac encryption technology was developed for high capacity processors, it allowed for the implementation of state of the art security, featuring:
* Exceptional sound quality;
* 256-bit encryption key;
* Encryption technology based on the Rijndael block cipher (AES);
* CBC, Random IV, Time Stamp, Integrity check by MAC/SHA-256;
* 100% protected against "man in the middle attack";
* No backdoor.
Need for secure phone line; the brazilian site and others
Well, I'd say that common people don't have much to worry about being tapped... Usually, nothing that sensitive is talken EVER over line.
Things begin to change when you are involved with something sensitive, be that legal or not. Most of the guies who work with corps, above management level may have some need from time to time, to be contacted that way by a superior. From director and up, depending on what kind of business the company is into, it IS a must!
People who work with security, government and other agencies may need it. As already said, people who work with barely legal to blatantly criminal stuff are always in need of such trappings. I think terrorists end-up on that class.
Equipment, hard and soft is always expensive and cost prohibitive for most of us.
Paranoid, techno-junkies and just curious people may want it, just to have.
Since I fit two or three of the said categories, I would like to put a program like that on my cell phone...
Just for the sake of having it there!
(mind you! Curious, telecom and management+ position...)
That said, a basic voice scramble-de-scramble program is OK for me!!!
(the more open-source, the better!)
About the brazilian company, they changed the site's name to secvoice. I tried to have a look-see on their specs but they ignored my e-mail and so I've done with it.

[ ]Video Security - Can i be a remote spy???

so i have been thinking about my homes security and i have some questions...
i have collected quite a few expensive gadgets and they need protection!
So, i have been tinkering with my **** logitech orb web cam and it now supports motion detection. now call me crazy but i would like to be able to receive on my diamond, the video that has been recorded by a motion detection enabled web cam set up in my home. i'm trying to get my logitech web cam to save on my HP media smart server, running windows home server, not default on my laptop, and be notified by either sms that there is new video on my server or the video itself sent to my diamond. i would also like to be able to connect remotely to my laptop and be able to activate the camera software from a desktop link or something like that.
now i swear this is diamond related in the fact that i would like to use the device as a controller.
i have not used remote desktop on my diamond yet, i could not get it working.
i'm not sure if this is a app request, idea, or util so ill follow the forum template rules once this thread takes shape.
please shed some light on how one could make this happen. i think it could be useful to all of us, at home or place of business or your just want to bust your stupid parents snooping around your room.
so you are looking for an app that does the following:
act as webcam streaming server, but only when motion is detected, and when it does detect motion, it must notify you via sms, plus: you need a simple app for youre diamond to vie the stream..
i dont think I would be able to do this, but if you can clarify exacly what you want thinking WITH you is more easy...
on the other hand, i am sure the pc part has already some usefull apliactions wich are able to act as a server. but im not sure about the notification sms..
it would be ideal if that sms contained a link that you follow to open youre browser to view the stream...
what i know what is possible, there are apps for the pc that record video and send it via e-mail...
just use google for webcam security..
maybe there are pplz around here that can adapt software for u...
but i u seach im sure there are apps out there wich can do that... the only app you need is a browser capable of viewing video streams..
Would be good an app who detect movement, and then make several actions:
- Upload a photo/video on an FTP
- Save photo/video
- Play an AUDIO alarm
- Send an mms with the photo/video
- Send a warning sms
- Make a call (and let you listen what's happening)
....all when Movement is detected via the pda camera
Improvise
What you are trying to accomplish is mostly already possible. You'll need to do some research and some creative thinking to get it to work though. You will most likely not get an all-in-one solution to this issue.
It sounds to me like the motion detection and subsequent video capture is already taking place via the software you have installed for your web cam.
Basically you need two things: A way to be notified of a new video file and a way to view it.
I'm not aware of any existing application which will send an email (which can arrive as an SMS) based on a new file being created in a directory, but as a programmer I can asure you there's not much to it.
There are however many solutions which would allow you to view a video file on your WM device from you computer at home and remote desktop is not the way to go here. Your best bet is probably good old http since most video applications will handle "streaming" to file to you as you watch. You'll need to familiarize yourself with IIS (Internet Information Server; I'm assuming you're using Windows) and create a "virtual directory" pointing at the folder where the video files arrive. You'll also need to take the necessary steps to open port 80 so that your computer at home can host via http (this means configuring your router and your computer's firewall). Once this is done just pick your favorite video player and choose "open URL" or something similar and type in http://YourExternalIP/YourVirtualDirectory/YourVideoFile.
I'll leave it up to you to figure out how to best make yourself aware of new files.
As LucidObscurity says there already are several solutions available to this through the combination of existing discrete applications, although .
My setup does does what you desire although goes quite a bit further so it may be overkill for your requirements. However, as food for thought it may still be of interest. It consists of:
- A series of Panasonic BL-C1 IP cameras distributed around my house (running on the wired house network, although wireless versions are available) - these are quite discrete cameras and don't have the typical 'camera look' hence are aesthetically compatible with partners, guests etc (most people I've pointed them out to hadn't noticed them and then didn't believe they were cameras)
- The motion detection/analysis software ZoneMinder - the 'brains' - this monitors the cameras, detects motion (in zoned areas) and records the events as required (it buffers the images so you can capture what happened before the trigger too)
- The SMS tool MercurySMS (and VGSMail gateway) used to alert me via text when motion has been detected (the texts contain various event-related details/stats and a link to the recording)
- A handful of other scripts used for small housekeeping tasks e.g. scheduling the starting/stopping of the system, realtime offsite backup of recorded material (there's no point me capturing a thief on video if he then goes an nicks my PC!), etc
- My Diamond, or any other device with a web browser, used to interface with the system - controlling/configuring it, accessing live/recorded video etc. A web front end is essential in my opinion - you don't want to tie access down to a single platform/device.
Whilst it's not a setup that is up-and-running out of the box now that's it's fully configured it works well - very well. False alarms are practically nill and it doesn't miss a thing. Remote access via the web is powerful and as simple/complicated as you want - on holiday my girlfriend regularly fires up the quick 'snapshot' montage to keep an eye on our cats (we do have a dedicated 'catcam' monitoring the catflap so we can see the history of who came in/out and when).
I'm sure there are some all-in-one solutions available but they likely come at a cost and perhaps do not have the power and flexibility of a modularised solution - it'd be worth seeing what's available though.
Mathew
thanks for all your replies. great read.
i just want all my systems, Windows Home Server, Vista Home Pro and WM6.1 to come together. i will take a look into the apps you have linked to and see whats what.
i already have the ability to record with motion detection. when a new file is created in a folder on my home server, i want to be notified and linked to or streamed. i have remote access to my file via browser [ blazeitup123.homeserver.com ]. i can't get the logitech software to actually save to the server because it says i dont have the rights. i'll try and fix that tonight after dinner, but saving to the server is very improtant because my laptop could be stolen and then the whole setup was pointless. i want to incorperate my diamond into this process as much as possible, like with the remote activation and so on.
Wooow this is one of the coolest threads I read in a long time.
Although I'm not as advanced as some of the members regarding computing, I was thinking:
-Cam software streaming to remote address.
-When motion is detected, cam starts recording, thus creating movement in the remote address.
-When new connection(movement) is detected, you activate a new RSS feed.
-You get RSS notification on phone.
-Connect to remote address and check the stream.
What about:
A spy cam on the Diamond, I mean that you could hide your phone somewhere and point it at a certain spot you want to view. Then remotely access the phone and view the live stream?
Since the phone is so small its an easy hide.
Greetings to all and luck in all your great projects!
you should actually look here...
http://www.incax.com/
Looks good. I've also found Wapcam
(Seems to alert via e-mail to you could use either push e-mail or an email-to-SMS gateway for instant alerts)
Mathew
shogunmark said:
you should actually look here...
http://www.incax.com/
Click to expand...
Click to collapse
looks like great software. ill try the trail and it only 20 dollars to buy . seems very simple to. i want something more server based because my laptop would be the first thing out the door.
Security
Blazeitup123 said:
looks like great software. ill try the trail and it only 20 dollars to buy . seems very simple to. i want something more server based because my laptop would be the first thing out the door.
Click to expand...
Click to collapse
Perhaps you should invest in a big dog.
I m using this one:
http://www.accordiva.com/
U have there SecuRanger 2 Support 4 video channels
or one Camera only: SecuExpress 2
SecuExpress 2
both come with WM application for remote / viewing etc..
Take a look at orb.com. It has the ability to sms or email you if it detects movement. You could then connect to your home webcam through the phone's' browser.
...a good spy, like a 007 , should be able to SPY also without his PC
The only one that i've found is Invisible Shooter... for symbian os there are a lot of those apps (no pc needed), but for the pda there aren't many... (see the post #3)

Paranoid user (QuickGPS, eTrust Antivirus vs..)

Hi everyone,
I will be a little paranoid over here so don't take it hard on me =)
I've been using a i-mate k-jam for a long time and switched to touch hd on january. Interestingly the biggest similarity and annoyance for me was the softwares pre-installed to download some sort of data over internet and bugging every week to download new signatures/data and bugging even more if you fail to download.
eTrust found out to be useless and I can't really pinpoint why most handheld GPS devices doesn't really require to update this kind of information (Please correct if I'm wrong).
We might assume the transaction is a simple wget/http download which wouldn't carry any other information to the other party that someone from that IP downloaded something. But if there is a handshaking or at least some kind of a http post is inplace, it could be also sending a unique device idea which would let the guys in Taiwan track our devices our a map.
As I said I'm just being paranoid and making almost a conspiracy theory here but still the possibility exists.
So how can we be sure they are not sending any information out?
We can set up a proxy and mirror incoming traffic from a source ip (phones ip) and dump it with wireshark. Then we will need to define the proxy on our phone and click download.
Is there a wireshark/ethereal kind of packet capture software which can run on these devices? It could ease the job.
Reverse engineering the code? Not experienced in that but It should be quite small when the you think the job it supposed to do.
Any comments, thoughts, help, information - greatly appreciated.
BR, Kaya
You can disable Quick GPS if you want because it isn't necessary for the GPS.
It just speeds up the process of finding satellites.
why don't you just use a nokia 3210? that way you should be pretty safe lolol
philocritus said:
why don't you just use a nokia 3210? that way you should be pretty safe lolol
Click to expand...
Click to collapse
Only if you leave BT off JK
I've sort of resigned myself to the fact that using a smartphone exposes someone to a lot of security gaps. The best advice is to keep your bluetooth off / in hidden mode, as this is one of the easiest ways to get at your handheld's data. Moving up the paranoia scale, you can use that NoData program to disable your data connection except for when you really need at - that will prevent most third-party programs from dialing home. And if you're really worried about being tracked, I'd recommend just shutting off your phone when you have something private to do.

Categories

Resources