Related
I remember reading a post from a user about the slight ineffectiveness of IIWPO with regard to resetting the device, and I have also seen that it does not quite function properly, so here's what I propose, and plan to initiate work on, as soon as eMbedded VC++ downloads...
application works on the following security level;
a registry setting is created from the cab file after a hard-reset (so it's assuming that the PDA already has a built-in security code as part of WM) that contains a hash of a 5-digit security code, upon the soft-reset of the device, if another registry key that contains an XOR (XOR codes will be hardcoded) of the correct code is not found, then a window pops up, which will create another registry key, in the event that the user soft-resets the device (resulting in the preset number being sent a text) and the software never bothering the user again (in the hope that the user won't smell a rat, and will instead feel rather big and clever). should they however input a code, and that code is incorrect, a message will also be sent, but the program will once again disappear. and if the correct code is input, the program will apply the appropriate XOR version to the registry.
Hopefully, it will also be possible to a) disable active sync until after the program has either had a success with the code, or failure, and also disable all incoming beams, so that the init of the program cannot be bypassed by remote means.
and if you were wondering, IIWTBTPO = Interesting Interaction With Thieving B'stard Then Previous Owner.
comments? suggestions? need me to simplify the convoluted mess of a process?
Couldn't you just put a file into the extended rom, that would load the revelant settings into the registry that:
1. enabling 'strong alphanumeric password' (with a hardcoded password)
2. check 'prompt if device is unused for 0 mins'
3. load owner information (also hardcoded)
4. display owner information on startup
Effectively, on every hard reset, he won't be able to turn off the password, since he'd need to key in the existing password. Also, once the unit goes into standby, it gets locked and the owner information is displayed.
The only 1 chance to defeat this, would be to hard reset; load a registry editor via SD card, and disable the password from there. Any thief who gets this far, would probably also know how to unlock the extended rom and remove these registry settings from there.
I've changed the splash screen in the extended rom for my hp6365 to display a custom .bmp with my 'owner information' instead of the default startup screen on every soft reset. I think it's resonably annoying enough that he can't sell it except to someone else who'd know the unit was found/stolen.
The changes I'd like to see done to IIWPO include:
a) not using "IIWPO" in the registry (user customisable registry key, as well as executable file name)
b) not storing owner name & number 'in the clear' (a simple XOR to hide it would be just as effective)
c) a hash of the entire owner info page (not just the last name) so unit will resend an SMS if any info changes
d) a new sms is resent after a preset time (eg: every 24/48/120 hours for example), regardless if owner info has changed or not.
I don't believe the source is available (I'd like to poke into it if it was), but if IIWPO would do all of the above, i'd remove my custom splash screen, and not make use of any 'locks' that would prevent the unit from being used; Perhaps just 'preload' some owner infomation on every hard reset; but keeping the unit as 'normal' as possible would perhaps increase the chances of recovery with IIWPO.
or flashing a new ExtROM, or soft-resetting right before it rolls out the ExtROM.
if anyone has any info on the Password capability built into WM, I'd appreciate it
After having my last 2 XDA's stolen (Africa), I put this app straight into my VERY expensive JasJar and I'm DELIGHTED to see it works (incl sending the SMS SO discretely that I thought it MUST have tanked). Ran out and made a donation to xda-developers to IIWPO credit straight away!
I'd love to see a suggestion I saw elsewhere; Regular SMS's with theif's recent calls and sms's. Also, a 'honeypot' approach; put an obvious filename (eg Anti-theft.exe) in the startup directory that does nothing, but if deleted IIWPO reacts, and re-enables "show owner info on startup" key. (all this cos I'm not convinced that thieves know to change the owner info)
Also, if someone could provide some strategies for installing on a JasJar where we do NOT have access to the ROM, that would be great! African thieves are not very smart, but I would like it to survive a hard reset.
perhaps it might be an idea to toy with the possibility of hooking into the password screen, if possible in order to have a 3-strikes system whereby if after 3 incorrect tries, the PDA will send a message, and again, upon hard reset, password info is re-applied
enhancement
the best thing is - upon theft, The JJ will grow 2 legs,
and start running to the last owner address using Built in GPS..
but seriously:
a password screen that will appear every 24H saying:
"The rightfull owner is *Name*.
contact him at *Number* for a finders fee of **GBP".
The message wont contain "Enter Password:" but upon putting correct password (you can also apply an X,Y screen value like 0,0 which is lower left corner) the phone will unlock.
if he tries to H.R the password screen (in the same format) will appear.
+ after 2 wrong passes / no passes - disable all beams & USB.
so there is no away around it. (I think).
comments any 1?
Olipro - not necessary to hook password screen: write your own.
I'll try and write one one day. I've already done a bit of theft protection, to do the following:
-my plugin will detect an unauthorised sim and sms me back with cellid.
-Optionally hard reset and format the sd card by sms to the stolen phone.
-Am looking into how to "brick" the phone instead...
I don't want to encourage him to flash/hard reset, because then I will lose the SMS/cell id tracking function, so my protection system is benign, hidden in the background.
However, this is for the magician, and not for rom installation (although it can be!). But, I think: if a thief is knowledgable enough to know how to hard reset and flash a HTC phone, I think he's a fellow hacker and deserves the phone. I'm insured either way... however, for non-insureds, you get your own back a bit.
V
as soon as I get some free time from essays... I'll get round to this.
if you want to brick the PDA, then I believe that HimaClearJumpCode.exe when run on the PDA should do the job quite effectively
I'm looking for an anti-theft app. I don't know if it exists yet.
Is there an equivalent to the symbian phone apps "Anti-thief" or "EzProtect"? It has some nice features to let your pda "phone home" when someone is tinkering with it, or you can remotely disable your pda by sending a password though sms.
I've been searching over the net and found "Kill-pda" but that can only erase the device completely by sms. Thats a bit overkill :lol:
I hope someone knows, because i learned the hard way that you really need an app like this. My phone got stolen once and I got a Huge A$$$ bill for calling to egypt en italy
edit: I found this description for EzProtect:
The application sends an SMS to your specified number as soon as the SIM card has been changed. By this way, you receive SMS on your friend's (or whoever's number u defined) cell with the thief's cellnumber and SIM number (IMSI) so it becomes very easy to track the thief.
I definately want an app that can do this. And I can imagine a lot of people wanting it too.
There was a discussion about this on HoFo in Oct ober when people first started receiving their Wizards. I think BTT (BeyondtheTech) mentioned something about it. I'll see if I can track it down this evening.
It certainly would be cool.
Check this out! http://www.ppcsg.com/index.php?s=0c0cedfa906ae1b85f844fb7b497def6&showtopic=65021
Hope this works. I have not tried this myself.
Thanks a lot for your help, but that was the program i mentioned in the threadstart "PDAKill".
The only thing it can do is erase the device completely when you send a sms to your pda containing a predifined password.
But when the thief takes out the simcard and puts in his own, then this program would be useless.
Guys, if I've seemed distracted for the last few days, this is why:
I've been working on a program called VJAccioPhone.
It is used to detect if your phone has been stolen and to permit remote use of the stolen phone. Your phone doesn't have to be stolen, eg if for some reason your wife is likely to discover your "niece's" affectionate messages to you, you can send a password protected remote keyword to format your phone and hardreset it. I'm sure you can think of better examples!
It's an expansion of some code I wrote for my unreleased plugin, VJEphemeris, which you can read about here. The release version allows you to do pretty much anything you can do with the phone when it's in your hand, all remotely. Destructive and constructive control.
This is a pre-announcement. I don't like preannouncing, but unfortunately this week I've been on a very limited programming quota due to the ministrations of my better half. So although the code is finally finished, it's being beta tested while I'm away on holiday. If all is well when I get back next week, hopefully I'll try to get it released!
Don't tell anyone else, but you can read about VJAccioPhone and see screenshots here. Please note, and don't ask, there is no download available at the moment.
V
Aside from that a program like this would be very handy, and I'm quite curious and will keep an eye on it myself, I advise everyone to activate the pin code on their simcard, and always call their mobile operator as soon as the phone is stolen so they can block your number to avoid getting high bills as the topicstarter said... You should also be able to get your number back easily by requesting a new sim card and having your mobile number set to that simcard again.
This may seem obvious to some people, but I just wanted to post it anyway since a lot of people are still not aware of these simple ways to protect yourself.
Absolutely true; in England, the police aren't interested in persuing phone theft, but for you own benefit, you must always have your IMEI blocked and the phone reported stolen immediately to prevent you being charged for calls.
VJAccioPhone will be able to report back to you even if the IMEI has been changed or it's being used abroad etc. It's more for protecting your data on the stolen phone then getting the phone back. Frankly, any thief would do better to throw the phone away then persue cracking strong protections. Stolen phones are easy enough to come by! However, at least a nice passer by might be able to get in touch with you!
V
Sounds great! Would it be possible to enable the phone ID (Where you can enter your name and contact details) thought this might be good if it was ever found (or part of the hard reset).
Wauw, this is great stuff Vijay!
If you need a beta-tester on the wizard platform, i would highly recommend myself
This would be excactly what everyone needs 8)
Would it be possible to save the configuration settings? Because my idea would be to include the cab file in my extended_rom, and thus make it install itself even after a hard reset. This would mean that the configurations settings also have to be loaded after the hard reset.
Keep up the great work Vijay
frigit: if you mean enable password screen, yes, should be no problem. however i'm thinking of writing a better custom password screen using some strong encryption, with optional destruction on failure.
leploep: of course, it's designed for extended rom etc. right now protection works as a ta k, for the demo, but i'll be writing protection into an invisible app. Remote control is already complete and works transparently when triggered, so the thief won't even realise what you're doing ie there's no sign of the control smss being received to the thief.
eg you can background call the police from the stolen phone
more when i'm back from holiday next week!
v
This is starting to sound like a killer app - pun intended 8)
I'm in for sure when you get this finished, Vijay!
Already finished for the demo version!
kept me quite busy, developing three intersecting programs, like playing chess! but they all seem to work ok. a friend is testing it hopefully this week then i'll see what i can do for wider release when i get back...
v
Well vijay555 , you can put me on the list of very interested persons on buying this soft.
Cheers mate.
vijay will this work on all the wm5.0 devices??
i.e. I have the pda2k with wm5.0 and have been looking for a prog like this since i got my device, also is it possible to keep this program after hard reset ?? as you know if a hard reset is done the data is gone, but the user now has an expensive device to start playing with
it's not been tested on wm5 at this time, actually because the guy testing has a wm2003 motorola - gulp! but everything i write is normally wm5 & wm2003 now. there is no reason why it's not wm5 compatible but i'll ensure it is before release. i can certainly say, to my pain, the hardReset keyword is very wm5, i activated it by accident in testing.
retaining it after hard reset is only possible, as far as i am aware, by using a custom ext rom or rom.i've not tried it on my magician or universal, but hopefully your device in particular ext rom customisation is possible. at this time it uses registry & normal exe/dll files to run, so no reason it can't be ext rom'med. hopefully this will be confirmed in testing shortly.
if anyone can think of any particularly useful remote keywords to incorporate drop me a line. as it is, the full version will permit remote .exe launching so it can do pretty much anything
v
a lot of us have paid an arm and leg for our devices so having that extra peace of mind,knowing that if your device is nicked your going to make it as hard as poss for the theif to try and profit from your loss.
vijay all the best mate so far your app looks very promising iv got the exec running WM05 so if you need a beta tester let me know LOL
and guys if you report your phone as lost make sure your service provider is also going to blacklist the device!
I work for Vodafones in a call centre in the birmingham, UK,but the amount of customer services that is outsoursed to other non vodafone call centres based here in the UK its unbelievable! the amount of complaints I deal with and customers accounts that I come across where the outsourced twats
will admin bar your sim card but not blacklist the handset!
anyway I'll keep my eyes open for any more theftbashing apps and will post on here.
N2h said:
I work for Vodafones i
Click to expand...
Click to collapse
But have an O2 phone.....
Whow V.
Looks very very promising.. !
Great Job man :!:
i'd be happy to check it on my devices :wink:
Cheerz
lol mcwarre
even with our staff accounts we can't get the pdas as they are only available for busniess customers to be honest with you don't know why vodafone is stupid enough not to sell to normal consumers its the biggest network in the uk,
the staff phones we do get we gets 12 months line rental free lol
annnnd from all the universals I think the exec with its black shell looks the most stunning-the white shell devices just look a tad bulkier! lol
I have a SD card with lots of software, most programs usually run without installation, shortcuts were copied from my QTEK9090 to this device (QTEK9000)
.
Some programs cannot be started, they complain about certificates..
Most others do - except for these that won't work in WM5
What's the point with this behavior anyway ?
I searhed this forum, but did not find any real answers.
In terms of what's the point:
http://msdn.microsoft.com/library/d...conapplicationsecurityonmobiledevicesozup.asp
Basically to prevent you running applications not permitted by your phone operator, in case you try to screw up their network or they have otherwise locked down your phone to get cash/inconvenience out of you.
You need to disable various security policies. Try searching for BeyondTheTech's posts. He's always got goodies for children that come to play with his puppies.
V
so .. it is basicly no drawback to disable this "feature" completly ?
Oh: well, it depends how much you trust your 3rd party software, and whether you trust your operator more than you trust yourself.
If your operator application-locks your phone, and you can unlock it, use your own judgement if the software you run is safe.
V
Hi altogether,
I need to softreset/hardreset a WinCE/PocketPC/Windows Mobile based device using a CabFile (one for Soft- one for hardreset). Does anyone know, how to do this?
Thanks in advance.
P.S.: I already searched the forum, but found nothing between thousands of threads with Softreset,... in it.
Well the first of all can you program in C / C++?
If the answer is yes then you will have to write a setup.dll for the cab that will do the reset.
Here is an article for soft reset that will work on any WM device and on many CE devices (it is OEM choice to implement this part, so some CE devices like PNDs do not have it).
For Windows Mobile 5 and up it is recommended to use the ExitWindowsEx API instead.
As for hard reset there is a problem: this article works for pre WM 5 devices, but because of the flash storage on WM 5 and up the implementation of hard reset was left to the OEM so there is no generic way to do it by software.
Tools like Tweaks2K2 and SKTools provide this feature as a standard.
Cheers
hrb
yeah with persistent storage hardreset changed
good thing too if it was easy to program a hardreset
it could cause alot of problems when / if more virus's
will come to pda's
I don't mean to scare you Rudegar, but there is a very simple way of forcing the user to do a hard reset himself, on any WM device. I am not going to publish it here, but lets just say if someone wanted to make a virus, lack of programmatic hard reset would not be a consideration at all.
well after wm5 a hardreset at least dont cost people all their nonbackupd data
I know this is getting the thread off track and I apologize, but the whole point of "hard reset" is to lose all data. Unless you keep is on SD in which case it doesn't matter what OS you are using.
You are probably thinking of power loss and not HR.
Thanks for the info. I'll check your hints.
I'm been working on this for a little bit now since I found all the existing apps don't work well in WM6 or don't work well in a custom rom. This is a open source program (as all of mine are) and I welcome help/donations/and comments. Bug reports will be helpful in this first release as I certainly consider this a alpha release at the moment.
What it does:
once setup at every boot it compares your IMSI number with the one stored, if it's a match it plays a little sound and that's it. If it's not a match, it locks the device and displays your email and a request to please get it back to you. It also send you the "new sim's" imsi and phone number via a SMS.
------------------------------
SecurIt 1.1 (BETA) by Shadowmite
------------------------------
TODO: Build in SMS rule filtering thus adding remote control
Lock out activesync connections?
Protect the datafile from being deleted, or keep a backup in registry.
NOTE: THIS DOES NOT WORK WITH CDMA PHONES!
Version 1 (BETA) Instructions:
This security applicatioon can run loaded normally via a cab file to your device, or via being cooked into a rom. It will require your phone able to run unsigned code (most roms at this site are fine in this regard). Furthermore it does require the .NET Framework so it's really for WM6 devices, WM5 will be more tricky and is left up to the user to figure out how to make it all work.
When first run the program resides in \windows and must run from there. If you ran the cab installer it will have created a shortcut for you into the Programs folder.
The application comes up with a form showing you the current device imei, imsi, and phone number. You need to enter a password (needed to disable security programmatically or change SIM info), a email you can be reached at my a "finder" of your phone, and a SMS phone number you'd like alert messages sent to. Once done click set. Finally, click Enable security.
The application then sets itself up to autorun upon boot and if the SIM matches, it plays a little sound file to let you know everything is fine. If the sim is found to have changed, it will lock down the device until a password is entered. Meanwhile it shows your contact email and has sent the alert sms to you with the new imsi and phone number.
If you enter the proper password the program will take you to the settings screen where you can reenter the password and make changes to the settings and resave them. Simply clicking enable security without making changes will keep the settings as they are.
Clicking disable security will remove the autorun entries and remove the data file the programs keeps at \windows\SecurIt.dat.
The data file keeps 5 lines, MD5 hashes of your imei, imsi, password, and also your email and sms phone number as plain text. Thus stealing this file does not enable retrieving the password or easy changing of the imsi. Deleting this file however would remove security. Furthermore activesync will still link to a locked device. Knowledgable people about these devices could therefore defeat this security, however it's goal is to keep the casual theif / finder out of the phone.
This program is a work in progress and I welcome help with modifications to it as well as bug fixes. Source can be found at:
svn://www.shadowmite.com/shadowmite/SecurIt
To cook this into a rom, you need 3 files. 2 of them need to be generated when you first install it like normal and set it up. Copy the SecurIt.dat from \windows and the SecurIt.lnk from \windows\start up to your rom as well as the SecurIt.exe file. It's that simple. Enjoy!
History:
1.1: Fixed all kinds of bugs causing security to crash with various sims
1.0: Initial release
If you like my work and would like to help insure I continue to have time for this, please consider a donation to: foglemATshadowmiteDOTcom
Shadowmite, thnx for starting an "opensource" project for this. I havent tried it yet, will try once I reach home.. But I had a cpl of suggestions\questions:
1. Why do u keep email and sms phone no in plain text instead of encrypting them as well?
2. Instead of storing config in a file, store the config in registry which lessens the chances of someone finding out about the prog and deleting the file to disable security.
nice work as usual...
shantzg001 said:
Shadowmite, thnx for starting an "opensource" project for this. I havent tried it yet, will try once I reach home.. But I had a cpl of suggestions\questions:
1. Why do u keep email and sms phone no in plain text instead of encrypting them as well?
2. Instead of storing config in a file, store the config in registry which lessens the chances of someone finding out about the prog and deleting the file to disable security.
Click to expand...
Click to collapse
number 2 is in the TODO list...
#1) we could encrypt them as long as it's not a one-way hash like the first 3 lines, however those are the bits of data we don't mind the theif/finder seeing afterall as they are the means to get the phone back to its rightful owner. I suppose we could hide them but the phone number will be on his next bill for sending it a SMS and the email is displayed on the locked screen.
And as walshy said, #2 is certainly on the todo, but locking our activesync connections is a bigger concern and I believe completely doable.
#1) we could encrypt them as long as it's not a one-way hash like the first 3 lines, however those are the bits of data we don't mind the theif/finder seeing afterall as they are the means to get the phone back to its rightful owner. I suppose we could hide them but the phone number will be on his next bill for sending it a SMS and the email is displayed on the locked screen.
And as walshy said, #2 is certainly on the todo, but locking our activesync connections is a bigger concern and I believe completely doable.
Click to expand...
Click to collapse
ok, and sorry abt the #2, I missed the TODO part..
Keep up the good work..I myself was thinking abt making smthing similar but now I think I'll drop my idea to make a different one, as this seems to be a better idea (opensource is always better )..
I hope I can make some contribution to the code if possible..
shantzg001 said:
ok, and sorry abt the #2, I missed the TODO part..
Keep up the good work..I myself was thinking abt making smthing similar but now I think I'll drop my idea to make a different one, as this seems to be a better idea (opensource is always better )..
I hope I can make some contribution to the code if possible..
Click to expand...
Click to collapse
What advantages does this give over "Mobile Justice"..another similar util...my rom has Mobile Justice cooked with it which makes it hard to remove.
famewolf said:
What advantages does this give over "Mobile Justice"..another similar util...my rom has Mobile Justice cooked with it which makes it hard to remove.
Click to expand...
Click to collapse
If you like that software and have it working properly use it. Maybe you'd like to post in every rom thread asking why not use some other rom while you're at it?
Shadowmite said:
If you like that software and have it working properly use it. Maybe you'd like to post in every rom thread asking why not use some other rom while you're at it?
Click to expand...
Click to collapse
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON. If it had additional features I was going to recommend it for addition into XM6R3 (the next release of the current rom), but with an attitude like yours I won't bother with further review.
famewolf said:
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON. If it had additional features I was going to recommend it for addition into XM6R3 (the next release of the current rom), but with an attitude like yours I won't bother with further review.
Click to expand...
Click to collapse
you dont bother with a review but bother with a slagging ... take your "fame" somewhere else...
Ok, for starters mine isn't based on assuming every device has a GPS built in (while technically being a Trinity owner I should go that route). I instead base mine on nicely locking down the interface so far with a polite message to get the device back to the owner. Furthermore mine is trivial to build into a cooked rom which was my main reason to write it. I tried every security app out there over the last weekend without any of them working "properly" and figured the best way to get one is to write one. In addition mine is open source, mobilejustice is not.
Now then, you said you're not using it... But the last post said you had it cooked in? WTF? Need some help deciding what you use and don't use?
my rom has Mobile Justice cooked with it which makes it hard to remove.
Click to expand...
Click to collapse
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON.
Click to expand...
Click to collapse
Shadowmite said:
Now then, you said you're not using it... But the last post said you had it cooked in? WTF? Need some help deciding what you use and don't use?
Click to expand...
Click to collapse
1) The rom I currently have installed comes with Mobile Justice preinstalled.
2) I have not configured and am not currently using Mobile Justice
3) The author is currently taking suggestions for software to include in the next revision of their rom.
What part of any of those statements are you having difficulty comprehending?
Perhaps you and the gentleman from Melbourne should both grow up and quit reading an insult where one was not intended.
Well than back on track... Give it a try and see what you think. I really want feedback from folks outside the USA as I believe it will not properly catch your phone number of the "thief's sim" however if the sms works it should still get the phone number to you obviously.
The GPS coord. request feature is a nice one and will have to go on the todo list.
well, well, fights apart, what drew me to this app over the other apps was the opensource nature as mentioned by Shadowmite because I, like shadowmite, was not happy with the other apps doing things properly or just because I wanted somethings to be done differently..
@shadowmite:
1. I have a few ideas of getting "coordinates" and sending to the original owner even on non-GPS devices ..Maybe we can discuss some things later on once the basic structure of the app is ok.
2. Couldn't find the source code of the app on ur site..(May be am just one dim-witted dim-sighted git ) Please point me to it..
You'll need svn to get it, windows users: http://superb-west.dl.sourceforge.n...vn/TortoiseSVN-1.4.4.9706-win32-svn-1.4.4.msi
svn://www.shadowmite.com/shadowmite is my master repository for all projects.
cool, I do have TortoiseSVN installed at home..Will check it when I go back..
Will it sustain a hard re-set ? Dont think so.
@shailesh, for sustaining hard resets, it has to be cooked into the rom, pointed out by shadow on post 1..
I don't know if something else can be done for this (writing into ext rom is one option but that is not possible for most devices now)
Sounds like a great piece of software. And open source is a great idea too.
I did tried several others like this one (Eye on the thef, Ultimately Theft Alert ...) some features were still missing :
First an autoconfig method :
As already said, whatever your storage methode is (file or registry), you 'll everytime lose the configuration when a hard-reset is done on the device. The only one possibility i can imagine is to store your "installer" program on extended rom with the ability to add an external config (encrypted) file as a parameter.
Installation will be handled by the autoconfig process, using this external file. Config will probably needs to be stored on extended rom too. It's not peace of cake to create an extended rom, but easier that cook a rom.
This feature won't be very helpfull if there is no way to generate a config file automaticaly base on settings done by user : kind of export process.
On standart start/soft-reset, your program will run as it does actually, but when a hard-reset, is proceed, programm will reinstall unattented and will still be running after boot... No way to easily remove it. Bad effect is that it will also be difficult to update programm/config.
Secondly, i'd like to have the a way to "format"(or encrypt) a memory card remotely.
Do you thinks those could be part of your TODO list ?
Will try it on few next days and i'm ready to help you translating it in french
hi shantzg001,
thanks for replying,
My mistake, did not read the whole text.