Related
Thinking of getting one of these, any one here have experience of these two apps and any recommendations ?
Thanks.
Hello,
Actually I have pretty much experience with CodeWallet, eWallet and FlexWallet. I've been using eWallet for many years and recently switched to CodeWallet. There is a serious security issue with eWallet. It appears the Category names are in plain text unencrypted format !! Altought the actual cards are encrypted, I wouldn't be so happy for a thief to be able to see what I am hiding inside (i.e. Bank Accounts etc..) Sometimes the category name itself is something you would want to protect. That's why I switched over to CodeWallet even though CodeWallet provides only 128 bit encrptiong while eWallet provides 256 bit, though again with no category encryption.
MOBILER
Thanks for pointing that out.
I agree with you , eWallet is now off my list.
The other option I am looking at is instead getting Sentry 2020 which creates an encrypted mount. Then just have my sensitive info in Excel spreadsheets on that mount encrypted. Perhaps the encrypted mount can be my external storage card.
http://www.softwinter.com/sentry_ce.html
http://www.geek.com/hwswrev/wince/sentry/index.htm
Any opinions on this ?
Gut feeling , CodeWallet seems best all rounder so far.
hey linuxgeek
from my own personal experience, I've used many encryption programs and found all to have flaws except for this one: CryptoStroage which I eventually purchased.
It's key benefits is unlimited size - most other programs have limits of a few Mbs. with this program I can mount a few houndred MB volume on my SD Card where I put all my scanned documents in and view them with acrobat reader.
Another key benefit it has a desktop version so you could use the same volume to mount on your desktop pc. very neat, instead of going to the ppc each time. It is the most fast I've tested and is super easy to use. It looks like another SD card storage.
I think I've tested Sentry 2020 and found it was inconvenient for me.. but i'm not sure.. I may have not tested the recent version so I don't know. but I see Sentry costs $50 and Cryptostorage costs $20.
Let me know if there's something else i can help you with.
Great tip thanks for that.
Cryptostorage looks fab , definately going to get it.
Do you think its worth getting CodeWallet also or shall I just get Cryptostorage and like metioned earlier keep all my info in excel/word files inside the safe ?
Thanks for all your input.
Looking at Cryptostorage website it doesn't mention it works with Windows Mobile 5 .
Are you or any one using on a Universal with WM5 ?
LinuxGeek said:
Looking at Cryptostorage website it doesn't mention it works with Windows Mobile 5 .
Are you or any one using on a Universal with WM5 ?
Click to expand...
Click to collapse
Hey,
Yes it works on my Universal just fine. I found it to be the most convenient program among the encryption programs.
I do suggest getting Codewallet as well. It is not convenient to mount a volume each time, then fire up excel if only to check for a password. I personally have all my passwords, maybe a hundred stored with Codewallet and I also enjoy the Desktop version, which is easier to use when working on the desktop PC. I use my wallet file on the Synced My Document folder and then the desktop version and the PDA version are synced with the latest wallet file each time.
Thanks for reply.
I am moving towards getting eWallet and using cryptic category names because of its 256bit encryption.
I am definately going to get Cryptostorage too now that u confirm it is fine under Universal.
Thanks for all your input mate.
Anyone used cryptocard? I've been thinking of changing from myCodes Lite to this. myCodes seems OK but is a little slow.
Anyone ever wondered, how comes that CodeWallet can sync your Desktop/Mobile wallet without any password entered?
I guess they encrypt the data by record and keep a timestamp unencrypted. But this way if you often use the same login name and have many similar forms (Username, Login, URL), an attacker could get the password somehow, I think, since there is always the same beginning of the records.
It's something like security vs. sync-without-password-prompt. Where as 128bit RC4 isn't "strong" encryption nowadays anyways. I'm a bit concerned about the *real* security of this app...
Cheers,
-mARKUS
CodeWallet insecure
CodeWallet now is a NO GO for me. Found some patched EXE-file of its Desktop-version, where you can enter *any* 3-digit password to open your file. This is not security, this is INsecurity par excellence.
Cheers,
-mARKUS
UPDATE:
- Windows Mobile Security Software fails the test (info about header-copy to open files)
- mininova (first mention of this security flaw)
- PxDxA (detailed infos about this flaw)
I've got an application that will only work if it sees a particular device that has been set on an enterprise server and I'm desperate to use my Hermes device rather than the supplied Windows Smartphone that doesn't have a stylus - yuk!
The log reports this:
DevOS=PocketPC
Device=HERM200
PPC device is unknown: [HERM200]
If I can change this to something else that is known by the enterprise server then I can continue loading the software.
I've searched the registry and can't find the string "HERM200" and I've tried changing the entry in ActiveSync on my PC but that just gets refreshed.
Any ideas or I will have to use my stylus free smartphone instead :-( No more billiard master either :-(
It'd be easier to crack the app rather then change your OEMInfo.
If it's not confidential, email it to me for a quick look, or post it here for the Legion to mull over.
V
It's Credant Mobile Guardian and the rules base is controlled by the enterprise server. The only program that runs is GKProbe.exe on the PC. I think it would be a mare to crack.
Thanks
It's likely to be easier to crack the app rather then OEMInfo - IIRC OEMInfo is embedded in the Rom/hardware. You could hack the ROM I guess, but I'd start off with the app personally.
V
Viijay,
Thanks for your replies. I've got the installation application. Would this be something that you could crack?
Thanks
Hi everyone,
I will be a little paranoid over here so don't take it hard on me =)
I've been using a i-mate k-jam for a long time and switched to touch hd on january. Interestingly the biggest similarity and annoyance for me was the softwares pre-installed to download some sort of data over internet and bugging every week to download new signatures/data and bugging even more if you fail to download.
eTrust found out to be useless and I can't really pinpoint why most handheld GPS devices doesn't really require to update this kind of information (Please correct if I'm wrong).
We might assume the transaction is a simple wget/http download which wouldn't carry any other information to the other party that someone from that IP downloaded something. But if there is a handshaking or at least some kind of a http post is inplace, it could be also sending a unique device idea which would let the guys in Taiwan track our devices our a map.
As I said I'm just being paranoid and making almost a conspiracy theory here but still the possibility exists.
So how can we be sure they are not sending any information out?
We can set up a proxy and mirror incoming traffic from a source ip (phones ip) and dump it with wireshark. Then we will need to define the proxy on our phone and click download.
Is there a wireshark/ethereal kind of packet capture software which can run on these devices? It could ease the job.
Reverse engineering the code? Not experienced in that but It should be quite small when the you think the job it supposed to do.
Any comments, thoughts, help, information - greatly appreciated.
BR, Kaya
You can disable Quick GPS if you want because it isn't necessary for the GPS.
It just speeds up the process of finding satellites.
why don't you just use a nokia 3210? that way you should be pretty safe lolol
philocritus said:
why don't you just use a nokia 3210? that way you should be pretty safe lolol
Click to expand...
Click to collapse
Only if you leave BT off JK
I've sort of resigned myself to the fact that using a smartphone exposes someone to a lot of security gaps. The best advice is to keep your bluetooth off / in hidden mode, as this is one of the easiest ways to get at your handheld's data. Moving up the paranoia scale, you can use that NoData program to disable your data connection except for when you really need at - that will prevent most third-party programs from dialing home. And if you're really worried about being tracked, I'd recommend just shutting off your phone when you have something private to do.
Greetings!
I've been looking for quite some time now for a way to get around the Chinese firewall on my phone. I have a paid VPN tunneling account that I use on my desktops but have had no luck getting my phone to access it. I tried openvpn client here but the program won't start on WM 6.5 (Energy Rom), all I get is "Default Ime" displayed in the upper right corner of the screen and nothing else. I've got the config, cert, ca.cert, and key files from my vpn service, but can't get the darn program to start to import them or initiate a connection.
Is there another way to do this? I really miss the Facebook integration (facebook blocked in China), YouTube (blocked), and Skype (blocked)....anyone had success with this client on WM6.5? HELP!!
THANKS!!
Am I really then only person who wants to use something like ultravpn on their Wm phone?
RealVNC makes a Mobile Viewer
you need to turn off the TouchFlo3d to see the openvpn icon
Start->Settings->Today and disable TouchFlo3d
A bit of a pain in the arse
Am still trying to get it work
Yeah, I found that. Have been getting down into the nitty gritty of the config file, I think I've got it sorted out and will be posting up here this weekend when I get some time to test. Thanks!
I am not sure if my issues are TAP Vs Tun issues. Hoping that I get to the pub early enough this weekend to get it sorted.
I sorely miss hulu.com- took them a while to twig that that the 194.xxx.xxx.xxx range was t-mobile UK.
BTW who do use for your VPN acc?
I have just signed up for a vpsville.ca openVpn account. Great price and they seem to be reliable- btw google for life-time discount codes.
Any progess with this? I have gotten to where I can get the client to connect to my vpn server and request my login info, but no dice getting the phone to route traffic through the vpn tunnel.
I've been using torrentfreedom but am looking to change as they have become REALLY unreliable lately. THanks for the tip on what you're using, checking them out now!
I hope we can get this working!
To be honest I've been too busy to play with the config files.
Forgot to mention that the vpsville.ca option is a vps server that you are allowed to run openvpn (or any other software that you want). The T&Cs say that it must be private use but I believe that you plus a friend or two on openvpn would be ok.
I like their refreshingly honest approach- unlike the those of firms/rackets such as fasthosts.co.uk.
vpsville say that you can pretty much do whatever you want so long as it is legal. I believe that they had a major ballsup last year but I have been with them for 6 months, a UK vps and a more basic USA vps and have been very happy.
Set up is pretty straight forward with root access- they have templates- if you (decide to go with them and) need help I can assist- although a Linux noob I had no real problems. Incidentally I dont need to log in with passwords etc as the set up is my own.
EDIT+++++++++++++++++++++++++
BTW what is your avatar- dont think I have seen it before- never studied archaeology
Remove openvpnmgr.lnk from Windows\StartUp folder
I got around this by removing the openvpnmgr lnk file from Windows\StartUp folder - seems like there are some bugs with the openVPN manager running on wm6.5 (it was even buggy in wm6.1) on my Sprint Touch Pro2.
any luck so far
hi guys..
were u successful in bypassing the firewall??? im also in china and tryiing to do exactly the same thing as u guys..
did u get openvpn working????
Hi,
all I want is to write down some stuff (like bank data, etc.) that is protected by a password. Even on my old K750i I could write protected memos... is that also possible on Windows Mobile?
Thanks in advance!
Nobody? Is this really not possible?
I use slimPassword as it's the only one I have found that is free and can be used with my laptop (by syncing the password database file)
-Jonny- said:
I use slimPassword as it's the only one I have found that is free and can be used with my laptop (by syncing the password database file)
Click to expand...
Click to collapse
Ahh, thanks. That's a good start. I was hoping for something to take longer notes with (like password-protected Word files), as I plan to write my wedding vows on my TP2.
well just download something you like - there's plenty of free one's out there, and most probably even more paid ones too!
www.freewarepocketpc.net/ppc-tag-password.html
You could also use something like FreeOTFE4PDA which will 'mount' a password protected area for you to save files to, making it really easy to protect office files.
-Jonny- said:
well just download something you like - there's plenty of free one's out there, and most probably even more paid ones too!
www.freewarepocketpc.net/ppc-tag-password.html
Click to expand...
Click to collapse
I'll take a look at them, but so far they all seem to be intended for storing short stuff like PINs, etc.
I use secure notes 1.2 it's freeware.