Is it leagal? - MDA III, XDA III, PDA2k, 9090 ROM Development

Hi!
I want to upgrade my Blue angel to WM6 but i wonder is it Leagal to do that?
thx for the help

Nope officially its illegal

thats bad
why?

it is outside the terms and conditions of our BA...
and of course...
*** drumroll ***
Micr0$oft's Legal Hold on the WM OS Softwares.

lol...is anything on the internet LEGAL nowadays?

SilverSamurai said:
it is outside the terms and conditions of our BA...
and of course...
*** drumroll ***
Micr0$oft's Legal Hold on the WM OS Softwares.
Click to expand...
Click to collapse
i guess :/ but cant i just buy the rights to use it,.... no i guess not..
BU!
thx for the answare thougt

It depends on your view of the law. Microsoft may be breaking the law by using anti-competitive tactics to force people to throw out old devices (and buy new ones... just to get the new software). If you believe that, then the EULA is illegal to begin with.
Further, unlike with desktop versions of Windows, the agreement to the EULA is never expressly made. You never click I Agree to an EULA during the initial startup. There are several scenarios where a user never would need to enter into agreement with the EULA, making it non-existent to the consumer in the first place.
Each of the arguments has legal holes in them, but so does Microsoft's... I doubt the courts will ever hash it out before Microsoft is forced to wise up and keep a steady stream of software updates until the hardware is truly obsoleted.

I would say this:
1) It is illegal to install a firmware update for WinCE devices, unless they are provided from the device manufacturer. The reason is that the manufacturer has to pay for this update (or have an agreement with Microsoft).
2) The end-user cannot purchase the firmware directly from Microsoft. One of the invoked reasons being that the firmware needs drivers and adaptation to the device. This is done by the manufacturer.
3) Often, Microsoft actually provides the update free of charge to the manufacturer, but he does not pass it on to the end-user, because he does not want to spend money and resources in adapting the firmware for the device - he prefers to sell new devices.
4) This means that often the fault is NOT with Microsoft but with the manufacturer! In this case, HTC.
5) Regarding the unofficial firmware updates, an intersting situation arises:
a) Microsoft does not really care, if you install the unofficial, newer, firmware, as it was available for the manufacturer anyway.
b) The manufacturer does not really care, as he is not interested in the already sold devices. If you break it due to upgrading with unofficial firmware - even better: you just lost warranty.
The proof is that this site still exists...
6) Conclusion:
a) Nothing legal will happen to you, if you install an unofficial firmware.
b) You will void warranty.
c) You should not sell or advertise your device with an unoffical firmware. Downgrade it to an official firmware before doing so.
d) Read all documentations before starting an upgrade - you will be on your own, if things go wrong (it is easy, once you know what to do).
Cheers,
vma

Related

no upgrade petition

Hi all
just a thought, after buying my XDA2i about a month ago I suddenly realize that the XDA2i is left without an upgrade to windows mobile 5.
While the blame should be shared between the hardware company and the Operating system company, I will refuse to buy another windows mobile 5. I would like to know how many would be interested in a petition by vowing not to buy a replacement product from the same hardware vendor.
The logic behind the petition is two fold.
1) make the Software company aware that releasing newer versions of the operating system require more co-operation and easier upgrade path for current hardware (within reason of system requirements)
2) make hardware vendors realize they will not profit from repeat customers unless they provide operating system upgrade or a trade in offer whereby creating a value to their current or soon to be discontinued line of products.
XDA2i hardware sepecifications are not at all subpar. there is no reason to replace a unit nor devalue it due to newer operating system release.
Ii've had:
casio m500->ipaq3890->dellx50->ipaq1940->dellx30->mpx200->XDA2i
largely my purchase reason is due to upgraded os.
I will opt to use my XDA2i and skip wm5 entirely. Won't even think of buying a wm5 and wait till wm6. at that point buy a pda/phone that is not from the same hardware vendor altogether.
anyone welcome to throw in their thoughts? Should a petition of this sort be created?
Regards,
Rob
dptechno.com
it's already been done and sent in ..still got negative response from company's
That petition is slightly different than the one i'm proposing.
I propose that anyone who signs the petition to:
-refuse to buy next/another version of O2 pocketpc phone
-refuse to buy any pocketpcphone with windows mobile 5
unless a windows moblie 5 upgrade is made available to the XDA's
as long as companies are profiting by discontinuing upgrade support of their pocketpcs, this issue will never be resolved until the operating system can be upgradable without hardware vendor intervention.
YES!
Am in on that with you Rhuie!!

It's not Rooting, its Openness says google

I found this article VERY interesting, and thought some of you may enjoy it.
Posted by Google themselves; http://android-developers.blogspot.com/2010/12/its-not-rooting-its-openness.html
If you don't understand that, the people at digimoe made it more clear...
http://digimoe.com/google-says-andr...droid-os-is-made-for-rooting-nexus-s-included
As a developer phone, that's certainly true. I don't know. I mean Samsung doesn't have a reputation for locking their phones down hard, even on the non-google line. A reputation for **** development and longterm support, perhaps. And maybe that was google's thinking in choosing them as the Nexus 1 follow up. Certainly google has plenty to gain by helping Samsung out on the Galaxy S line. We'll see what the future brings.
But it's also easy for Google to talk about openness while sitting in the comfy confines of Mountain View. Can anyone go find me Google's support number for the Nexus S?
Not exactly Google's number, but there is this:
http://www.google.com/nexus/#/help
Google provides the OS, but Samsung is the manufacturer and the one in charge of quality control is responsible for support. This is as it should be.
They do provide a direct support phone number, it is just for Samsung.
good read.
T313C0mun1s7 said:
Not exactly Google's number, but there is this:
http://www.google.com/nexus/#/help
Google provides the OS, but Samsung is the manufacturer and the one in charge of quality control is responsible for support. This is as it should be.
They do provide a direct support phone number, it is just for Samsung.
Click to expand...
Click to collapse
My point was that it's easy to call for openness when you don't care about the consequences. Would you rather Tmobile/Samsung provide a link to root your phone at the time of purchase that also immediately voids your warranty? I doubt most here would take that offer.
I like Google's talk about openness, as selective as it may be. But I suspect the manufacturers and carriers roll their eyes when they get these lectures, and I don't necessarily blame them.
WoodDraw said:
My point was that it's easy to call for openness when you don't care about the consequences. Would you rather Tmobile/Samsung provide a link to root your phone at the time of purchase that also immediately voids your warranty? I doubt most here would take that offer.
I like Google's talk about openness, as selective as it may be. But I suspect the manufacturers and carriers roll their eyes when they get these lectures, and I don't necessarily blame them.
Click to expand...
Click to collapse
Except for 1 thing, they are choosing to of their own free will sell a device that is based on a free, open source operating system that has a license that states a requirement of openness, and even that their source modifications are required to be submitted back to the source tree.
The drivers are proprietary, and that is fine - even if it is the reason for the requirement for us to use leaked ROMs to get all the hardware to work. Rooting does not change the drivers, and this discussion ended at rooting. That said even after rooting the parts that get changed are just the open source parts that the devs have the source for because it is in the AOSP depository.
If they don't want to support your changes to the OS that is their prerogative, but they still have a responsibility to support the hardware for defects.
At some point I would like to see someone with the money, time, and conviction sue their carrier when they refuse to honor the warranty because it was rooted. See that clause breaks many of the original licenses that make up the various parts of the OS. In fact they are required to provide a copy to the GPL or at least a link to it AND the source itself. They know they can't win this, which is why I think they like to say it voids the warranty, but as long as the phone looks like it is stock (which is more about not supporting errors you introduced) then they don't really look too hard.
If they don't want to let people exercise their rights under the various open source licenses, then they should stick to devices with enforceable, proprietary operating systems like iOS, Windows Mobile, Symbian, and Web OS.
"Openness" is an excuse, obviously.
I like how Google is trying to save face, and that other site is trying hard to help them along.
People these days seem to just be less concerned about security.
Actively fixing security holes doesn't matter for an OS that cannot be esily pushed out to users as updates. Does it really matter if you fix security holes, but half o fyour users never recieve those fixes?
Well, yea, it does... Just not as much as they think it does.
Also the sandboxing thing is a joke, studies have been conducted and lots of Android apps are sharing data with each other foe the benefit of Advertisers, etc.

Android and openness

Hello,
Im currently writing an academic paper on android and openness in my master's programme. If all goes well, it will be submitted for a conference soon.
I'm looking for your opinions on having an android device open for operating system level modifications or not. As you may know, some phones have a signed bootloader such as the Motorola Milestone, t-mobile g2 (who made the phone reinstall stock OS when breached), and probably many others. Google however, make their devices open, even though they are sold as consumer devices. Many others do not bother to install circumvention mechanics.
Obviously, the people here will be biased towards allowing modification to the OS, therefore, i would like to get a discussion going, to discern what problems and possibilities you see in the long run for hardware manufacturers.
1. Does the possibility of making OS level modifications affect your willingness to purchase an android product? i.e. do you check if it can be modified before buying? And how much of an impact does it make on your desicion?
2. Why do you think hardware manufacturers put in measures to prevent custom android OS builds to be installed? Put on the corporate hat and try to see their strategy.
3. Do you think manufacturers have anything to gain by making devices open and free for modification, with source code for drivers and the like publically available?
I would really appericiate your opinions and discussion!
1. Does the possibility of making OS level modifications affect your willingness to purchase an android product? i.e. do you check if it can be modified before buying? And how much of an impact does it make on your desicion?
As a beginner app developer, this has yet to bother me. I do enjoy being able to add apps that add functionality to my phone but I haven't bothered to get down into the "root" area. So no I do not check nor does it impact my decision...I own a Samsung fascinate by the way
2. Why do you think hardware manufacturers put in measures to prevent custom android OS builds to be installed? Put on the corporate hat and try to see their strategy.
My opinion on measures to prevent changes is all about PR and performance. If enough people hacked a phone and the hack caused the phone to work below is ability then the only news report you will see is the phone sucks.
3. Do you think manufacturers have anything to gain by making devices open and free for modification, with source code for drivers and the like publically available?
This is also a give and take if question 2 is not of a concern to them, then its def a gain for the company and to all of the developers out there that do search for the best phone and nick pick around until they find it.
Are there enough of those kind of people out there to affect a companies buttom line. Maybe not yet but in another couple of years who knows.
1. Does the possibility of making OS level modifications affect your willingness to purchase an android product? i.e. do you check if it can be modified before buying? And how much of an impact does it make on your desicion?
It hasnt yet been a deciding factor on which device to get, primarily because sooner or later they all get cracked open.
2. Why do you think hardware manufacturers put in measures to prevent custom android OS builds to be installed? Put on the corporate hat and try to see their strategy.
One reason could be that the carriers demand it as a way to keep any revenue that they get from the preinstalled bloatware.
3. Do you think manufacturers have anything to gain by making devices open and free for modification, with source code for drivers and the like publically available?
The percentage of people that actually tinker in this area is very slim, so the manufacturers most likely don't see that as a big market opportunity.
Don't have any answers, but would like to read your paper when done...sounds interesting and a Masters Thesis is always fun to read! LOL
It's not a thesis, just a short article. I might make a survey for it but I need to ask the right questions.
Not all devices get fully customized, root is common, but in my phone for example it is not possible to load a custom kernel, as the bootloader checks for signed code (Motorola's secret key). There's been a massive uproar from the owners of the Milestone, as people didn't expect to be hustled like that when getting an android phone. The main problem is of course, that Motorola takes a long time to release updates. Even as of today, Froyo has still not been released for my phone by Motorola.
While I am not sure about it, I suspect Sony Ericsson X10i owners are in the same boat, and they will get a really rotten deal, seeing as 2.1 has been officially declared the last version the device will recieve. Yet, an enthusiast could release a perfectly fine version of 2.3 if the phone accepted custom firmware and he had access to drivers etc.
So basically, you buy a piece of hardware that is very capable, but The Company decides for you which software you could run.
Imagine if you bought a Windows Vista PC right before Windows 7 was released, and the only way you could get Windows 7 on it was if that particular PC manufacturer released an official update containing all it's bloatware and applications you don't want. Since the update needs to go through all kinds of verifications and approvals, it might be delayed for a half a year, or maybe 9 months, after the new OS release. Why do we accept this on our phones and tablets?
Hi,
1. Does the possibility of making OS level modifications affect your willingness to purchase an android product? i.e. do you check if it can be modified before buying? And how much of an impact does it make on your desicion?
For me personally, yes, most definately. I like to be able to get in and play, see how things work, change stuff. And i think custom ROMs IMO are a big drawcard of Android.
2. Why do you think hardware manufacturers put in measures to prevent custom android OS builds to be installed? Put on the corporate hat and try to see their strategy.
To try and ensure the device works as they want it to. Minimise support costs etc.
3. Do you think manufacturers have anything to gain by making devices open and free for modification, with source code for drivers and the like publically available?
Definately. Encourages improvement of existing features, and development of new stuff beyond the manufacturers initial product scope, which can be integrated in future products.
Android OS its self is an example of this - the developer community is writing apps, logging bugs, and contributing code to the benefit of future releases of Android, which in turn benefits device manufacturers.
- jc
my two cents
1. Does the possibility of making OS level modifications affect your willingness to purchase an android product? i.e. do you check if it can be modified before buying? And how much of an impact does it make on your decision?
>> Personally, I feel like the ability to modify my phone at the core level is something I as a power user can use to tailor my phone's experience in the way I need to make it the most efficient device it can be. This is especially necessary as my phone is my primary connectivity device (I really only use my laptop for things the phone just really isn't capable of handling yet, such as video conversion)
2. Why do you think hardware manufacturers put in measures to prevent custom android OS builds to be installed? Put on the corporate hat and try to see their strategy.
I think this is less the decision of the manufacturers and more of the carriers themselves. This really is because each device has to be tailored to be sold to the average user, rather than power users (read: 85-90% of people who will read this reply) and as a result is designed with an experience in mind. To the suits, anyone who take a phone that is supposed to have a specific experience in mind, and changes that, it becomes a different phone, and anyone who looks at that phone will see that. This means, TMo/HTC can't sell a G2, because everything that my office mates will see when they look at my phone is my android customizations, not a G2. my office mate, who is shopping for a phone, can get an android phone anywhere... but they can only get a /G2/ from TMo/HTC. Similarly, if I like my G2 experience, when i get a new phone, i will be more inclined to continue enjoying that experience with a G3, rather than buying any on sale android phone and making it just like my last one. Hence the need to have a G2 experience on every G2 phone. Just my 2 cents. I am not a businessman, lawyer, or doctor.
3. Do you think manufacturers have anything to gain by making devices open and free for modification, with source code for drivers and the like publically available?
Yes, but nowhere near as much as they can get by keeping their cards close to their hand. see my answer to number 2.

ROOT and WARRANTY Samsung

A number of posters either dispute or are no sure of the warranty position regarding rooting in particular .
Fact one the phone provider who is usually responsible for the first twelve months warranty can most certainly reject warranty for non original firmware or rooting .In the UK i have checked the position with O2 and Vodaphone who say they will reject under terms of their warranty .
SAMSUNG own warranty which is also usually paid in the first twelve months to the seller/repairer .
Basically say exactly the same rooting or custom rom voids warranty .
The letter on Samfirmware for starters if you don't believe .
http://www.samfirmware.com/apps/blo...cs-?&fw_comments_page=2&fw_comments_order=ASC
Extract from other sources .
ROOTING:
• Corporate recently added an additional reason for an Android handset to be considered as Out-Of-Warranty.
• Android handsets that have been subject to “rooting”, “jailbreaking” or “hacking” are no longer covered under warranty and may be grounds for termination or modification of service.
• Rooting is a process that modifies a handsets software allowing access to services not supported or tested by the Carrier or OEM.
• While there are more applications out there that allow subscribers to gain root access, a specific example seen on a Samsung Galaxy Indulge is shown below.
• If you see this application on the handset, please explain that the handset is out of warranty and be certain to access the customer’s account and add a memo that the handset has been rooted.
The picture they posted of is super user and some other ones.
another source
The reason I'm posting this now is because Samsung have only this week implemented a system for Service Centres to check if the handset has been rooted.
Point is its very easy in most cases to unroot and flash a stock firmware .
Some service guys may well turn a blind eye to rooting others may not .No good saying some guy on XDA said it was ok .
User choice but i have seen enough to convince me 100% ROOT = VOID WARRANTY .
jje
I thought this was common knowledge anyway?
Coedy said:
I thought this was common knowledge anyway?
Click to expand...
Click to collapse
Yes but its recently been disputed by some so i just pulled out my notes .
jje
^ Some people just don't get it however and seem to think they're still entitled, even if they returned it to stock and reset the counter, etc...
Individual cases may vary, maybe you'll get a "mod friendly" warranty facility, but I wouldn't feel bad for someone who gets denied warranty in the least. If someone can't afford to replace their phone out of pocket, they shouldn't be modding it.
True, i already expect that I'll void the warranty once i root my phone.. it's the point of no return..
I keep a safe distance on messing up my phone, make sure i don't get too far and ended up with a dummy display phone..
Sent from The Center of The Earth
mudferret said:
If someone can't afford to replace their phone out of pocket, they shouldn't be modding it.
Click to expand...
Click to collapse
Exactly. I would hope everyone would understand the risk before doing something like this.
How can they detect the phone was rooted when I reseted the custom fw count and flashed a stock rom ?
There will be no super user app or the like... Furthermore unlike i.e. SE Xperia phones the bootloader of the S2 isn't locked. Unlocking the bootloader of these phones is indeed a one way street. I don't see how this should apply for the S2?
This should be stickied with a tagline along the lines of:-
"Thinking of flashing a custom rom or kernel ? Consider this..."
I'm with Bell and I had a Rooted Atrix with cyanogenmod 7 beta 3 (back in the days..) and I had screens problems, I gave my phone to Bell and they send it to Motorola and it works flawlessly but they put me back on their motoscrap...
I'm sure Samsung will do the same thing
But thanks you anyways
harise100 said:
How can they detect the phone was rooted when I reseted the custom fw count and flashed a stock rom ?
There will be no super user app or the like... Furthermore unlike i.e. SE Xperia phones the bootloader of the S2 isn't locked. Unlocking the bootloader of these phones is indeed a one way street. I don't see how this should apply for the S2?
Click to expand...
Click to collapse
Think of it like a PC. Just because you format the harddrive doesn't mean the info is gone.
Bam !
Beautifully put Zelendel Rooting/flashing (like throwing rocks) is all fun & games until someone gets hurt
zelendel said:
Think of it like a PC. Just because you format the harddrive doesn't mean the info is gone.
Click to expand...
Click to collapse
harise100 said:
How can they detect the phone was rooted when I reseted the custom fw count and flashed a stock rom ?
They are not going to look that far .
Boot screen Custom rom possible if doing the job check for root apps /root.
As i said a lot dont even bother and just flash stock rom and repair .
But a lot is not all .
jje
Click to expand...
Click to collapse
With the new popularity of rooting, checking these things are becoming standard. To be honest I am glad. It will make people think first before they follow a video on youtube that is normally made by someone that has no idea what they are doing other then following a simple how to.
Modding a device is not ment for everyone. Nor should everyone do it.
Wait...the carrier can terminate your line for rooting?
Sent from my x10 mini running the latest version of minicm 7.
aloy99 said:
Wait...the carrier can terminate your line for rooting?
Sent from my x10 mini running the latest version of minicm 7.
Click to expand...
Click to collapse
Yeah they can terminate your contract if you mod your phone is anyway. Not to mention charging you the full price of the phone and the rest of the contract left over.
Main reason there are warnings all over the place about knowing and understanding what you are doing before you do it.
I would like to say that under the Australian law (sorry other nationalities) that Competition and Consumer Act 2010 gives a great coverage of products and if there is a hardware fault from the phone the supplier should not be able to reject your claim if modification of the phones software is unrelated to the issue. Although there is a clause that states:
You may not be entitled to a remedy if you:
damage or use goods in an unreasonable or unintended manner
Click to expand...
Click to collapse
I don't think it is unreasonable or unintended to run custom software on a programmable device. After all Samsung did give phones away so CyanogenMod would run on them.
Bottom line If I brick my phone or mess it up due to software modification I accept full responsibility but if the fault lies with the device itself the warranty should hold and no matter how much crap they put in a EULA or their written warranty Australian law should protect my device.
If I buy a computer and I remove windows to install Linux I still expect a warranty to hold if the hardware fails.
Rooting is the only way to take control of a device that I own so my personal information can stay personal.
Im interested in what the laws are like in the EU.
However my own position on this is that one should be allowed to use any software and mods to software you want.
If there is a hardware malfunction they should fix it whatever software you chose to use. If you brick the bootloader they can JTAG it probably.
And this far i have never had anyone ever say anything about me using custom roms and the like.
However i would still like to know what the laws say.
Sent from my GT-I9100 using Tapatalk
rako77 said:
I would like to say that under the Australian law (sorry other nationalities) that Competition and Consumer Act 2010 gives a great coverage of products and if there is a hardware fault from the phone the supplier should not be able to reject your claim if modification of the phones software is unrelated to the issue. Although there is a clause that states:
I don't think it is unreasonable or unintended to run custom software on a programmable device. After all Samsung did give phones away so CyanogenMod would run on them.
Bottom line If I brick my phone or mess it up due to software modification I accept full responsibility but if the fault lies with the device itself the warranty should hold and no matter how much crap they put in a EULA or their written warranty Australian law should protect my device.
If I buy a computer and I remove windows to install Linux I still expect a warranty to hold if the hardware fails.
Rooting is the only way to take control of a device that I own so my personal information can stay personal.
Click to expand...
Click to collapse
That's the thing. The device is INTENDED to run on the software they install. That's how they justify saying that any custom software could be the cause for hardware issues.
Take the PC example you used. OeM have been known to deny warrenty if you installed any OS other then the one that was on it. Like loading Linux on your windows PC. Mainly due to the use open source drivers instead of the OEM drivers made for the device. Samething goes for AOSP roms. They don't use drivers made for the device. They use generic device drivers that "could" cause hardware issues and that is what they love to say.
Spent a few years doing PC and smartphone repairs and that was the first thing we were trained to look for. If we found any sign of Modding in anyway we were to not repair it till they cleared it with the owner that they were going to be charged for it due to a voided warrenty.
zelendel said:
Think of it like a PC. Just because you format the harddrive doesn't mean the info is gone.
Click to expand...
Click to collapse
Good point.
Amazon repair service didn't use forensic software when I sent them a xperia Neo with the 0%-bug. They replaced it without much ado. Lucky me ;-)
Sent from my GT-I9100 using XDA App
zelendel said:
That's the thing. The device is INTENDED to run on the software they install. That's how they justify saying that any custom software could be the cause for hardware issues.
Take the PC example you used. OeM have been known to deny warrenty if you installed any OS other then the one that was on it. Like loading Linux on your windows PC. Mainly due to the use open source drivers instead of the OEM drivers made for the device. Samething goes for AOSP roms. They don't use drivers made for the device. They use generic device drivers that "could" cause hardware issues and that is what they love to say.
Spent a few years doing PC and smartphone repairs and that was the first thing we were trained to look for. If we found any sign of Modding in anyway we were to not repair it till they cleared it with the owner that they were going to be charged for it due to a voided warrenty.
Click to expand...
Click to collapse
rooting does not mess with the drivers and I am defiantly not touching the cpu clock.
The only reported case of a pc manufacturer that i can find refusing to remedy a hardware problem where the operating system was changed was pc world which later stated that was not there policy and would preform a repair. international law may be different but under Australian law I have full ownership of the device and I think it is outrageous that companies try and weasel there way out of their rights to the consumer.
In my mind if the fault is there's they have to fix it and no way should they be able to say otherwise. Its really just a matter of who has the burden of proof.

California Bill Would Ban Encrypted Smartphones

http://www.cnet.com/news/california-wants-to-ban-encrypted-smartphones/
This will make future Nexus purchases easier for me as I will not need to run "forced unencrypt" boot.img anymore. LOL
mikeprius said:
http://www.cnet.com/news/california-wants-to-ban-encrypted-smartphones/
This will make future Nexus purchases easier for me as I will not need to run "forced unencrypt" boot.img anymore. LOL
Click to expand...
Click to collapse
its happening all over the country.. New York state announced the same 2 weeks ago, if it'll actually happen is anyone's guess. but also it doesnt matter, as google is only selling nexii via their site now.
simms22 said:
its happening all over the country.. New York state announced the same 2 weeks ago, if it'll actually happen is anyone's guess. but also it doesnt matter, as google is only selling nexii via their site now.
Click to expand...
Click to collapse
Regardless of *how* they are selling it, the problem is that they wouldn't be allowed to sell it in those states where it is banned, which means that they won't be able to SHIP it there, or possibly if there is just a billing address in one of those states.
Nice thing about Nexus, though, is that they can make it trivial to add back the encryption. Just make a system property that switches crypto on. echo "ro.crypto 1" >> /data/local.prop
---------- Post added at 09:25 PM ---------- Previous post was at 09:24 PM ----------
mikeprius said:
http://www.cnet.com/news/california-wants-to-ban-encrypted-smartphones/
This will make future Nexus purchases easier for me as I will not need to run "forced unencrypt" boot.img anymore. LOL
Click to expand...
Click to collapse
That was only necessary on Nexus 6 due to lack of CPU support for crypto functions. It only has the proprietary qcom parts available.
Lmao. Not like they have anything more important to deal with. Pretty sure this is wishful thinking
Sent from my Nexus 6 using XDA Premium HD app
rpolito73 said:
Lmao. Not like they have anything more important to deal with. Pretty sure this is wishful thinking
Click to expand...
Click to collapse
When this whole new "don't encrypt" thing started last year, I was under the impression that it was brought up just to make a point about why it is a bad idea, so that it could be put to rest.
But unfortunately, some idiots ran with it, and now its out of control.
If I have to, I will roll my own crypto, and I will do it just because I can.
However, encrypted computer... Just fine. I.E. SSH into your home PC and run your criminal enterprise from it.
Always afraid of people regulating things they don't understand.
Anyways, this wouldn't do away with encryption, or really prohibit any sales. Google would have enough heads up... They would simply be forced to add a "back door" to encryption so that the government could un-encrypt your device with a court order...
I get the spirit of this.... But really, like with so much else, private sector can usually out perform the government and any back door they add will likely be open to being exploited by the smart bad guys too. Data the government can't decrypted has existed for a LONG TIME.... but now that apple makes the news IT MUST BE STOPPED
scryan said:
However, encrypted computer... Just fine. I.E. SSH into your home PC and run your criminal enterprise from it.
Always afraid of people regulating things they don't understand.
Anyways, this wouldn't do away with encryption, or really prohibit any sales. Google would have enough heads up... They would simply be forced to add a "back door" to encryption so that the government could un-encrypt your device with a court order...
I get the spirit of this.... But really, like with so much else, private sector can usually out perform the government and any back door they add will likely be open to being exploited by the smart bad guys too. Data the government can't decrypted has existed for a LONG TIME.... but now that apple makes the news IT MUST BE STOPPED
Click to expand...
Click to collapse
just seems crazy that they were just making such a big deal about the ability to have it encrypted, and now they want to ban it. I understand why they would want that, but you would think the NSA or some other entity would pretty much be able to do whatever they needed to get in.
This would be difficult to regulate. There are certain states that have gun magazine bullet limits in certain states but it seems like a trivial issue and would be hard to enforce
mikeprius said:
This would be difficult to regulate. There are certain states that have gun magazine bullet limits in certain states but it seems like a trivial issue and would be hard to enforce
Click to expand...
Click to collapse
If it passes, they will simply have to add a backdoor or some universal key into the encryption used. They likely wont make versions for each state, so I would guess that if this passes, android and IOs would simply feature some built in mechanism to allow un-encryption by google/apple... will likely end up being in all versions of android.
Just a guess, but I bet they would be more inclined to build one version to meet all regulations rather than fragment.
Then someone will hack into that backdoor... and we will see wide spread panic over the fact that we are unsafe! (meanwhile career criminals will adapt and use off device storage with encryption that isn't vulnerable)
scryan said:
If it passes, they will simply have to add a backdoor or some universal key into the encryption used. They likely wont make versions for each state, so I would guess that if this passes, android and IOs would simply feature some built in mechanism to allow un-encryption by google/apple... will likely end up being in all versions of android.
Just a guess, but I bet they would be more inclined to build one version to meet all regulations rather than fragment.
Then someone will hack into that backdoor... and we will see wide spread panic over the fact that we are unsafe! (meanwhile career criminals will adapt and use off device storage with encryption that isn't vulnerable)
Click to expand...
Click to collapse
According to the DOJ encryption causes children to die LOL
http://gizmodo.com/the-doj-ups-the-ante-says-iphone-encryption-will-kill-1660827774
" (4) "Sold in California," or any variation thereof, means that the
smartphone is sold at retail from a location within the state, or
the smartphone is sold and shipped to an end-use consumer at an
address within the state. "Sold in California" does not include a
smartphone that is resold in the state on the secondhand market or
that is consigned and held as collateral on a loan."
I think the operative phrase "sold and shipped to an end user in California" would simply be interpreted as retailer needing an out of state dispatch center, so all the big guys are safe. Actually I think everyone is basically safe except your local Verizon store....
" (d) (1) The sale or lease of a smartphone manufactured on or after
January 1, 2017, that is not capable of being decrypted and unlocked
by its manufacturer or its operating system provider shall not
result in liability to the seller or lessor if the inability of the
manufacturer and operating system provider to decrypt and unlock the
smartphone is the result of actions taken by a person or entity other
than the manufacturer, the operating system provider, the seller, or
the lessor and those actions were unauthorized by the manufacturer,
the operating system provider, the seller, or the lessor."
So you can sell one of these phones if it's a refurb that broke the warranty, or if everyone is ok with it?
" (2) Paragraph (1) does not apply if at the time of sale or lease,
the seller or lessor had been notified that the manufacturer and
operating system provider were unable to decrypt and unlock the
smartphone due to those unauthorized actions."
So don't sell a phone that you can't unlock.... but only if there's actual notice from both the manufacturer and (not or) the OS provider.
Bull****, toothless (civil penalty, no private right of action), poorly and vaguely written and places potential legal obligations that are not enforceable since the manufacturer and OS maker might not be domiciled in CA... or even the US. Hell, it even specifically states that you can just sell a second hand one and a second hand device has not been defined as "used"
I quote Section 22761 to the Business and Profession Code because this is supposed to be an amendment of it.
Corporate security demands encryption and me I personally like my privacy.
Given a choice to be able to use my device for work encrypted or go with encryption disabled and use it as a personal device only.
I go with encryption.
California has a long history of disregarding the First and Second amendments... why not trample on the fourth while they are at it.
jimtje said:
" (4) "Sold in California," or any variation thereof, means that the
smartphone is sold at retail from a location within the state, or
the smartphone is sold and shipped to an end-use consumer at an
address within the state. "Sold in California" does not include a
smartphone that is resold in the state on the secondhand market or
that is consigned and held as collateral on a loan."
I think the operative phrase "sold and shipped to an end user in California" would simply be interpreted as retailer needing an out of state dispatch center, so all the big guys are safe. Actually I think everyone is basically safe except your local Verizon store....
Click to expand...
Click to collapse
The part I made bold contradicts your interpretation. Basically says that a new smartphone will not be able to be shipped to an end user in the state *at all*.
Now there is an obvious loophole in this, which is to distribute via a reseller, who opens the box, sets up a new randomly generated gmail address, and installs a few programs. Now deemed "resale" and "secondhand", it is legal to send it in.
" (d) (1) The sale or lease of a smartphone manufactured on or after
January 1, 2017, that is not capable of being decrypted and unlocked
by its manufacturer or its operating system provider shall not
result in liability to the seller or lessor if the inability of the
manufacturer and operating system provider to decrypt and unlock the
smartphone is the result of actions taken by a person or entity other
than the manufacturer, the operating system provider, the seller, or
the lessor and those actions were unauthorized by the manufacturer,
the operating system provider, the seller, or the lessor."
So you can sell one of these phones if it's a refurb that broke the warranty, or if everyone is ok with it?
Click to expand...
Click to collapse
This sounds like a roundabout way of saying that the manufacturer must actively "not authorize" any alteration that would result in unbreakable encryption. Note: NOT that they must actively work to BLOCK the modification, just that they must state something to the effect of "Alphabet Inc., does not authorize any modification that will circumvent california law blah blah blah." -- see, there is a big difference between "unauthorized" and "forbidden". There is also a difference between legally and technically. Also, there is absolutely nothing in there about the warranty, therefore no part of the "modification" necessarily voids the warranty.
At least that would give them a strong position when up against the "unauthorized" clause. Though technically, it may be adequate to just say nothing at all. I.e., for someone to "be authorized", takes an intentional act of providing authorization. Such would be the case if, for example, they were to provide *instructions* on what the end user could do to disable the crypto's back door.
However, another interpretation could be that Nexus devices, by definition, authorize the user to "do what they want" with it, including disabling the backdoor.
" (2) Paragraph (1) does not apply if at the time of sale or lease,
the seller or lessor had been notified that the manufacturer and
operating system provider were unable to decrypt and unlock the
smartphone due to those unauthorized actions."
So don't sell a phone that you can't unlock.... but only if there's actual notice from both the manufacturer and (not or) the OS provider.
Click to expand...
Click to collapse
Hmmm... that is very weirdly worded.
On the surface, it appears to be meaningless in the face of the (4) section, since there wouldn't BE such unauthorized modifications made to a device if it is new (hence qualifying for the resale/used exemption of (4)), but what it does suggest, is possibly somehow related to the notion of sending them out to be modified.
Bull****, toothless (civil penalty, no private right of action), poorly and vaguely written and places potential legal obligations that are not enforceable since the manufacturer and OS maker might not be domiciled in CA... or even the US. Hell, it even specifically states that you can just sell a second hand one and a second hand device has not been defined as "used"
I quote Section 22761 to the Business and Profession Code because this is supposed to be an amendment of it.
Click to expand...
Click to collapse
This kind of horrible nonsense is starting to make the Nexus 6's software crypto more and more appealing. With hardware crypto, the problem is that technically, the closed source radio could obtain access to the encrypted data directly. In other words, there could be an over-the-air backdoor that doesn't even interact with Android, and actually, there could be one there *right now*. At least with software crypto, the kernel is in charge. That leaves the backdoor restricted to what is accessible under Linux by the radio blobs, and the good news is that we can firewall those blobs right up the wahzoo as needed.
---------- Post added at 07:58 PM ---------- Previous post was at 07:58 PM ----------
mikeprius said:
According to the DOJ encryption causes children to die LOL
http://gizmodo.com/the-doj-ups-the-ante-says-iphone-encryption-will-kill-1660827774
Click to expand...
Click to collapse
And according to me, the DOJ causes children to die.
doitright said:
The part I made bold contradicts your interpretation. Basically says that a new smartphone will not be able to be shipped to an end user in the state *at all*.
Click to expand...
Click to collapse
Ah, question of statutory interpretation, a sure sign of a poorly written amendment, the fact that we see it differently shows that this legislation is already on the rocks.
Now there is an obvious loophole in this, which is to distribute via a reseller, who opens the box, sets up a new randomly generated gmail address, and installs a few programs. Now deemed "resale" and "secondhand", it is legal to send it in.
This sounds like a roundabout way of saying that the manufacturer must actively "not authorize" any alteration that would result in unbreakable encryption. Note: NOT that they must actively work to BLOCK the modification, just that they must state something to the effect of "Alphabet Inc., does not authorize any modification that will circumvent california law blah blah blah." -- see, there is a big difference between "unauthorized" and "forbidden". There is also a difference between legally and technically. Also, there is absolutely nothing in there about the warranty, therefore no part of the "modification" necessarily voids the warranty.
Click to expand...
Click to collapse
Hence, without teeth. There's no outright ban of encryption, only sale of unauthorized first-hand retail models of phones featuring encryption, so it's either supposed to be construed very narrowly or just turned out that way.
At least that would give them a strong position when up against the "unauthorized" clause. Though technically, it may be adequate to just say nothing at all. I.e., for someone to "be authorized", takes an intentional act of providing authorization. Such would be the case if, for example, they were to provide *instructions* on what the end user could do to disable the crypto's back door.
However, another interpretation could be that Nexus devices, by definition, authorize the user to "do what they want" with it, including disabling the backdoor.
Hmmm... that is very weirdly worded.
On the surface, it appears to be meaningless in the face of the (4) section, since there wouldn't BE such unauthorized modifications made to a device if it is new (hence qualifying for the resale/used exemption of (4)), but what it does suggest, is possibly somehow related to the notion of sending them out to be modified.
Click to expand...
Click to collapse
I think the limitation on what the state's power to regulate interstate commerce made that necessary but it effectively defeats itself. Clearly the law would have little effect and easily circumvented via the exceptions that are specifically given. With no private course of action individuals don't even have standing to bring a claim on their on regarding the viiolation anyway so it really is just words that have very little effect if actually enacted.
This kind of horrible nonsense is starting to make the Nexus 6's software crypto more and more appealing. With hardware crypto, the problem is that technically, the closed source radio could obtain access to the encrypted data directly. In other words, there could be an over-the-air backdoor that doesn't even interact with Android, and actually, there could be one there *right now*. At least with software crypto, the kernel is in charge. That leaves the backdoor restricted to what is accessible under Linux by the radio blobs, and the good news is that we can firewall those blobs right up the wahzoo as needed.
I think the fact that there's so much uncertainty in the plain text of the proposed amendment show that it' a defective work. They obviously don't even
---------- Post added at 07:58 PM ---------- Previous post was at 07:58 PM ----------
And according to me, the DOJ causes children to die.[/QUOTE]
Well, at least in a court of law an expert needs to establish foundation before testifying. You don't need to demonstrate any knowledge to write an amendment like this.
Oh and the big federal agencies all have blood on their hands anyway. DOJ loses prioners. DHS deports American citizens. FDA can find drugs and then send it right onto you. Ain't nothing new, but does make administrative law fun and sad if you practice it.
scryan said:
If it passes, they will simply have to add a backdoor or some universal key into the encryption used.
Just a guess, but I bet they would be more inclined to build one version to meet all regulations rather than fragment.
Click to expand...
Click to collapse
They won't do it. Both Apple and Google have stated that their encryption can't be designed with a "back door" in place, and if they DO build a back door, they'll be forced to accept other countries' requests for the keys, not just US state/federal requests. The burden this would put on Apple/Google, and the fact that it makes the encryption almost pointless, would mean they'll never do it.
Also, when the FBI did a review of device encryption, the three possible methods that they came up with were all too costly and illogical that they ended up saying that there just isn't a viable encryption solution that the government can get behind.
---------- Post added at 07:57 AM ---------- Previous post was at 07:53 AM ----------
Everyone's seriously overthinking this...
If Cali/NY pass a regulation like this, all Google or Apple will do is revert back to Kit Kat-style encryption. With KK, it was still FDE, but it was off by default, so that users had the *option* under security to enable full device encryption.
This way, devices sold to consumers would be un-encrypted at the point of sale and the end-user would be the one actually enabling/using encryption. The question would be whether the user is violating any state regs by enabling encryption, but it sounds like that's not what the states are trying to confront.
Does this ban mean that new Nexus devices will have the ability to be non-encrypted w/o root? The only thing I don't like about encryption is the decrease of performance.
mkygod said:
Does this ban mean that new Nexus devices will have the ability to be non-encrypted w/o root? The only thing I don't like about encryption is the decrease of performance.
Click to expand...
Click to collapse
The performance hit is a lot lower (practically non-existent) on CPUs that support it properly.
So Apple issued an open letter regarding the San Bernardino case regarding the FBI's request:
https://www.apple.com/customer-letter/
mikeprius said:
So Apple issued an open letter regarding the San Bernardino case regarding the FBI's request:
Click to expand...
Click to collapse
That FBI vs. the Fruit company battle is hilarious. Both sides are such complete morons that they are just going to bang at the courts until everybody pays a whole lot more money and ends up getting nowhere.
The first thing to be aware of, is that the phone in question has a SDMFLBCB2 or similar Sandisk eMMC chip.
The thing won't self-destruct unless you actually run the self-destruct code, so pull the chip (bake in oven at 450 F for 20 minutes, then grab chip with tweezers and pull), and install chip in reader.
READ THE BLOODY CHIP, then either (a) run crypto code in emulator and try to brute force password as desired, or (b) write it to millions of replacement chips and reinstall in phone to try passcodes until you run out of guesses.
Note that FBI just wants to be able to try passwords without the phone self-destructing. They aren't actually asking for a backdoor, just to disable the self-destruct routine.
Now next step is to bring it to the APPLE side of stupid. Apple is acting as if they would be CAPABLE of creating an actual backdoor into an already-existing phone, with nothing but a software change. Not just disabling the self-destruct routines, but actually breaking through the supposed "encryption". Is it possible that they aren't *actually* encrypted at all? Or are we talking about something insane, like the crypto key is stored somewhere on the device in PLAIN? While Android has this capability (of using a default crypto-pass in order to obtain the key needed to decrypt and mount /data automatically on boot), it also has the ability to stop mid-boot to demand the passcode when it needs to mount /data. I wonder just how secure that apple crypto really is....
In any case, assuming that they are being truthful about the inability to assist the FBI without compromising *everything*, it tells me that data on an apple device is NOT secure.
The FBI is acting like end-users, when they should be dealing with computer engineers, who can trace the software execution on the device and reverse-engineer the destructo-routines in order to patch their way around them. They should *NOT* be needing or asking for apple's help with this.

Categories

Resources