Does the G1 have security issues? - G1 General

I was talking to some co-workers about my G1 and the features that the 1.5 firmware adds to the phone. One co-worker says he'll never get an Android phone because he heard it had security issues. Specifically, he heard that the phone's location services is always broadcasting the phone's location while the phone is on, and that it is possible to use that broadcast to remotely connect to the phone (and therefore take data off the phone).
I tried searching, but couldn't find anything in Google or elsewhere that confirms or refutes this supposed security issue. Anybody know if this security issue is real or is my co-worker misinformed?

I guess he might be referring to Google Latitude. Latitude is a service similar to Loopt that lets you share your location with a list of Google contacts of your choosing. It's completely optional and off by default. There is another remote access service where Android Market may remotely delete an installed app that was downloaded from the Android Market if it was found to have violated one of the Market's TOS. This does not affect apps not installed by Market. A similar guideline is in place with the iPhone and Blackberry stores.
All phones that access a cellular network can be tracked some way or another, regardless of what operating system is installed. It's not hard to understand why: in order to use the cell network, you have to connect to a cell. Now that cell knows approximately in a few km radius where you are. Using timing triangulation, cell networks can locate a person to a few hundred meters. This kind of information is accessible by emergency services.
In reality, your coworker(s) are no more qualified to speak on Android as they are about any other mobile phone operating system on its privacy as they (I assume) have never seen the source code of any of them.

compupolis said:
I was talking to some co-workers about my G1 and the features that the 1.5 firmware adds to the phone. One co-worker says he'll never get an Android phone because he heard it had security issues. Specifically, he heard that the phone's location services is always broadcasting the phone's location while the phone is on, and that it is possible to use that broadcast to remotely connect to the phone (and therefore take data off the phone).
I tried searching, but couldn't find anything in Google or elsewhere that confirms or refutes this supposed security issue. Anybody know if this security issue is real or is my co-worker misinformed?
Click to expand...
Click to collapse
Android is one of the (if not absolutely the) most secure mobile OS available.
Providing the location of the device is PURELY OPTIONAL, and does not IN ANY WAY create a security risk. Just because you know the location of something does not mean that you can get into it. Take an armored car as an example. It can be driving down the street right in front of you, and that does NOT help you break in to it.
In fact, the location is absolutely USELESS for breaking into something. If there was a security vulnerability, it would be the NETWORK ADDRESS (location independent) that would give someone a viable attack.
Now as it sits, Android is Linux -- well known for very strong security (unlike that redmond virus that is known for seeking out and installing every kind of self destruct mechanism it can find). But unlike a standard linux distribution, when multiple programs are run by a single user, each of those programs are run as a DIFFERENT USER. Each program gets unique credentials within the system and is isolated from all the other programs. That means that if you have one program that is BOTH listening for network connections AND provides some bug/backdoor/etc. through which someone could break in, then that person breaking in would be restricted strictly to the userspace of that particular program. In other words, they could get or break the data for THAT PROGRAM and not any other program.
You can get the same degree of poorly written programs for ALL operating systems. What makes a system secure is what it does to keep one broken program from taking down the rest of the system, and for this, Android is very strong.
So now you can tell your coworker that he is full of $61t.

Can someone indulge us on how Iphone's security works? I'm pretty sure that it's inferior to G1's but I'd like to know the facts so I can stick it to couple fanboys that I know.

Related

VOIP sip IS NOT YOUER friend and bill gates locks forumz!!!!!

Let me start be saying would to thank this forum for existing but some **** is just stupid.
Schapps has been the closest to making VOIP work and stay up
I believe the code just released the client just released is open I don’t believe he's done yet
I can make the broken client work but that’s easy if you take the client set up screen and place it in front you next to the installation directions of a third party vendor(I am assuming my friend Mr Bullin know s what hat means)
On a thread below I left few parts out, due to the fact that their is a US based company offering free software that they copyrighted. I don’t understand how one can assume the power of free open sourced client.
Here’s my answer on only gates would close a forum he would pay then lie.
Copyrighting a client that I believe I said works. Ok tell me how genius how dopes it work I am confused what makes it work what are the main factors should not be hard to find
Current Released Version 2.0.1 feedback
can not hear does not work well and say reg on when off very confusing explain
http://forum.xda-developers.com/showthread.php?t=299950&page=76
part 2
I did how ever fix or should I just used it as a starting point to connect.
The first 6 ROM I used was from Mfrazz very nice rom
XDA Mobile 6
It had the sip protocol tool that is now copyright worthy
I would be lying if I said it was not a ****y tool, but very simple.
So it was easy to cross reference the fields when I held it up next to a soft phone that’s is licensed ( another piece of paper that has the year and a federal stamp on it)
So the whole point is no one has actually presented a client that works like a normal piece of software and is plug_and_play per say.
Out of respect for his ability and determination I have been watching the intense process that schapps has put in and I’m sure he has a full blown solution behind it.
Now here is for the jerk offs you know guys who are quick to open that mouth. Not that my typing doesn’t piss you off apologize, but for the real idiots the talented the individuals that make one move and they know everything.
VOIP is fun the idea of free telecom fills a hacks cup and a businessman cup.
But the term it is not your friend means that there are so many variables in a conection that from a programmers stand point the equation seems to drive them deep down the rabbit whole.
Well never read manual but I do know one thing it wouldn’t be put on the front of the TODAY screen if it was rocket sience.
The fact is it its quite simple all the phone needs is an IP address then it can be a voip phone.
Well last I checked one big telco company called cellular one and another company called Panasonic teamed up with this other company Motorola and Nextel( a phone company) as we know it was formed. Well Nextel is based off of Static IP’s the concept is not new.
I was up all night working on my client and now its done here
Mind v.l1
http://support.t-mobile.com/knowbase/root/public/tm51424.htm?
Please by al means do what you do best and somebody and bring that client back to the board cause I probably will not be attending anymore of the open board sessions. Its bad enough to type but to have to here a *****es opinion about me and not flex is not easy.
part 3
I was taught one thing don't ever have an ego and be able to do it your self. That’s I got nothing crazy to say to any the confused individuals that seem to have a very passionate deep opinions.
Being able to make things is talent and 1000 revolutionary features on a state of the art phone system that no will ever use, because the beautiful minds that made it decided they would use their ideas for the end user environment is worthless.
100% of a broken client is worthless.
Helmi said something very important, taking credit for another mans work is weak, I fell the same way just like certain countries are weak.
Gates never shows his face i understand i wouldn’t either.
Logic is cool but until you make million clean or can answer this question how much cash can you fit in a standard carry on briefcase? Don’t be so quick to fire that virgin mouth cause in the real world guess they don’t give **** so appreciate my feed back I can tolerate personality
voip
What the client on the phone is for the INTRANET
( Again this the network ( a group of computers connected to work as one) inside of a infrastructure and behind a router fire wall t1) MR BULLIN
I was saying that I was surprised that it was not pre exposed but then I remember the fact that it always misfires and a telecoms nightmare cause no body physically put it into play.
(referring to a live call center with 30-100 tsr’s on the phone generating $15-$30k a day)
Can you imagine the importance of redundancy and the fact that big companies can’t afford to ever be down. So voip came and went some companies got desperate and are still trying to push a switches and charge $40k. The main Problem is support companies want the easy way out that’s why we are here.
Why doesn’t the iphone doesn’t have voip, but yet mac’s client is one of the best on the market. Cause jobs will not release anything half which means No body could see voip is very efficient very easy to use and the best way to go if you are building some thing from scratch. JUst like Americas cellular data service is free
http://forum.xda-developers.com/showthread.php?t=288844
We all have bring something to the table and just cause I cant type doesn’t mean that I cant kick a door down or 20 but this not my forum as matter fact I keep getting demoted. But I can’t complain cause its still my home and I there is one thing about the mind. If you want an answer ask. When I see some one make a wrong move I never knock it he tried or he is trying that makes 3% which is what controls the worlds wealth.
But having a “I am the **** website poll” and a fan club now that’s cute.
If you want to talk data networking and voip or how to disassemble a mda in less then 15 minutes. I am available and over qualified.
I fear if I speak anymore I might start say bullin and the moderator will demote me to a symbol like prince.
When in doubt and all else fails just look at it and the answer is usually right in front of you.
If I don’t get back to another special request it is due to the fact that I have quite a few employees to worry about.
XDA ROCKS and your better go hands than going mind trust me you want none.
I can translate aboutthemind:
He's stating that the WM6 VoIP client is full of bugs but the allure of "free" calling over VoIP has appeal to both hackers and businesses alike so we keep banging away at it. So far, he feels that Schaps is the closest to having a "functioning" native WM6 client (mine works better IMHO ).
He also stated that M$ "supposedly" released this but the WM6 platform has seen no "official" Internet calling application since none of the Operators have decided to pick up on it (due to apparent revenue issues). m$ (Gates) has been silent on the availability since the initial betas. So his point is this:
Is Internet calling even a release level feature of the WM6 ROM? Perhaps not. Perhaps we should instead be devoting our energies to other more proven technologies and building them in to our ROMs.
aboutthemind is far from an idiot; he merely communicates differently.
edit (I have to read posts many times to extract all intellectual content):
abouthtemind also states that the Internet calling app was designed for INTRANET only and believes its IP address/NAT related that causes the issues we experience trying to use it over 3G.
I personally disagree with this because my TyTN works fine with my asterisk server over 3G. What's different about my connection? Very high speed (Business class RoadRunner) server access along with very high speed phone access (AT&T pda connect plan). I use DHCP at my 3G connection and my asterisk server is configured for NAT at both ends. Using G.711, I experience millisecond drops (audio is occasionally choppy) but have both-way audio. I'm also not getting ring-back (can't hear ringing tone on my TyTN while the remote end is ringing) but I believe this is an asterisk configuration problem.
I therefore believe Internet Calling audio issues are codec related and that the one way issue is caused by congestion at our phone's virtual network card. G.711 is all that is support out of the box and, as such, does no compression. This is one of the reasons why INTRANET connections work: more bandwidth at the phone. G.729 is held out as the "holy grail" solution here, but my research indicates that current phone processors my not have enough power to use G.729. I could be wrong here in that a native processor version could exist, but I'm concentrating on GSM610 instead because there is a good compression ratio, and the codec is already optimized for the ARM V4I instruction set (which itself is pseudo-code of course).
@aboutthemind: I remain committed to solving the codec issue for the reasons above. I too want to produce an out-of-the-box solution & will release a new ROM with my fixes if I do. I say "if" not "when" because understanding codec code itself is rocket science... in the examples they actually invoke assembler to do some math processes because the C compiler optimizations aren't quite fast enough . Besides this, I'm not fully convinced that the WM6 RTC layer is fully ACM codec compliant. There may be an issue at compress/decompress time which only works with G.711 because G.711 does no compression.
Finally, why spend all this energy on WM6 Internet Calling instead of simply cooking in a more proven solution? Here:
Solution must have tight phone integration: press the green button and call or receive call
Solution must have tight contact integration
Solution must use phone earpiece not speaker and have good volume
Solution must transfer over bluetooth to car handsfree
Right now, Internet Calling, while not there for sure, actually comes closest and therefore holds the promise of working with all of the above. I believe that fixing the codec will solve points one and two. Hardware itself causes issue 3 and may only be solvable by changing phone hardware. IMO, a quick tweak should solve issue 4 and I will start working on that when I get a reliable GSM610 codec working.
Hi Sleuth,
I have to admit that I never had enough patients to read posts of aboutthemind.
However I agree with most of conclusions you have drown here. Both from aboutthemind posts and your own.
1. Idea to have VoIP client inbuilt and closely integrated with the device system is very appreciated.
2. The client, however should work with the system as you have described. It means that it should actually take over the control of the system and use the peripherals of the device together with the native phone application.
It would be great if we could make the RTC client work properly, but I am afraid, it is very difficult if possible at this stage of the RTC development.
That is way maybe starting a new project could be better solution.
This was about generals, now to back to RTC.
I am not exactly sure if the g711 codec is not capable to work properly both in WiFi and 3G/HSDPA environment. Also I believe, G729 implementation in our mobiles can be done.
I am plaing with VoIP for long time already. Talking about mobile devices, I used to have old HP with PCMCIA WiFi card installed and SJPhone working on it. It was pretty good solution for that time. Later I used Asus PDA with WiFi on board, but without phone option. I used there SJPhone and X-Pro from Counterpath. The last one was commercial product with g729 implemented. And it worked. The processor was Intel 520 MHz. This shows that it could be done. Unfortunately Counterpath has withdrawn this product from the market.
Ok. These were early implementation. There was no integration with the system, it was aimed to PPC with WiFi only and so on.
Now We have WM6 on devices with UMTS/HSDPA on board and I am sure, sooner or later VoIP will be integrated with the system.
At the moment I am usually using Ageet phone, which works perfectly, both on WiFi and 3G, specially with HSDPA. It does not have G729, but it uses GSM, G711, ILBC and Speex, I believe. The only problem with this soft is, that it is not integrated with Phone applet in the WM6. This makes impossible to place calls directly from your contact list. It can import the contact list, but then it does not recognize all does phone number formats, so you need to have them in format, which is accepted by your voip provider. There is also obvious problem with audio redirection to bluetooth headset and receiving a call using green button or headset button.
By the way, I have tested Ageet phone as well as some other commercial phones with many different VoIP providers and environments including my own commercial VoIP network based on PortaOne Switch. All those apps work perfectly with all possible networks.
This can not be said about RTC client. It works with some servers (asterix, FWD in eg.) but does not work with others (PortaOne servers in eg.).
So if we decide to work on RTC, then we should take in mind that there is not only a problem with one way audio in some configurations, but also that this client does not fully complies to SIP protocol and because of that it is cut of from servers like PortaOne, while trying to initiate the call. I have described the problem in my post in your (Shaun's) thread: http://forum.xda-developers.com/showpost.php?p=1241766&postcount=561.
On the other hand Age company is also marketing its SDK. It seems to me that this SDK is really very good, both for PC and PPC environment. The footprint of both versions of their applications is very small . You can see it specially in WM6 if you observe how little memory it takes. Unfortunately the SDK is a commercial product, but they can provide it with G729 included. The question is how to deal with such a project if it would be based on this SDK?
This are only my thoughts. If somebody is interested in taking those thoughts further on, I am open for cooperation.
We shouldn't condemn this guy out of hand. I am not sure whether English is his mother tongue/first language. If it is not then he should post up in his own language and then someone can translate.
From the Sleuth's post it seems that aboutthemind is making some very valid points; its just that the way he puts it is not that easy to decipher.
WB
Here's some bad news that confirms aboutthemind's suppositions:
I've been playing with a compilable GSM610 codec which I can insert into my Hermes WM6 RTC stack, and its looking more and more like a buggy rtcdll that's the core issue. The RTC has 3 built-in codecs. Two are known to work: g.711 alaw & ulaw. The other, g.722.1 (also called "Siren"), is a floating point codec which I haven't enabled.
Plugin ACM codecs such as gsm610.acm appear to be correctly supported from a registry standpoint. The RTC uses the "Dll" value to find the correct acm codec, and uses WaveForm parameters to negotiate. These all appear to work as advertised.
However, while my code is getting normal ACM calls and correctly encoding information using the GSM codec, the other end only hears garbled sounds. Likewise, I'm not getting any input to the decode logic and my earpiece is dead.
This could still be a huge pointer translation issue causing the output buffer to be incorrectly addressed but that is looking more and more unlikely.
It would appear that RTC 1.5.5374 isn't fully ready for prime time from a plugin codec perspective. I'm now looking more closely at rtcdll.dll....
ITMT, g.711 alaw appears to work best over 3G. If you are using asterisk or TrixBox, you can limit your mobile extension's codec negotiation to only use alaw as follows:
disallow=all
allow=alaw
Gentlemen, Mr Slueth, time to handle this voip issue
I do apologize i had have 2 major prodjects in play so considering voip is the most efficient and logical solution i am say live. I built 3 platforms with a russain and Ukraine programmers that why a patiently waited until we could get past the feminism not to disrespect anybody i can only trouble or comment if i too have experienced the same issues threw out my life.
But i am bit off a tough guy and i was raised to not say a fcking thing in a multiple lister environment unless you took into consideration recourse and ones interpretation. Translation don't talk and don't ever disrespect nobody or you would catch a beating.
Well times have changed and now doing time is like a course offered in college so you can not even smoke on earth anymore!
I must say the first time i spoke was to protect the integrity of an individual inhere from a ungrateful member. Moist important i was able to use his solution to secure my ability to resurrect any type of wizard. So i thanked him but i was more bothered by the disrespect for ones efforts by another.
Can you believe THE MUTHAFRkr actually turned on me, i couldn't understand.. I get plenty of thanks in the real world via the new times, let alone from here daily and tell u truth i have never gone public. I have given quite a few Domestic companies a whole new way to think an they actually took some **** i had for me.
Its not my looks or my level of intelligence's that gets you the label one of the best in the game today.
For me it is me, meaning i only do things one way with no ego. I beciome the end user and think like they do. That means that i have to assume that i have been misunderstood when some insults me and take full responsibility for both parties. Move on. But being that i am a communication specialist and most important a fix my company specialist. I was ia bit confused my self until i realized where this forom is out of and the fact that i never looked at all the flags that people throw so now i get.
Just like free data doesn't appeal to most of the moderators and senior members why would it like this it doesn't apply.
So don't expect to much from people that are abroad simply because its old news or doesn't excite them.
Only work people that have respect i don't need to suit here and chicken peck the keys. My language is free spoken cause im at home so the least i can do is swear. I am a bit of a phycological warrior with a few gifts. But try to mind **** over the computer after this run was proven and deemed a failure.
If i needed validation i would not be in a studio loft and drive a rental. YOu are only as good as your teachers. And the best of the best dont wear it on their chest.
But lets face it i to am in the lab on a whole other level.
I bang this out with guys if you want.
And MR sleuth with much respect to you sir. The ability to see probably not the first time being i only guess what the vendors and clients look like. My coments to schapps was for the visuals and hinted not drop code its as bad as my typing to a non programmer and a turn off. I am a true fan and have true passion let alone credential in voip. Again not into knocking some determination or work that would be my ultimate mistake if ever making any in life.
So with that i need some answers so i can go get you what you need if you see my previous posts i threw up a flag so i could solve this but i have read all the posts so and again have not wanted to disrupt the determination but saw it was gonna drive down a very long hard maybe a little road.
1 why do you need to use the gprs client on an acm environment.
2. Can we nail one type down?
We only need one to work then the idea would be to expose the path
it then be a true team effort from the various camps here and all over
3.Do you see what i see in the us regarding the fact that hot spots are also gprs and the idea is a free cell phone that is free cause of this effort not cause its the internet.
I don't know about you but i would never want to speak over the internet abut anything none business related meaning my day to day.
5. Nothing is secure fear is the best security system one can have
Finish our discussion on sip Please do mot use the vendors names i have a major personal issue with people selling free open source software and have other people produce clients for free. The whole thing keeps out of that environment. Just personal thing
But i threw together 2 asterisk systems they shuttles and i will join you i you bring me to speed meaning the clients to test or the ability.
I also had a Hermes delivered today for this fix, the phone is in 4 pieces and looks like a standard owner had buyers remorse and after he bricked it he killed it but looks like this Hermes is going to live by tomorrow.
I am a visual type of person so for instance sip was seek and destroy that was the pitch.
Voip was {Phone--------Switch(homeofiice firewallsrouters,NAT)---- -----------------------(Switch)home/offiicefirewallsrouters,NAT)---phone
SIP was assuming you did not have any thing but home configured. It was suposed to find its way home in business pitch.
I understand networking and the concepts but dont dig in with logic.
I was thinking more if i understand why you need multiple codecs and why we cant just split open the t mobile client which by the way is from blue tooth sig. A bluetoothe company with all the stk's from every vendor available. that is going broadband for those who don't know and yes you can surf the net on blue tooth.
This what i bring way out side box and i think we can do this faster if i can implement the way come up with this stuff.
the sdk is a valid concern so i would be more than happy to split apart any piece that causes a mental block my boy z in the Ukraine still are waiting for the yahoo and google checks. I will also pardon anyone who has remorse.
Most important is the connections and the resources to use for all my in house work is the usually the mother ship and she doesn't speak English and has no copy right.
I am player in this but i don't program so you will be amused by the remedial questions and nuclear answers.
But lets do this fast with no ego and i was not implying anything directly to your present work or anyone above this specific page. If you weren't all genius i would be any way. And my goal is to let that even t-mobile is not my carrier they let me see a way out and all the holes in service so this is not about the codes it about stepping back finding the manufacture that makes the phone pulling the client customizing and then giving it up for free to those that are willing to give up the sunlight for the red eyes and constant domestic issues.
I have some things that you might be able to use li really dont know cause i good but even i stopped following when you flipped ways in one session. I'm sure once you fill me in i will pick it up instantly. Hardware and risk of destruction, well that would be my pleasure.
PS i did not proof read this so ii hope it has impact
Agreed. The built in G.711 codec works well over WiFi. I'm having no issues other than battery life related which can't be solved easily... The WM6 RTC isn't really designed to run over 3G anyway. My AdapterTypes registry hack was what made it do this and that flushed out a few "undocumented features" for sure. Case in point: it doesn't detect changes in GPRS/3G availability such as when you USB connect to ActiveSync. So you have to physically stop Internet calling by choosing "never" in the Internet tab of the Phone Settings dialog, then restart it by choosing "Whenever Available" to make it connect again. It also doesn't automatically start the data connection if it is off and will instead again say "Not Available" until you manually start the data connection then perform the above stop/start routine.
This being said, having a GSM610 codec functioning would lower the bandwidth requirements considerably. I have a few more tests to make today with this codec; it may be that the algorithm itself isn't properly spec'ed to GSM610. Some quick tests will determine this. I'm a developer and I want to understand this you see
At any rate, I'd like to get my hands on a newer version of rtcdll.dll than the one that's in my Hermes ROM.
edit:
First test completed: I disabled the final encoded buffer transfer to the RTC. The rationale here being that if the same garbled sound was heard then the Wm6 RTC itself was the culprit. Instead, I heard what would be expected if the RTC was truly acting on the encoded buffer: silence. Now I have to dig more into the codec itself. The sample GSM code does a double frame encoding (each input PCM buffer is treated as two GSM610 encoded frames). I'm not sure if the WM RTC is prepared for this or not..... Heck, there may even be a transport layer issue causing the garbled sound. More research is required.
Anybody interested in playing along can do so with their own asterisk server. There's actually a Virtual appliance containing Trixbox, FreePBX and other goodies that make startup a snap. Just load the free VMWare player, point it to the fully configured virtual machine and you're up and running.
A link to this free appliance along with the vmware player itself can be found here.
The 3CX softphone that can receive direct ip calls (dial it's address using the form nn*nn*nn*nn on your Internet calling equipped HTC phone when both devices are WiFi connected to the same network) can be found here
I'm playing with my Asterisk server... But fun ends pretty fast when you realise you can't really go anywhere. I'm no genius to come out with a hack which recompiles a TRUE softphone into a dll which wraps the MS one and bypasses the ridiculous limitation of the earpiece vs speaker problem and then goes to Mars etc, etc... So I learned that I might just get another phone if I really want to enjoy VOIP on my mobile. I like my S710, would have been one of the best mobiles to enjoy VOIP (I think) but:
1) No, no, smartphones can't have the VOIP stack
2) You can try to hack it in but earpiece is only available to "modem"
3) etc.
I'm a bit disappointed must say.
Ka.
It is possible to redirect audio from multimedia speaker to earpiece for any HTC phone with Syren audio chip.
namely:
HTC Tornado
HTC Excalibur
HTC Vox
HTC StarTrek
.......
Also, we have positive resultes with many HTC Pocket PC Phones. namely:
HTC Hermes
HTC Trinity
.......
I do not understand why HTC has disabled audio redirection. HTC audio driver is capable of audio redirection from multimedia speaker to earpiece for any multimedia stream..
Sorry, I wouldn't be able to tell more regarding this issue. But the bottom line is: IT CAN BE DONE.
I guess, HTC decided to leave this option out for reason or...
kast said:
......
2) You can try to hack it in but earpiece is only available to "modem"
......
Ka.
Click to expand...
Click to collapse
By reading forums around I learned that on some phones it could be possible.
I'm not sayint it's a hardware issue (as I got no clue about hardware), on the other hand we're limited by the drivers they provide us, limited by the API we can use.
I read somewhere that it might be possible to redirect an audio stream to the earpiece when the "phone part" is actually being used. Even if it is a modem connection.
Meaning we might have the phone to instanciate a "fake call" and then redirect the audio stream to the earpiece. Meaning that... Yes, true, audio streams could be redirected to the earpiece but not very easily.
Now, faking a call or anything like this is not really something I can code in two seconds and try. Don't even know if it could be possible. So, I still hope in the one, as I said in a post above, genius to hack a DLL, put some sticky tape around, couple of API calls he's the only one to know of and send a Shuttle to Mars. I know there are many of these in this forum, luckily.
Ka.
Some interesting ACM plugin codec developments:
I now have the exact same garbled audio in both directions . However the reason it now works at all is a fundamental clue that I'm now looking into. The frames being sent to the decoder appear to be about half the size that it's designed to handle.
Specifically, the integer divide of input size \ GSMBLOCKSIZE was zero because size was < GSMBLOCKSIZE. If this size was zero, the encoder initially just exited. I changed the code so that if the division = zero and the original size was greater than zero then the divided size was now 1 instead of 0. Result was identical garbled audio in both directions.
It may actually be the "double frame" encoding/decoding logic that's dying. This GSM codec was designed for the audio ACM system and the RTC system may well be quite different....
Dr what have you done you mighht actually have to use a responder
RTC dll i would tell tomorrow however it will surface tonight i would expect it to. with all the network drops i have soembody better email a fake one.
Just tell you are aware of trixy and that i am not a fan of the model solution takes 15 mins but i am not a fan i am if it is for your house the key is to not spend any money i failed. trixy comes in all forms and Phonn lattttyy does not need any more advertising. Unless you say so, i don't say it to much trust me in fact the west coast best called me to tell me he was shocked about the revelations. In fact i have been asked to plan and design a company structure 50 times on astrik never it sfree. I am a businessman and don';t get out of bed for less than a nickel or if you ask for my help. I built a phone system with instructions simply the desire for the perfect ADD autistic solution. A+B=C no games in your face gorilla direct marketing ...............we can get into that later.
Please don't push trixy unless you have a reason and im ok with that but please mispel. Is the fact that i dealt with them as a customer inquiring blind ready to buy so my opinion is like business i have no friends and am not biast in any which way or form. Respect plays a great deal for me.
Non the less you just sped me up of why no need to answer. Please look at some of my bulll regarding a way out. All we need is a way out well this little basted showed up today and no i am armed but let please make this
http://www.hp.com/rnd/products/switches/switch2324-2312/overview.htm
Why is it not your friend because the day you plug a monitor and key board into a pbx it now becomes a computer and it doesn't say that in the manual.
this things need to be configured once walk never go back dont surf the mnet on your meal ticket or allow it too.
Business only.
Home eat off it.
Why would one want to play in this game well thats where i come in.
Here is why evryone gets a piece
1.XDA takes the left side (usa the glutens consumers right here right now).
2. I will get6 the data free thats my goal it will come
3. we have cellular for free it would motivate our off shore friends to stop looking straight and look up and see that with the right team the your everyday is worth all the money not me jeeves my rodeo is over, but i don't stand alone.
3. I think voip was invented off shore and i want to see the pie piper cause i did it in less than 5 minutes while i was peaking over seas on an analog line. My very good friend laughed and said why do have so much interest in tis idea like he has had one for ever.
Omega can handle the basic questions sleuth don't stop keep going i will be back later unless you reply but i am burried.
I have always believed that a true hack is someone that doesn't want to be pointed or controlled for mew it was just i need it right right now. And of course a man down or payroll. If i didn't kick the door down then i would be in the Microsoft forum across street. yet we all stay on windows what lovely world
To all the new people the m,ember in my name stands for my member and please follow
these rule if you may
Just understand if u asked most likely you will get an answer but why stop this it will be done in less than a month.
T-mobile well i think $5.99 is good enough for us to a least spend a little time on a full lock down
IF you want to say something it does not have to make sense. Only a robot talks before they think!!!!
Governor i take it you will come up with gold and the hermes in front of me just gave me a light no screen but a light so by morning
PS i will not be a part of turning a domestic company into a major player i will not have a board on this and this is for strictly the love of the game
The soft phone was brilliant like my title this simply a forum for Slueth powered by xda inspired by the mind of a gorilla.
Sleuth picture and generic links gets peoples attention a whole lot faster you just turned us into support know what i mean.
But besides the pda no pbx thier is no need for that. Anyone want in pm The dr up thier you want that stuff
Slueth those are the visuals i need now i keep on you with the acm **** dont get mad when i tell you about the stack
**** meaning reference not idea or client
ACM< if gfor the big boys all one solution I love it but i wrote it
see u later sir
i got $1000 says just like all software that t-mobile client is siop
look at the t-mobile version and apple no ego i you dont and do what i cant read.
The answer is out their like he said you should push a button. HEre look at this how i do it.l
http://client.hotspot.t-mobile.com/
http://client.hotspot.t-mobile.com/
I mean come on i don't need to tell you download the t-mobile client tell me what you say anything t-mobile is crackable they based of cracker land and they believe in sharing or taking the entire industry ewho cares the clinet you have may be dead but who knows
You need a way to talk to the pbx with your cell. So let give you facts thier are no parameters and 80
% is marketing i know i iwrite the pityches
So take a client 98 it does not matter if it works on cups and yarn it will easly transition
For instance i install cabs until my phones crash and let me tell the big boys cabs work on all mobile so i believe and again i don't know if you read the t mobile site like view the code tools page info mozzilaa the flag of who they are using is their and the client they donut know what they got it will be the full version no seciruity and wide open it the patches and upgrades r ember i didn't know that you could licenses software i just unplugged the dongle or key and went back to work. ALl businesss and they first $50,000 solutions had no security.
Anyone from overseas has a never mind sleuth its time to copy paste all the worlds carriers that how you do it. If t-mobile does not pick an aragant country and you will find someone that is exerting their dominance
All you guys reading fdeel free to drop a line on your carier i will hit them by night .
Just like abhove
they are giving you your answer. maybe not the way you want iot but a wy to go fast and efeciant.
then i always look at the bottom by law they have to show you thier kitty kat
T-Mobile HotSpot Security Statement
In providing this Security Statement and the Frequently Asked Questions ("FAQs") that follow, we want you to be better informed about the security limitations and features of the T-Mobile HotSpot service.
Our T-Mobile HotSpot network is based on wireless local area networks ("WLANs") that use evolving technology based on the IEEE 802.11b/g standards. WLANs, which enable "over-the-air" communications, may be subject to unauthorized interception and are not inherently secure. Additionally, a laptop computer, personal digital assistant ("PDA") or other device using wireless connections may be more vulnerable to unauthorized attempts to access data and software stored on the device. We therefore cannot guarantee the privacy of your data and communications while using the T-Mobile HotSpot service.
However, we have designed the T-Mobile HotSpot network and provide certain encryption technologies to better safeguard your wireless communications. We also support customer-provided security solutions, such as virtual private networks ("VPNs"), personal firewalls, and anti-virus software. For your protection, at all T-Mobile HotSpot locations your credit card or other payment card information, as well as any personal information that you send to us via our website when signing up for HotSpot service, is encrypted using secure socket layer ("SSL") technology which prevents unauthorized persons from reading that information. SSL technology is the standard for data encryption and server-side authentication for secure Web-based transactions (such as e-commerce). Additionally, we encrypt your user name and password each time that you submit them to access the T-Mobile HotSpot service.
We also offer an enhanced wireless security technology over our entire T-Mobile HotSpot network known as Wi-Fi Protected Access ("WPA") with 802.1x. Once you are authenticated onto the T-Mobile HotSpot network, WPA with 802.1x encrypts all of your data traffic when it is transmitted wirelessly from your Wi-Fi device to the T-Mobile-installed, Wi-Fi access points at each T-Mobile HotSpot location. This encryption technology helps protect against unauthorized interception of your data while it is transmitted "over the air", and it helps to mitigate against session hijacking (the ability for unauthorized individuals to access Wi-Fi service for free by using a customer's session).
You may take advantage of our WPA with 802.1x security enhancement when you install our new T-Mobile Connection Manager (version 1.5 or more current release) on your Wi-Fi device. Another advantage of the T-Mobile Connection Manager is that it automatically validates the T-Mobile HotSpot network when authenticating, thus ensuring that the customer is connected to a legitimate T-Mobile HotSpot network and not an unintended third-party Wi-Fi network.
The new T-Mobile Connection Manager is available for download at http://client.hotspot.t-mobile.com, or, if you prefer, you may obtain it in CD format at no charge from many of our retail stores and participating HotSpot locations. You can confirm that the WPA with 802.1x software is functioning by looking for the "1X" on your Connection Manager user interface. Should you have any problem
If you choose not to use the T-Mobile Connection Manager, you may use compatible WPA with 802.1x software designed by other companies. However, proper configuration of such third-party software is necessary in order for the solution to work and to mitigate against security vulnerabilities. T-Mobile does not support and cannot guarantee the functionality of third-party WPA with 802.1x software.
Please note, however, that WPA with 802.1x does not protect your data when it is transmitted over the Internet. Once you connect to the Internet, it is your responsibility to use appropriate encryption technologies such as a VPN or to use websites that offer SSL technology. We do not provide protection for any Internet communications. You should be especially careful when transmitting user names, passwords, credit card numbers, financial data and other sensitive and confidential information across the Internet without ensuring that appropriate security precautions are in place. Depending on your situation, these communications may be transmitted without encryption and may be vulnerable to unauthorized interception in the HotSpot location or on the Internet.
T-Mobile HotSpot strongly recommends you take measures to secure your Wi-Fi devices and Internet communications. We encourage and support many customer-provided security solutions, such as VPNs, personal firewalls, anti-virus software and the use of websites that provide SSL encryption for your data. It is your responsibility, however, to take these precautions and provide security measures best suited to your situation and intended use of the service. We do not currently provide these solutions and cannot guarantee or otherwise be responsible for their effectiveness.
Please note that appropriate safeguards should be used for any type of wireless technology or Internet access via any service provider. If you are interested in learning more, a few sources of additional information are: the National Infrastructure Protection Center's website at http://www.nipc.gov/publications/nipcpub/bestpract.html and CERT's website at http://www.cert.org/tech_tips/home_networks.html.
Below are some tips that can help you protect yourself when using the
T-Mobile HotSpot service or any other public Wi-Fi service to access the Internet:
Use the T-Mobile HotSpot Connection Manager software which, when installed on a laptop, automatically validates the T-Mobile HotSpot network when authenticating and encrypts "over the air" communications
If you are using a browser, verify that it is using SSL to validate the T-Mobile HotSpot network via server-side authentication
Ensure that any website to which you are transmitting sensitive personal or financial information uses SSL technology. To confirm that a website is using SSL:
Look for the "https://..." in the URL address
Look for a closed padlock (or key) icon in the bottom right-hand corner of your Internet browser as indicators you are accessing a secure site
Do not ignore security warnings from the browser
Inspect the Web site address in your browser's URL field to ensure you are communicating with the correct, secure Web site
Use VPNs and personal firewalls
Use anti-virus software and keep the software updated
Be aware that others may be able to look "over your shoulder" to see your login, credit card, or other personal information while using the service. The use of a privacy screen on your computer screen may help prevent others from seeing what is on your computer.
Properly log out of web sites by clicking log out instead of just closing your browser, or typing in a new Internet address
Avoid using web-based email or instant messaging that uses clear (unencrypted) text to send information you deem confidential
Remove or disable your wireless card if you are working offline on your computer and you are not planning to connect to the HotSpot service
get me off this limit member mky ass your lucky here i waiting to post ****
AGlossary of WLAN security acronyms
802.11b/g Industry standards designation for wireless ethernet
SSL Secure Socket Layer
PDA Personal Digital Assistant
VPN Virtual Private Network
WEP Wireline Equivalent Privacy
Wi-Fi Industry brand designation for wireless ethernet
WLAN Wireless Local Area Network
WPA Wi-Fi Protected Access.
i m out i didn't read but oi know companies now r ember they contradict hot spots with the card that goes into the laptop hot spots are wifi but also fre gprs back door read into that i cant this takes me hours to type

positioning software?

Is there software that will tell me my Longitude and Latitude either via wifi or cell reception?
both are means to connecting to something that something have to sendt those positions back you can compare wifi and gprs/edge/umts as usb cables which are just long range and wireless and in some cases you pay for using
they can only send you data which data depend on which services they provide
and of cause internet but internet knows no locations alone
well is there software that can estimate, based on wifi(location of the router)?
only if the router knows and provide it's location
software is just a list of requests to and from users and services
it cant get any infomation not provided by some source
so there is nothing that will use wifi or cell reception? Damn. Can google earth do it?
try looking here for the feature
http://www.google.com/search?hl=en&q=gsm+positioning&btnG=Search&lr=lang_da|lang_en
Google Maps can estimate your position (within about 1500 feet on my Treo 750), but that is because it identifies the cell towers you are connecting to and compares it to a database that Google has built/is building that has the locations of these towers. AFAIK there is no publicly available database that anyone can use.
As far as mapping by WiFi access points, there has been some talk of this being done in the future, but I don't see it being feasible.
turns out my carrier doesn't allow the use of this via cell tower.
I could be wrong, but I don't think this is carrier dependent. I think Google Maps just reads the cell tower you're connected with from the phone's OS and then compares it to Google's database. Their database is self-created -- when you opt to use the 'My Location' feature you have to agree to allow Google to collect information on which towers you are connecting to so they can enhance their database.
Perhaps your carrier is blocking the phone from uniquely identifying the cell site. I'm not too sure about the technical side of what happens between the phone and the tower when you are registered on a network... maybe someone more knowledgeable than I could clarify this.
FWIW I'm on T-Mobile (US) and it works great.
i believe it is
all i believe that googlemap server can see is
the cellphone operators gateways ip
so on it's own i dont believe it can see which
tower it's comming from
same reason why people can use unlocked wifi network to do crime
and it looks like it's the wifi router owner who do it
Does each cell tower have a unique IP?
no each tower are not even connect to the internet thats the issue
unless the owner of all the towers pass on location along with data
servers on the internet only see 1! gateway as all traffic comming from
the phonecompany
I am connecting via wifi, but my cell provider blocked their cell tower from accepting software like this, because they want you to use their service for a fee. However, they only offer it on their certain phones and WM, BB or even Palm are not included.
Who is your provider?
VZW. I think it is a cdma thing as my friend with a Mogul on Sprint has the same issue. Unless it is a carrier thing?
I just did some reading on Google's discussion boards and it sounds like you are right about Verizon disabling this capability. I think they must disable it on the phone though, they would rather make you pay for their Navigator service. There was one guy who said he had it working on a BlackBerry on VZW. FWIW it sounds like Sprint is doing the same thing.
Boo Verizon for loading BS feature-blocking firmware on all their phones.
what about this one?
http://www.loki.com/how-it-works/determining-location.html
well my buddy with a Mogul also has his disable or what not.
The reason I can't see WiFi positioning being feasible is they will never map out enough APs to make it worthwhile. IP positioning is very inaccurate, and WiFi SSIDs are duplicated enormously, so they would have to build up a database of APs' MAC addresses. I can't imagine too many people are going to volunteer their MAC, so it would have to rely on wardriving, and honestly, how many APs don't have encryption these days?
I tried loki and it seems like its not working eventhough I am in their coverage area. Odd.
I agree wifi is not the best option, I'd rather see cell reception stuff growing more. That is along side with GPS if your phone does not support gps.

Mobile AP

Don't know if this is new or not, but I cant recall seeing it before, but when you open the Mobile AP tethering app, it says something about contacting At&t to sign up for a special plan in order to use it?
What is THAT all about? It's been working for me since I first installed a 2.2 rom over a month ago and this evening for some reason, my PS3 and my computer both lost connection. I go to the Mobile AP app which has been powering both devices and I see this At&t crap and now my connection to both no longer works?!?!
Anyone with insight on this?
Are you on AT&T...?
-bZj
The same thing was happening to people who were using tethering apps from the market.
I'm just gonna take a stab in the dark on this one. My understanding is that the only way a carrier can tell if your tethering is based on watching your http:// activity. In other words, are you browsing mobile sites or full sites. I think the only people they'd even look for are heavy users.
Probably what happened is that they realized (through traffic) that you were hitting up http:// and assume your tethering. The only thing you could probably do is to call them and tell them you aren't tethering. Do you get the message if you use something like the SkyFire Browser to go to say the full blown facebook website?
KWKSLVR said:
The same thing was happening to people who were using tethering apps from the market.
I'm just gonna take a stab in the dark on this one. My understanding is that the only way a carrier can tell if your tethering is based on watching your http:// activity. In other words, are you browsing mobile sites or full sites. I think the only people they'd even look for are heavy users.
Probably what happened is that they realized (through traffic) that you were hitting up http:// and assume your tethering. The only thing you could probably do is to call them and tell them you aren't tethering. Do you get the message if you use something like the SkyFire Browser to go to say the full blown facebook website?
Click to expand...
Click to collapse
They can actually tell packet by packet if it originated as a phone packet or a tethered data packet. When tethered the phone acts as a modem and it identifies the traffic as modem traffic. They are designed to hit different APNs and the header of the packets themselves are by design dead giveaways. It is rudimentary networking for them to route or track this traffic differently. This said they usually don't bother to worry about it much unless they see abuse from a particular account.
I would bet this is a glitch and is not intentional. It will be interesting to see how this develops.
down8 said:
Are you on AT&T...?
-bZj
Click to expand...
Click to collapse
I suppose it would make sense to me if I was on AT&T, but I'm on T-mobile lol.
That's the confusing part!
T mobile has been blocking people lately as well...
Sent from my SGH-T959 using XDA App
Had it during the onyx/obsidian era of roms... never had an issue actually using the mobile ap. I think it was just the rip of the settings app from samsung. It's gone on nero, and I wouldn't worry about it.
Had those issues on the 2.1 custom ROMs. Since Nero, no disconnects whatsoever. Be it wired or wireless tether.
T313C0mun1s7 said:
They can actually tell packet by packet if it originated as a phone packet or a tethered data packet. When tethered the phone acts as a modem and it identifies the traffic as modem traffic. They are designed to hit different APNs and the header of the packets themselves are by design dead giveaways. It is rudimentary networking for them to route or track this traffic differently. This said they usually don't bother to worry about it much unless they see abuse from a particular account.
I would bet this is a glitch and is not intentional. It will be interesting to see how this develops.
Click to expand...
Click to collapse
That's what my non-technical brain was trying to say. A buddy of mine explained it to me the exact same way but added that running a script to look at http traffic might be easier than sniffing packets? And most likely a carrier probably wouldn't go looking for it in accounts that aren't being bandwidth hogs. (Although he's an IT Network Guru and not a cell expert and admittedly made some assumptions). Thanks for the info.
I tether seldomly (I have a MiFi for work) but a couple of months back I tethered through the Vibrant one Saturday and streamed over 6 gigs of video from ESPN360. I never heard a peep out of them (I'm usually right around a gig/month).
KWKSLVR said:
That's what my non-technical brain was trying to say. A buddy of mine explained it to me the exact same way but added that running a script to look at http traffic might be easier than sniffing packets? And most likely a carrier probably wouldn't go looking for it in accounts that aren't being bandwidth hogs. (Although he's an IT Network Guru and not a cell expert and admittedly made some assumptions). Thanks for the info.
I tether seldomly (I have a MiFi for work) but a couple of months back I tethered through the Vibrant one Saturday and streamed over 6 gigs of video from ESPN360. I never heard a peep out of them (I'm usually right around a gig/month).
Click to expand...
Click to collapse
In networking we have what we call the 7 Layer OSI model. Layer 1 is the physical media, Layer 2 is hardware such as the MAC address, At layer three you get into IP and routing, all the way up to Layer 7 which is application and you can actually filter based on the program being run, for example you can deny any traffic to or from uTorrent.
In enterprise networking Layer 7 gear is now quite common. I am not sure what level T-mobile is using in their switching equipment, but I do know that telling if the traffic is phone or modem is all the way down at the hardware layer. So no packet sniffing would be required. All they need to do is set a policy in the equipment and it will get enforced automatically. Doing it on a customer by customer basis is slightly more complicated as it has to involve the billing system. The billing system is where they are going to control all the non-global settings. This is why they let non-abusers go. Technically stopping you is trivial, but it is not the network admins making the decision, so it becomes part of the can of worms that is politics, policy, and customer service.
Well now that's one hell of an explanation!
KWKSLVR said:
Well now that's one hell of an explanation!
Click to expand...
Click to collapse
Thank you. As a Tech I am very well versed in networking and computers with a lot of specific experience in Stand Alone Wireless & Wireless as a service provider, Fiber-to-the-home, Voice over IP, multi-scope/multi-tenant office building as phone and Internet provider, and I even did the worlds first (un-offical) VoIP over Wireless in a production environment. The reason I have had the fun and fortune of getting to do these types of projects though is because I really shine in being able to make the really technical stuff that causes most peoples eyes to gloss over actually make sense to non-technical laypersons. Also, I do it without giving wrong or too overly simplified information.
I think everyone at some level likes to know how stuff really works, they just don't want to have to learn and entirely new paradigm to do it.
Well all is well again. Mobile AP is working fine. Don't know what happened yesterday, but it's all good now.
Thanks for the replies.
what is nero
what is Nero are you talking about the burning software or somthing different?
pjbbigbear44 said:
what is Nero are you talking about the burning software or somthing different?
Click to expand...
Click to collapse
Head over to the Vibrant Android Development section. Nero is just one of many Vibrant ROMs. Check them out.
They're looking at the HTTP "USER AGENT" string folks.
It APPEARS that they're only doing it on "newer" accounts and/or data options. Thus far. Incidentally, if they start doing it on those of us with legacy data plans (e.g. "Total Internet") they're going to lose those customers, as we were explicitly sold those plans with the understanding and explicit support of tethering that they built into the devices they sold through "Internet Sharing" (e.g. on the MDA, etc.) Same with "Loyalty Android" that many of us converted to before Tethering became "an option".
It's cool to change the rules for later signups and users, but a serious problem if they try to impose it on people who have been customers for a long time under the previous understanding. And most of us, myself included, are off-contract.
I don't abuse it but if they do it to me I'll be gone in literal minutes.
Genesis3 said:
They're looking at the HTTP "USER AGENT" string folks.
Click to expand...
Click to collapse
I'd be interested to find this out definitively. They could check USER_AGENT and they can definitely see if multiple devices are nat'd behind the phone. But I don't know of anything they can use to see if just ONE device is behind a nat'd gateway aside from checking USER_AGENT and making an educated guess.
Wonder if we can get iptables to mangle the HTTP_USER agent or something to that effect.
There are ways around the user agent check (with the proper browser), but they may cause your computer to display web sites in a "mobile" format.
My cable modem went down for a couple of days and while I waited for the cable company to come out I used my Mobile AP. I've been using it on and off during some of my many travels either by using the Mobile AP or by using one of the other apps that someone made.
I have never been charged more for using it and have only been warned of the throttling, which actually never happened. If there was any slow down I would just jump down to 2.75G and go from there.

Security Concerns

So I work as a consultant, and traffic sensitive information through my devices. Really interested by this device, but I am unfamiliar with Blackberry's practices as a company. Maybe some of you can help me.
Will the physical device be secure should someone physically get ahold of it? Particularly foreign governments. I travel frequently for work and it is not too far a possibility that my device could be seized, and it's vitally important that the contents stored locally be secure on the device. Not so much concerned about the obvious follies of the transmission of data as once it hits a network it's open for the taking anyway.
Thanks.
This device is supposed to just as secure as all other blackberry devices, since blackberry is the standard for enterprise servers i think this might be good for you.
It encrypts all data by default, has added security on top of androids usual.
It would definitely will be a step up from Nexus 6 that you are using. But, if you are having sensitive data on your phone. I dont know why you are using Nexus 6. You should be using something like BB passport or classic. Anyway, this phone has native encryption. Meaning, anything stored in the phone is encrypted.
But i believe the device is not rated up to the Government security clearance yet. But it does have hardened kernel and DTek security app to control what data each installed app can access.
I don't currently store anything on my phone, would just make life easier if I could. Thanks guys.

Spyware on Xperia Keyboard

I recently set up a firewall on my D5803 running stock (rooted) 23.5.A.1.291. I went through the installed apps and blocked most of them from using the internet (things like web-browsers, obviously, excepted). The logs from the firewall turned up two big surprises:
Surprise number 1:
"White Balance(1000)":
This program is trying to send data several times a day to 133:243:238:164 over port 123 using UDP. It tries to open several different ports on my device, seemingly at random.: 36134, 46935, 47739, ... etc. I suppose that it's trying to find an open port when my firewall is blocking it.
I don't yet know what sort of data it's trying to transmit, but I did a whois on that IP and it seems to be long to a National Institute of Information and Communication in Japan. http://133.243.238.164.ipaddress.com/
I'd love it if anyone has further information about this process, what's it's supposed to be doing, and what kind of data it's trying to send.
Surprise number2:
Xperia Keyboard(10236):
That this process is trying to use the internet 30 or 40 times a day seems very worrying. The IP it's trying to send to seems to be a cloudflare server near Seattle. Although last week it seemed to be trying to send to a Amazon EC2 server near Washington DC. It's using port 443 so I assume that it's using SSL to send something. Again, any information about what sort of data Xperia Keyboard might/should/shouldn't be sending is much appreciated.
There are a couple of other programs using internet which I don't really need them to. Things such as "Themes". I somehow find these less scary because I suppose they're just trying to update their list of available themes, that kind of thing. On the other hand, my keyboard sending SSL data to random servers many times a day seem very fishy, and same with that White balance thing.
Looking for any information you folks might have on this.
My guess is that the keyboard talks to a database in order to log typing and provide (auto)suggestions. I'm interested in what type of phoning home is going on.
donkerdoorn: I'm pretty sure that's supposed to be stored locally. But you're right that at least that would be a generally permissible usage. However, it's also not clear (yet) why this particular server, and not some sort of official server owned by sony, say, if that's the case.
I'm really hoping that someone has some idea about the source code here. I haven't seen the source for Xperia Keyboard, is it available somewhere?
Is there a forum here for Sony software generally? I have no reason to suspect that this issue is limited to Z3Compact. I'm figuring that I'm not getting very many responses here because there's a small audience for Z3C. In fact, there's every reason to believe that this is generally an issue for any Xperia user. Mods, can this be moved to a general Xperia forum?
Regarding number 1, UDP 123 is used for NTP. The National Institute of Information and Communication seems to be the Japanese equivalent of the US NIST. I am not sure why White Balance thinks it needs to be syncing the time server, though, unless it is actually a system process that is doing this, and your firewall is mis-attributing it to the white balance program (I've had a few that couldn't reliably detect system processes).
Regarding 2, this is purely speculation, but it could be as simple as sending stats for trying to improve the predictive algorithm for future keyboard updates.

Categories

Resources